Cargando…
Analysis of the quality of hospital information systems audit trails
BACKGROUND: Audit Trails (AT) are fundamental to information security in order to guarantee access traceability but can also be used to improve Health information System’s (HIS) quality namely to assess how they are used or misused. This paper aims at analysing the existence and quality of AT, descr...
Autores principales: | , , , , , , |
---|---|
Formato: | Online Artículo Texto |
Lenguaje: | English |
Publicado: |
BioMed Central
2013
|
Materias: | |
Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3765814/ https://www.ncbi.nlm.nih.gov/pubmed/23919501 http://dx.doi.org/10.1186/1472-6947-13-84 |
_version_ | 1782283397270339584 |
---|---|
author | Cruz-Correia, Ricardo Boldt, Isabel Lapão, Luís Santos-Pereira, Cátia Rodrigues, Pedro Pereira Ferreira, Ana Margarida Freitas, Alberto |
author_facet | Cruz-Correia, Ricardo Boldt, Isabel Lapão, Luís Santos-Pereira, Cátia Rodrigues, Pedro Pereira Ferreira, Ana Margarida Freitas, Alberto |
author_sort | Cruz-Correia, Ricardo |
collection | PubMed |
description | BACKGROUND: Audit Trails (AT) are fundamental to information security in order to guarantee access traceability but can also be used to improve Health information System’s (HIS) quality namely to assess how they are used or misused. This paper aims at analysing the existence and quality of AT, describing scenarios in hospitals and making some recommendations to improve the quality of information. METHODS: The responsibles of HIS for eight Portuguese hospitals were contacted in order to arrange an interview about the importance of AT and to collect audit trail data from their HIS. Five institutions agreed to participate in this study; four of them accepted to be interviewed, and four sent AT data. The interviews were performed in 2011 and audit trail data sent in 2011 and 2012. Each AT was evaluated and compared in relation to data quality standards, namely for completeness, comprehensibility, traceability among others. Only one of the AT had enough information for us to apply a consistency evaluation by modelling user behaviour. RESULTS: The interviewees in these hospitals only knew a few AT (average of 1 AT per hospital in an estimate of 21 existing HIS), although they all recognize some advantages of analysing AT. Four hospitals sent a total of 7 AT – 2 from Radiology Information System (RIS), 2 from Picture Archiving and Communication System (PACS), 3 from Patient Records. Three of the AT were understandable and three of the AT were complete. The AT from the patient records are better structured and more complete than the RIS/PACS. CONCLUSIONS: Existing AT do not have enough quality to guarantee traceability or be used in HIS improvement. Its quality reflects the importance given to them by the CIO of healthcare institutions. Existing standards (e.g. ASTM:E2147, ISO/TS 18308:2004, ISO/IEC 27001:2006) are still not broadly used in Portugal. |
format | Online Article Text |
id | pubmed-3765814 |
institution | National Center for Biotechnology Information |
language | English |
publishDate | 2013 |
publisher | BioMed Central |
record_format | MEDLINE/PubMed |
spelling | pubmed-37658142013-09-08 Analysis of the quality of hospital information systems audit trails Cruz-Correia, Ricardo Boldt, Isabel Lapão, Luís Santos-Pereira, Cátia Rodrigues, Pedro Pereira Ferreira, Ana Margarida Freitas, Alberto BMC Med Inform Decis Mak Research Article BACKGROUND: Audit Trails (AT) are fundamental to information security in order to guarantee access traceability but can also be used to improve Health information System’s (HIS) quality namely to assess how they are used or misused. This paper aims at analysing the existence and quality of AT, describing scenarios in hospitals and making some recommendations to improve the quality of information. METHODS: The responsibles of HIS for eight Portuguese hospitals were contacted in order to arrange an interview about the importance of AT and to collect audit trail data from their HIS. Five institutions agreed to participate in this study; four of them accepted to be interviewed, and four sent AT data. The interviews were performed in 2011 and audit trail data sent in 2011 and 2012. Each AT was evaluated and compared in relation to data quality standards, namely for completeness, comprehensibility, traceability among others. Only one of the AT had enough information for us to apply a consistency evaluation by modelling user behaviour. RESULTS: The interviewees in these hospitals only knew a few AT (average of 1 AT per hospital in an estimate of 21 existing HIS), although they all recognize some advantages of analysing AT. Four hospitals sent a total of 7 AT – 2 from Radiology Information System (RIS), 2 from Picture Archiving and Communication System (PACS), 3 from Patient Records. Three of the AT were understandable and three of the AT were complete. The AT from the patient records are better structured and more complete than the RIS/PACS. CONCLUSIONS: Existing AT do not have enough quality to guarantee traceability or be used in HIS improvement. Its quality reflects the importance given to them by the CIO of healthcare institutions. Existing standards (e.g. ASTM:E2147, ISO/TS 18308:2004, ISO/IEC 27001:2006) are still not broadly used in Portugal. BioMed Central 2013-08-06 /pmc/articles/PMC3765814/ /pubmed/23919501 http://dx.doi.org/10.1186/1472-6947-13-84 Text en Copyright © 2013 Cruz-Correia et al.; licensee BioMed Central Ltd. http://creativecommons.org/licenses/by/2.0 This is an Open Access article distributed under the terms of the Creative Commons Attribution License (http://creativecommons.org/licenses/by/2.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited. |
spellingShingle | Research Article Cruz-Correia, Ricardo Boldt, Isabel Lapão, Luís Santos-Pereira, Cátia Rodrigues, Pedro Pereira Ferreira, Ana Margarida Freitas, Alberto Analysis of the quality of hospital information systems audit trails |
title | Analysis of the quality of hospital information systems audit trails |
title_full | Analysis of the quality of hospital information systems audit trails |
title_fullStr | Analysis of the quality of hospital information systems audit trails |
title_full_unstemmed | Analysis of the quality of hospital information systems audit trails |
title_short | Analysis of the quality of hospital information systems audit trails |
title_sort | analysis of the quality of hospital information systems audit trails |
topic | Research Article |
url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC3765814/ https://www.ncbi.nlm.nih.gov/pubmed/23919501 http://dx.doi.org/10.1186/1472-6947-13-84 |
work_keys_str_mv | AT cruzcorreiaricardo analysisofthequalityofhospitalinformationsystemsaudittrails AT boldtisabel analysisofthequalityofhospitalinformationsystemsaudittrails AT lapaoluis analysisofthequalityofhospitalinformationsystemsaudittrails AT santospereiracatia analysisofthequalityofhospitalinformationsystemsaudittrails AT rodriguespedropereira analysisofthequalityofhospitalinformationsystemsaudittrails AT ferreiraanamargarida analysisofthequalityofhospitalinformationsystemsaudittrails AT freitasalberto analysisofthequalityofhospitalinformationsystemsaudittrails |