Upload File

modifying without a trace

1
Modifying without a Trace General Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms Jason King Ben Smith Laurie Williams Motivation Policy, law, and regulations require audit mechanisms to record and examine interactions with protected health information Insider attack and/or general curiosity may lead to unauthorized access to protected health information The health informatics field needs standards that address implementation of software audit mechanisms for ensuring accountability and non- repudiation Chuvakin & Peterson CCHIT SANS IEEE 7 5 1 3 0 0 0 0 0 0 0 0 0 EHR Systems Studied Findings Software developers for EHR systems should focus on specific auditable events for managing protected health information, instead of basing their audit mechanisms on guidelines or checklists that contain generalized auditable event types Without strong audit mechanisms to ensure accountability and responsibility, healthcare software remains vulnerable to undetected misuse, both malicious and accidental, including insider threat Version / Release Date License Clientele Added Modules OpenEMR 3.2.0 / February 16, 2010 General Gnu Public License >30 million clients None OpenMRS 1.6.1 / March 28, 2010 OpenMRS Public License Internati onal client base Access Logging Module Tolven eCHR RC1 / May 28, 2010 Lesser General Public License US, Europe, Asia- Pacific Performa nce Plugin Satisfaction of General Auditable Events for User-based Non-repudiation Auditing EHR System Criteria Met Criteria Not Met Satisfaction Percent OpenEMR 2 14 12.5% OpenMRS 3 13 18.75% Tolven eCHR a 1 15 6.5% Satisfaction of Black-box Test Cases for User-based Non-repudiation Auditing System Pass Fail PNM N/A Total OpenEMR 3 37 0 18 58 OpenMRS 4 23 1 30 58 Tolven eCHR 0 27 2 29 58 Total 7 87 3 77 174 Percent 4.02% 50.00% 1.72% 44.25% General Auditab le Events Evaluat ion + Combine 4 professional sources of general auditable event guidelines + Extract 16 general auditable events influencing user- based non-repudiation Specifi c Auditab le Events Evaluat ion + Use Smith & Williams (2011) systematic security black-box test approach + Extract 58 audit test cases for specific auditable events Analysis of Results + Overall lack of auditing + Specific auditable events give a more adequate evaluation of auditing for user- based non-repudiation •Chuvakin & Peterson’s “Logging in the Age of Web Services” •Certification Commission for Health Information Technology •SysAdmin, Audit, Network, & Security Institute •IEEE Standard for Information Technology: Hardcopy Device & System Security

Upload: gilda

Post on 22-Feb-2016

34 views

Category:

Documents


0 download

Report

Tags:

DESCRIPTION

Modifying without a Trace. Jason King Ben Smith Laurie Williams. 0. 0. 0. 0. 0. General Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms. 0. 0. 0. 0. Motivation - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: Modifying without a Trace

Modifying without a TraceGeneral Audit Guidelines are Inadequate for Electronic Health Record Audit Mechanisms

Jason KingBen Smith

Laurie Williams

Motivation• Policy, law, and regulations require audit

mechanisms to record and examine interactions with protected health information

• Insider attack and/or general curiosity may lead to unauthorized access to protected health information

• The health informatics field needs standards that address implementation of software audit mechanisms for ensuring accountability and non-repudiation

Chuvakin & Peterson CCHIT

SANS IEEE

7

51

3

0

0 0

0 0

0

0

00

EHR Systems Studied

Findings• Software developers for EHR systems should

focus on specific auditable events for managing protected health information, instead of basing their audit mechanisms on guidelines or checklists that contain generalized auditable event types

• Without strong audit mechanisms to ensure accountability and responsibility, healthcare software remains vulnerable to undetected misuse, both malicious and accidental, including insider threat

Version / Release Date

License Clientele Added Modules

OpenEMR 3.2.0 / February 16, 2010

General Gnu Public License

>30 million clients

None

OpenMRS 1.6.1 / March 28, 2010

OpenMRS Public License

International client base

Access Logging Module

Tolven eCHR RC1 / May 28, 2010

Lesser General Public License

US, Europe, Asia-Pacific

Performance Plugin

Satisfaction of General Auditable Eventsfor User-based Non-repudiation Auditing

EHR System Criteria Met Criteria Not Met Satisfaction PercentOpenEMR

2 14 12.5%

OpenMRS 3

13 18.75%

Tolven eCHRa 1 15 6.5%

Satisfaction of Black-box Test Casesfor User-based Non-repudiation Auditing

System Pass Fail PNM N/A TotalOpenEMR 3 37 0 18 58OpenMRS 4 23 1 30 58

Tolven eCHR 0 27 2 29 58Total 7 87 3 77 174

Percent 4.02% 50.00% 1.72% 44.25%

General Auditable

Events Evaluation

+ Combine 4 professional sources of general auditable event guidelines+ Extract 16 general auditable events influencing user-based non-repudiation

