Automated Detection of Anomalous Accesses to Electronic Health Records

自动检测电子健康记录的异常访问

• 批准号: 8882547
• 负责人: Bradley A. Malin
• 金额: $ 0.01万
• 依托单位: VANDERBILT UNIVERSITY
• 依托单位国家: 美国
• 财政年份: 2009
• 资助国家: 美国
• 起止时间: 2009-09-30 至 2016-04-29
• 项目状态: 已结题
• 来源: https://reporter.nih.gov/project-details/8882547
• 关键词: Accounting; Administrator; Admission activity; Adopted; Architecture; Attention; Behavior; Businesses; Caring; Case Manager; Case Study; Clinical; Collaborations; Complement; Complex; Computer software; Data; Data Security; Detection; Documentation; Electronic Health Record; Employee; Engineering; Ensure; Entropy; Event; Goals; Grant; Graph; Healthcare; Healthcare Systems; Inpatients; Institution; Interdepartmental Relations; Internet; Lead; Learning; Machine Learning; Measures; Medical; Medical Errors; Medical Records; Medical center; Methods; Mining; Modeling; Molecular; Movement; Neonatal Intensive Care; Neonatology; Pathway interactions; Patient Care; Patients; Pattern; Patterns of Care; Phase; Practice Management; Primary Health Care; Privacy; Process; Productivity; Provider; Recording of previous events; Regulation; Research; Research Personnel; Safety; Semantics; Surface; Surveys; System; Techniques; Technology; Testing; Time; Trust; Variant; Work; base; care delivery; comparative; cost; data mining; design; follow-up; health information technology; infancy; innovation; novel strategies; open source; operation; organizational structure; payment; programs; software systems; ward

DESCRIPTION (provided by applicant): Health information technology (HIT) can lower costs, strengthen productivity, and promote safety. To realize such benefits on a large scale, healthcare organizations (HCOs) are adopting electronic health records (EHRs) to provide various capabilities. Yet, as EHRs and the healthcare workforce grow in diversity, so does their complexity. This is a concern because evidence suggests complex HIT can interrupt care delivery, contribute to medical errors, and expose patient data to privacy breaches. Moreover, such events tend to be discovered only after they transpire en masse, leading to negative media coverage, loss of patients' trust, and sanctions. Federal regulations now enable patients to receive accountings of who accessed their medical records during treatment, payment, and operations related activities. Yet, for patients to make sense of such accountings, they need to be provided with explanations regarding the extent to which accesses are normal in the context of routine HCO activities. We believe that relating specific accesses to patterns of healthcare operations can help explain how medical records are utilized. Unfortunately, many of the aforementioned problems manifest because EHR utilization patterns rarely guide the design and refinement of healthcare management practices. Thus, the overarching objective of our research is to develop novel strategies to automatically learn HCO behavior based on EHR usage. The past several years has witnessed a flurry of activity in this field, but it remains in is infancy and has only scratched the surface of care patterns and the types of anomalies that can be detected. Through this project, we propose to develop anomaly detection methods that integrate the semantics of healthcare operations and allow for the detection of workflows over time. This will enable HCOs and patients to audit in a meaningful way. Moreover, we believe the innovation and dissemination of such data mining strategies will enable HCOs to detect anomalous events that indicate system misuse and patients who require special attention, but also effectively audit business practices and discover inefficient workflows. The specific aims of this project are (1) to develop machine learning approaches, based on intrasession utilization patterns, to streamline EHR interface configuration and detect anomalous sessions, (2) to design a data mining framework, based on intersession EHR access patterns, to characterize HCO departmental interactions in patient treatment and detect anomalous events, and (3) to infer patient management pathways to consolidate redundant processes and detect deviations from anticipated workflows. In support of these goals, we will evaluate, compare, and contrast the workflows and anomalies in the EHR systems of two large medical centers. Additionally, we will ensure that our methods are integrated into an open source software system that can assist HCOs to extract, transform, and load (ETL) access data from EHRs, analyze such data for anomalies, and visualize the results in interfaces that enable review by healthcare administrators and patients. In doing so, we will be able to compare and contrast behavior of the workflows and multiple institutions and develop methods that appropriately generalize across EHR systems.

描述（由申请人提供）：健康信息技术 (HIT) 可以降低成本、提高生产力并促进安全。为了大规模实现这些好处，医疗保健组织 (HCO) 正在采用电子健康记录 (EHR) 来提供各种功能。然而，随着电子病历和医疗保健劳动力的多样化，它们的复杂性也随之增加。这是一个令人担忧的问题，因为有证据表明复杂的 HIT 可能会中断护理服务，导致医疗错误，并使患者数据面临隐私泄露。此外，此类事件往往只有在大规模发生后才会被发现，从而导致媒体负面报道、失去患者信任并受到制裁。联邦法规现在允许患者接收在治疗、付款和操作相关活动期间访问其医疗记录的人员的帐目。然而，为了让患者理解此类核算，需要向他们提供有关在常规 HCO 活动背景下访问正常程度的解释。我们相信，将特定访问权限与医疗保健运营模式联系起来有助于解释医疗记录的使用方式。不幸的是，上述许多问题之所以明显，是因为 EHR 使用模式很少指导医疗保健管理实践的设计和完善。因此，我们研究的首要目标是开发新的策略，根据 EHR 使用情况自动学习 HCO 行为。在过去的几年里，这一领域出现了一系列的活动，但它仍处于起步阶段，并且只触及了护理模式和可检测到的异常类型的表面。通过这个项目，我们建议开发异常检测方法，集成医疗保健操作的语义，并允许随着时间的推移检测工作流程。这将使 HCO 和患者能够以有意义的方式进行审核。此外，我们相信此类数据挖掘策略的创新和传播将使 HCO 能够检测表明系统滥用和需要特别关注的患者的异常事件，同时还能有效地审核业务实践并发现低效的工作流程。该项目的具体目标是 (1) 基于会话内利用模式开发机器学习方法，以简化 EHR 接口配置并检测异常会话，(2) 基于会话间 EHR 访问模式设计数据挖掘框架，以描述患者治疗中 HCO 部门互动的特征并检测异常事件，(3) 推断患者管理路径以整合冗余流程并检测与预期工作流程的偏差。为了支持这些目标，我们将评估、比较和对比两个大型医疗中心 EHR 系统的工作流程和异常情况。此外，我们将确保我们的方法集成到开源软件系统中，该系统可以帮助 HCO 从 EHR 中提取、转换和加载 (ETL) 访问数据，分析此类数据是否存在异常，并在可进行审核的界面中可视化结果由医疗保健管理者和患者。在此过程中，我们将能够比较和对比工作流程和多个机构的行为，并开发适当概括整个 EHR 系统的方法。