research-article

Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits

Authors:
He Zhang

Northwestern University

Northwestern University
View Profile

,
Sanjay Mehotra

Northwestern University

Northwestern University
View Profile

,
David Liebovitz

Northwestern University

Northwestern University
View Profile

,
Carl A. Gunter

University of Illinois at Urbana-Champaign

University of Illinois at Urbana-Champaign
View Profile

,
Bradley Malin

Vanderbilt University

Vanderbilt University
View Profile

ACM Transactions on Management Information Systems Volume 4 Issue 4Article No.: 17pp 1–20https://doi.org/10.1145/2544102

Published:01 December 2013Publication History

ACM Transactions on Management Information Systems

Abstract

In electronic medical record (EMR) systems, administrators often provide EMR users with broad access privileges, which may leave the system vulnerable to misuse and abuse. Given that patient care is based on a coordinated workflow, we hypothesize that care pathways can be represented as the progression of a patient through a system and introduce a strategy to model the patient’s flow as a sequence of accesses defined over a graph. Elements in the sequence correspond to features associated with the access transaction (e.g., reason for access). Based on this motivation, we model patterns of patient record usage, which may indicate deviations from care workflows. We evaluate our approach using several months of data from a large academic medical center. Empirical results show that this framework finds a small portion of accesses constitute outliers from such flows. We also observe that the violation patterns deviate for different types of medical services. Analysis of our results suggests greater deviation from normal access patterns by nonclinical users. We simulate anomalies in the context of real accesses to illustrate the efficiency of the proposed method for different medical services. As an illustration of the capabilities of our method, it was observed that the area under the receiver operating characteristic (ROC) curve for the Pediatrics service was found to be 0.9166. The results suggest that our approach is competitive with, and often better than, the existing state-of-the-art in its outlier detection performance. At the same time, our method is more efficient, by orders of magnitude, than previous approaches, allowing for detection of thousands of accesses in seconds.

References

Amatayakul, M. 2009. Think a privacy breach couldn’t happen at your facility? Hospital Financial Manage. 12, 61--65.Google Scholar
Appari, A. and Johnson, M. 2011. Information security and privacy in healthcare: Current state of research. Int. J. Internet Enterprise Manage. 6, 279--314.Google ScholarCross Ref
Asaro, P. V. and Ries, J. E. 2001. Data mining in medical record access logs. In Proceedings of the American Medical Informatics Association Annual Symposium. 855.Google Scholar
Ash, J. S., Berg, M., and Coiera, E. 2004. Some unintended consequences of information technology in health care: The nature of patient care information system-related errors. J. Amer. Med. Informatics Assoc. 11, 2, 104--112.Google ScholarCross Ref
Bansal, G., Zahedi, F., and Gefen, D. 2010. The impact of personal dispositions on information sensitivity, privacy concern and trust in disclosing health information online. Decision Support Syst. 49, 138--150. Google ScholarDigital Library
Bhatti, R. and Grandison, T. 2007. Towards improved privacy policy coverage in healthcare using policy refinement. In Proceedings of the Secure Data Management Workshop 4721, 158--173. Google ScholarDigital Library
Blobel, B. 2004. Authorisation and access control for electronic health record systems. Int. J. Med. Informatics 73, 3, 251--257.Google ScholarCross Ref
Bosch, M., Faber, M. J., Cruijsberg, J., Voerman, G. E., Leatherman, S., Grol, R. P., Hulscher, M., and Wensing, M. 2009. Review article: Effectiveness of patient care teams and the role of clinical expertise and coordination: A literature review. Med. Care Res. and Rev. 66, 6 Suppl., 5S--35S.Google ScholarCross Ref
Boxwala, A. A., Kim, J., Grillo, J. M., and Ohno-Machado, L. 2011. Using statistical and machine learning to help institutions detect suspicious access to electronic health records. J. Amer. Med. Informatics Assoc. 18, 498--505.Google ScholarCross Ref
Buntin, M. B., Jain, S. H., and Blumenthal, D. 2010. Health information technology: Laying the infrastructure for national health reform. Health Affairs 29, 6, 1214--1219.Google ScholarCross Ref
Campbell, E. M., Sittig, D. F., Ash, J. S., Guappone, K. P., and Dykstra, R. H. 2006. Types of unintended consequences related to computerized provider order entry. J. Amer. Med. Informatics Assoc. 13, 5, 547--556.Google ScholarCross Ref
Campbell, H., Hotchkiss, R., Bradshaw, N., and Porteous, M. 1998. Integrated care pathways increase use of guidelines. British Med. J. 316, 133--137.Google ScholarCross Ref
Cavusoglu, H., Mishra, B., and Raghunathan, S. 2005. The value of intrusion detection systems in information technology security architecture. Inform. Syst. Res. 16, 1, 28--46. Google ScholarDigital Library
Chaudhry, B., Wang, J., Wu, S., Maglione, M., Mojica, W., Roth, E., Morton, S. C., and Shekelle, P. G. 2006. Systematic review: Impact of health information technology on quality, efficiency, and costs of medical care. Ann. Intern. Med. 144, 10, 742--752.Google ScholarCross Ref
Chen, W.-H., Hsu, S.-H., and Shen, H.-P. 2005. Application of SVM and ANN for intrusion detection. Comput. Op. Res. 32, 2617--2634. Google ScholarDigital Library
Chen, Y. and Malin, B. 2011. Detection of anomalous insiders in collaborative environments via relational analysis of access logs. In Proceedings of 1st ACM Conference on Data and Application Security and Privacy. 63--74. Google ScholarDigital Library
Chen, Y., Nyemba, S., and Malin, B. 2012a. Auditing medical records accesses via healthcare interaction networks. In Proceedings of the American Medical Informatics Association Annual Symposium. 93--102.Google Scholar
Chen, Y., Nyemba, S., Zhang, W., and Malin, B. 2012b. Specializing network analysis to detect anomalous insider actions. Security Informatics 1, 5, 1--24.Google ScholarCross Ref
Chou, C., Du, T., and Lai, V. S. 2007. Continuous auditing with a multi-agent system. Decis. Supp. Syst. 42, 2274--2292. Google ScholarDigital Library
Davis, D. and Having, K. 2006. Compliance with HIPAA security standards in U.S. hospitals. J. Healthcare Inform. Manage. 20, 108--115.Google Scholar
Dimick, C. 2010. A guide to California’s breaches: First year of state reporting requirement reveals common privacy violations. J. Amer. Health Inform. Manage. Assoc. 81, 34--36.Google Scholar
Fabbri, D. and LeFevre, K. 2011. Explanation-based auditing. In Proceedings of the VLDB Endowment, 5. 1--12. Google ScholarDigital Library
Fabbri, D. and LeFevre, K. 2013. Explaining accesses to electronic medical records using diagnosis information. J. Amer. Med. Informatics Assoc. 20, 1, 52--60.Google ScholarCross Ref
Ferreira, A., Correia, R. J. C., Antunes, L., Farinha, P., Oliveira-Palhares, E., Chadwick, D. W., and da Costa Pereira, A. 2006. How to break access control in a controlled manner. In Proceedings of 19th IEEE International Symposium on Computer-Based Medical Systems. 847--854. Google ScholarDigital Library
Gallagher, R. J., Sengupta, S., Hripcsak, G., Barrows, R. C., and Clayton, P. D. 1998. An audit server for monitoring usage of clinical information systems. In Proceedings of the American Medical Informatics Association Annual Symposium.Google Scholar
Georgiadis, C., Mavridis, I., Nikolakopoulou, G., and Pangalos, G. 2002. Implementing context and team based access control in healthcare intranets. Med. Informatics Internet Medicine 27, 185--201.Google ScholarCross Ref
Goldberg, I. V. 2000. Electronic medical records and patient privacy. Health Care Manager 18, 3, 63--69.Google ScholarCross Ref
Goldschmidt, P. G. 2005. Hit and mis: Implications of health information technology and medical information systems. Comm. ACM 48, 10, 68--74. Google ScholarDigital Library
Gunter, C. A., Liebovitz, D., and Malin, B. 2011. Experience-based access management: A life-cycle framework for identity and access management systems. IEEE Security Privacy 9, 5, 48--55. Google ScholarDigital Library
Holton, C. 2009. Identifying disgruntled employee systems fraud risk through text mining: A simple solution for a multi-billion dollar problem. Decision Supp. Syst. 46, 853--864. Google ScholarDigital Library
Jakkula, V. R. and Cook, D. J. 2008. Anomaly detection using temporal data mining in a smart home environment. Methods Inform. Medicine 47, 1, 70--75.Google ScholarCross Ref
Jakkula, V. R., Crandall, A. S., and Cook, D. J. 2008. Advanced Intelligent Environments. Chapter Enhancing anomaly detection using temporal pattern discovery, 175--194, Spriger.Google Scholar
