1 / 40

Automatic Detection of Policies from Electronic Medical Record Access Logs

Automatic Detection of Policies from Electronic Medical Record Access Logs. John M. Paulett †, Bradley Malin†‡ † Department of Biomedical Informatics ‡ Department of Electrical Engineering and Computer Science Vanderbilt University. TRUST Autumn Conference November 11, 2008.

castor-barron
Download Presentation

Automatic Detection of Policies from Electronic Medical Record Access Logs

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Automatic Detection of Policies from Electronic Medical Record Access Logs John M. Paulett †, Bradley Malin†‡ † Department of Biomedical Informatics ‡ Department of Electrical Engineering and Computer Science Vanderbilt University TRUST Autumn Conference November 11, 2008

  2. Privacy in Healthcare Sensitive Data • Patients speak with expectation of confidentiality • Socially taboo diagnoses • Employment • HIPAA

  3. TRUST Language for specifying temporal policies • Barth et al. Framework for integrating policies with system and workflow models • Werner et al. Model Integrated Clinical Information System (MICIS) • Mathe et al.

  4. Status TRUST tool to formally specify, model, and managing policies in the context of existing and evolving clinical information systems But, where do these policies come from?

  5. External Threat Success with standard security best-practices

  6. Insider Threat Motivation • Celebrities • Friends / Neighbors • Coworkers • Spouse (divorce) Evidence of misuse • 6 fired, 80 re-trained – University of California, Davis • 13 fired for looking at Britney Spears’ record – March 2008 • George Clooney – October 2007

  7. Protecting Against Insiders • Access Control • Limit users to only the set of patients they need to care for • Stop improper accesses from occurring • Auditing • Catch improper accesses after the fact

  8. Access Control in Healthcare Upfront definition of policies is problematic • “Experts” have incomplete knowledge • Healthcare is dynamic: workflows and interactions change faster than experts can define them “False Positives” cause a negative impact on clinical workflow and potentially patient harm • “Break the glass”

  9. Auditing in Healthcare Huge amount of data, every day: • Hundreds to thousands of providers • Millions of patients Which accesses are improper?

  10. Current Auditing

  11. Current Auditing Vanderbilt University Medical Center • 1 Privacy Officer • 2 staff Auditing focus • Monitor celebrities • Monitor employee-employee access • Follow-up on external suspicion • Spot checks

  12. Our Goal Inform Policy Definition Tools • Werner et al. • Barth et al. Assist auditing by defining what is normal

  13. Our Approach Characterize normal operations, workflows, and relationships • Use access logs as proxy for this information

  14. Our Approach Relational Network • Two providers related if they access the record of the same patient • Strength of the relationship  # records accessed in common Association Rules • What is the probability that we see two users or two departments interacting together? • Head → Body • Confidence - probability of seeing the Body, given the Head • Support - probability of seeing the Head and the Body

  15. Association Rules Geriatric Psychology Ob-Gyn Neonatology 1 patient 172 patients

  16. Association Rules Geriatric Psychology Ob-Gyn Neonatology 1 patient 172 patients Strong Relationship

  17. Association Rules Geriatric Psychology Ob-Gyn Neonatology 1 patient 172 patients Weak Relationship

  18. HORNET Healthcare Organization Relational Network Extraction Toolkit Open Source Easy and informative tool for privacy officials Rich platform for developers

  19. Design Goals Easily handle healthcare sized networks • 103 to 104 nodes • 106 to 107 edges Easily configurable for users Extendable by developers Log format agnostic

  20. Plugins HORNET Core Task API Parallel & Distributed Computation Association Rule Mining Network API Social Network Analysis File API Network Visualization Network Abstraction File Network Builder Database Network Builder … Graph, Node, Edge, Network Statistics Noise Filtering CSV … Database API Oracle, MySQL, Etc.

  21. Plugin Architecture Plugin Chaining • Plugins use Observer Pattern to notify each other • Allows complex piping of results between plugins • Chains defined in configuration file

  22. Plugin Configuration Association Rule Mining Social Network Analysis Network Abstraction File Network Builder Network Visualization

  23. Results from Vanderbilt 5 months of access logs from StarPanel, Vanderbilt’s EMR > 9000 users > 350,000 patients > 7,500,000 views

  24. Edge Distribution • Distribution of Relationships per User in 1 week

  25. Decay of Relationships How long do relationships last? Healthcare is dynamic!

  26. Department Relationships Relationships (edges) between departments (nodes)

  27. Department Relationships 20 departments with most relationships labeled

  28. Association Rules For 16 weeks, 55,944 department-department rules (unfiltered)

  29. Association Rules Sample of rules with high support

  30. Association Rules Sample of rules with high confidence and occurring at least 3 weeks

  31. Future Plans Temporal relationships • Find if certain users or departments are predictive of a patient seeing another user or department Filter Network • Remove noise, keep important relationships User interface • Tool for privacy officers to examine their organization’s logs

  32. Future Plans Evaluation of rules by privacy and domain experts Integrate with MICIS access control system • Werner et al., Barth et al., Mathe et al.

  33. Acknowledgements NSF grant CCF-0424422, the Team for Research in Ubiquitous Secure Technologies Dr. Randolph Miller and Kathleen Benitez Dr. Dario Giuse and David Staggs NetworkX, Numpy, Cython, Matplotlib

  34. More Information http://hiplab.mc.vanderbilt.edu/projects/hornet john.paulett@vanderbilt.edu

  35. Appendix

  36. Developer Documentation

  37. Writing a Plugin

  38. Configuration File

  39. Care Provider Relationships Children’s Hospital

More Related