Method and software for a web-based platform of comprehensive personal health records that enforces individualized patient hierarchies of user permissions and detects gaps in patient care

US 10,170,203 B1
Filed: 03/13/2012
Issued: 01/01/2019
Est. Priority Date: 08/01/2002
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable media comprising computer executable instructions to perform a method for creating, managing, accessing, updating and exchanging electronic personal health record(s) (“

PHR”

s) of multiple patients in accordance with their individualized hierarchies of user permissions using a web-based PHR software platform containing a plurality of N layers including at least an infrastructure layer comprising relational databases in which all of the personal health records of the patients is received as incoming data and stored in the relational databases with the web-based PHR software platform including programming logic;

a data layer;

an application layer containing business rules controlling communication between the layers of the software platform and containing data representative of government regulations and practice guidelines relative to PHR patient care; and

a presentation/transport layer which provides user interfaces to access, transmit and exchange personal health records of patients to and from the software platform;

said method comprising the steps of;

(a) storing data segments representative of at least one of physical health, mental health, conditions, referrals, medications, substance abuse, allergies, procedures, and care plans of the patients at the data layer and identifying a plurality of data functions for each of the data segments at the data layer;

(b) embedding in the application layer individualized patient hierarchies of user permissions governing the hierarchy of disclosure to stored data of each patient such that patients have the greatest access to patient data and patient hierarchies, individuals authorized by patients as providers have lesser access, and other individuals granted user access by the authorized providers have the least access;

(c) using the programming logic for tagging stored patient PHR data in the relational databases with information to identify data segments and data functions with user permissions granted to authorized users by each patient, wherein the tags identifying user permissions of each authorized user on each of the data segments are stored in encrypted form in the relational databases and decrypted in the presentation/transport layer to expose permitted data and functions to authorized users through user interfaces, EHR and web services data exchange;

(d) using the programming logic to correlate tagged patient PHR data and data functions with the individualized patient hierarchies of user permissions defined in step (b);

(e) authenticating users who identify themselves in the presentation/transport layer from web-connected devices;

(f) using the programming logic to control the disclosure of data to and from the software platform by matching an authenticated user to the user permissions specified in the tagged data for performing specified data functions;

(g) filtering the matching operation in step (f) such that unmatched data and unmatched data functions are filtered out and not presented via user interfaces to authorized users for any use thereof;

(h) scanning data in the data layer and/or the application layer to locate gaps in patient care and the presence of gaps based on non-compliance with the government regulations and practice guidelines in the presentation/transport layer; and

(i) creating an alert in response to the detection of gap(s) for notifying providers of the existence of gap(s) and communicating the alert to a mobile device of one or more users with suitable permissions to receive such alerts.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The invention is a method for an unbound, interoperable, web-based software platform, comprising comprehensive personal health records (PHRs) of patients, enforcing individualized patient hierarchies of user permissions when creating, managing, accessing, updating, exchanging, and consolidating information, offering unique capabilities for detecting gaps in care, coordinating care, and prompting provider compliance with practice guidelines and government regulations.

The Platform comprises four encrypted, firewall protected layers that together support Platform capabilities. First, the Platform is distinguished from conventional EHRs and tethered PHRs by individualized patient hierarchies of user permissions in the application layer, controlling disclosures of data to authorized users. Second, the Platform is distinguished by scanning of data and application layers for gaps in patient care and alerting relevant users. Third, the Platform is distinguished by tagging data with individualized patient hierarchies of user permissions, filtering data disclosures to authorized users and impeding data handoffs to unauthorized users.

19 Citations

16 Claims

1. A non-transitory computer readable media comprising computer executable instructions to perform a method for creating, managing, accessing, updating and exchanging electronic personal health record(s) (“
- PHR”
  
  s) of multiple patients in accordance with their individualized hierarchies of user permissions using a web-based PHR software platform containing a plurality of N layers including at least an infrastructure layer comprising relational databases in which all of the personal health records of the patients is received as incoming data and stored in the relational databases with the web-based PHR software platform including programming logic;
  
  a data layer;
  
  an application layer containing business rules controlling communication between the layers of the software platform and containing data representative of government regulations and practice guidelines relative to PHR patient care; and
  
  a presentation/transport layer which provides user interfaces to access, transmit and exchange personal health records of patients to and from the software platform;
  
  said method comprising the steps of;
  
  (a) storing data segments representative of at least one of physical health, mental health, conditions, referrals, medications, substance abuse, allergies, procedures, and care plans of the patients at the data layer and identifying a plurality of data functions for each of the data segments at the data layer;
  
  (b) embedding in the application layer individualized patient hierarchies of user permissions governing the hierarchy of disclosure to stored data of each patient such that patients have the greatest access to patient data and patient hierarchies, individuals authorized by patients as providers have lesser access, and other individuals granted user access by the authorized providers have the least access;
  
  (c) using the programming logic for tagging stored patient PHR data in the relational databases with information to identify data segments and data functions with user permissions granted to authorized users by each patient, wherein the tags identifying user permissions of each authorized user on each of the data segments are stored in encrypted form in the relational databases and decrypted in the presentation/transport layer to expose permitted data and functions to authorized users through user interfaces, EHR and web services data exchange;
  
  (d) using the programming logic to correlate tagged patient PHR data and data functions with the individualized patient hierarchies of user permissions defined in step (b);
  
  (e) authenticating users who identify themselves in the presentation/transport layer from web-connected devices;
  
