loading
Documents

Research.Publish.Connect.

Paper

Authors: Liliana Sá-Correia 1 ; Manuel Correia 2 and Ricardo Cruz-Correia 3

Affiliations: 1 HLTSYS, HealthySystems, lda, Porto, Portugal ; 2 Faculdade de Ciências da Universidade do Porto, Portugal ; 3 HLTSYS, HealthySystems, lda, Porto, Portugal, Center for Research in Health Technologies and Information Systems - CINTESIS, Porto, Portugal

ISBN: 978-989-758-398-8

ISSN: 2184-4305

Keyword(s): Data Breach, Data Protection, Health Data Access, Illegitimate Access Detection.

Abstract: Complex data management on healthcare institutions makes very hard to identify illegitimate accesses which is a serious issue. We propose to develop a system to detect accesses with suspicious behavior for further investigation. We modeled use cases (UC) and sequence diagrams (SD) showing the data flow between users and systems. The algorithms represented by activity diagrams apply rules based on professionals’ routines, use data from an audit trail (AT) and classify accesses as suspicious or normal. The algorithms were evaluated between 23rd and 31st July 2019. The results were analyzed using absolute and relative frequencies and dispersion measures. Access classification was in accordance to rules applied. “Check time of activity” UC had 64,78% of suspicious classifications, being 55% of activity period shorter and 9,78% longer than expected, “Check days of activity” presented 2,27% of suspicious access and “EHR read access” 79%, the highest percentage of suspicious accesses. The re sults show the first picture of HIS accesses. Deeper analysis to evaluate algorithms sensibility and specificity should be done. Lack of more detailed information about professionals’ routines and systems, and low quality of systems logs are some limitations. Although we believe this is an important step in this field. (More)

PDF ImageFull Text

Download
CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 18.232.188.89

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Sá-Correia, L.; Correia, M. and Cruz-Correia, R. (2020). Illegitimate HIS Access by Healthcare Professionals Detection System Applying an Audit Trail-based Model.In Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5 HEALTHINF: HEALTHINF, ISBN 978-989-758-398-8, ISSN 2184-4305, pages 539-546. DOI: 10.5220/0008991505390546

@conference{healthinf20,
author={Liliana Sá{-}Correia. and Manuel E. Correia. and Ricardo Cruz{-}Correia.},
title={Illegitimate HIS Access by Healthcare Professionals Detection System Applying an Audit Trail-based Model},
booktitle={Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5 HEALTHINF: HEALTHINF,},
year={2020},
pages={539-546},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0008991505390546},
isbn={978-989-758-398-8},
}

TY - CONF

JO - Proceedings of the 13th International Joint Conference on Biomedical Engineering Systems and Technologies - Volume 5 HEALTHINF: HEALTHINF,
TI - Illegitimate HIS Access by Healthcare Professionals Detection System Applying an Audit Trail-based Model
SN - 978-989-758-398-8
AU - Sá-Correia, L.
AU - Correia, M.
AU - Cruz-Correia, R.
PY - 2020
SP - 539
EP - 546
DO - 10.5220/0008991505390546

Login or register to post comments.

Comments on this Paper: Be the first to review this paper.