Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions

Revision as of 22:39, 8 September 2013

J. King, B. Smith, L. Williams, "Modifying Without a Trace: General Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms", Proceedings of the International Health Informatics Symposium (IHI 2012), pp. 305-314, 2012.

Abstract

1. Introduction

2. Background

3. Related Work

3.1. Challenges in Technology

3.1.1. Limited Infrastructure Resources

3.1.2. Log File Reliability

3.2. Challenges in Policy, Regulations, and Compliance

3.2.1. Ill-defined Standards, Policies, and Regulations

3.2.2. Ineffective Log Analysis

4. Assessment Methodology

4.1 High-level Assessment using Audit Guidelines and Checklists

4.1.1 Derivation of Non-specific Auditable Events

4.1.2 High-level Assessment Methodology

4.2. Low-level Assessment using Black-box Test Cases

4.2.1 Audit Test Case Template

4.2.2 Audit Test Case Example

5. Case Studies

5.1. Open-source EHR Systems Studied

5.2. High-level User-based Non-repudiation Assessment

@@ Line 18: / Line 18: @@
 ==== 3.2.1. Ill-defined Standards, Policies, and Regulations ====
+==== 3.2.2. Ineffective Log Analysis ====
+== 4. Assessment Methodology ==
+=== 4.1 High-level Assessment using Audit Guidelines and Checklists ===
+==== 4.1.1 Derivation of Non-specific Auditable Events ====
+==== 4.1.2 High-level Assessment Methodology ====
+=== 4.2. Low-level Assessment using Black-box Test Cases ===
+==== 4.2.1 Audit Test Case Template ====
+==== 4.2.2 Audit Test Case Example ====
+== 5. Case Studies ==
+=== 5.1. Open-source EHR Systems Studied ===
+=== 5.2. High-level User-based Non-repudiation Assessment===

Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions

Revision as of 22:39, 8 September 2013

Contents

Abstract

1. Introduction

2. Background

3. Related Work

3.1. Challenges in Technology

3.1.1. Limited Infrastructure Resources

3.1.2. Log File Reliability

3.2. Challenges in Policy, Regulations, and Compliance

3.2.1. Ill-defined Standards, Policies, and Regulations

3.2.2. Ineffective Log Analysis

4. Assessment Methodology

4.1 High-level Assessment using Audit Guidelines and Checklists

4.1.1 Derivation of Non-specific Auditable Events

4.1.2 High-level Assessment Methodology

4.2. Low-level Assessment using Black-box Test Cases

4.2.1 Audit Test Case Template

4.2.2 Audit Test Case Example

5. Case Studies

5.1. Open-source EHR Systems Studied

5.2. High-level User-based Non-repudiation Assessment

Navigation menu

Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions

Revision as of 22:39, 8 September 2013

Abstract

1. Introduction

2. Background

3. Related Work

3.1. Challenges in Technology

3.1.1. Limited Infrastructure Resources

3.1.2. Log File Reliability

3.2. Challenges in Policy, Regulations, and Compliance

3.2.1. Ill-defined Standards, Policies, and Regulations

3.2.2. Ineffective Log Analysis

4. Assessment Methodology

4.1 High-level Assessment using Audit Guidelines and Checklists

4.1.1 Derivation of Non-specific Auditable Events

4.1.2 High-level Assessment Methodology

4.2. Low-level Assessment using Black-box Test Cases

4.2.1 Audit Test Case Template

4.2.2 Audit Test Case Example

5. Case Studies

5.1. Open-source EHR Systems Studied

5.2. High-level User-based Non-repudiation Assessment

Navigation menu

Search