Effective audit trails--a taxonomy for determination of information requirements.

P. V. Asaro, R. L. Herting, A. C. Roth, M. R. Barnes

Research output: Contribution to journalArticlepeer-review

5 Scopus citations


Current methods of detecting confidentiality breaches in electronic medical record systems are inadequate, partially due to the lack of necessary information at the point of audit trail analysis. In order to determine the information requirements for effective audit trail analysis, we have formulated a taxonomy of confidentiality breaches. By considering scenarios in which an inappropriate access might occur, we have identified "indicators" of confidentiality breaches, which may be thought of as evidence suggesting the possibility that a confidentiality breach has occurred. The collection of facts needed to describe the indicators provides insight into the types of information needed to improve confidentiality breach detection. Much of the information needed is unlikely to be available in the patient record. Research is needed exploring means of collecting and utilizing information from sources other than the patient record for use in improving patient information security.

Original languageEnglish
Pages (from-to)663-665
Number of pages3
JournalProceedings / AMIA ... Annual Symposium. AMIA Symposium
StatePublished - 1999


Dive into the research topics of 'Effective audit trails--a taxonomy for determination of information requirements.'. Together they form a unique fingerprint.

Cite this