Grid multi-category response logistic models.

BackgroundMulti-category response models are very important complements to binary logistic models in medical decision-making. Decomposing model construction by aggregating computation developed at different sites is necessary when data cannot be moved outside institutions due to privacy or other concerns. Such decomposition makes it possible to conduct grid computing to protect the privacy of individual observations.MethodsThis paper proposes two grid multi-category response models for ordinal and multinomial logistic regressions. Grid computation to test model assumptions is also developed for these two types of models. In addition, we present grid methods for goodness-of-fit assessment and for classification performance evaluation.ResultsSimulation results show that the grid models produce the same results as those obtained from corresponding centralized models, demonstrating that it is possible to build models using multi-center data without losing accuracy or transmitting observation-level data. Two real data sets are used to evaluate the performance of our proposed grid models.ConclusionsThe grid fitting method offers a practical solution for resolving privacy and other issues caused by pooling all data in a central site. The proposed method is applicable for various likelihood estimation problems, including other generalized linear models

pSCANNER: Patient-centered scalable national network for effectiveness research

pre-printThis article describes the patient-centered Scalable National Network for Effectiveness Research (pSCANNER), which is part of the recently formed PCORnet, a national network composed of learning healthcare systems and patient-powered research networks funded by the Patient Centered Outcomes Research Institute (PCORI). It is designed to be a stakeholder-governed federated network that uses a distributed architecture to integrate data from three existing networks covering over 21 million patients in all 50 states: (1) VA Informatics and Computing Infrastructure (VINCI), with data from Veteran Health Administration's 151 inpatient and 909 ambulatory care and community-based outpatient clinics; (2) the University of California Research exchange (UC-ReX) network, with data from UC Davis, Irvine, Los Angeles, San Francisco, and San Diego; and (3) SCANNER, a consortium of UCSD, Tennessee VA, and three federally qualified health systems in the Los Angeles area supplemented with claims and health information exchange data, led by the University of Southern California. Initial use cases will focus on three conditions: (1) congestive heart failure; (2) Kawasaki disease; (3) obesity. Stakeholders, such as patients, clinicians, and health service researchers, will be engaged to prioritize research questions to be answered through the network. We will use a privacy-preserving distributed computation model with synchronous and asynchronous modes. The distributed system will be based on a common data model that allows the construction and evaluation of distributed multivariate models for a variety of statistical analyses

Sisäisen uhan havaitseminen terveydenhuollon käyttölokeista

Sosiaali- ja terveydenhuollossa on siirrytty käyttämään sähköisiä potilastietoja. Potilasturvallisuuden takaamiseksi laki edellyttää keräämään lokitietoja niiden käytöstä. Käyttölokeista voidaan havaita käyttäjien suorittamaa potilastietojen väärinkäyttöä auditoimalla, mutta tietojen suuri määrä vaikeuttaa niiden manuaalista läpikäyntiä. Kun suurista tietomääristä yritetään löytää oleellista tietoa, samankaltaisuuksia ja poikkeavuuksia, voidaan hyödyntää tiedonlouhinta- ja koneoppimistekniikoita. Tekniikat ovat tärkeä osa väärinkäytön ja sisäisen uhan havaitsemiseksi kutsuttuja tutkimusaloja. Tutkielmassa etsittiin terveydenhuoltoon sopivia sisäisen uhan havaitsemismenetelmiä, jotka hyödyntävät käyttölokeja. Tutkimusmenetelmänä havaitsemismenetelmien etsintään käytettiin integroivaa kirjallisuuskatsausta, jonka aineistoon valikoitui 19 laatuarvioitua tieteellistä julkaisua. Sisällytetyt julkaisut vuosilta 2009–2019 kerättiin tietotekniikan alan tietokannoista. Tutkielman keskeisin tulos on itse kirjallisuuskatsaus, jossa esitellään aihealueen aiempia tutkimuksia ja muodostetaan synteesi. Synteesi sisältää tiivistetyn nykytilannekuvauksen sisäisen uhan havaitsemisratkaisuista terveydenhuoltoympäristössä. Toimiva järjestelmä selvittää, viittaako käyttölokitietue, käyttäjä tai potilas väärinkäyttöön. Järjestelmän havaitsemisstrategia hyödyntää yksinkertaisia sääntöjä, hälytysten priorisointia ja vähentämistä, suosittelua, normaalikäytön selitysmallinteita tai läheisyysmittoja. Järjestelmän kannalta tärkeitä tietoja ovat käyttölokit, organisaatio- ja hoitotiedot. Terveydenhuoltoon sopivien havaitsemismenetelmien löytäminen on mahdollista kirjallisuuskatsauksen avulla, vaikka yhtenäisten hakusanojen muodostaminen tuo haasteita. Katsaus osoitti, että soveltuvien menetelmien kokonaisuus on monipuolinen, ja että niiden avulla havaitsemistyötä on todennäköisesti mahdollista tehostaa. Lisäksi sisäisen uhan havaitsemisen tutkimusala on aktiivinen, joten uusia havaitsemisstrategioita voi löytyä lisää lähitulevaisuudessa. On todennäköistä, että terveydenhuoltoympäristön erityispiirteiden vuoksi tulevaisuudenkin ratkaisut nojaavat vahvasti käyttölokeihin. Jatkotutkimuksissa olisi syytä selvittää menetelmien käytännön soveltuvuutta suomalaisessa terveydenhuollossa olemassa olevien järjestelmien rinnalla

