Facial reconstruction

Search LJMU Research Online

Browse Repository | Browse E-Theses

Establishing Situational Awareness for Securing Healthcare Patient Records

Boddy, A, Hurst, W, MacKay, M and El Rhalibi, A Establishing Situational Awareness for Securing Healthcare Patient Records. In: International Journal on Advances in Life Sciences . (The Tenth International Conference on eHealth, Telemedicine, and Social Medicine eTELEMED 2018, 25 March 2018 - 29 March 2018, Rome, Italy). (Accepted)

[img]
Preview
Text
Establishing Situational Awareness for Securing Healthcare Patient Records.pdf - Published Version

Download (646kB) | Preview

Abstract

The healthcare sector is an appealing target to attackers due to the high value of patient data on the black market. Patient data can be profitable to illegal actors either through direct sale or extortion by ransom. Additionally, employees present a persistent threat as they are able to access the data of almost any patient without reprimand. Without proactive monitoring of audit records, data breaches go undetected and employee behaviour is not deterred. In 2016, 450 data breaches occurred affecting more than 27 million patient records. 26.8% of these breaches were due to hacking and ransomware. In May 2017, a global ransomware campaign adversely affected approximately 48 UK hospitals. Response to this attack, named WannaCry, resulted in hospital networks being taken offline, and non-emergency patients being refused care. Hospitals must maintain patient trust and ensure that the information security principles of Integrity, Availability and Confidentiality are applied to Electronic Patient Record EPR data. With over 83% of hospitals adopting EPRs, access to healthcare data needs to be monitored proactively for malicious activity. Therefore, this paper presents research towards a system that uses advanced data analytics techniques to profile user’s behaviour in order to identify patterns and anomalies. Visualisation techniques are then applied to highlight these anomalies to aid the situational awareness of patient privacy officers within healthcare infrastructures.

Item Type: Conference or Workshop Item (Paper)
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
R Medicine > RA Public aspects of medicine
Divisions: Computer Science & Mathematics
Publisher: IARIA
Date Deposited: 23 May 2019 09:53
Last Modified: 13 Apr 2022 15:16
URI: https://researchonline.ljmu.ac.uk/id/eprint/10038
View Item View Item