Usually SIEM is about monitoring and analyzing log data coming from the IT infrastructure such as firewalls, routers, applications, and the like. But in Region Värmland in Sweden, LogPoint is at work logging medical record views. This helps Region Värmland to better comply with patient data laws, and safeguard citizens’ integrity.
Located in the western part of the country, bordering Norway, Region Värmland is one of 21 Regions in Sweden. The region is responsible for the healthcare and dental care of approx. 280.000 citizens. There are about 30 health centers in Värmland, and three hospitals are situated in the towns of Karlstad, Arvika, and Torsby across the region.
The Swedish Patient Data Act (In Swedish ”Patientdata-lagen”) protects the integrity of citizens by only allowing healthcare professionals who have an active care relation with the patient to access their medical records. As an example, a doctor or nurse may not access the medical records of their neighbor or spouse without a care relation. To lock down all records and provide access on a need-to-know basis is unsustainable, as it is impossible to predict what records medical professionals need to access in case of an emergency.