Data Analysis Techniques to Visualise Accesses to Patient Records in Healthcare Infrastructures

Access to Electronic Patient Record (EPR) data is audited heavily within healthcare infrastructures. However, it is often left untouched in a data silo and only accessed on an ad hoc basis. Users with access to the EPR infrastructure are able to access the data of almost any patient without reprimand. Very Important Patients (VIPs) are an exception, for which the audit logs are regularly monitored. Otherwise, only if an official complaint is logged by a patient are audit logs reviewed. Data behaviour within healthcare infrastructures needs proactive monitoring for malicious, erratic or unusual activity. In addition, external threats, such as phishing or social engineering techniques to acquire a clinician’s logon credentials, need to be identified. This paper presents research towards a system which uses data analysis and visualisation techniques deployed in a cloud setting. The system adds to the defence-in-depth of the healthcare infrastructures by understanding patterns of data for profiling users’ behaviour to enable the detection and visualisation of anomalous activities. The results demonstrate the potential of visualising accesses to patient records for the situational awareness of patient privacy officers within healthcare infrastructures

Establishing Situational Awareness for Securing Healthcare Patient Records

The healthcare sector is an appealing target to attackers due to the high value of patient data on the black market. Patient data can be profitable to illegal actors either through direct sale or extortion by ransom. Additionally, employees present a persistent threat as they are able to access the data of almost any patient without reprimand. Without proactive monitoring of audit records, data breaches go undetected and employee behaviour is not deterred. In 2016, 450 data breaches occurred affecting more than 27 million patient records. 26.8% of these breaches were due to hacking and ransomware. In May 2017, a global ransomware campaign adversely affected approximately 48 UK hospitals. Response to this attack, named WannaCry, resulted in hospital networks being taken offline, and non-emergency patients being refused care. Hospitals must maintain patient trust and ensure that the information security principles of Integrity, Availability and Confidentiality are applied to Electronic Patient Record EPR data. With over 83% of hospitals adopting EPRs, access to healthcare data needs to be monitored proactively for malicious activity. Therefore, this paper presents research towards a system that uses advanced data analytics techniques to profile user’s behaviour in order to identify patterns and anomalies. Visualisation techniques are then applied to highlight these anomalies to aid the situational awareness of patient privacy officers within healthcare infrastructures

Review of Fluorescence Guided Surgery Visualization and Overlay Techniques

In fluorescence guided surgery, data visualization represents a critical step between signal capture and display needed for clinical decisions informed by that signal. The diversity of methods for displaying surgical images are reviewed, and a particular focus is placed on electronically detected and visualized signals, as required for near-infrared or low concentration tracers. Factors driving the choices such as human perception, the need for rapid decision making in a surgical environment, and biases induced by display choices are outlined. Five practical suggestions are outlined for optimal display orientation, color map, transparency/alpha function, dynamic range compression, and color perception check

Whose Genome Is It Anyway?: Re-identification and Privacy Protection in Public and Participatory Genomics

This Comment advocates for a comprehensive solution to achieve the balance between privacy rights and availability of information. In particular, a strong ban on malicious re-identification and broader anti-discrimination and privacy legislation are necessary to ensure the participants\u27 privacy protection and encourage participation in genomics projects. In addition, the scientific community should establish data standards that can aid in implementation of protective measures to minimize privacy violations. Part II provides an overview of recent developments in genomic technologies and public and participatory genomics. Part III summarizes the privacy issues present in public genomics. Part IV reviews current legislation on genetic information and research participation, including their limitations. Part V proposes a multi-faceted solution, including legislative and research governance solutions to adequately balance participants\u27 privacy with information availability