Reference Hub

This research has been cited in:

Conference
Analysing digital evidence towards enhancing healthcare security practice: The KID model2022 1st International Conference on AI in Cybersecurity (ICAIC)10.1109/ICAIC53980.2022.9897055
Article
Using automated methods to detect safety problems with health information technology: a scoping reviewJournal of the American Medical Informatics Association10.1093/jamia/ocac220
Article
A systematic analysis of failures in protecting personal health data: A scoping reviewInternational Journal of Information Management10.1016/j.ijinfomgt.2023.102719

Misuse of ‘Break-the-Glass' Policies in Hospitals: Detecting Unauthorized Access to Sensitive Patient Health Data

Benjamin Stark, Heiko Gewald, Heinrich Lautenbacher, Ulrich Haase, Siegmar Ruff

Source Title: International Journal of Information Security and Privacy (IJISP)12(3)

ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781522543084|DOI: 10.4018/IJISP.2018070106

Cite Article Cite Article

MLA

Stark, Benjamin, et al. "Misuse of ‘Break-the-Glass' Policies in Hospitals: Detecting Unauthorized Access to Sensitive Patient Health Data." IJISP vol.12, no.3 2018: pp.100-122. http://doi.org/10.4018/IJISP.2018070106

APA

Stark, B., Gewald, H., Lautenbacher, H., Haase, U., & Ruff, S. (2018). Misuse of ‘Break-the-Glass' Policies in Hospitals: Detecting Unauthorized Access to Sensitive Patient Health Data. International Journal of Information Security and Privacy (IJISP), 12(3), 100-122. http://doi.org/10.4018/IJISP.2018070106

Chicago

Stark, Benjamin, et al. "Misuse of ‘Break-the-Glass' Policies in Hospitals: Detecting Unauthorized Access to Sensitive Patient Health Data," International Journal of Information Security and Privacy (IJISP) 12, no.3: 100-122. http://doi.org/10.4018/IJISP.2018070106

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

This article describes how the information about an individual's personal health is among ones most sensitive and important intangible belongings. When health information is misused, serious non-revertible damage can be caused, e.g. through making intimidating details public or leaking it to employers, insurances etc. Therefore, health information needs to be treated with the highest degree of confidentiality. In practice it proves difficult to achieve this goal. In a hospital setting medical staff across departments often needs to access patient data without directly obvious reasons, which makes it difficult to distinguish legitimate from illegitimate access. This article provides a mechanism to classify transactions at a large university medical center into plausible and questionable data access using a real-life data set of more than 60,000 transactions. The classification mechanism works with minimal data requirements and unsupervised data sets. The results were evaluated through manual cross-checks internally and by a group of external experts. Consequently, the hospital's data protection officer is now able to focus on analyzing questionable transactions instead of checking random samples.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Misuse of ‘Break-the-Glass' Policies in Hospitals: Detecting Unauthorized Access to Sensitive Patient Health Data

MLA

APA

Chicago

Export Reference

Abstract

Request Access