Data driven schema for patient data exchange system
First Claim
1. A data warehouse system, the system comprising:
- at least one processing circuitry configured to;
encapsulate, within a respective metadata envelope, each data record from a set of data records for a clinical study by;
adding, to the metadata envelope, at least one class component that defines the clinical study;
adding, to the metadata envelope, at least one domain component that defines details of a subject within the clinical study;
adding, to the metadata envelope, at least one variable component that defines data gathered during the clinical study;
adding, to the metadata envelope, at least one privacy component that defines usage safeguards on access to the data record; and
adding, to the metadata envelope, at least one security component that defines protection from security threats;
receive a request for a particular data record from the set of clinical study data records from a subscriber interface;
determine whether the subscriber interface satisfies the protection from security threats as defined in the security component of the particular data record;
transmit, in response to determining that the subscriber interface satisfies the protection from security threats;
the encapsulated particular data record to the subscriber interface;
receive a request for an authorization token from the subscriber interface and for the encapsulated particular data record;
verify trust of the subscriber interface;
in response to verifying trust, create the authorization token, the authorization token providing an access right to the encapsulated particular data, wherein the authorization token is created dependent upon attributes of the metadata components and the subscriber interface, andtransmit the authorization token to the subscriber interface to apply to the encapsulated particular data for access thereto.
1 Assignment
0 Petitions
Accused Products
Abstract
A patient data exchange system comprises at least one device. Each of the devices implements an interface. When a device in the patient data exchange system publishes patient data, the device generates a metadata envelope that encapsulates the patient data. The metadata envelope conforms to a schema that defines allowable metadata attributes of the metadata envelope. When a device in the patient data exchange system receives a metadata envelope that conforms to the schema, the device determines, based at least in part on a metadata attribute of the metadata envelope, a particular patient data handling policy to apply to patient data encapsulated by the metadata envelope. In some instances, the metadata attribute indicates that authorization is required from an authorization service to access the patient data encapsulated by the metadata envelope.
-
Citations
20 Claims
-
1. A data warehouse system, the system comprising:
at least one processing circuitry configured to; encapsulate, within a respective metadata envelope, each data record from a set of data records for a clinical study by; adding, to the metadata envelope, at least one class component that defines the clinical study; adding, to the metadata envelope, at least one domain component that defines details of a subject within the clinical study; adding, to the metadata envelope, at least one variable component that defines data gathered during the clinical study; adding, to the metadata envelope, at least one privacy component that defines usage safeguards on access to the data record; and adding, to the metadata envelope, at least one security component that defines protection from security threats; receive a request for a particular data record from the set of clinical study data records from a subscriber interface; determine whether the subscriber interface satisfies the protection from security threats as defined in the security component of the particular data record; transmit, in response to determining that the subscriber interface satisfies the protection from security threats;
the encapsulated particular data record to the subscriber interface;receive a request for an authorization token from the subscriber interface and for the encapsulated particular data record; verify trust of the subscriber interface; in response to verifying trust, create the authorization token, the authorization token providing an access right to the encapsulated particular data, wherein the authorization token is created dependent upon attributes of the metadata components and the subscriber interface, and transmit the authorization token to the subscriber interface to apply to the encapsulated particular data for access thereto. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
11. A method for use with a data warehouse system having at least one processing circuitry, the method comprising:
using the at least one processing circuitry to; encapsulate, within a respective metadata envelope, each data record from a set of data records for a clinical study by; adding, to the metadata envelope, at least one class component that defines the clinical study; adding, to the metadata envelope, at least one domain component that defines details of a subject within the clinical study; adding, to the metadata envelope, at least one variable component that defines data gathered during the clinical study; adding, to the metadata envelope, at least one privacy component that defines usage safeguards on access to the data record; and adding, to the metadata envelope, at least one security component that defines protection from security threats; receive a request for a particular data record from the set of clinical study data records from a subscriber interface; determine whether the subscriber interface satisfies the protection from security threats as defined in the security component of the particular data record; transmit, in response to determining that the subscriber interface satisfies the protection from security threats;
the encapsulated particular data record to the subscriber interface;receive a request for an authorization token from the subscriber interface and for the encapsulated particular data record; verify trust of the subscriber interface; in response to verifying trust, create the authorization token, the authorization token providing an access right to the encapsulated particular data, wherein the authorization token is created dependent upon attributes of the metadata components and the subscriber interface, and transmit the authorization token to the subscriber interface to apply to the encapsulated particular data for access thereto. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
Specification