Skip to Main Content
Health care informatics is growing at an incredible pace. Originally, health care organizations, like all other industries, used pen and paper to track medical information. Ten years ago the more mature health care organizations had simply practice management applications. Today, these organizations have full blown electronic health records systems. Tomorrow these organizations will be sharing information across the globe. Physicians (and the sponsoring organizations) are obligated to protect this data. Health care has followed the trend of many other industries in implementing technologies and processes to address certain risks. Encryption is enabled to ensure confidentiality. Business continuity techniques are applied to ensure system availability. However, there is no best practice solution that can be applied to the problem of detecting inappropriate activity. How can a hospital tell when Nurse Smith is "snooping" in medical records? How can a radiologist tell when a lab technician is feeding information to a law firm? This paper describes a system that will detect atypical behavior in a health care application. The first section will discuss the impetus for such a system. The second section will describe the design and implementation of this system. The third section will document a series of experiments showing the effectiveness of detecting atypical behavior and the analysis of whether said behavior was inappropriate.