Alarmingly, the OIG found that 44 percent of hospitals can delete audit logs. Four EHR vendors surveyed said audit logs cannot be disabled in their systems, but one noted a programmer could disable them. The OIG also said EHRs poorly designed or used inappropriately can result in poor data quality or fraud."
"Hospitals 'may not be using recommended EHR audit functions to their full extent' and '44% can delete logs'."The OIG recommended "audit logs be operational whenever EHR technology is available for updates or viewing," and "ONC and CMS develop a comprehensive plan to address fraud problems in EHRs."
- Office of the Inspector General
Tampering with logs can easily and rapidly be determined by low-cost on-demand SaaS analytics services.
Download a white paper on patient privacy breach detection. Learn how to proactively identify unauthorized breaches of patient data privacy, even by authorized users - with no hardware and no on-site software.Sources:
(a) OIG takes hospitals to task on EHR use - www.HealthcareITnews.com, 12/16/2013