U.S. patent application number 13/860030 was filed with the patent office on 2014-09-18 for graphical representations of time-ordered data.
This patent application is currently assigned to CERNER INNOVATION, INC.. The applicant listed for this patent is CERNER INNOVATION, INC.. Invention is credited to DAVID LEE EDWARDS.
Application Number | 20140278539 13/860030 |
Document ID | / |
Family ID | 51531924 |
Filed Date | 2014-09-18 |
United States Patent
Application |
20140278539 |
Kind Code |
A1 |
EDWARDS; DAVID LEE |
September 18, 2014 |
GRAPHICAL REPRESENTATIONS OF TIME-ORDERED DATA
Abstract
Methods, systems, and computer-storage media are provided for
generating graphical representations of audit events. A
party-of-interest is represented by a central node, and one or more
peripheral nodes surrounding the central node represent parties
having electronic records accessed by the party-of-interest during
a selected time frame. The size of the peripheral nodes represents
a frequency of access of the node's respective electronic record.
Each of the peripheral nodes is actionable enabling a user to view
information related to the audit event.
Inventors: |
EDWARDS; DAVID LEE; (KANSAS
CITY, MO) |
|
Applicant: |
Name |
City |
State |
Country |
Type |
CERNER INNOVATION, INC. |
Lenexa |
KS |
US |
|
|
Assignee: |
CERNER INNOVATION, INC.
Lenexa
KS
|
Family ID: |
51531924 |
Appl. No.: |
13/860030 |
Filed: |
April 10, 2013 |
Related U.S. Patent Documents
|
|
|
|
|
|
Application
Number |
Filing Date |
Patent Number |
|
|
61783356 |
Mar 14, 2013 |
|
|
|
Current U.S.
Class: |
705/3 ;
705/30 |
Current CPC
Class: |
G06Q 10/10 20130101;
G16H 10/60 20180101 |
Class at
Publication: |
705/3 ;
705/30 |
International
Class: |
G06Q 50/24 20060101
G06Q050/24; G06Q 40/00 20060101 G06Q040/00 |
Claims
1. One or more computer-storage media having computer-executable
instructions embodied thereon that, when executed by a computing
device, cause the computing device to generate a graphical user
interface (GUI) for visually representing time-ordered audit events
related to a party-of-interest, the GUI comprising: at least a
first timeline configured to enable selection of a time period; a
first actionable central node representing the party-of-interest;
and a first set of actionable peripheral nodes surrounding the
central node, each peripheral node of the first set of peripheral
nodes representing a party having an electronic record accessed by
the party-of-interest during the selected time period.
2. The GUI of claim 1, wherein a size associated with each
peripheral node of the first set of peripheral nodes is dependent
upon a frequency of access of the each peripheral node's respective
electronic record by the party-of-interest.
3. The GUI of claim 2, wherein a larger size is associated with a
greater frequency of access of the each peripheral node's
respective electronic record, and wherein a smaller size is
associated with a lesser frequency of access of the each peripheral
node's respective electronic record.
4. The GUI of claim 2, wherein a larger size is associated with a
lesser frequency of access of the each peripheral node's respective
electronic record, and wherein a smaller size is associated with a
greater frequency of access of the each peripheral node's
respective electronic record.
5. The GUI of claim 2, wherein the first set of peripheral nodes
updates in real time upon selection of a different time period.
6. The GUI of claim 2, wherein the first central node and the first
set of peripheral nodes are graphically represented by a
circle.
7. The GUI of claim 2, wherein interaction with each peripheral
node of the first set of peripheral nodes initiates presentation of
an identity of the peripheral node's respective party.
8. The GUI of claim 2, wherein selection of a peripheral node of
the first set of peripheral nodes initiates presentation of a
second GUI, the second GUI comprising: at least the first timeline
configured to enable selection of a time period; a first display
area configured to present an indication of the party-of-interest
and the party associated with the selected peripheral node; and a
clockwise timeline having one or more icons overlaid at points in
time, each icon of the one or more icons representing an audit
event between the party-of-interest and the party associated with
the selected peripheral node, the clockwise timeline having bounds
corresponding to the selected time period.
9. The GUI of claim 2, wherein selection of a peripheral node of
the first set of peripheral nodes initiates presentation of a
second GUI, the second GUI comprising: at least the first timeline
configured to enable selection of a time period; a second
actionable central node representing the party associated with the
selected peripheral node; and a second set of actionable peripheral
nodes surrounding the central node, each peripheral node of the
second set of peripheral nodes representing a party-of-interest who
has accessed the party's electronic record during the selected time
period.
10. One or more computer-storage media having computer-executable
instructions embodied thereon that, when executed by a computing
device, cause the computing device to generate a graphical user
interface (GUI) for visually representing an audit log history
related to a clinician, the GUI comprising: at least a first
timeline configured to enable the selection of a time period; a
first actionable central node representing the clinician; and a
first set of actionable peripheral nodes surrounding the first
central node, each peripheral node of the first set of peripheral
nodes representing a patient having an electronic medical record
(EMR) accessed by the clinician during the selected time
period.
11. The GUI of claim 10, wherein a size associated with each
peripheral node of the first set of peripheral nodes indicates a
frequency of access of the patient's EMR during the selected time
period.
