Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 397: | Line 397: | ||
== 5. Case Studies == | == 5. Case Studies == | ||
Section 5.1 describes the EHR systems we used in this case study. Section 5.2 describes our EHR audit mechanism assessment based on the high-level assessment criteria from Section 4.1. Then, Section 5.3 describes our low-level black-box test case evaluation of three open-source EHR systems. | |||
=== 5.1. Open-source EHR Systems Studied === | === 5.1. Open-source EHR Systems Studied === | ||
In this study, we compare and contrast audit mechanisms from three open-source EHR systems. The criteria for inclusion in this study involved (1) being open-source for ease-of-access, and (2) having a fully-functional default demo deployment available online. For this study, we assess the following EHR systems: | |||
* Open Electronic Medical Records (OpenEMR)<sup>2</sup> system, | |||
* Open Medical Record System (OpenMRS)<sup>3</sup> system, with added Access Logging Module<sup>4</sup>. | |||
* Tolven Healthcare Innovations’s Electronic Clinician Health Record (eCHR)<sup>5</sup> system, with added Performance Plugin<sup>6</sup> module | |||
A summary of these software applications appears in Table 2. | |||
=== 5.2. High-level User-based Non-repudiation Assessment === | === 5.2. High-level User-based Non-repudiation Assessment === | ||