Title: ICEIS 2013 - Proceedings of the 15th International Conference on Enterprise Information Systems Search for Conference Proceedings Publications

Pages: 46-53

15th International Conference on Enterprise Information Systems, ICEIS 2013

Angers, 4 July 2013 through 7 July 2013

ISI Web of Knowledge - 2 Citations

Scopus - 1 Citation

Authenticus ID: P-008-GVS

DOI: 10.5220/0004419200460053

Abstract (EN): Patients' privacy is critical in healthcare but users of Electronic Health Records (EHR) frequently circumvent existing security rules to perform their daily work. Users are so-called the weakest link in security but they are, many times, part of the solution when they are involved in systems' design. In the healthcare domain, the focus is to treat patients (many times with scarce technological, time and human resources) and not to secure their information. Therefore, security must not interfere with this process but be present, nevertheless. Security usability issues must also be met with interdisciplinary knowledge from human-computer-interaction, social sciences and psychology. The main goal of this paper is to raise security and usability awareness with the analysis of users' interaction logs of a BreakTheGlass (BTG) feature. This feature is used to restrict access to patient reports to a group of healthcare professionals within an EHR but also permit access control override in emergency and/or unexpected situations. The analysis of BTG user interaction logs allows, in a short time span and transparently to the user, revealing security and usability problems. This log analysis permits a better choice of methodologies to further apply in the investigation and resolution of the encountered problems.

Language: English

Type (Professor's evaluation): Scientific

No. of pages: 8