> Nor would hashing each entry separately prevent them from being
deleted. Deleting an entry indicating that so-and-so accessed
such-and-such a record at such-and-such a time would be a pretty serious
form of tampering.
There are ways to deal with this, such as hash the previous
record with the current record so that if a record is deleted, the hash
won't match. You won't recover the data, buy you'll know that a change
was made.
Okay. But does that comply with the standard? "Immutable" means "incapable
of being changed", not "changes can be detected after they occur".
The actual language of the standard I'm looking at is Item 10.4 of the New
York State EHR Functional Requirements, which says "The system must assure
that all audit logs maintained are immutable (cannot be changed or modified)."
Has anyone produced a system that has been officially recognized as
compliant with this or a similar standard?
Ken Dibble
www.stic-cil.org
_______________________________________________
Post Messages to: [email protected]
Subscription Maintenance: http://mail.leafe.com/mailman/listinfo/profox
OT-free version of this list: http://mail.leafe.com/mailman/listinfo/profoxtech
Searchable Archive: http://leafe.com/archives/search/profox
This message:
http://leafe.com/archives/byMID/profox/[email protected]
** All postings, unless explicitly stated otherwise, are the opinions of the
author, and do not constitute legal or medical advice. This statement is added
to the messages for those lawyers who are too stupid to see the obvious.
