Secure records storage and retrieval system and method

US 20030023562A1
Filed: 07/25/2002
Published: 01/30/2003
Est. Priority Date: 07/25/2001
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing access to a customer record located in a database, the method comprising:

providing, by a customer, of an access key relative to the customer record, the access key specifying at least one record-access criterion;

wherein a participant accesses the customer record via the access key;

wherein the access key can be set by the customer such that the participant can access the customer record only via an access portal linked with the database; and

wherein data relative to the record transmitted to the participant via the access portal is encrypted.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A secure records storage and retrieval system and method includes an access portal and a data vault. The data vault includes multiple customer data vaults and provider data vaults that can be used to securely store and retrieve records belonging to a particular customer or provider. Access to records contained within a given customer or provider'"'"'s data vault can be authorized via an access key, which allows a provider to access records contained in the customer or provider'"'"'s data vault under time or use based restrictions set by the customer. The customer or provider can also access their own records via the access portal. The access key can be set by the customer to permit access to records contained in the customer'"'"'s data vault only via the access portal. The customer or provider has the ability to accept or reject records uploaded to the customer or provider'"'"'s data vault and can also annotate records added the customer or provider'"'"'s data vault.

Citations

81 Claims

1. A method of providing access to a customer record located in a database, the method comprising:
- providing, by a customer, of an access key relative to the customer record, the access key specifying at least one record-access criterion;
  
  wherein a participant accesses the customer record via the access key;
  
  wherein the access key can be set by the customer such that the participant can access the customer record only via an access portal linked with the database; and
  
  wherein data relative to the record transmitted to the participant via the access portal is encrypted.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The method of claim 1, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 3. The method of claim 2, wherein the participant is a healthcare service provider.
  - 4. The method of claim 1, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 5. The method of claim 4, wherein the access key is provided via a simulated e-mail system.

6. A method of providing access to a customer record located in a database, the method comprising:
- setting an access key relative to the customer record, the access key specifying at least one record-access criterion, the access key being set such that a participant can access the customer record only via an access portal linked with the database;
  
  providing the access key to the participant;
  
  encrypting data relative to the customer record; and
  
  transmitting the data to the participant via the access portal.
- View Dependent Claims (7, 8, 9, 10)
- - 7. The method of claim 6, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 8. The method of claim 7, wherein the participant is a healthcare service provider.
  - 9. The method of claim 6, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 10. The method of claim 9, wherein the access key is provided via a simulated e-mail system.

11. A method of obtaining access to a customer record located in a database, the method comprising:
- receiving, by a participant, of an access key relative to the customer record, the access key specifying at least one record-access criterion;
  
  accessing, by the participant, of the customer record via the access key;
  
  wherein the access key can be set by the customer such that the participant can access the customer record only via an access portal linked with the database; and
  
  wherein data relative to the record transmitted to the participant via the access portal is encrypted.
- View Dependent Claims (12, 13, 14, 15)
- - 12. The method of claim 11, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 13. The method of claim 12, wherein the participant is a healthcare service provider.
  - 14. The method of claim 11, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 15. The method of claim 14, wherein the access key is provided via a simulated e-mail system.

16. A method of selectively enabling access by a participant to a customer record located in a database, the method comprising:
- providing an access key relative to the customer record, the access key specifying at least one record-access criterion;
  
  receiving, by the participant, of the access key;
  
  accessing, by the participant, of the customer record via the access key;
  
  wherein the access key can be set by the customer such that the participant can access the customer record only via an access portal linked with the database; and
  
  wherein data relative to the record transmitted to the participant via the access portal is encrypted.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The method of claim 16, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 18. The method of claim 17, wherein the participant is a healthcare service provider.
  - 19. The method of claim 16, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 20. The method of claim 19, wherein the access key is provided via a simulated e-mail system.

21. An apparatus for providing access to a customer record located in a database, the apparatus comprising:
- means for providing an access key relative to the customer record, the access key being adapted to specify at least one record-access criterion;
  
  wherein the customer record is accessed via the access key;
  
  wherein the access key is adapted to allow a customer to permit a participant to access the customer record only via an access portal linked with the database; and
  
  wherein data relative to the record transmitted to the participant via the access portal is encrypted.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The apparatus of claim 21, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 23. The apparatus of claim 22, wherein the participant is a healthcare service provider.
  - 24. The apparatus of claim 21, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 25. The apparatus of claim 24, wherein the means for providing comprises a simulated e-mail system.

26. An apparatus for providing access to a customer record located in a database, the apparatus comprising:
- means for providing access relative to the customer record, the means for providing access being adapted to specify at least one record-access criterion;
  
  wherein the customer record is accessed via the means for providing access;
  
  wherein the means for providing access is adapted to allow a customer to permit a participant to access the customer record only via an access portal linked with the database; and
  
  wherein data relative to the record transmitted to the participant via the access portal is encrypted.
- View Dependent Claims (27, 28, 29, 30, 31)
- - 27. The apparatus of claim 26, wherein the means for providing access comprises an access key.
  - 28. The apparatus of claim 27, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 29. The apparatus of claim 26, wherein the participant is a healthcare service provider.
  - 30. The apparatus of claim 26, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 31. The apparatus of claim 30, wherein the means for providing comprises a simulated e-mail system.

