Adoption and Effectiveness of AI-Based Anomaly Detection for Cross Provider Health Data Exchange

TL;DR

This paper evaluates AI-based anomaly detection methods in cross-provider health data exchange, proposing a readiness framework and a staged deployment strategy balancing rule-based and machine learning approaches.

Contribution

It introduces a practical readiness framework and empirical insights for implementing AI anomaly detection in multi-provider healthcare settings.

Findings

Rule-based methods achieve high recall but higher alert volumes.

Isolation Forest reduces alert burden but has lower sensitivity.

SHAP analysis identifies provider mismatch and off-hours access as key anomaly drivers.

Abstract

This study investigates the adoption and effectiveness of AI-based anomaly detection in cross-provider electronic health record (EHR) environments. It aims to (1) identify the organisational and digital capabilities required for successful implementation and (2) evaluate the performance and interpretability of lightweight anomaly detection approaches using contextual audit data. A semi-systematic scoping synthesis is conducted to derive a four-pillar readiness framework covering governance, infrastructure/interoperability, workforce, and AI integration, operationalised as a 10-item checklist with measurable indicators. This is complemented by a simulation of cross-provider audit logs incorporating contextual features such as provider mismatch, time of access, days since discharge, session duration, and access frequency. A rule-based approach is benchmarked against Isolation Forest, with SHAP used to explain model behaviour. Results show that rule-based methods achieve high recall but generate higher alert volumes, while Isolation Forest reduces alert burden at the cost of lower sensitivity. SHAP analysis highlights provider mismatch and off-hours access as dominant anomaly drivers. The study proposes a staged deployment strategy combining rules for coverage and machine learning for prioritisation, supported by explainability and continuous monitoring. The findings contribute a practical readiness framework and empirical insights to guide the implementation of AI-based anomaly detection in multi-provider healthcare environments.