Please click on the link to read the following article:
- AHIMA, “Security Audits of Electronic Health Information (Updated).” Journal of AHIMA 82, no. 3 (March 2011): 46-50.
After reading the article, review the sections on Technical Safeguards, including Access Control and Audit Controls in this module’s reading assignment. The author states that audit controls are “‘hardware, software, and /or procedural mechanisms that record and examine activity in information systems.’ Most information systems provide some level of audit controls and audit reports. These are useful, especially when determining if a security violation occurred” (Gartee, p. 404).
Next, review the information presented in the table. This data was pulled to view a general login and logout pattern in the EHR for hospital staff on the morning listed (01/05/16). These are descriptions of these staff members’ positions.
- Joann Ward is a nurse who works in the general surgery floor.
- Steven Williams is a registration clerk who works in the radiology department.
- Lee Worley is a health information clerk who processes requests for records from other healthcare providers and facilities.
- Mary Smith is a nurse who works in the labor and delivery unit.
Employee Dept Date Log In Pt # Pt Type Log out Patient Name JOANN WARD Surg 1/5/16 8:00 1223 Surg 8:17 Olson, Tom Surg 9:20 5776 Surg 9:24 Stanford, Gary Surg 9:26 3987 Surg 9:45 Johnson, George STEVEN WILLIAMS Radiology 1/5/16 8:05 3463 Radiology 8:08 Finch, Larry Radiology 8:35 5776 Surg 9:02 Stanford, Gary Radiology 9:03 1234 Radiology 9:07 Jones, Joe LEE WORLEY HIM 1/5/16 8:05 5776 Surg 8:15 Stanford, Gary HIM 8:45 9874 L&D 8:55 Ngyen, Mai HIM 9:15 1223 Surg 9:24 Olson, Tom MARY SMITH L&D 1/5/16 8:30 9874 L&D 8:45 Ngyen, Mai L&D 8:45 4858 Psychiatry 9:00 Smith, John L&D 9:00 9977 L&D 9:30 Tupper, Ann L&D 9:30 1124 L&D 10:00 West, Janet
Given this information, answer the following questions:
- What can you tell from this audit log about Patient Gary Stanford’s visit?
- What can you tell from this audit log about Mai Ngyen’s visit?
- Do the staff members’ logins seem appropriate?
- Is there anything you would question on this audit log?
Your response to this audit should be a two page document (four-five paragraphs) to provide a complete response to the audit results based on each of the roles.