12. The GUI of claim 11, wherein a larger size indicates a higher
frequency of access of the patient's EMR during the selected time
period, and wherein a smaller size indicates a lesser frequency of
access of the patient's EMR during the selected time period.
13. The GUI of claim 11, wherein a smaller size indicates a higher
frequency of access of the patient's EMR during the selected time
period, and wherein a larger size indicates a lesser frequency of
access of the patient's EMR during the selected time period.
14. The GUI of claim 10, wherein each peripheral node of the first
set peripheral nodes is connected to the first central node by an
arrow, each arrow pointing in a direction of access of the
peripheral node's respective EMR.
15. The GUI of claim 10, wherein selection of a peripheral node of
the first set of peripheral nodes initiates presentation of a
second GUI, the second GUI comprising: at least the first timeline
configured to enable selection of a time period; a second
actionable central node representing the patient associated with
the selected peripheral node; and a second set of peripheral nodes
surrounding the second central node, each peripheral node of the
second set of peripheral nodes representing a clinician who
accessed the patient's EMR during the selected time period.
16. The GUI of claim 15, wherein a size associated with each
peripheral node of the second set of peripheral nodes indicates a
frequency of access of the patient's EMR by the peripheral node's
respective clinician.
17. The GUI of claim 10, further comprising one or more filters
each filter representing a different type of audit event, selection
of which restricts the first set of peripheral nodes to patients
having an EMR accessed by the clinician for the selected type of
audit event.
18. One or more computer-storage media having computer-executable
instructions embodied thereon that, when executed by a computing
device, cause the computing device to generate a graphical user
interface (GUI) for visually representing a time-ordered sequence
of audit events related to a clinician and a patient, the GUI
comprising: at least a first timeline configured to enable
selection of a time period; a first display area configured to
present an indication of the clinician and the patient, the patient
having an electronic medical record (EMR) accessed by the
clinician; a clockwise timeline having one or more icons overlaid
at points in time where the patient's EMR was accessed by the
clinician, the clockwise timeline having bounds corresponding to
the selected time period.
19. The GUI of claim 18, wherein each icon of the one or more icons
represents a different type of audit event.
20. The GUI of claim 19, wherein interaction with each of the one
or more icons initiates presentation of a patient-specific summary
associated with the audit event represented by the icon.
Description
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] This application, having attorney docket number CRNI.181248,
claims the benefit of priority of U.S. Provisional Application No.
61/783,356, filed Mar. 14, 2013 and entitled "Graphical
Representations of Time-Ordered Data." The entirety of the
aforementioned application is incorporated by reference herein.
BACKGROUND
[0002] In order to comply with laws governing information security,
such as the Health Insurance Portability and Accountability Act
(HIPAA), certain institutions must maintain audit logs that track
how often customer electronic records are accessed, the reasons for
accessing the records (e.g., documentation, modification, etc.),
and the identities of users who are accessing the electronic
records. Examples of institutions include healthcare facilities,
financial institutions, educational institutions, and the like.
[0003] Most commercial tools for querying audit logs employ some
form of report generation based loosely on the concept of
relational queries. Many of the reports are batch-oriented in
nature because of the computational and input/output demands
necessary to conduct the underlying queries. As well, these reports
are often presented in the form of two-dimensional tables. While
these reports may be sufficient to meet information security
requirements, they are not necessarily intuitive and efficient for
end users nor do they facilitate the exploration of audit events
related to a particular user.
SUMMARY
[0004] This Summary is provided to introduce a selection of
concepts in a simplified form that are further described below in
the Detailed Description. This Summary is not intended to identify
key features or essential features of the claimed subject matter,
nor is it intended to be used as an aid in determining the scope of
the claimed subject matter. The present invention is defined by the
claims.
[0005] In brief and at a high level, this disclosure describes,
among other things, methods, systems, and computer-storage media
for presenting graphical representations of time-ordered audit
events. The time-ordered audit events may represent instances where
customer electronic records have been accessed by a
party-of-interest during a specified time frame. The electronic
records may include financial records, educational records, health
records, insurance records, and the like.
[0006] In one aspect, the party-of-interest is a clinician and the
audit events represent instances where the clinician has accessed
patient electronic medical records (EMRs). For example, a
healthcare facility may become suspicious of the activities of the
clinician, or a patient may have filed a complaint alleging some
sort of privacy breach. In response to either of these two
situations, the healthcare facility may wish to view an audit log
of EMR accesses during a specified time frame and details
associated with each access. An intuitive and easy-to-use graphical
user interface (GUI) is needed to facilitate this process.
[0007] As such, the present invention provides for a GUI that
utilizes, in one aspect, timelines that enable a user to select a
desired time frame, a central node representing the
party-of-interest, and one or more peripheral nodes representing
parties having electronic records that have been accessed by the
party-of-interest during the selected time frame. As used
throughout this application, the term "party-of-interest" refers to
a person employed or associated with a facility maintaining an
audit log and who has access rights to electronic records kept by
the facility. Exemplary parties-of-interest include clinicians,
bank officers, teachers, administrators, and the like. The term
"party" refers to an entity who receives services provided by the
facility. As such, the party may refer to a customer, a patient, a
student, and the like. The size of the peripheral nodes provides an
indication of how frequently the electronic records were accessed.
