Forensic behavioral analysis lends itself to operational efficiency improvement

Forensic behavioral analysis lends itself to operational efficiency improvement

December 20, 2016
Health IT
From the December 2016 issue of HealthCare Business News magazine

By: Robert B. Kuller

Virtually everyone would be in agreement with the statement that operational analysis starts with answering the questions of “who, what, where, when, how and why.” It’s all about patterns of individual behavior and the related comparison of that person’s behavior to his/her peers. These comparisons can be made on a departmental, organizational or industry-wide basis. At its very core, all behavior is contextual. A perfectly explainable behavior in one situation can be completely inexplicable in another. Combine this with the concept of machine learning and you have the makings of a predictive analytics model, whereby patterns of behavior are recorded, interpreted, analyzed and forecast. This technology can be applied to privacy and insider threat risk mitigation at hospitals, and its use can also have a profound impact on hospital operational analysis, providing actionable recommendations for improvement.

In the hospital setting, a large number of employees are authorized to use the electronic medical record (EMR) system. Attempts to limit the numbers of authorized users have generally been unsuccessful since hospital administrators do not want to inhibit patient care activities and the EMR, like it or not, is the hub of patient care coordination. So, at its heart, patient privacy protection is both behavioral and contextual. Some of the typical questions that hospitals need to answer in this area are:

New & Refurbished C-Arm Systems. Call 702.384.0085 Today!

Quest Imaging Solutions provides all major brands of surgical c-arms (new and refurbished) and carries a large inventory for purchase or rent. With over 20 years in the medical equipment business we can help you fulfill your equipment needs



• For what reason did the authorized user access the EMR? Are authorized users accessing patient records for whom they are care team members, or are they just snooping for information? Is this an isolated incident or a problematic pattern of behavior?

• Is the user’s behavior, in terms of tasks performed, typical of the role he/she plays on the care team? For instance, a nurse who does not typically complete discharge summaries performs eight of them on his/her shift. Completing a discharge summary by itself is not an anomalous event, yet this behavior, in the context of the fact that this particular individual rarely, if ever, performs this specific task, may necessitate further investigation.

• Are users’ location and timeline consistent with their previous behavior patterns? For instance, why would a pharmacist be accessing the patient’s record from the maintenance department at 3 a.m. when the normal shift is 7 a.m. to 4 p.m.? Is there a legitimate explanation? Has someone stolen their login credentials, or is something even worse going on? How are any of these questions going to be answered without extensive use of behavioral analytics in a contextual setting? Luckily, through the use of multiple search engines, the EMR’s metadata can be analyzed concerning the who, what, where, when and how of these events. The privacy office is still charged with determining the why.

You Must Be Logged In To Post A Comment