Automated Detection of Anomalous Accesses to Electronic Health Records

自动检测电子健康记录的异常访问

• 批准号: 8882547
• 负责人: Bradley A. Malin
• 金额: $ 0.01万
• 依托单位: VANDERBILT UNIVERSITY
• 依托单位国家: 美国
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-30 至 2016-04-29
• 项目状态: 已结题
• 来源: https://reporter.nih.gov/project-details/8882547
• 关键词: Accounting; Administrator; Admission activity; Adopted; Architecture; Attention; Behavior; Businesses; Caring; Case Manager; Case Study; Clinical; Collaborations; Complement; Complex; Computer software; Data; Data Security; Detection; Documentation; Electronic Health Record; Employee; Engineering; Ensure; Entropy; Event; Goals; Grant; Graph; Healthcare; Healthcare Systems; Inpatients; Institution; Interdepartmental Relations; Internet; Lead; Learning; Machine Learning; Measures; Medical; Medical Errors; Medical Records; Medical center; Methods; Mining; Modeling; Molecular; Movement; Neonatal Intensive Care; Neonatology; Pathway interactions; Patient Care; Patients; Pattern; Patterns of Care; Phase; Practice Management; Primary Health Care; Privacy; Process; Productivity; Provider; Recording of previous events; Regulation; Research; Research Personnel; Safety; Semantics; Surface; Surveys; System; Techniques; Technology; Testing; Time; Trust; Variant; Work; base; care delivery; comparative; cost; data mining; design; follow-up; health information technology; infancy; innovation; novel strategies; open source; operation; organizational structure; payment; programs; software systems; ward

DESCRIPTION (provided by applicant): Health information technology (HIT) can lower costs, strengthen productivity, and promote safety. To realize such benefits on a large scale, healthcare organizations (HCOs) are adopting electronic health records (EHRs) to provide various capabilities. Yet, as EHRs and the healthcare workforce grow in diversity, so does their complexity. This is a concern because evidence suggests complex HIT can interrupt care delivery, contribute to medical errors, and expose patient data to privacy breaches. Moreover, such events tend to be discovered only after they transpire en masse, leading to negative media coverage, loss of patients' trust, and sanctions. Federal regulations now enable patients to receive accountings of who accessed their medical records during treatment, payment, and operations related activities. Yet, for patients to make sense of such accountings, they need to be provided with explanations regarding the extent to which accesses are normal in the context of routine HCO activities. We believe that relating specific accesses to patterns of healthcare operations can help explain how medical records are utilized. Unfortunately, many of the aforementioned problems manifest because EHR utilization patterns rarely guide the design and refinement of healthcare management practices. Thus, the overarching objective of our research is to develop novel strategies to automatically learn HCO behavior based on EHR usage. The past several years has witnessed a flurry of activity in this field, but it remains in is infancy and has only scratched the surface of care patterns and the types of anomalies that can be detected. Through this project, we propose to develop anomaly detection methods that integrate the semantics of healthcare operations and allow for the detection of workflows over time. This will enable HCOs and patients to audit in a meaningful way. Moreover, we believe the innovation and dissemination of such data mining strategies will enable HCOs to detect anomalous events that indicate system misuse and patients who require special attention, but also effectively audit business practices and discover inefficient workflows. The specific aims of this project are (1) to develop machine learning approaches, based on intrasession utilization patterns, to streamline EHR interface configuration and detect anomalous sessions, (2) to design a data mining framework, based on intersession EHR access patterns, to characterize HCO departmental interactions in patient treatment and detect anomalous events, and (3) to infer patient management pathways to consolidate redundant processes and detect deviations from anticipated workflows. In support of these goals, we will evaluate, compare, and contrast the workflows and anomalies in the EHR systems of two large medical centers. Additionally, we will ensure that our methods are integrated into an open source software system that can assist HCOs to extract, transform, and load (ETL) access data from EHRs, analyze such data for anomalies, and visualize the results in interfaces that enable review by healthcare administrators and patients. In doing so, we will be able to compare and contrast behavior of the workflows and multiple institutions and develop methods that appropriately generalize across EHR systems.

描述(申请人提供)：健康信息技术(HIT)可以降低成本，提高生产力，促进安全。为了大规模实现这些好处，医疗保健组织(HCO)正在采用电子健康记录(EHR)来提供各种功能。然而，随着EHR和医疗保健人员的多样性增加，他们的复杂性也在增加。这是一个令人担忧的问题，因为有证据表明，复杂的HIT可能会中断医疗服务的提供，导致医疗差错，并使患者数据暴露在隐私被侵犯的风险中。此外，此类事件往往只有在它们集体曝光后才会被发现，从而导致媒体负面报道、患者失去信任和制裁。联邦法规现在允许患者在治疗、付款和手术相关活动期间获得谁访问了他们的医疗记录的账目。然而，为了让患者理解这种解释，需要向他们解释在常规的HCO活动中，探视在多大程度上是正常的。我们认为，将特定的访问与医疗保健操作的模式联系起来，可以帮助解释如何利用医疗记录。不幸的是，前面提到的许多问题都很明显，因为EHR使用模式很少指导医疗保健管理实践的设计和改进。因此，我们研究的首要目标是开发新的策略来根据EHR的使用情况自动学习HCO行为。在过去的几年里，这一领域出现了一系列活动，但仍处于初级阶段，只是触及了护理模式和可以检测到的异常类型的皮毛。通过这个项目，我们建议开发异常检测方法，集成医疗保健操作的语义，并允许随着时间的推移检测工作流。这将使医生和病人能够以有意义的方式进行审计。此外，我们相信这种数据挖掘策略的创新和传播将使HCO能够检测到表明系统滥用和需要特别关注的患者的异常事件，但也可以有效地审计业务实践和发现效率低下的工作流程。该项目的具体目标是(1)开发基于会话内使用模式的机器学习方法，以简化EHR接口配置并检测异常会话；(2)设计基于会话间EHR访问模式的数据挖掘框架，以表征患者治疗中的HCO部门交互并检测异常事件；以及(3)推断患者管理路径以整合冗余流程并检测与预期工作流的偏差。为了支持这些目标，我们将评估、比较和对比两个大型医疗中心的EHR系统中的工作流程和异常情况。此外，我们将确保将我们的方法集成到一个开源软件系统中，该系统可以帮助HCO从EHR提取、转换和加载(ETL)访问数据，分析此类数据的异常情况，并在允许医疗保健管理员和患者审查的界面中可视化结果。通过这样做，我们将能够比较和对比工作流程和多个机构的行为，并开发出在整个EHR系统中适当推广的方法。