  (f) using the programming logic to control the disclosure of data to and from the software platform by matching an authenticated user to the user permissions specified in the tagged data for performing specified data functions;
  
  (g) filtering the matching operation in step (f) such that unmatched data and unmatched data functions are filtered out and not presented via user interfaces to authorized users for any use thereof;
  
  (h) scanning data in the data layer and/or the application layer to locate gaps in patient care and the presence of gaps based on non-compliance with the government regulations and practice guidelines in the presentation/transport layer; and
  
  (i) creating an alert in response to the detection of gap(s) for notifying providers of the existence of gap(s) and communicating the alert to a mobile device of one or more users with suitable permissions to receive such alerts.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The non-transitory computer readable media of claim 1 wherein the presentation/transport layer enables authenticated users, in accordance with individualized hierarchies of user permissions in the application layer, to access patient PHRs via user interfaces provided by the presentation/transport layer appropriate to users who identify themselves in the presentation/transport layer.
  - 3. The non-transitory computer readable media of claim 1 wherein the presentation/transport layer enables authenticated users, in accordance with individualized hierarchies of user permissions in the application layer, to exchange data in patient PHRs from the infrastructure layer with external electronic health record systems (EHRs).
  - 4. The non-transitory computer readable media of claim 3 wherein the presentation/transport layer enables the exchange of such data in patient PHRs with external electronic health record systems (EHRs) or external computer information systems to occur via web services.
  - 5. The non-transitory computer readable media of claim 1 wherein the infrastructure layer contains cryptography which permits the presentation/transport layer to enable authenticated users, in accordance with individualized hierarchies of user permissions in the application layer, to use encryption and decryption for sending and receiving e-mail messages which include patient data and documents as attachments thereto.
  - 6. The non-transitory computer readable media of claim 1 wherein the programming logic in the infrastructure layer scans for gaps in patient care in each of the data and application layers to alert authorized users of the presence of such gaps and to escalate such notification until gap remediation occurs.
  - 7. The non-transitory computer readable media of claim 6 wherein alerts to users about the presence of a gap in patient care includes a menu of choices for resolving the specific gap.
  - 8. The non-transitory computer readable media of claim 7 wherein users who receive alerts about the presence of a gap in patient care are repeatedly prompted by email and text messages to select a menu item and provide details about the menu item for resolving the specific gap, to indicate when they have implemented a particular method of gap resolution, and, to describe the results of gap resolution including obstacles.
  - 9. The non-transitory computer readable media of claim 8 wherein users who receive alerts about the presence of a gap in patient care related to practice guidelines or regulatory compliance, after being prompted by email and text messages to select and provide details about a menu item for resolving a specific gap, may indicate that they will select a strategy not included in menu items and may justify their exception to practice guidelines or regulatory compliance.
  - 10. The non-transitory computer readable media of claim 9 wherein after a predetermined brief time period, alerts are forwarded to supervisory personnel who oversee clinical care of patients when users fail to respond to alerts about the presence of gaps in patient care, fail to select menu items for resolving those gaps, fail to indicate when they have implemented particular methods of gap resolution, or fail to describe the results of gap resolution including obstacles.
  - 11. The non-transitory computer readable media of claim 1 wherein programming logic in the infrastructure layer tags data stored in the relational databases, identifying patient owners of data, data segments, and associations of data segments with the individualized of user permissions so that only permitted data are disclosed to users through the presentation/transport layer.
  - 12. The non-transitory computer readable media of claim 11 wherein the programming logic in the infrastructure layer tags data stored in relational databases, identifying patient owners of data, data segments, and association of data segments with individualized hierarchies of user permissions so that authorized users, can only forward data made accessible to the authorized user as permitted data through the presentation/transport layer to other users identified in the PHR data as authorized users.
  - 13. The non-transitory computer readable media of claim 1 wherein the tagged data is continuously audited for documenting disclosures of patient data in audit logs accessible to patients and to other appropriately authorized users.
  - 14. The non-transitory computer readable media of claim 13 wherein continuous auditing automatically documents provider compliance with practice guidelines and regulatory requirements, allowing providers to make and justify exceptions to compliance.
  - 15. The non-transitory computer readable media of claim 1 wherein through a patient user interface provided by the presentation/transport layer, patients authorize primary providers with the highest level of permissions to grant other individuals user(s) authorized access at lower levels of permissions in the hierarchies of user permissions.
  - 16. The non-transitory computer readable media of claim 15 wherein through the provider user interface, primary providers can grant and manage lesser permissions for other, secondary providers, in accordance with individualized patient user permission hierarchies, during referrals and care transitions and for purposes of care coordination.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Prosocial Applications, Inc.
Original Assignee
Prosocial Applications, Inc.
Inventors
Blechman, Elaine A
Primary Examiner(s)
Nguyen, Hiep V

Application Number

US13/418,768
Time in Patent Office

2,485 Days
Field of Search

705 3
US Class Current
CPC Class Codes

G06F 21/6227   where protection concerns t...

G06F 21/6245   Protecting personal data, e...

G06Q 10/10   Office automation; Time man...

G06Q 40/08   Insurance

G06Q 50/22   Social work or social welfa...

G16H 10/60   for patient-specific data, ...

G16H 50/70   for mining of medical data,...

Y02A 90/10   Information and communicati...

Method and software for a web-based platform of comprehensive personal health records that enforces individualized patient hierarchies of user permissions and detects gaps in patient care

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

19 Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

Method and software for a web-based platform of comprehensive personal health records that enforces individualized patient hierarchies of user permissions and detects gaps in patient care

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

19 Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links