Does your organization work with patient records? Then you know how important it is that not just anyone can view every record. Many healthcare organizations randomly check that the right people, are viewing the right records. It's a measure often taken for lack of a better alternative. But the chances of coming across something in a spot check on thousands of views are very small. The NIS2 provides healthcare facilities with clear guidelines to protect sensitive medical information from data breaches and other threats and sets clear incident reporting requirements. With the incident reporting requirement of the NIS2, it is important to perform better analysis on who is accessing patient records so that you detect incidents in time. Therefore, in collaboration with the Martini Hospital Logspect developed. Logspect is an application that analyzes all consultations of an electronic health record (EHR).
Reporting requirement from the NIS2
In the Netherlands, specific rules for logging access to patient records apply anyway. According to the Supplementary Provisions on Data Processing in Healthcare Act, you have to record who has access to electronic records and who works in them. But as mentioned earlier, this was allowed on a random basis. However, the NIS2 sets clear requirements for incident reporting. An incident is defined as an event that compromises the availability, authenticity, integrity or confidentiality of data or services. This can happen, for example, when unauthorized individuals gain access to patient records. With Logspect, you can detect all incidents and thus comply with the reporting requirement from the NIS2.
100% from analyzing SPD consultations
With Logspect, we give your organization more tooling to get a complete picture of EHR consultations. In fact, Logspect enables automatic analysis of 100% of EHR consultations. Unlike sampling, this means that the privacy of all patients is better safeguarded.
How does that work?
Logspect analyzes views of patient records for anomalies. These anomalies can be detected in two ways:
- The user sets criteria
It is possible for the users, for example your security officers, to set up criteria that the person viewing the file must meet. With this, for example, the user chooses to compare values. The flexible setup allows you to read in and compare almost any data imaginable, departments, maiden names, functions, etc.
For example: The last name of the employee accessing the record must not match the patient's name or the employee must be scheduled in the same department where the patient is being treated.
- Notable insights
Conspicuous views are views in the log data that stand out from the "normal" pattern. Logspect detects these views and marks them as deviations.
Example: A physician often looks at a particular file, which no other employees are otherwise looking at. This contrasts with the normal pattern, causing Logspect to detect this as an abnormality.
The user views reports of detected anomalies through a dashboard. These anomalies can then be investigated further by viewing the data the underlying views. The data is displayed anonymously. This means that only the relationship between the data has meaning, but not the data itself. This allows the user to perform their analysis without bias.
Should the situation call for it, it is possible to trace the pseudonymized data back to the original data of the individuals involved, for example, if you want to investigate the situation further after analyzing an anomaly.
Improvements Logspect after use in practice
Logspect has already proven itself in practice at several hospitals and healthcare providers. Through testing in practice, it became clear which improvements were needed.
Showing proof
When you have conducted controls over access to patient records, you want to be able to demonstrate this to an external auditor, to show that your organizations complies with the guidelines. Logspect therefore offers the ability to show proof that you are conducting these audits. This means that you can show what controls were performed and when, which is essential for a transparent and verifiable audit trail.
Grouping views
It is essential to have clear insight when a user repeatedly violates one or more rules. That's why we added functionality in Logspect to group permissions by user. This feature allows you to aggregate multiple violations by a user, allowing you to identify patterns and take targeted action, such as informing a supervisor.
Linking applications
Detecting anomalies requires information from a variety of sources. Consider patient records, data on who has viewed the records, and sometimes scheduling information. All of this data comes from different applications. With Logspect, it is possible to link these different applications to provide an integrated and complete overview.
Why Logspect
Logspect offers comprehensive control over patient record views, giving you much greater control over what is happening within your organization. Instead of limited sampling, you can analyze all views for peculiar patterns, leading to better management of patient data. In addition, Logspect raises awareness among employees; by informing them of the improved controls, they will be more careful about viewing records. For want of better, in the past it was okay to perform spot checks on accesses to patient records. But with the advent of Logspect, it is now possible to do a full audit, allowing you to safeguard the privacy of your patients even better.
Using Logspect?
We offer Logspect through our partner Nestor Security. Working together, we implement the tool and make sure you can analyze your log data.