Mar 07 2024
Data Analytics

What Is AIOps, and How Is It Used in Healthcare?

As technology proliferates in hospitals, it’s harder for IT teams to monitor system performance manually. AI for IT operations is here to help identify problems, recommend solutions and even improve performance.

When healthcare’s IT infrastructure was largely limited to servers in closets, it wasn’t hard to monitor system performance, access and security. But in an era of Software as a Service tools, and in an industry where consumers have the right to access their data, that can get complicated.

“You used to be able to just power down and reboot,” says Patrick Lin, senior vice president and general manager of observability at Splunk. “As systems have become more complex, there’s a lot more data to gather, process and analyze. You need to augment the ability of human beings to keep everything going.”

This explosion in the volume and complexity of workloads has led to a lot of noise that’s increasingly difficult to separate from valid signals, says Krishna Sai, group vice president of engineering at SolarWinds. “You can’t do that manually in a needle-in-a-haystack model.”

Enter artificial intelligence for IT operations, or AIOps. Automated analysis of systems and applications helps IT teams to understand what’s happening and orchestrate a response. Mature solutions are being designed to predict bottlenecks or security vulnerabilities before they become a problem.

Click the banner below for expert guidance to help optimize your IT operations.

The Difference Between AIOps and Observability

For many organizations, observability is the first step in making sense of what’s happening with software systems. “Observability means gaining insight into system performance based on the data you gather through logs, performance metrics and traces,” Sai says.

Lin notes the primary benefits of observability are lowering the cost of downtime and improving digital resilience. In simple terms, IT teams can find and fix problems faster.

AIOps takes that a step further by applying intelligence to data and recognizing patterns in that performance data. Is increased traffic to a single web server an attempt at a cyberattack or a surge in patients booking appointments for newly available vaccinations? Is a backup attempt at 1 a.m. the regularly scheduled weekly job or the work of an outsider using stolen credentials?

“No environment is isolated. There are relationships between web applications, websites and databases. You need to be able to see how logs and events coming to workloads are related,” Sai says. “It’s not just about whether it’s normal. If it’s not normal, you want to know the reason why. That’s where AIOps gets more assistive.”

DIVE DEEPER: AI needs to be part of healthcare’s data protection strategy.

Domain-Agnostic vs. Domain-Centric AIOps

The degree of assistance may depend on the flavor of AIOps an organization is using.

A domain-agnostic approach pulls data from various sources to solve problems across multiple domains of operations, such as networking, storage and security. These tools can provide a holistic view of overall performance, but they may not have the specificity needed to address a particular pain point, use case or industry need.

On the other hand, a domain-centric tool homes in on a specific domain — whether it’s an IT environment or a vertical industry. It doesn’t span the entire IT environment, but its AI models of detection and analysis have been trained on data sets specific to that domain.

“If you apply a domain-centric tool to a network to identify the cause of a bottleneck, the models have a specialized understanding of standard network protocols and patterns,” Sai says. “It knows the difference between a distributed denial-of-service attack and a misconfiguration.”

Regardless of the approach, Sai says, organizations need to ensure AI models are deployed responsibly. This involves several steps:

  • Use robust data sets
  • Use transparent models with a high fairness coefficient
  • Ensure there’s a human in the loop to verify the model’s output
  • Aim for a natural transition for IT teams as they begin using AIOps tools
Krishna Sai
It’s not just about whether it’s normal. If it’s not normal, you want to know the reason why. That’s where AIOps gets more assistive.”

Krishna Sai Group Vice President of Engineering, SolarWinds

Additional Benefits of AIOps: Responding and Reporting

The most immediate benefit of AIOps in healthcare is insight into how mission-critical clinical applications are doing. “It’s useful for the things you care most about being always up, available and performing in the right way,” Lin says. The same goes for the infrastructure running those apps.

From there, IT teams are empowered to take appropriate action. Good AIOps tools will analyze events and patterns, and determine if they’re related, Lin continues.

That’s a step forward from the past, when organizations often assembled IT and security leaders in a “war room,” often at odd hours, to separate the signal from the noise. “A lot of AIOps is helping you understand what’s not normal so you can do something about it,” he says. 

EXPLORE: AI can help healthcare organizations bolster patient data security.

Additionally, AIOps is well equipped to assess a situation and recommend the right level of incident response, Sai says. This applies to everything from a seemingly routine help desk ticket to the series of alerts that come to IT staff working the overnight shift.

“How many systems are impacted? What’s the nature of the vulnerability? What’s the potential blast radius? Who should be awakened at 3 a.m., and which stakeholders can be notified later?” Sai says, describing the questions AIOps might answer for IT staff. Along with decision support, this provides peace of mind for junior staffers who may be responding to a serious incident for the first time.

The AIOps tool’s ongoing log of incidents and responses helps organizations in two other important ways, Sai adds. One is by providing an audit trail that complements compliance reporting.

The other is by identifying and even predicting system vulnerabilities, such as ubiquitous medical devices running outdated operating systems. These are otherwise difficult to track manually given the sheer volume of workloads running in the typical hospital, Sai notes.

The Future of AIOps in Healthcare: Improving Business Operations

AIOps helps organizations use data to achieve desired performance outcomes for their business applications. The next step, according to Lin, is to apply AIOps beyond IT.

One example in the hospital is emergency department throughput. AIOps tools are well positioned to determine when the ED isn’t transferring or otherwise processing patients as well as it could be. Is the time of day, week or month a factor? Do certain populations of patients require additional attention?

“AIOps is about warning you when performance isn’t what you’d expect,” Lin says. “A big part of the data you gather is related to business and patient outcomes.”

UP NEXT: How do SIEM tools fit into a healthcare organization’s security strategy?

metamorworks/Getty Images

Learn from Your Peers

What can you glean about security from other IT pros? Check out new CDW research and insight from our experts.