Modifying Without a Trace: High-level Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms: Difference between revisions
Programsam (talk | contribs) |
Programsam (talk | contribs) |
||
| Line 21: | Line 21: | ||
== 2. Background == | == 2. Background == | ||
The United States Department of Justice’s Global Justice Information Sharing Initiative defines: | |||
* ''non-repudiation'' -- a technique used to ensure that someone performing an action on a computer cannot falsely deny that they performed that action. Non-repudiation provides undeniable proof that a user took a specific action<sup>[10]</sup>. | |||
With software systems that manage protected, sensitive data (including EHR systems), a more-specific definition of non-repudiation is needed. We further define the following term based on the definition of non-repudiation above: | |||
* ''user-based non-repudiation'' – a techniques used to ensure that an authenticated user accountholder performing an action within a software system cannot falsely deny that they performed that action. | |||
== 3. Related Work == | == 3. Related Work == | ||