Anatomy of log files: Implications for information accountability measures

Due to the growing use of digital technologies and Electronic Health Record systems, new auditing mechanisms are needed to help protect stakeholders from information misuse, both deliberate and accidental. Electronic storage of health records and use of sensor networks, wearable and ubiquitous health tracking devices raise numerous privacy related threats for both healthcare providers and their patients. A purely preventive approach to information access is not appropriate in healthcare scenarios, especially during emergencies, so after-the-fact justifications are needed to manage information handling risks in such an environment. To allow such justifications we need to analyse the root causes for unusual human actions or behaviours but current system event logs are inadequate for this purpose. Hence, a better solution would be to generate audit logs sufficient for analysing information use anomalies. Here we explain the limitations of existing event logs in clinical settings when attempting to perform after-the-fact justifications as part of a clinical Information Accountability system. From this we recommend additional features that must be added to event logs to support a healthcare-based Information Accountability Framework.