User Activity Monitoring

June 5, 2017 Christina Lembo

User Activity Monitoring

User Activity Monitoring: Who, When, What, Where, and How

All healthcare organizations, both large and small, have multiple users accessing sensitive patient information on a daily basis. With such a high volume of activity within a complex infrastructure, isolating inappropriate patient access or suspicious activity as it occurs can be a challenge, necessitating the time and effort of numerous key information security personnel – particularly when multiple administrative applications are in use across a multi-facility network.

While HIPAA and state laws mandate the installation of audit trails and internal record monitoring protocols, these logs are better used for investigations and proactive monitoring. Only a comprehensive solution like FairWarning’s Patient Privacy Intelligence can effectively provide real-time user activity monitoring.

FairWarning’s Patient Privacy Intelligence uses both user activity monitoring and user behavior analytics. By logging user activities and applying analysis of the patterns associated with those activities, FairWarning is able to create real-time alerts to identify high-risk users and potential breaches.

Some of the suspicious behaviors detected by our user-centric monitoring techniques include:

  • Coworker file access detection
  • Family member file access detection
  • VIP file access detection
  • Deceased person file access detection

Such alerts initiate immediate investigative measures by information security personnel and any relevant supervisory staff. Furthermore, super-user or privileged access is identified and monitored using additional compliance protocols.

Continual, Flexible Monitoring

Continual user activity monitoring must be accompanied by dynamic and targeted filtering in order to assure meaningful reporting. While consistent monitoring and alerts have inherent value, a customized, fine-tuned approach is essential in order to mitigate false positives of repeated alerts that are actually normal or expected behaviors. In addition to customizing your monitoring system’s configuration to fit your needs, you must manage your data’s integrity. Data integrity will help reduce the amount of reported false positives.

Forensic Auditing

Numerous circumstances may fall under the umbrella of the forensic audit: from employees leaving the organization, to the investigation of misconduct. The individual situation necessitating the report will dictate the simplicity or complexity of the investigation.

Governance Reporting

It is essential that governance protocols are in place in order to demonstrate regulatory adherence, and to provide documentation of legally defensible action. When employees are found to be engaging in legally or ethically questionable behaviors through user activity monitoring that result in termination, the responsibility may be on the organization to respond to a wrongful termination suit.

Although self-protection is a key factor in user activity monitoring, it is no less crucial to maintain aggressive internal security protocols to demonstrate information protection vigilance to patients and the general public. Such dedication to procedural transparency and data integrity creates trust between patient and provider.

For more information on FairWarning user activity monitoring for your EHR cloud applications, please contact us for a thorough consultation.

Previous Article
Why Your Security Is Only as Good as Your Data Quality
Why Your Security Is Only as Good as Your Data Quality

Much focus these days is placed on protecting EHR data from external threats, and rightly so. But assuring ...

Next Article
What Is an Audit Trail, and Why Is It Important?
What Is an Audit Trail, and Why Is It Important?

What is an audit trail? Audit trails are a critical component of Patient Privacy Intelligence – they docume...