Secure Logging and Auditing in Electronic Health Records Systems: What Can We Learn from the Payment Card Industry

Introduction Both health information technology (HIT) and the payment card industry (PCI) involve the exchange and management of sensitive, protected information. Compared to the PCI, HIT could consider protected health information (PHI) more sensitive than PCI cardholder data. If cardholder data is breached in the PCI, payment card companies may then remove fraudulent charges from the customer’s account and/or issue the customer a new payment card. However, once a person’s PHI has been breached, the PHI has been breached forever. Healthcare organizations cannot issue new health histories or new identities to affected individuals. Secure logging and auditing may deter users from performing unauthorized transactions with PHI since an irrefutable trace of the user’s activity is recorded. Logging and auditing also provides an accounting of PHI disclosures for assisting data breach investigations. Secure logging and auditing is one mechanism EHR systems should implement to promote security, user accountability, and trust. The objective of this paper is to raise awareness of issues around electronic health record logging and auditing mechanisms through a comparison with the Payment Card Industry Data Security Standards. With the recent push to move all health records to electronic format, the healthcare industry needs to define better standards for secure logging and auditing in EHR systems.