Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
News

Data Governance And The Prevention of Record Falsification

Varonis Systems : 12 July, 2012  (Technical Article)
Varonis comments on the need for improved data governance to prevent fraudulent record manipulation as took place at Canberra Hospital
Data Governance And The Prevention of Record Falsification
Commenting on reports that a Canberra hospital manager has admitted to changing A&E patient records to make it appear the department was more efficient than it actually was, Varonis Systems says that the possibility of this happening in the US and UK healthcare sectors cannot be ruled out.

Data manipulation, says David Gibson, vice president of strategy with the data governance specialist, has been going on for far longer than computers have been around – it’s just that computers have made this type of fraud a lot easier, he explained.

“This Australian case is interesting from a governance perspective, as the manager concerned has admitted his department tweaked around six per cent of the database in order to make the patient wait times – and hospital stays – appear shorter than they actually were,” he said.

“You could argue that, since patient care and welfare was not affected, this was not a major issue, but as a growing number of healthcare organisations operate on the basic of efficiency targets, there are obvious budgetary issues involved here,” he added.

Gibson went on to say that the $64,000 question that healthcare managers in other jurisdictions of the world need to ask is whether this kind of data manipulation could be happening in their organisations – and the answer, he says, is that without strong data governance audit systems in place, they cannot be sure.

The reality, the Varonis VP of strategy notes, is that there are clear financial and management consequences from data manipulation. And this, says Gibson, is where effective data governance can step in and assist. By automating the security of structured and unstructured data – up to 80 per cent of data falls into the unstructured category, Varonis has found – managers can discover whether data manipulation is taking place.

David Gibson recommends the following steps for making unstructured data more secure:

* Reduce read access to critical data to only those who require it
* Reduce modify access even further - as few people as possible should be able to make changes to these files
* Changes to critical data should be monitored and then reviewed for accuracy by at least one other individual— even performing random checks on a subset of changes can make a difference.

For structured data, Gibson explains, there are often options to restrict and audit field-level manipulation with automation to prevent or catch potential issues, but the same manual process described above may be used.

“Had this type of process been in place at this Canberra hospital, then the data manipulation by this manager would have been discouraged, caught, or prevented. Effective data governance really does work.”
Bookmark and Share
 
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
 
   © 2012 ProSecurityZone.com
Netgains Logo