ANALYSING ELECTRONIC HEALTH RECORD LOGS TO DETECT PRIVACY VIOLATIONS VIA CONFORMANCE CHECKING

Abstract

According to the Healthcare Data Breach Report - April 2021, more than 11 million healthcare data breaches have been reported in the year 2021. Major causes of these data breaches include accidental and deliberate information misuses in Health Information Systems (HISs) leading to privacy violations. After the-fact reviewing for information misuses needs to be integrated with current HISs, and a prominent solution is identifying information misuses through healthcare event log analysis. However, the lack of proper log formation and log analysis imposes major challenges for auditing after-the-fact to detect infor mation misuse. This study exploited the idea of conformance checking to detect health information privacy violations by examining healthcare logs. A case study of applying our approach to an emergency health management condition demonstrates how a violation of Health Insurance Portability and Accountability Act (HIPAA) privacy policies during clinical practices can be detected automatically.