System and method for providing multi-layered access control
First Claim
1. A method to provide permissions for users from different organizations to access health information of cohort members while assuring privacy and security of the cohort members'"'"' health information deposited in a plurality of datasets having different commercial owners who control the access to the datasets they own, wherein the access is achieved via computing devices having a hardware processor communicatively connected to the plurality of datasets via a network, the method comprising the steps of:
- defining, by the processor,an information policy including permissions set by the different commercial owners of each of the plurality of datasets for access to the health information and granularity of the health information in each of the plurality of the datasets,an organization policy including permissions derived from a plurality of licenses subscribed to by the respective organizations for accessing each of the plurality of datasets, anda user policy including account permissions selectively assigned to the users from each of the different organizations;
generating a master policy having access control permissions for access to each of the plurality of datasets for each of the users from each of the different organizations, wherein the master policy comprises the information policy, organization policy, and the user policy; and
in response to a request from the computing device of the users;
controlling, by the processor, access to the health information of the cohort members in the plurality of datasets based on the access control permissions of the master policy.
8 Assignments
0 Petitions
Accused Products
Abstract
A method and system to provide multi-layered access control for healthcare datasets are disclosed. The method comprises defining an information policy for each of healthcare datasets, wherein the information policy comprises information access permissions. Further, an organization policy is defined for each of the healthcare datasets, wherein the organization policy comprises license permissions for organizations accessing the healthcare datasets. Thereafter, a user account master policy is defined for each of the healthcare datasets, wherein the user account master policy comprises account permissions assigned to users of the organizations. Subsequently, a master user policy is generated for each of the users based on the information policy, the organization policy, the user account master policy, or a combination thereof, wherein the master user policy comprises access control permissions to provide each of the users access to the healthcare datasets.
-
Citations
17 Claims
-
1. A method to provide permissions for users from different organizations to access health information of cohort members while assuring privacy and security of the cohort members'"'"' health information deposited in a plurality of datasets having different commercial owners who control the access to the datasets they own, wherein the access is achieved via computing devices having a hardware processor communicatively connected to the plurality of datasets via a network, the method comprising the steps of:
-
defining, by the processor, an information policy including permissions set by the different commercial owners of each of the plurality of datasets for access to the health information and granularity of the health information in each of the plurality of the datasets, an organization policy including permissions derived from a plurality of licenses subscribed to by the respective organizations for accessing each of the plurality of datasets, and a user policy including account permissions selectively assigned to the users from each of the different organizations; generating a master policy having access control permissions for access to each of the plurality of datasets for each of the users from each of the different organizations, wherein the master policy comprises the information policy, organization policy, and the user policy; and in response to a request from the computing device of the users; controlling, by the processor, access to the health information of the cohort members in the plurality of datasets based on the access control permissions of the master policy. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system to provide permissions for users from different organizations to access health information of cohort members while assuring privacy and security of the cohort members'"'"' health information deposited in a plurality of datasets having different commercial owners who control the access to the datasets they own, wherein the access is achieved via computing devices having a hardware processor communicatively connected to the plurality of datasets via a network, the system comprising:
-
the processor configured to; define an information policy including permissions set by the different commercial owners of each of the plurality of datasets for access to the health information and granularity limits of the health information in each of the plurality of the datasets, an organization policy including permissions derived from a plurality of licenses subscribed to by the respective organizations for accessing each of the plurality of datasets, and a user policy including account permissions selectively assigned to the users from each of the different organizations; generate a master policy having access control permissions for access to each of the plurality of datasets for each of the users from each of the different organizations, wherein the master policy comprises the information policy, organization policy, and the user policy; and in response to a request from the computing device of the users; control access to the health information of the cohort members in the plurality of datasets based on the access control permissions of the master policy of the master policy. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A method to provide permissions for users from different organizations to access health information of cohort members while assuring privacy and security of the cohort members'"'"' health information is deposited in a plurality of datasets having different commercial owners who control the access to the datasets they own, wherein the access is achieved via computing devices having a hardware processor communicatively connected to the plurality of datasets via a network, the method comprising the steps of:
-
defining, by the processor, an information policy including permissions set by the different commercial owners of each of the plurality of datasets for access to the health information and granularity of the health information in each of the plurality of the datasets; an organization policy including permissions derived from a plurality of licenses subscribed to by the respective organizations for accessing each of the plurality of datasets; a user policy including account permissions selectively assigned to the users from each of the different organizations; generating a master policy having access control permissions for access to the plurality of datasets for each of the users from each of the different organizations, wherein the master policy comprises the information policy, organization policy, and the user policy; defining, by the processor, an administrator policy including permissions for control of the information policy, and the organization policy; and in response to a request from the computing device of the users; controlling, by the processor, access to the health information of the cohort members in the plurality of datasets based on the access control permissions of the master policy. - View Dependent Claims (16, 17)
-
Specification