Here’s a good example of how monitoring and logs can detect a problem and prevent even more problems.
Michigan Medicine detected an employee accessing patient records without legitimate need. The improper access began in December, 2021, and continued until it was caught by monitoring on January 25, 2022. Access was cut off on January 27 and the employee — who appeared to be snooping in the records of people in his community — was fired shortly after the wrongdoing was discovered.
Could it have been prevented or caught sooner? We’ll leave that discussion for another time, but I’m just glad to see that it was detected by their systems and addressed promptly.
See their notice on their website.