As well, both the central node and the peripheral nodes are
actionable allowing a user to quickly gather information regarding,
for example, the identity of the party-of-interest, the parties,
and/or options for viewing additional information regarding the
electronic record access.
[0008] In another aspect, the present invention provides for a GUI
that utilizes one or more timelines configured to enable a user to
select a time frame, a central node representing a party (e.g., a
patient who is alleging a privacy breach), and one or more
peripheral nodes representing parties-of-interest who have accessed
the party's electronic records during the specified time frame. The
size of the peripheral nodes indicates how frequently the party's
electronic record was accessed by the node's respective
party-of-interest Like above, both the central node and the
peripheral nodes are actionable allowing a user to access
information regarding, for example, the identity of the
parties-of-interest, the party, and/or options for viewing
additional information regarding the electronic record access.
[0009] In yet another aspect, the present invention provides for a
GUI that utilizes one or more timelines configured to enable a user
to select a desired time frame, a display area providing an
indication of a party and a party-of-interest, and a clockwise
timeline having one or more icons overlaid at different points in
time; the bounds of the clockwise timeline correspond to the
specified time frame. The icons represent different types of audit
events associated with the party and the party-of-interest. For
instance, using healthcare as an example, one audit event may be
the clinician accessing the patient's EMR to order a medication,
while another audit event may be the clinician accessing the
patient's EMR to document a clinical note. The icons are
actionable, and interaction with an icon can initiate the
presentation of a summary of the associated audit event.
BRIEF DESCRIPTION OF THE DRAWINGS
[0010] Embodiments are described in detail below with reference to
the attached drawing figures, wherein:
[0011] FIG. 1 is a block diagram of an exemplary computing
environment suitable to implement embodiments of the present
invention;
[0012] FIG. 2 is a block diagram of an exemplary system for
visually representing time-ordered data related to a
party-of-interest suitable to implement embodiments of the present
invention;
[0013] FIG. 3 is an exemplary graphical user interface having a
central node representing a party-of-interest and one or more
peripheral nodes representing parties having electronic records
accessed by the party-of-interest during a specified time frame in
accordance with an embodiment of the present invention;
[0014] FIG. 4 is an exemplary graphical user interface having a
central node representing a party and one or more peripheral nodes
representing parties-of-interest who have accessed electronic
records associated with the party during a specified time frame in
accordance with an embodiment of the present invention; and
[0015] FIG. 5 is an exemplary graphical user interface having a
clockwise timeline with icons overlaying points in time
corresponding to audit-type events between a party and a
party-of-interest in accordance with an embodiment of the present
invention.
DETAILED DESCRIPTION
[0016] The subject matter of the present invention is described
with specificity herein to meet statutory requirements. However,
the description itself is not intended to limit the scope of this
patent. Rather, the inventors have contemplated that the claimed
subject matter might also be embodied in other ways, to include
different steps or combinations of steps similar to the ones
described in this document, in conjunction with other present or
future technologies. Moreover, although the terms "step" and/or
"block" may be used herein to connote different elements of methods
employed, the terms should not be interpreted as implying any
particular order among or between various steps herein disclosed
unless and except when the order of individual steps is explicitly
described.
[0017] Embodiments of the present invention are directed to
methods, systems, and computer-storage media for presenting
graphical representations of time-ordered audit events. The
time-ordered audit events may represent instances where electronic
records associated with one or more parties have been accessed by a
party-of-interest during a specified time frame. As mentioned, the
term "party-of-interest" refers to a person employed or associated
with a facility maintaining an audit log and who has access rights
to electronic records kept by the facility. Exemplary
parties-of-interest include clinicians, bank officers,
administrators, teachers, and the like. The term "party" refers to
an entity who receives services provided by the facility. As such,
the party may refer to a customer, a patient, a student, and the
like. The electronic records may include financial records,
educational records, health records, insurance records, and the
like.
[0018] An exemplary computing environment suitable for use in
implementing embodiments of the present invention is described
below. FIG. 1 is an exemplary computing environment (e.g.,
medical-information computing-system environment) with which
embodiments of the present invention may be implemented. The
computing environment is illustrated and designated generally as
reference numeral 100. The computing environment 100 is merely an
example of one suitable computing environment and is not intended
to suggest any limitation as to the scope of use or functionality
of the invention. Neither should the computing environment 100 be
interpreted as having any dependency or requirement relating to any
single component or combination of components illustrated
therein.
[0019] The present invention might be operational with numerous
other purpose computing system environments or configurations.
Examples of well-known computing systems, environments, and/or
configurations that might be suitable for use with the present
invention include personal computers, server computers, hand-held
or laptop devices, multiprocessor systems, microprocessor-based
systems, set top boxes, programmable consumer electronics, network
PCs, minicomputers, mainframe computers, distributed computing
environments that include any of the above-mentioned systems or
devices, and the like.
