Paper: Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry | New World D0mber

Paper: Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry

24/08/2012

Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry

Abstract:

not available

Information:

Position paper by Jason King, Laurie Williams – HealthSec’12 – PDF Download

Brief Discussion:

I read this article because I wanted to see the differences between PCI (Payment Card Industry) and HIT (Health Information Technology) in terms of logging requirements from an academic security perspective. The authors are quite right with their statement: “If cardholder data is breached in the PCI, payment card companies may then remove fraudulent charges from the customer’s account and/or issue the customer a new payment card. However, once a person’s PHI has been breached, the PHI has been breached forever.”

In the short paper, you can find some brief comparison of logging requirements between PCI and HIT and also find the outcome, that HIT needs to catch up with the PCI and hopefully surpass the PCI in terms of securing and protecting personal heath information. Interesting …

About these ads

Posted in Uncategorized | Tagged forensic, research |

Leave a Reply Cancel reply

Enter your comment here...

Fill in your details below or click an icon to log in:

Email (required) (Address never made public)

Name (required)

Website

You are commenting using your WordPress.com account. ( Log Out / Change )

You are commenting using your Twitter account. ( Log Out / Change )

You are commenting using your Facebook account. ( Log Out / Change )

Connecting to %s

DDD – D0mber’s Digital Dunghill

The postings on this site are my own and don't necessarily represent my employer's positions, strategies or opinions.

www.cloud-investigation.com
Search this blog
Domber’s Tweets
- "@c3o: Exponential growth is only found in capitalism, cancer, and my todo list." <-- so true 22 hours ago
- "Digitale Forensik in IaaS-Cloud-Umgebungen" - BSI Kongress 2013 - bsi.bund.de/SharedDocs/Dow… 1 week ago
- "@moxie: A Saudi Arabia telecom tried to hire me to work on their surveillance system: thoughtcrime.org/blog/saudi-sur…" <-- impressive read 1 week ago
- RT @mikko: A nice collection of website security seals, if I say so myself! pinterest.com/mikkohypponen/… 2 weeks ago
- Video/Paper for #Crypto 2012 "#Public #Key" talk - iacr.org/cryptodb/data/… 2 weeks ago
- Nice! Design and Implementation of FROST: Digital Forensic Tools for the OpenStack Cloud Computing Platform csee.umbc.edu/~dykstra/DFRWS… 3 weeks ago
- RAM is Key - Extracting Disk Encryption Keys From Volatile Memory - cryptome.org/0003/RAMisKey.… 3 weeks ago
- RT @emd3l: Actaeon - Memory forensics of virtualization environments - s3.eurecom.fr/tools/actaeon/ #volatility #dfir #virtualization 1 month ago
- #Hiking the #Nibelungensteig / 120 KM, 4000 m Elevation Gains in 40 Hours - d0mber.wordpress.com/2013/04/13/hik… 1 month ago
- "Innovation comes from uncertainty, risk, and experimentation - if you know it will work, it isn't creative." Via HBR 1 month ago
Flickr

More Photos
Buzzword-Cloud

cloud security forensic outdoor packraft research switzerland

Follow

Follow “New World D0mber”

Powered by WordPress.com

%d bloggers like this: