Software eases audit log scrutiny for PACS administrators

An off-the-shelf software tool has been found to significantly ease the often-tedious process of pinpointing irregularities in voluminous PACS audit logs.

Many PACS already incorporate extensive auditing capabilities as part of their security model, but PACS administrators must frequently resort to manual analysis due to the difficulty of constructing queries to extract useful information from the complex logs.

In a paper published online in the June Journal of Digital Imaging, researchers describe the use of a standard off-the-shelf multidimensional analysis software tool (PowerPlay, Cognos) to assist PACS/RIS administrators and security officers in analyzing audit logs.

"By using multidimensional analysis, extracting real information from millions of records of data in departmental databases has become a tangible goal," said Robert M. Coleman, manager of radiology informatics at Maine Medical Center.

The 1650 users of the center's Web-based image distribution system generate 25,000 to 30,000 audit records per week. This volume of data demands an innovative approach to distill information down to a manageable subset of records that may warrant additional focus, Coleman said.

Multidimensional analysis, or as online analytical processing, tools proved to be a good fit for this application, according to the researchers.

"Classical reports extracted from conventional relational databases cannot keep up with the demands of the department administrator, because those reports are bound by one's ability to properly formulate a question in the context of a query," he said.

An example of developing an appropriate query could involve tracking the instances of nonclinical administrative PACS users inappropriately viewing coworkers' radiology images or reports.

Using multidimensional analysis, the administrator could start with a summarized view of all the audited events captured by the system. Logins by date, for example, would reveal when the user logged into the system. A few more clicks would show that the user did several queries for images and reports on a single day for a single patient.

At this point, the data has been distilled down to the events of a single user with regard to a single patient, making it easier to determine whether the access was appropriate.

Coleman said multidimensional analysis of the center's PACS and RIS data paid off after just a few weeks.

"Using a multidimensional analysis tool costing less than $15,000 (about what we pay for two weeks of vendor PACS support), we were able to quickly and easily answer some crucial questions regarding our systems," he said.