[0020] The present invention might be described in the general
context of computer-executable instructions, such as program
modules, being executed by a computer. Exemplary program modules
comprise routines, programs, objects, components, and data
structures that perform particular tasks or implement particular
abstract data types. The present invention might be practiced in
distributed computing environments where tasks are performed by
remote processing devices that are linked through a communications
network. In a distributed computing environment, program modules
might be located in association with local and/or remote computer
storage media (e.g., memory storage devices).
[0021] With continued reference to FIG. 1, the computing
environment 100 comprises a computing device in the form of a
control server 102. Exemplary components of the control server 102
comprise a processing unit, internal system memory, and a suitable
system bus for coupling various system components, including data
store 104, with the control server 102. The system bus might be any
of several types of bus structures, including a memory bus or
memory controller, a peripheral bus, and a local bus, using any of
a variety of bus architectures. Exemplary architectures comprise
Industry Standard Architecture (ISA) bus, Micro Channel
Architecture (MCA) bus, Enhanced ISA (EISA) bus, Video Electronic
Standards Association (VESA) local bus, and Peripheral Component
Interconnect (PCI) bus, also known as Mezzanine bus.
[0022] The control server 102 typically includes therein, or has
access to, a variety of non-transitory computer-readable media.
Computer-readable media can be any available media that might be
accessed by control server 102, and includes volatile and
nonvolatile media, as well as, removable and nonremovable media. By
way of example, and not limitation, computer-readable media may
comprise computer storage media and communication media. Computer
storage media includes both volatile and nonvolatile, removable and
non-removable media implemented in any method or technology for
storage of information such as computer-readable instructions, data
structures, program modules or other data. Computer storage media
includes, but is not limited to, RAM, ROM, EEPROM, flash memory or
other memory technology, CD-ROM, digital versatile disks (DVD) or
other optical disk storage, magnetic cassettes, magnetic tape,
magnetic disk storage or other magnetic storage devices, or any
other medium which can be used to store the desired information and
which can be accessed by control server 102. Communication media
typically embodies computer-readable instructions, data structures,
program modules or other data in a modulated data signal such as a
carrier wave or other transport mechanism and includes any
information delivery media. The term "modulated data signal" means
a signal that has one or more of its characteristics set or changed
in such a manner as to encode information in the signal. By way of
example, and not limitation, communication media includes wired
media such as a wired network or direct-wired connection, and
wireless media such as acoustic, RF, infrared and other wireless
media. Combinations of any of the above should also be included
within the scope of computer-readable media.
[0023] The control server 102 might operate in a computer network
106 using logical connections to one or more remote computers 108.
Remote computers 108 might be located at a variety of locations in
a medical or research environment, including clinical laboratories
(e.g., molecular diagnostic laboratories), hospitals and other
inpatient settings, veterinary environments, ambulatory settings,
medical billing and financial offices, hospital administration
settings, home healthcare environments, and clinicians' offices.
Clinicians may comprise a treating physician or physicians;
specialists such as surgeons, radiologists, cardiologists, and
oncologists; emergency medical technicians; physicians' assistants;
nurse practitioners; nurses; nurses' aides; pharmacists;
dieticians; microbiologists; laboratory experts; laboratory
technologists; genetic counselors; researchers; veterinarians;
students; and the like. The remote computers 108 might also be
physically located in nontraditional medical care environments so
that the entire healthcare community might be capable of
integration on the network. The remote computers 108 might be
personal computers, servers, routers, network PCs, peer devices,
other common network nodes, or the like and might comprise some or
all of the elements described above in relation to the control
server 102. The devices can be personal digital assistants or other
like devices.
[0024] Computer networks 106 comprise local area networks (LANs)
and/or wide area networks (WANs). Such networking environments are
commonplace in offices, enterprise-wide computer networks,
intranets, and the Internet. When utilized in a WAN networking
environment, the control server 102 might comprise a modem or other
means for establishing communications over the WAN, such as the
Internet. In a networking environment, program modules or portions
thereof might be stored in association with the control server 102,
the data store 104, or any of the remote computers 108. For
example, various application programs may reside on the memory
associated with any one or more of the remote computers 108. It
will be appreciated by those of ordinary skill in the art that the
network connections shown are exemplary and other means of
establishing a communications link between the computers (e.g.,
control server 102 and remote computers 108) might be utilized.
[0025] In operation, an organization might enter commands and
information into the control server 102 or convey the commands and
information to the control server 102 via one or more of the remote
computers 108 through input devices, such as a keyboard, a pointing
device (commonly referred to as a mouse), a trackball, or a touch
pad. Other input devices comprise microphones, satellite dishes,
scanners, or the like. Commands and information might also be sent
directly from a remote healthcare device to the control server 102.
In addition to a monitor, the control server 102 and/or remote
computers 108 might comprise other peripheral output devices, such
as speakers and a printer.
[0026] Although many other internal components of the control
server 102 and the remote computers 108 are not shown, such
components and their interconnection are well known. Accordingly,
additional details concerning the internal construction of the
control server 102 and the remote computers 108 are not further
disclosed herein.
[0027] Turning now to FIG. 2, an exemplary computing system
environment 200 is depicted suitable for use in implementing
embodiments of the present invention. The computing system
environment 200 is merely an example of one suitable computing
system environment and is not intended to suggest any limitation as
to the scope of use or functionality of embodiments of the present
invention. Neither should the computing system environment 200 be
interpreted as having any dependency or requirement related to any
single module/component or combination of modules/components
illustrated therein.