Kannampallil, T. G., Schauer, G. F., Cohen, T., and Patel, V. L. 2011. Considering complexity in healthcare systems. J. Biomed. Informatics 44, 6, 943--947. Google ScholarDigital Library
Kim, J., Grillo, J. M., Boxwala, A. A., Jiang, X., Mandelbaum, R. B., Patel, B. A., Mikels, D., Vinterbo, S. A., and Ohno-Machado, L. 2011. Anomaly and signature filtering improve classifier performance for detection of suspicious access to ehrs. In Proceedings of the American Medical Informatics Association Annual Symposium. 723--731.Google Scholar
King, J. T., Smith, B., and Williams, L. 2012. Modifying without a trace: General audit guidelines are inadequate for open-source electronic health record audit mechanisms. In Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium. 305--314. Google ScholarDigital Library
Kwon, J. and Johnson, M. 2013. Security practices and regulatory compliance in the healthcare industry. J. Amer. Med. Informatics Assoc. 20, 1, 44--50.Google ScholarCross Ref
Lane, T. and Brodley, C. E. 1999. Temporal sequence learning and data reduction for anomaly detection. ACM Trans. Inform. Syst. Secur. 2, 3, 295--331. Google ScholarDigital Library
Le, X., T. Doll, Barbosu, M., Luque, Z., and Wang, D. 2012. An enhancement of the role-based access control model to facilitate information access management in context of team collaboration and workflow. J. Biomed. Informatics 45, 1084--1107. Google ScholarDigital Library
Lee, H. and Chang, S. 2012. RBAC-matrix-based EMR rights management system to improve HIPAA compliance. J. Med. Syst 36, 2981--2992. Google ScholarDigital Library
Li, X., Xue, Y., and Malin, B. 2012. Detecting anomalous behaviors in workflow-driven web applications. In Proceedings of the 31st IEEE International Symposium on Reliable Distributed Systems. 1--10. Google ScholarDigital Library
Loomis, G. A., Ries, J. S., Saywell, R. M., and Thakker, N. R. 2002. If electronic medical records are so great, why aren’t family physicians using them? J. Family Practice 51, 7, 636--641.Google Scholar
Ludwick, D. A. and Doucette, J. 2009. Adopting electronic medical records in primary care: lessons learned from health information systems implementation experience in seven countries. Int. J. Med. Informatics 78, 1, 22--31.Google ScholarCross Ref
Malin, B., Nyemba, S., and Paulett, J. 2011. Learning relational policies from electronic health record access logs. J. Biomed. Informatics 44, 2, 333--342. Google ScholarDigital Library
Manos, D. September 12 2012. Four reasons for CIOs to celebrate stage 2 meaningful use. Gov. Health IT Mag.Google Scholar
Marinovic, S., Craven, R., Ma, J., and Dulay, N. 2011. Rumpole: A flexible break-glass access control model. In Proceedings of the 16th ACM Symposium on Access Control Models and Technologies. 73--82. Google ScholarDigital Library
Menon, A., Jiang, X., Kim, J., Vaidya, J., and Ohno-Machado, L. 2013. Detecting inappropriate access to electronic health records using collaborative filtering. Mach. Learn., 1--1.Google Scholar
Motta, G. and Furuie, S. 2003. A contextual role-based access control authorization model for electronic patient records. IEEE Trans. Inform. Technol. Biomed. 7, 202--207. Google ScholarDigital Library
Park, J. S., Sandhu, R., and Ahn, G.-J. 2001. Role-based access control on the Web. ACM Trans. Inform. Syst. Secur. 4, 1, 37--71. Google ScholarDigital Library
Peleg, M., Beimel, D., Dori, D., and Denekamp, Y. 2008. Situation-Based Access Control: Privacy management via modeling of patient data access scenarios. J. Biomed. Informatics 41, 6, 1028--1040. Google ScholarDigital Library
Pizziferri, L., Kittler, A. F., Volk, L. A., Honour, M. M., Gupta, S., Wang, S., Wang, T., Lippincott, M., Li, Q., and Bates, D. W. 2005. Primary care physician time utilization before and after implementation of an electronic health record: A time-motion study. J. Biomed. Informatics 38, 3, 176--188. Google ScholarDigital Library
Probst, C. W., Hansen, R. R., and Nielson, F. 2007. Where can an insider attack? In Proceedings of the 4th International Conference on Formal Aspects in Security and Trust. 127--142. Google ScholarDigital Library
R Development Core Team. 2008. R: A Language and Environment for Statistical Computing. R Foundation for Statistical Computing, Vienna, Austria.Google Scholar
Rostad, L. and Nytro, O. 2006. A study of access control requirements for healthcare systems based on audit trails from access logs. In Proceedings of the 22nd Annual Computer Security Applications Conference. 175--186. Google ScholarDigital Library
Sandhu, R. and Samarati, P. 1994. Access control: Principle and practice. IEEE Comm. Mag. 32, 40--48. Google ScholarDigital Library
Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. 1996. Role-based access control. IEEE Comput. 26, 38--47. Google ScholarDigital Library
Schoenberg, R. and Safran, C. 2000. Internet based repository of medical records that retains patient confidentiality. British Med. J. 321, 1199--1203.Google ScholarCross Ref
Schultz, E. 2002. A framework for understanding and predicting insider attacks. Comput. Security 21, 526--531.Google ScholarDigital Library
Smith, E. and Eloff, J. 1999. Security in health-care information systems---Current trends. Int. J. Med. Informatics 54, 39--54.Google ScholarCross Ref
Stolfo, S., Bellovin, S., Hershkop, S., Keromytis, A., Sinclair, S., and Smith, S. 2008. Insider Attack and Cyber Security: Beyond the Hacker. Springer, New York, NY. Google ScholarDigital Library
Sun, J., Tao, D., and Faloutsos, C. 2006. Beyond streams and graphs: Dynamic tensor analysis. In Proceedings of KDD. 374--383. Google ScholarDigital Library
Ye, N., Li, X., Chen, Q., Emran, S. M., and Xu, M. 2001. Probabilistic techniques for intrusion detection based on computer audit data. IEEE Trans. Syst., Man, and Cybern. A, Syst. Humans 31, 4, 266--274. Google ScholarDigital Library
Zhang, L., Ahn, G.-J., and Chu, B.-T. 2003. A rule-based framework for role-based delegation and revocation. ACM Trans. Inform. Syst. Security 6, 3, 404--441. Google ScholarDigital Library
Zhang, W., Gunter, C. A., Liebovitz, D., Tian, J., and Malin, B. 2011. Role prediction using electronic medical record system audits. In Proceedings of the American Medical Informatics Association Annual Symposium. 858--867.Google Scholar
Zhou, Z. and Liu, B. J. 2005. HIPAA compliant auditing system for medical images. Comput. Med. Imaging Graphics 29, 2--3, 235--241.Google ScholarCross Ref

