The goal of this project is to develop and evaluate data mining methods for detecting suspicious accesses to electronic medical record systems. These methods include user-level profiling (e.g., Who access what? When?), relational or social network analysis of users, and temporal workflows of patients. This project is sponsored as an R01 from the National Library of Medicine and is supplemented through funds from the National Science Foundation TRUST program.