[0028] The computing system environment 200 includes a graphical
generator 210, a data store 212, and an end-user computing device
214 all in communication with one another via a network 216. The
network 216 may include, without limitation, one or more local area
networks (LANs) or wide area networks (WANs). The network 216 may
be a secure network associated with a facility such as a healthcare
facility, a financial institution, an educational institution, and
the like. The secure network 216 may require that a user log in and
be authenticated in order to send and/or receive information over
the network 216.
[0029] In some embodiments, one or more of the illustrated
components/modules may be implemented as stand-alone applications.
In other embodiments, one or more of the illustrated
components/modules may be integrated directly into the operating
system of the graphical generator 210. The components/modules
illustrated in FIG. 2 are exemplary in nature and in number and
should not be construed as limiting. Any number of
components/modules may be employed to achieve the desired
functionality within the scope of embodiments hereof. Further,
components/modules may be located on any number of servers. By way
of example only, the graphical generator 210 might reside on a
server, a cluster of servers, or a computing device remote from one
or more of the remaining components.
[0030] It should be understood that this and other arrangements
described herein are set forth only as examples. Other arrangements
and elements (e.g., machines, interfaces, functions, orders, and
groupings of functions, etc.) can be used in addition to or instead
of those shown, and some elements may be omitted altogether.
Further, many of the elements described herein are functional
entities that may be implemented as discrete or distributed
components or in conjunction with other components/modules, and in
any suitable combination and location. Various functions described
herein as being performed by one or more entities may be carried
out by hardware, firmware, and/or software. For instance, various
functions may be carried out by a processor executing instructions
stored in memory.
[0031] The data store 212 is configured to store information for
use by, for example, the graphical generator 210 and/or the
end-user computing device 214. The information stored in
association with the data store 212 is configured to be searchable
for one or more items of information stored in association
therewith. The information stored in association with the data
store 212 may comprise general information used by the graphical
generator 210 and/or the end-user computing device 214.
[0032] In one aspect, the data store 212 may store audit logs kept
by an entity. As used throughout this application, the term "audit
log" or "audit trail" refers to chronological records of system
activities that enable the reconstruction and examination of the
sequence of events and/or changes in an event. More specifically,
the term audit log may refer to chronological records of customer
electronic record access and details associated with such access.
As described above, the entity may include financial institutions,
educational institutions, healthcare facilities, and the like.
[0033] With respect to healthcare facilities, in addition to audit
logs, the data store 212 may store electronic medical records
(EMRs) of patients associated with the healthcare facility. EMRs
may comprise electronic clinical documents such as images, clinical
notes, orders, summaries, reports, analyses, or other types of
electronic medical documentation relevant to a particular patient's
condition and/or treatment. Electronic clinical documents contain
various types of information relevant to the condition and/or
treatment of a particular patient and can include information
relating to, for example, patient identification information,
images, alert history, culture results, physical examinations,
vital signs, past medical histories, surgical histories, family
histories, histories of present illnesses, current and past
medications, allergies, symptoms, past orders, completed orders,
pending orders, tasks, lab results, other test results, patient
encounters and/or visits, immunizations, physician comments, nurse
comments, other caretaker comments, and a host of other relevant
clinical information.
[0034] The content and volume of such information in the data store
212 are not intended to limit the scope of embodiments of the
present invention in any way. Further, though illustrated as a
single, independent component, the data store 212 may, in fact, be
a plurality of storage devices, for instance, a database cluster,
portions of which may reside on the graphical generator 210, the
end-user computing device 214, and/or any combination thereof.
[0035] As shown, the end-user computing device 214 includes a
display screen 215. The display screen 215 is configured to display
information to the user of the end-user computing device 214, for
instance, information relevant to communications initiated by
and/or received by the end-user computing device 214, graphical
representations of audit events, and/or the like. Embodiments are
not intended to be limited to visual display but rather may also
include audio presentation, combined audio/visual presentation, and
the like. The end-user computing device 214 may be any type of
display device suitable for presenting a graphical user interface.
Such computing devices may include, without limitation, a computer,
such as, for example, any of the remote computers 108 described
above with reference to FIG. 1. Other types of display devices may
include tablet PCs, PDAs, mobile phones, smart phones, as well as
conventional display devices such as televisions. Interaction with
the graphical user interface may be via a touch pad, a pointing
device, and/or gestures.
[0036] Components of the graphical generator 210 may include a
processing unit, internal system memory, and a suitable system bus
for coupling various system components, including one or more data
stores for storing information (e.g., files and metadata associated
therewith). The graphical generator 210 typically includes, or has
access to, a variety of computer-readable media.
[0037] The computing system environment 200 is merely exemplary.
While the graphical generator 210 is illustrated as a single unit,
it will be appreciated that the graphical generator 210 is
scalable. For example, the graphical generator 210 may in actuality
include a plurality of computing devices in communication with one
another. Moreover, the data store 212, or portions thereof, may be
included within, for instance, the graphical generator 210 as a
computer-storage medium. The single unit depictions are meant for
clarity, not to limit the scope of embodiments in any form.
