Automated Detection of Anomalous Accesses to Electronic Health Records

自动检测电子健康记录的异常访问

• 批准号: 8882547
• 负责人: Bradley A. Malin
• 金额: $ 0.01万
• 依托单位: VANDERBILT UNIVERSITY
• 依托单位国家: 美国
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-30 至 2016-04-29
• 项目状态: 已结题
• 来源: https://reporter.nih.gov/project-details/8882547
• 关键词: Accounting; Administrator; Admission activity; Adopted; Architecture; Attention; Behavior; Businesses; Caring; Case Manager; Case Study; Clinical; Collaborations; Complement; Complex; Computer software; Data; Data Security; Detection; Documentation; Electronic Health Record; Employee; Engineering; Ensure; Entropy; Event; Goals; Grant; Graph; Healthcare; Healthcare Systems; Inpatients; Institution; Interdepartmental Relations; Internet; Lead; Learning; Machine Learning; Measures; Medical; Medical Errors; Medical Records; Medical center; Methods; Mining; Modeling; Molecular; Movement; Neonatal Intensive Care; Neonatology; Pathway interactions; Patient Care; Patients; Pattern; Patterns of Care; Phase; Practice Management; Primary Health Care; Privacy; Process; Productivity; Provider; Recording of previous events; Regulation; Research; Research Personnel; Safety; Semantics; Surface; Surveys; System; Techniques; Technology; Testing; Time; Trust; Variant; Work; base; care delivery; comparative; cost; data mining; design; follow-up; health information technology; infancy; innovation; novel strategies; open source; operation; organizational structure; payment; programs; software systems; ward

DESCRIPTION (provided by applicant): Health information technology (HIT) can lower costs, strengthen productivity, and promote safety. To realize such benefits on a large scale, healthcare organizations (HCOs) are adopting electronic health records (EHRs) to provide various capabilities. Yet, as EHRs and the healthcare workforce grow in diversity, so does their complexity. This is a concern because evidence suggests complex HIT can interrupt care delivery, contribute to medical errors, and expose patient data to privacy breaches. Moreover, such events tend to be discovered only after they transpire en masse, leading to negative media coverage, loss of patients' trust, and sanctions. Federal regulations now enable patients to receive accountings of who accessed their medical records during treatment, payment, and operations related activities. Yet, for patients to make sense of such accountings, they need to be provided with explanations regarding the extent to which accesses are normal in the context of routine HCO activities. We believe that relating specific accesses to patterns of healthcare operations can help explain how medical records are utilized. Unfortunately, many of the aforementioned problems manifest because EHR utilization patterns rarely guide the design and refinement of healthcare management practices. Thus, the overarching objective of our research is to develop novel strategies to automatically learn HCO behavior based on EHR usage. The past several years has witnessed a flurry of activity in this field, but it remains in is infancy and has only scratched the surface of care patterns and the types of anomalies that can be detected. Through this project, we propose to develop anomaly detection methods that integrate the semantics of healthcare operations and allow for the detection of workflows over time. This will enable HCOs and patients to audit in a meaningful way. Moreover, we believe the innovation and dissemination of such data mining strategies will enable HCOs to detect anomalous events that indicate system misuse and patients who require special attention, but also effectively audit business practices and discover inefficient workflows. The specific aims of this project are (1) to develop machine learning approaches, based on intrasession utilization patterns, to streamline EHR interface configuration and detect anomalous sessions, (2) to design a data mining framework, based on intersession EHR access patterns, to characterize HCO departmental interactions in patient treatment and detect anomalous events, and (3) to infer patient management pathways to consolidate redundant processes and detect deviations from anticipated workflows. In support of these goals, we will evaluate, compare, and contrast the workflows and anomalies in the EHR systems of two large medical centers. Additionally, we will ensure that our methods are integrated into an open source software system that can assist HCOs to extract, transform, and load (ETL) access data from EHRs, analyze such data for anomalies, and visualize the results in interfaces that enable review by healthcare administrators and patients. In doing so, we will be able to compare and contrast behavior of the workflows and multiple institutions and develop methods that appropriately generalize across EHR systems.

描述（由申请人提供）：健康信息技术（HIT）可以降低成本，提高生产力，促进安全。为了大规模地实现这些益处，医疗保健组织（HCO）正在采用电子健康记录（EHR）来提供各种功能。然而，随着EHR和医疗保健工作人员的多样性增长，其复杂性也随之增加。这是一个令人担忧的问题，因为有证据表明，复杂的HIT可能会中断医疗服务，导致医疗错误，并使患者数据暴露于隐私泄露。此外，这类事件往往在秘密发生后才被发现，导致媒体的负面报道，失去病人的信任和制裁。联邦法规现在使患者能够接收在治疗、付款和手术相关活动期间访问其医疗记录的人的账户。然而，为了让患者理解这种解释，需要向他们提供关于在常规HCO活动的背景下访问正常程度的解释。我们认为，将特定的访问与医疗操作模式相关联可以帮助解释医疗记录是如何被利用的。不幸的是，许多上述问题的出现，因为EHR的利用模式很少指导医疗管理实践的设计和完善。因此，我们研究的首要目标是开发新的策略，以自动学习基于EHR使用的HCO行为。在过去的几年里，这一领域出现了一系列的活动，但它仍然处于起步阶段，只触及了护理模式和可以检测到的异常类型的表面。通过该项目，我们建议开发异常检测方法，集成医疗保健操作的语义，并允许随着时间的推移检测工作流程。这将使HCO和患者能够以有意义的方式进行审计。此外，我们相信此类数据挖掘策略的创新和传播将使HCO能够检测表明系统滥用的异常事件和需要特别关注的患者，而且还能有效地审计业务实践并发现低效的工作流程。该项目的具体目标是：（1）开发基于会话内使用模式的机器学习方法，以简化EHR接口配置并检测异常会话;（2）设计基于会话间EHR访问模式的数据挖掘框架，以表征HCO部门在患者治疗中的交互并检测异常事件，以及（3）推断患者管理路径以合并冗余过程并检测与预期工作流的偏差。为了支持这些目标，我们将评估，比较和对比两个大型医疗中心的EHR系统的工作流程和异常。此外，我们将确保我们的方法被集成到一个开源软件系统中，该系统可以帮助HCO从EHR中提取、转换和加载（ETL）访问数据，分析这些数据的异常情况，并在界面中可视化结果，以便医疗管理员和患者进行审查。在这样做的过程中，我们将能够比较和对比工作流程和多个机构的行为，并开发出适当推广EHR系统的方法。