User Activity Monitoring: Who, When, What, Where, and How
All healthcare organizations, both large and small, have multiple users accessing sensitive patient information on a daily basis. With such a high volume of activity within a complex infrastructure, isolating inappropriate patient access or suspicious activity as it occurs can be a challenge, necessitating the time and effort of numerous key information security personnel – particularly when multiple administrative applications are in use across a multi-facility network.
While HIPAA and state laws mandate the installation of audit trails and internal record monitoring protocols, these logs are better used for investigations and proactive monitoring. Only a comprehensive solution like FairWarning’s Patient Privacy Intelligence can effectively provide real-time user activity monitoring.
FairWarning’s Patient Privacy Intelligence uses both user activity monitoring and user behavior analytics. By logging user activities and applying analysis of the patterns associated with those activities, FairWarning is able to create real-time alerts to identify high-risk users and potential breaches.
Some of the suspicious behaviors detected by our user-centric monitoring techniques include:
- Coworker file access detection
- Family member file access detection
- VIP file access detection
- Deceased person file access detection
Such alerts initiate immediate investigative measures by information security personnel and any relevant supervisory staff. Furthermore, super-user or privileged access is identified and monitored using additional compliance protocols.
Continual, Flexible Monitoring
Continual user activity monitoring must be accompanied by dynamic and targeted filtering in order to assure meaningful reporting. While consistent monitoring and alerts have inherent value, a customized, fine-tuned approach is essential in order to mitigate false positives of repeated alerts that are actually normal or expected behaviors. In addition to customizing your monitoring system’s configuration to fit your needs, you must manage your data’s integrity. Data integrity will help reduce the amount of reported false positives.
Numerous circumstances may fall under the umbrella of the forensic audit: from employees leaving the organization, to the investigation of misconduct. The individual situation necessitating the report will dictate the simplicity or complexity of the investigation.
It is essential that governance protocols are in place in order to demonstrate regulatory adherence, and to provide documentation of legally defensible action. When employees are found to be engaging in legally or ethically questionable behaviors through user activity monitoring that result in termination, the responsibility may be on the organization to respond to a wrongful termination suit.
Although self-protection is a key factor in user activity monitoring, it is no less crucial to maintain aggressive internal security protocols to demonstrate information protection vigilance to patients and the general public. Such dedication to procedural transparency and data integrity creates trust between patient and provider.
For more information on FairWarning user activity monitoring for your EHR cloud applications, please contact us for a thorough consultation.