[0038] As shown in FIG. 2, the graphical generator 210 comprises a
receiving component 218 and a rendering component 220. In some
embodiments, one or more of the components 218 and 220 may be
implemented as stand-alone applications. In other embodiments, one
or more of the components 218 and 220 may be integrated directly
into the operating system of a computing device such as the remote
computer 108 of FIG. 1. It will be understood that the components
218 and 220 illustrated in FIG. 2 are exemplary in nature and in
number and should not be construed as limiting. Any number of
components may be employed to achieve the desired functionality
within the scope of embodiments hereof.
[0039] The receiving component 218 is configured to receive user
selections, commands, filters, requests, or inputs. User selections
and/or requests may include requests for graphical representations
of audit events. Further, the user is able to select different
views of the audit events. For instance, one request may be for a
graphical representation of electronic records accessed by a
party-of-interest during a specified time frame. Another request
may be for a graphical representation of all parties-of-interest
who have accessed a specified party's electronic records during a
specified time frame. An additional request may be for a graphical
representation of a detail view of audit events relating to a
specified party-of-interest and a party.
[0040] The rendering component 220 is configured to utilize audit
logs stored in association with the data store 212 in order to
respond to the requests received by the receiving component 218. As
such, the rendering component 220 is configured to render graphical
representations of audit events on a graphical user interface (GUI)
that may be presented on the display screen 215 of the end-user
computing device 214.
[0041] Turning now to FIGS. 3-6, FIGS. 3-6 depict exemplary GUIs
illustrating the presentation of graphical representations of audit
events. FIG. 3 depicts a GUI 300 in which the party-of-interest is
represented by a central node 314 and one or more peripheral nodes,
e.g., nodes 316a, 316b, and 316c, surrounding the central node 314
represent parties having electronic records accessed by the
party-of-interest during a specified time frame. Although only the
nodes 316a-c are numbered and referenced in the GUI 300, the
following discussion is applicable to all of the peripheral nodes
shown in the GUI 300. The GUI 300 may be especially useful in
situations where a facility suspects that a party-of-interest may
be in violation of information security requirements.
[0042] The party-of-interest represented by the central node 314
and the parties represented by the peripheral nodes 316a-c may be
represented by circles as shown. Other ways of representing the
party-of-interest and the parties are contemplated. For example,
the nodes 314 and/or 316a-c may be represented by other geometric
shapes such as squares, triangles, ovals, diamonds, and the like.
Additionally, the nodes 314 and/or 316a-c may be represented by
stylized icons corresponding to a person, or a picture of the party
or party-of-interest represented by the node. Any and all such
variations, and any combination thereof, are contemplated as being
within the scope of the invention. As well, depending on the amount
of available screen real estate, the party-of-interest and/or the
parties' names may be presented in association with the nodes 314
and/or 316a-c.
[0043] Arrows, such as arrow 318 indicate a direction of access.
For example, the arrow 318 indicates that the party-of-interest
represented by the central node 314 accessed the electronic record
of the party represented by the peripheral node 316a instead of
vice versa.
[0044] The GUI 300 further includes timelines 310 and 312. The
timeline 310 represents a coarse-grained timeline covering a time
period from the inception of the audit log to the current point in
time. The timeline 310 includes a bi-directional slider 311 that
enables a user to select a time period in months and years. The
timeline 312 represents a fine-grained timeline having a range
corresponding to the range selected by the slider 311 on the
coarse-grained timeline 310. The timeline 312 includes a
bi-directional slider 313 that enables a user to select a time
period in months and days. The use of timelines 310 and 312 enables
a user to quickly narrow in on the time period in question.
[0045] Changing the specified time frame using either the
bi-directional slider 311 and/or the bi-directional slider 313
causes the number of peripheral nodes presented on the GUI 300 to
automatically update in real time. For example, a user may
initially select a time frame corresponding to Apr. 1, 2011-May 1,
2011. In response to the selection, a first set of peripheral nodes
is presented corresponding to parties having electronic records
accessed during the selected time frame by the party-of-interest
represented by the central node 314. The user may then select a
time frame corresponding to Apr. 1, 2011-Aug. 1, 2011. The number
of peripheral nodes may dynamically increase because the number of
electronic records accessed by the party-of-interest would likely
be greater since the time span is longer.
[0046] The size of the peripheral nodes, such as the peripheral
nodes 316a, 316b, and 316c, represents the frequency with which the
node's respective electronic record was accessed by the
party-of-interest. In one aspect, a larger-sized node indicates a
greater frequency of access and a smaller-sized node indicates a
lesser frequency of access. Thus, with respect to FIG. 3, the
party's electronic record associated with the peripheral node 316c
has been accessed at a higher frequency than the electronic records
associated with the peripheral nodes 316a and 316b. In another
aspect, a larger-sized node indicates a lesser frequency of access
and a smaller-sized node indicates a greater frequency of access.
Any and all such aspects, and any combination thereof, are
contemplated as being within the scope of the invention.
