Abstract
While the healthcare industry is undergoing disruptive digital transformation, data breaches involving health information are not usually the result of integration of new technologies. Based on published industry reports, fundamental security safeguards are still considered to be lacking with many documented data breaches occurring as the result of device and equipment theft, human error, hacking, ransomware attacks and misuse. Health information is considered to be one of the most attractive targets for cybercriminals due to its inherent sensitivity, but digital investigations of incidents involving health information are often constrained by the lack of the necessary infrastructure forensic readiness. Following the analysis of healthcare data breach causes and threats, we describe the associated digital forensic readiness challenges in the context of the most significant incident causes. With specific focus on privilege misuse, we present a conceptual architecture for forensic audit logging to assist with capture of the relevant digital artefacts in support of possible future digital investigations.
| Original language | English |
|---|---|
| Article number | 7 |
| Journal | Journal of Medical Systems |
| Volume | 43 |
| Issue number | 1 |
| DOIs | |
| State | Published - Jan 1 2019 |
Bibliographical note
Publisher Copyright:© 2018, Springer Science+Business Media, LLC, part of Springer Nature.
Keywords
- Computer crime
- Forensics
- Health information management
- Security
- Threat
ASJC Scopus subject areas
- Medicine (miscellaneous)
- Information Systems
- Health Informatics
- Health Information Management
