• E-mail
• Print
• RSS

Make use of technology to help spot inappropriate record access

HIM Connection, January 3, 2012

Want to receive articles like this one in your inbox? Subscribe to HIM Connection!

Build triggers into your electronic system to identify aberrant and atypical user behavior, said John C. Parmigiani, president of John C. Parmigiani & Associates, LLC, in Ellicott City, MD. For instance, data mining techniques can help you identify unusual activity that could signal inappropriate access to a patient’s medical record. Triggers to look for include:

• Unusual account creation/deletion
• High volumes of unsuccessful login attempts
• Unusually high Internet gateway activity
• Inappropriate or unauthorized network use
• Irregular behavior, including unusual slowdowns, slow response time, or display errors in system
• Unusually high volumes of database access or file creation, modification, or deletion
• Access attempts at odd hours of the day
• Accessing or attempting to access information or performing tasks beyond the scope of one’s regular job
• Unusually high volume of access to specific accounts
• Access privileges for terminated employees
• Changes to key files or directories
• Numerous attempts to login at the system administrator level
• Unexplained batch jobs, queues, or downloads
• Abnormally high utilization of a system’s central processing unit, memory, storage, network connection bandwidth, etc.

Audit logs with filtering can identify potential threats from users who are part of the workforce, Parmigiani said. Possible indicators of irregular user behavior can prompt further review.

Editor’s note: This tip has been adapted from an article which originally appeared in the December issue of Briefings on HIPAA.
 

Want to receive articles like this one in your inbox? Subscribe to HIM Connection!

• E-mail to a Colleague
• Print
• RSS
• Archive