[0047] Each of the nodes 314 and 316a-c is actionable. Interaction
via, for example, hovering over the central node 314 and/or
peripheral nodes 316a-c may initiate the presentation of
user-identifying information for the party and/or party-of-interest
represented by the node. With respect to the party-of-interest
represented by the central node 314, user-identifying information
may include name, role description, access rights associated with
the party-of-interest, how long the party-of-interest has been
associated with the company maintaining the audit logs, and the
like. With respect to the parties represented by the peripheral
nodes 316a-c, user-identifying information may include name,
date-of-birth, address, gender, identifiers (e.g., customer ID),
date of service, and the like.
[0048] Selection via, for example, a right or left mouse click
and/or a tapping gesture of a peripheral node such as the
peripheral node 316a, may automatically initiate a new GUI such as
the GUI shown in FIG. 4, or may initiate the presentation of a set
of options. One option may be for the presentation of a GUI where
the party represented by the selected peripheral node 316a is
presented as the central node and peripheral nodes represent
parties-of-interest who have accessed the party's electronic
records during a specified time frame (e.g., the GUI shown in FIG.
4). Another option may be for the presentation of a GUI where
details concerning the audit events between the party represented
by the selected peripheral node 316a and the party-of-interest
represented by the central node 314 are depicted on a circular
timeline (e.g., the GUI shown in FIG. 5).
[0049] Although not shown, the GUI 300 may also include an area
that presents one or more filters. Selection of a filter restricts
the peripheral nodes to those nodes that meet the filter criteria.
Exemplary filters may include filters based on the gender of the
party represented by the peripheral nodes, filters corresponding to
party roles (employee, customer, etc.), filters corresponding to
specific types of audit events such as accessing an electronic
record to place an order, make a change to a document, or create a
new document, filters based on location such as the venue or
facility in which the audit event took place, filters corresponding
to a IP address or a device ID that indicate the device used to
access the electronic record, and/or customized filters. A
displayed filter may be presented in association with a numerical
indicator (displayed adjacent to the filter name) that provides an
indication of the number of results in the result set for that
filter. For instance, "Female (17)" indicates that there are 17
results in the result set for the female filter. Using healthcare
as an example, a healthcare facility may suspect that Clinician A
is improperly prescribing narcotic medications. The healthcare
facility may select a medication filter that restricts the
peripheral nodes to those patients whose EMRs were accessed by
Clinician A in order to prescribe narcotic medications.
[0050] Turning now to FIG. 4, FIG. 4 depicts a GUI 400 where a
central node 414 represents a party and one or more peripheral
nodes surrounding the central node 414, e.g., peripheral nodes 416a
and 416b, represent parties-of-interest who have accessed the
party's electronic record during a specified time frame. Although
only the peripheral nodes 416a and 416b are numbered and referenced
in the GUI 400, the discussion that follows is applicable to all of
the peripheral nodes shown in the GUI 400. The GUI 400 may be
presented in response to a selection of one of the options
discussed with respect to the GUI 300 (e.g., the options that are
presented when a user selects or otherwise interacts with one of
the peripheral nodes 316a-c). The GUI 400 may be especially useful
in those situations where the party represented by the central node
414 alleges a privacy breach, and the facility wishes to view
parties-of-interest who have accessed the party's electronic
records during a specified time frame. Arrows, such as arrow 418,
represent the direction of access of the electronic record. For
example, the arrow 418 indicates that the party-of-interest
associated with the node 416a accessed the electronic record of the
party represented by the central node 414 and not vice versa.
[0051] Like above, the party and the parties-of-interest may be
represented by circles as shown. Other ways of representing the
party and the parties-of-interest include other geometric shapes,
icons, pictures, and the like. The name of the party and/or the
parties-of-interest may be presented on the central node 414 and/or
the peripheral nodes 416a-b when space permits.
[0052] The GUI 400 also includes timelines 410 and 412 similar to
the timelines 310 and 312 of FIG. 3. The timelines 410 and 412 will
reflect the same timeframes as those selected using the timelines
310 and 312 unless otherwise changed by the user. Thus, the
timeline 410 represents a coarse-grained timeline covering a time
frame from the inception of the audit log to the current point in
time. The timeline 410 includes a bi-direction slider 411 that
enables the selection of a time period in months and years. The
timeline 412 represents a fine-grained timeline having a range
corresponding to the range selected by the slider 411. The timeline
413 also includes a bi-directional slider 413 that enables the
selection of a time period in days and months. Changing the
specified time frame using the bi-directional sliders 411 and/or
413 causes the peripheral nodes to dynamically update to reflect
the parties-of-interest that have accessed the party's electronic
record during the new time frame.
[0053] The size of the peripheral nodes, such as the peripheral
nodes 416a-b, reflects the frequency with which the
parties-of-interest represented by the peripheral nodes 416a-b have
accessed the party's electronic record. In one aspect, a
larger-sized peripheral node indicates a greater frequency of
access and a smaller-sized peripheral node indicates a lesser
frequency of access. Thus, with respect to FIG. 4, the
party-of-interest represented by the peripheral node 416a has
accessed the party's electronic record more frequently than the
party-of-interest represented by the peripheral node 416b. In
another aspect, a smaller-sized peripheral node indicates a greater
frequency of access and a larger-sized node indicates a lesser
frequency of access. Any and all such variations, and any
combination thereof, are contemplated as being within the scope of
the invention.
