1 / 8

Context-aware Anomaly Detection for Electronic Medical Record Systems

Xiaowei Li Prof. Yuan Xue , Dept. of EECS, Vanderbilt University You Chen Prof. Bradley Malin , Dept. of Bio-informatics, Vanderbilt University USENIX HealthSec ’11 San Francisco, CA August, 9, 2011. Context-aware Anomaly Detection for Electronic Medical Record Systems. Background.

abie
Download Presentation

Context-aware Anomaly Detection for Electronic Medical Record Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Xiaowei Li Prof. Yuan Xue, Dept. of EECS, Vanderbilt University You Chen Prof. Bradley Malin, Dept. of Bio-informatics, Vanderbilt University USENIX HealthSec ’11 San Francisco, CA August, 9, 2011 Context-aware Anomaly Detection for Electronic Medical Record Systems

  2. Background • EMR system is a critical component in today’s Health Information Architecture, integrated with a variety of clinical systems, including laboratory, pharmacy, billing, decision support, etc. • EMR helps streamline clinical workflow, facilitate information sharing and health service delivery. • However, data security & privacy is challenging: • Keep the confidentiality and integrity (tamper-resistant) of patient data. • Comply with various regulations & policies, such as HIPPA, etc. • …

  3. EMR Security Landscape Clinical policy &guideline not guarded. Can be bypassed by masquerader, password sharing EMR Application (e.g. web portal) Firewall Patient Data Context-aware IDS Authentication Access Control Hosting OS Cannot scale well and handle dynamics Cannot handle insider threat Cannot handle insider threat

  4. Context-aware Anomaly Detection • Objective: build an intrusion detection system (IDS), specially tailored to the EMR system, leveraging knowledge & traces from clinical environment. • Key: extract differentiating features that accurately characterize the unique behaviors of EMR users based on historical user sessions. Traces Feature Extraction & Modeling Runtime Detection Response Engine Clinical Context (e.g. organization info, user role, diagnosis codes)

  5. Clinical Workflow • A clinical workflow is a sequence of operations performed on the patient record by the caregiver during the patient receives healthcare services. User Session Clinical Workflow Check Bill.lab Prescribe Bill Check Bob.lab Prescribe Bob Caregiver (Role) Patient (Diagnosis) Treatment Guideline Check lab Prescribe Bill Nancy Check lab test before prescribe Bob

  6. Three-tier Workflow Model • 1st Tier: profiling user behavior for each user/role; • 2nd Tier: decompose a session into a set of record-oriented clinical workflows. • 3rd Tier: indicating the treatment guideline applicable for the patient, involving multiple users/roles. • Modeling techniques: action set/sequence. • Other challenges: user behavior may migrate/evolve with time; a patient associated with multiple disorders. User Session Model Intra-session Record-oriented Workflow Model Across-session Record Access Workflow Model

  7. Thanks! Problem & approach Modeling technique Implementation Evaluation

  8. Challenges • Traditional Mechanisms: • Authentication • Access control: RBAC, EBAC [5], etc. • Network firewall, hardening operating systems and software (e.g., web portal) • … • A unique challenging landscape in clinical environment: • Authentication can be bypassed (e.g., password sharing, masquerader) • Access control may not scale well with the dynamics and coarse-grained implementation allows for privilege abuse/misuse. • Traditional IDS cannot handle insider threats. • Moreover, clinical treatment guidelines are too complex to be modeled and explicitly enforced, which make space for guideline violation. • ….

More Related