学位论文详细信息
Explanation-Based Auditing.
Data Security;Computer Science;Engineering;Computer Science and Engineering
Fabbri, DanielCafarella, Michael John ;
University of Michigan
关键词: Data Security;    Computer Science;    Engineering;    Computer Science and Engineering;   
Others  :  https://deepblue.lib.umich.edu/bitstream/handle/2027.42/97860/dfabbri_1.pdf?sequence=1&isAllowed=y
瑞士|英语
来源: The Illinois Digital Environment for Access to Learning and Scholarship
PDF
【 摘 要 】

Recent U.S. legislation such as the Affordable Care Act, HIPAA and HITECH outline rules governing the appropriate use of personal health information (PHI). Unfortunately, current technologies do not meet the security requirements of these regulations. In particular, while electronic medical records (EMR) systems maintain detailed audit logs that record each access to PHI, the logs contain too many accesses for compliance officers to practically monitor, putting PHI at risk. This thesis presents the explanation-based auditing system, which aims to filter appropriate accesses from the audit log so compliance officers can focus their efforts on suspicious behavior. The main observation of the system is that most appropriate accesses to medical records occur for valid clinical or operational reasons in the process of treating a patient, while inappropriate accesses do not. This thesis discusses how explanations for accesses (1) capture these clinical and operational reasons, (2) can be mined directly from the EMR database, (3) can be enhanced by filling-in frequently missing types of data, and (4) can drastically reduce the auditing burden.

【 预 览 】
附件列表
Files Size Format View
Explanation-Based Auditing. 2781KB PDF download
  文献评价指标  
  下载次数:18次 浏览次数:17次