[0054] Each of the nodes 414 and 416a-b is actionable. Interaction
via, for example, hovering over the central node 414 and/or
peripheral nodes 416a-b may initiate the presentation of
user-identifying information for the party and/or party-of-interest
represented by the node. With respect to the party represented by
the central node 414, user-identifying information may include
name, date-of-birth, address, gender, identifiers (e.g., customer
ID), date of service, and the like. With respect to the
parties-of-interest represented by the peripheral nodes 416a-b,
user-identifying information may include name, role description,
access rights associated with the party-of-interest, how long the
party-of-interest has been associated with the company maintaining
the audit log, and the like.
[0055] Selection via, for example, a right or left mouse click
and/or a tapping gesture of a peripheral node such as the
peripheral node 416a, may automatically initiate the presentation
of a new GUI such as the GUI shown in FIG. 5, or may initiate the
presentation of a set of options. One option may be for the
presentation of a GUI corresponding to the GUI 300 where the
central node represents the party-of-interest associated with the
peripheral node 416a. Another option may be for the presentation of
a GUI, such as the GUI shown in FIG. 5, where details concerning
the audit events between the party represented by the central node
414 and the party-of-interest represented by the peripheral node
416a are depicted on a circular timeline.
[0056] The GUI 400 may also include filters (not shown). Selection
of a filter restricts the peripheral nodes to those nodes that meet
the requirements of the selected filter. The filters associated
with the GUI 400 may be the same or different than the filters
associated with the GUI 300. Exemplary filters may include gender
filters, role filters, types of audit events, location filters,
device or IP address filters, and/or customized filters. An
additional filter that may be used in the context of the GUI 400
includes a filter that specifies parties-of-interest. Like above, a
numerical indicator may be displayed alongside the filter name to
provide an indication of the number of results in the result set
for that filter.
[0057] FIG. 5 depicts a GUI 500 that presents a detailed view of
audit events related to a specified party and a specified
party-of-interest. The GUI 500 may be initiated in response to a
selection of an option as described with respect to the GUI 300 or
the GUI 400. The GUI 500 includes a first display area 514 that
indicates the specified party and the specified party-of-interest
(in this case, the specified party-of-interest is Dr. Robert Smith
and the specified party is Mary Thomas). The party and the
party-of-interest may be indicated by their respective names. Other
ways of indicating the party and the party-of-interest may include
icons or pictures. An arrow 515 in the first display area 514
depicts a direction of access. For example, the arrow 515 indicates
that Dr. Robert Smith accessed patient Mary Thomas' EMR.
[0058] The GUI 500 also includes timelines 510 and 512 which are
similar to the timelines 410 and 412 of FIG. 4 and the timelines
310 and 312 of FIG. 3. The timelines 510 and 512 represent the same
timeframe as selected using the timelines 410 and 412 and/or the
timelines 310 and 312 unless otherwise changed by the user. As
such, the timeline 510 comprises a coarse-grained timeline that
enables selection of a time period in months and years by using a
bi-directional slider 511. Likewise, the timeline 512 represents a
fine-grained timeline that enables selection of a time period in
months and days using a bi-directional slider 513. Changing the
time period using the bi-directional sliders 511 and/or 513 causes
the GUI 500 to automatically update to reflect audit events
corresponding to the new time period.
[0059] The GUI 500 further comprises a circular timeline 516
surrounding the first display area 514; the circular timeline 516
has bounds 518 and 520 corresponding to the time period selected by
the bi-directional sliders 511 and 513. Overlaying the circular
timeline 516 at distinct points in time are one or more icons,
e.g., icons 522, 524, 526, and 528, representing one or more audit
events that occurred at that respective point in time. Different
types of audit events may be represented by different types of
icons. For example, the icon 522 (e.g., a square) may represent an
electronic record access to place an order, and the icon 524 (e.g.,
a star) may represent an electronic record access to modify an
existing record. Likewise, the icon 526 (e.g., a hexagon) may
represent an electronic record access to create a new document, and
the icon 528 (e.g., a circle) may represent an electronic record
access where no action was taken. A legend may be provided in
association with the GUI 500 detailing the different type of audit
events associated with the icons. The types of audit events
described and the shape of the icons 522, 524, 526, and 528, are
merely exemplary. Other types of audit events and other shapes of
icons are contemplated and are within the scope of the current
invention.
[0060] Hovering over or otherwise interacting with the icons 522,
524, 526, and 528, initiates a quick summary view of the audit
event associated with the icon. For example, hovering over the icon
522 may initiate the summary "ordered ibuprofen 400 mg, b.i.d. on
01/26/2011 at 8:43 am." Selecting an icon, such as the icon 522,
may initiate a detailed view of the audit event. For example,
selecting an icon may cause the presentation of the portion of the
electronic record corresponding to the icon. Using the example
above, selecting the icon 522 may initiate the presentation of the
patient's EMR corresponding to the ordering event.
[0061] The present invention has been described in relation to
particular embodiments, which are intended in all respects to be
illustrative rather than restrictive. Further, the present
invention is not limited to these embodiments, but variations and
modifications may be made without departing from the scope of the
present invention.
* * * * *