Table of Contents Author Guidelines Submit a Manuscript
BioMed Research International
Volume 2015, Article ID 542016, 12 pages
http://dx.doi.org/10.1155/2015/542016
Research Article

EMRlog Method for Computer Security for Electronic Medical Records with Logic and Data Mining

1Departamento de Ciencias Computacionales, Tecnológico de Monterrey, Campus Cuernavaca, Autopista del Sol Km 104, Colonia Real del Puente, 62790 Xochitepec, MOR, Mexico
2Tecnológico Nacional de México, Instituto Tecnológico de Ciudad Madero, Avenida 1 de Mayo, Esquina Sor Juana Inés de la Cruz s/n, Colonia Los Mangos, 89440 Madero, TAMPS, Mexico
3Tecnológico de Monterrey, Escuela de Ingeniería y Ciencias, Carretera Lago de Guadalupe, Km. 3.5, 52926, MEX, Mexico

Received 24 January 2015; Revised 26 April 2015; Accepted 21 May 2015

Academic Editor: Shigehiko Kanaya

Copyright © 2015 Sergio Mauricio Martínez Monterrubio et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

Abstract

The proper functioning of a hospital computer system is an arduous work for managers and staff. However, inconsistent policies are frequent and can produce enormous problems, such as stolen information, frequent failures, and loss of the entire or part of the hospital data. This paper presents a new method named EMRlog for computer security systems in hospitals. EMRlog is focused on two kinds of security policies: directive and implemented policies. Security policies are applied to computer systems that handle huge amounts of information such as databases, applications, and medical records. Firstly, a syntactic verification step is applied by using predicate logic. Then data mining techniques are used to detect which security policies have really been implemented by the computer systems staff. Subsequently, consistency is verified in both kinds of policies; in addition these subsets are contrasted and validated. This is performed by an automatic theorem prover. Thus, many kinds of vulnerabilities can be removed for achieving a safer computer system.