Facilitating patient and administrator analyses of electronic health record accesses

Duffy, Eric

Permalink

https://hdl.handle.net/2142/45545 Copy

Description

Title

Facilitating patient and administrator analyses of electronic health record accesses

Author(s)

Duffy, Eric

Issue Date

2013-08-22T16:47:17Z

Director of Research (if dissertation) or Advisor (if thesis)

Gunter, Carl A.

Department of Study

Computer Science

Discipline

Computer Science

Degree Granting Institution

University of Illinois at Urbana-Champaign

Degree Name

M.S.

Degree Level

Thesis

Keyword(s)

• Electronic Health Records
• Software Engineering
• Audit Logs
• Anomaly Detection
• Healthcare Security

Abstract

The past two decades in the United States have ushered in an era of increasing ubiquity of digitized healthcare as the speed and sophistication of technology follows an ever-growing trend. Electronic health records (EHRs) are an integral part of the growing healthcare industry which offers ease of access and new functionality while simultaneously causing worries over their privacy and security. In an effort to address these concerns, much legislation has been enacted in order to tighten the oversight and requirements for accessing protected health information (PHI). Most recently, the Department of Health and Human Services has released rulemaking which requires providers utilizing EHRs to comply with patients’ requests for logs of the accesses to their records. In this work, we outline our system for complying with this regulation while easing the burden of compli- ance for providers and simultaneously providing patients with informative and satisfying information about why their accounts were accessed. We implement a system called the Multiview Audit Interface (MAI) which utilizes recent research in the data mining and anomaly detection communities to provide a unified interface for conveniently using these algorithms for patients and administrators. We then test this system on a de- identified access log from Northwestern Memorial Hospital containing months of audit data. We construct a framework for implementing these algorithms as modules, thereby recycling existing code, encouraging multi-faceted comprehensions of their results, and offering an easy-to-use interface that administrators and patients can use alike. We demonstrate the the power of three modules currently implemented and show how the extensibility of the framework can be harvested to develop modules in the future.

Graduation Semester

2013-08

Permalink

http://hdl.handle.net/2142/45545

Copyright and License Information

Copyright 2013 Eric Duffy

Owning Collections