Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions
Jump to navigation
Jump to search
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 24: | Line 24: | ||
The United States Department of Justice’s Global Justice Information Sharing Initiative defines: | The United States Department of Justice’s Global Justice Information Sharing Initiative defines: | ||
* ''non-repudiation'' & | * ''non-repudiation'' – a technique used to ensure that someone performing an action on a computer cannot falsely deny that they performed that action. Non-repudiation provides undeniable proof that a user took a specific action<sup>[10]</sup>. | ||
With software systems that manage protected, sensitive data (including EHR systems), a more-specific definition of non-repudiation is needed. We further define the following term based on the definition of non-repudiation above: | With software systems that manage protected, sensitive data (including EHR systems), a more-specific definition of non-repudiation is needed. We further define the following term based on the definition of non-repudiation above: | ||
* ''user-based non-repudiation'' & | * ''user-based non-repudiation'' – a techniques used to ensure that an authenticated user accountholder performing an action within a software system cannot falsely deny that they performed that action. | ||
Böck, et al., identify four primary concerns regarding software audit mechanism reliability<sup>[1]</sup>: | |||
== 3. Related Work == | == 3. Related Work == | ||