Specific Auditable

Events Evaluation

+ Use Smith & Williams (2011) systematic security black-box test approach+ Extract 58 audit test cases for specific auditable events

Analysis of Results

+ Overall lack of auditing+ Specific auditable events give a more adequate evaluation of auditing for user-based non-repudiation

•Chuvakin & Peterson’s “Logging in the Age of Web Services”•Certification Commission for Health Information Technology•SysAdmin, Audit, Network, & Security Institute•IEEE Standard for Information Technology: Hardcopy Device & System Security

IM-USA ® Mag Card interface without modifying the Code © 2003 United Security Applications

Submitted to Statistical Science Trace-Contrast Models for …fewster/Fewster... · 2016. 2. 3. · Submitted to Statistical Science Trace-Contrast Models for Capture-Recapture without

Project Modifying

Modifying Irrevocable Trusts Using Nonjudicial Settlement ...media.straffordpub.com/products/modifying-irrevocable-trusts-using... · Modifying Irrevocable Trusts Using Nonjudicial

DNA MODIFYING ENZYMES - NEB or Manuals...DNA MODIFYING ENZYMES Instruction Manual NEB ® PCR Cloning Kit (with or without competent cells) be INSPIRED drive DISCOVERY stay GENUINE

H2 Computing 95971.2 BST vs. Hashing ... which prevents external code from interfering/modifying data values in the class. ... 4.4 Debugging Techniques Trace using print statements

Trace and Color Numerals Vertical - The Teaching …...Trace and Color Numbers 1-10 The Teaching Aunt’s without lines Free Printables

Without a trace thriller pitch

Modifying Tables

Without A Trace - Downward Spiral

WITH DAWES-REDMAN TRACE INTERPRETATION · Monitoring without limitations Never lose a trace, and maintain continuous monitoring with the optional internal battery, ideal for monitoring

Dynamic kernel patching Could we implement a new Linux system-call without modifying any officially released kernel sources?

Quantum Counterfactual Communication Without a Weak Trace › pdf › 1705.05628.pdf · 2018-10-01 · Quantum Counterfactual Communication Without a Weak Trace D. R. M. Arvidsson-Shukur

Modifying padlets

MOVING MONEY WITHOUT A TRACE New Payment Methods

Modifying Webinars

Drill bit noise imaging without pilot trace, a near-surface ......M. Asgharzadeh et al.: Drill bit noise imaging without pilot trace 1017 Figure 1. Interferometric transformation of

Chapter 7 Importing and Modifying Graphics. Chapter 7 Lessons 1.Understand and import graphics 2.Break apart bitmaps and use bitmap fills 3.Trace bitmap

Modifying Irrevocable Trusts Using Nonjudicial Settlement ...media.straffordpub.com/products/modifying... · 9/19/2017  · Modifying Irrevocable Trusts Using Nonjudicial Settlement

VANISHED WITHOUT A TRACE The enforced disappearance of … · VANISHED WITHOUT A TRACE: The enforced disappearance of opposition and dissent in Bangladesh - FIDH 7 Executive summary

BNL-103756-2014-CP TRACE SIMULATION OF BWR … · trace simulation of bwr anticipated transient without scram leading to emergency depressurization lap-yan cheng, ... (cst) or the

Spoken word recognition without a TRACE - CORE · Hannagan et al. Spoken word recognition without a TRACE. While TRACE is not a learning model, its ability to account for such a variety

Amazon AB Testing - Modifying & Measuring App Behaviors Without Republishing

Bellwork Is it possible to trace the following figure without retracing any lines and without lifting your pencil from the paper? If yes, trace the route

Without a trace

Using VisorFlow to Control Information Flow without ... · Using VisorFlow to Control Information Flow without Modifying the Operating System Kernel or its Userspace ... pitfalls

Fitting Modifying

WITHOUT A TRACE? - David Suzuki Foundation · A report prepared by the David Suzuki Foundation, Ontario Nature and Ecojustice ... disappear without a trace. ... Vol 21 Issue 9,

Modifying Objects

Ultra-Inert chemistry for Trace Level Analysis - Agilent · PDF fileUltra-Inert chemistry for Trace Level Analysis. Cikui Liang, ... 2. 1-Octene. 3. n-Octane. ... matrices without

Intel® Trace Analyzer · The example above opens the trace file poisson_icomm.single.stf in Intel Trace Analyzer. To open trace files in the Intel Trace Analyzer without restarting

BH Without A Trace

Vanishing Point- How to Disappear in America Without a Trace

Seismic Filtering - Geovariances€¦ · Geostatistics allows filtering efficiently seismic noise and artifacts without modifying the signal. Geovariances provides solutions from

Modifying Styles