Recommendations

Anomaly detection: A survey

Anomaly detection is an important problem that has been researched within diverse research areas and application domains. Many anomaly detection techniques have been specifically developed for certain application domains, while others are more generic. ...
Read More
Detection of anomalous insiders in collaborative environments via relational analysis of access logs
CODASPY '11: Proceedings of the first ACM conference on Data and application security and privacy

Collaborative information systems (CIS) are deployed within a diverse array of environments, ranging from the Internet to intelligence agencies to healthcare. It is increasingly the case that such systems are applied to manage sensitive information, ...
Read More
Modifying without a trace: general audit guidelines are inadequate for open-source electronic health record audit mechanisms
IHI '12: Proceedings of the 2nd ACM SIGHIT International Health Informatics Symposium

Without adequate audit mechanisms, electronic health record (EHR) systems remain vulnerable to undetected misuse. Users could modify or delete protected health information without these actions being traceable. The objective of this paper is to assess ...
Read More

Comments

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Published in
ACM Transactions on Management Information Systems Volume 4, Issue 4
Special Issue on Informatics for Smart Health and Wellbeing
December 2013
124 pages
ISSN:2158-656X
EISSN:2158-6578
DOI:10.1145/2555810
Editor:
Hsinchun Chen
University of Arizona
Issue’s Table of Contents
Copyright © 2013 ACM
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
- Published: 1 December 2013
- Accepted: 1 November 2013
- Revised: 1 October 2013
- Received: 1 December 2012
Published in tmis Volume 4, Issue 4

Permissions
Request permissions about this article.
Request Permissions

Check for updates
Author Tags
Anomaly detection
audit
data mining
electronic medical record systems
graph-based analysis
temporal systems
Qualifiers
- research-article
- Research
- Refereed
Conference
Funding Sources
Other Metrics
View Article Metrics

Article Metrics
- 28
  Total Citations
  View Citations
- 661
  Total Downloads
- Downloads (Last 12 months)22
- Downloads (Last 6 weeks)2
Other Metrics
View Author Metrics
Cited By
View all

PDF Format

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits

ACM Transactions on Management Information Systems

Abstract

References

Cited By

Recommendations

Anomaly detection: A survey

Detection of anomalous insiders in collaborative environments via relational analysis of access logs

Modifying without a trace: general audit guidelines are inadequate for open-source electronic health record audit mechanisms

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Other Metrics

Article Metrics

Other Metrics

Cited By

PDF Format

eReader

Digital Edition

Caption

Mining Deviations from Patient Care Pathways via Electronic Medical Record System Audits

ACM Transactions on Management Information Systems

Abstract

References

Cited By

Recommendations

Anomaly detection: A survey

Detection of anomalous insiders in collaborative environments via relational analysis of access logs

Modifying without a trace: general audit guidelines are inadequate for open-source electronic health record audit mechanisms

Comments

Login options

Full Access

Published in

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Funding Sources

Article Metrics

Other Metrics

PDF Format

eReader

Digital Edition

Share this Publication link

Share on Social Media