Edith Cowan University, Perth, Australia.
University of Kentucky, Lexington, KY, 40506-0224, USA.
J Med Syst. 2018 Nov 28;43(1):7. doi: 10.1007/s10916-018-1123-2.
While the healthcare industry is undergoing disruptive digital transformation, data breaches involving health information are not usually the result of integration of new technologies. Based on published industry reports, fundamental security safeguards are still considered to be lacking with many documented data breaches occurring as the result of device and equipment theft, human error, hacking, ransomware attacks and misuse. Health information is considered to be one of the most attractive targets for cybercriminals due to its inherent sensitivity, but digital investigations of incidents involving health information are often constrained by the lack of the necessary infrastructure forensic readiness. Following the analysis of healthcare data breach causes and threats, we describe the associated digital forensic readiness challenges in the context of the most significant incident causes. With specific focus on privilege misuse, we present a conceptual architecture for forensic audit logging to assist with capture of the relevant digital artefacts in support of possible future digital investigations.
虽然医疗保健行业正在经历颠覆性的数字化转型,但涉及健康信息的数据泄露通常不是新技术整合的结果。根据已发布的行业报告,许多有记录的数据泄露仍然被认为是缺乏基本安全保障造成的,这些数据泄露的原因包括设备和器械被盗、人为错误、黑客攻击、勒索软件攻击和滥用等。由于健康信息固有的敏感性,它被认为是网络犯罪分子最具吸引力的目标之一,但由于缺乏必要的基础设施取证准备,对涉及健康信息的事件的数字调查往往受到限制。在分析了医疗保健数据泄露的原因和威胁之后,我们在最重要的事件原因的背景下描述了相关的数字取证准备挑战。我们特别关注特权滥用,提出了一种取证审计日志记录的概念架构,以帮助捕获相关的数字证据,为可能的未来数字调查提供支持。