32. An apparatus for obtaining access to a customer record located in a database, the apparatus comprising:
- means for receiving an access key relative to the customer record, the access key being adapted to specify at least one record-access criterion;
  
  means for accessing the customer record via the access key;
  
  wherein the access key is adapted to allow a customer to permit a participant to access the customer record only via an access portal linked with the database; and
  
  wherein data relative to the record transmitted to the participant via the access portal is encrypted.
- View Dependent Claims (33, 34, 35, 36)
- - 33. The apparatus of claim 32, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 34. The apparatus of claim 33, wherein the participant is a healthcare service provider.
  - 35. The apparatus of claim 32, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 36. The apparatus of claim 35, wherein the means for receiving comprises a simulated e-mail system.

37. An apparatus for selectively permitting access to a customer record located in a database, the apparatus comprising:
- an access key for accessing the customer record, the access key being adapted to specify at least one record-access criterion and to allow a customer to permit a participant to access the customer record only via an access portal linked with the database;
  
  means for accessing the customer record via the access key; and
  
  means for encrypting data relative to the record transmitted to the participant via the access portal.
- View Dependent Claims (38, 39, 40, 41)
- - 38. The apparatus of claim 37, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 39. The apparatus of claim 38, wherein the participant is a healthcare service provider.
  - 40. The apparatus of claim 37, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 41. The apparatus of claim 40, wherein the means for accessing comprises a simulated e-mail system.

42. A method of adding a customer record to a customer data vault, the method comprising:
- inputting the customer record into a database, the database including the customer data vault;
  
  wherein an opportunity is provided to the customer to reject the customer record; and
  
  wherein, in response to the customer not rejecting the customer record, the customer record is added to the customer data vault.
- View Dependent Claims (43, 44, 45, 46, 47, 48, 49)
- - 43. The method of claim 42, further comprising, in response to the customer rejecting the customer record, receiving notification that the customer has rejected the customer record.
  - 44. The method of claim 42, wherein the step of inputting is performed by a healthcare service provider.
  - 45. The method of claim 42, wherein the step of inputting comprises uploading the customer record via a secure access portal.
  - 46. The method of claim 42, further comprising selecting a customer to which the customer record belongs.
  - 47. The method of claim 42, wherein, following the step of inputting, a customer is notified that the step of inputting has occurred.
  - 48. The method of claim 47, wherein the notice to the customer is via a simulated e-mail system.
  - 49. The method of claim 42, wherein the customer record is in electronic form.

50. A method of adding a customer record to a customer data vault, the method comprising:
- receiving the customer record in a database, the database including the customer data vault;
  
  providing an opportunity to the customer to reject the customer record; and
  
  in response to the customer not rejecting the customer record, adding the customer record to the customer data vault.
- View Dependent Claims (51, 52, 53, 54, 55, 56, 57)
- - 51. The method of claim 50, further comprising, in response to the customer rejecting the customer record, providing notification that the customer has rejected the customer record.
  - 52. The method of claim 50, wherein the customer record is received from a healthcare service provider.
  - 53. The method of claim 50, wherein the step of receiving comprises receiving an upload of the customer record via a secure access portal.
  - 54. The method of claim 50, further comprising receiving a selection of a customer to which the customer record belongs.
  - 55. The method of claim 50, wherein, following the step of receiving, notifying a customer that the step of receiving has occurred.
  - 56. The method of claim 55, wherein the step of notifying is performed via a simulated e-mail system.
  - 57. The method of claim 50, wherein the customer record is in electronic form.

58. An apparatus for adding a customer record to a customer data vault, the apparatus comprising:
- means for inputting the customer record into a database, the database including the customer data vault;
  
  wherein an opportunity is provided to the customer to reject the customer record; and
  
  wherein, in response to the customer not rejecting the customer record, the customer record is added to the customer data vault.
- View Dependent Claims (59, 60, 61, 62, 63, 64, 65)
- - 59. The apparatus of claim 58, wherein, in response to the customer rejecting the customer record, notification that the customer has rejected the customer record is received.
  - 60. The apparatus of claim 58, wherein a healthcare service provider utilizes the means for inputting.
  - 61. The apparatus of claim 58, wherein the means for inputting comprises a secure access portal.
  - 62. The apparatus of claim 58, further comprising means for selecting a customer to which the customer record belongs.
  - 63. The apparatus of claim 58, further comprising means for notifying a customer that input of the customer record has occurred.
  - 64. The apparatus of claim 63, wherein the means for notifying comprises a simulated e-mail system.
  - 65. The apparatus of claim 58, wherein the customer record is in electronic form.

66. An apparatus for adding a customer record to a customer data vault, the apparatus comprising:
- means for receiving the customer record in a database, the database including the customer data vault;
  
  means for providing an opportunity to the customer to reject the customer record; and
  
  means for adding the customer record to the customer data vault in response to the customer not rejecting the customer record.
- View Dependent Claims (67, 68, 69, 70, 71, 72, 73)
- - 67. The apparatus of claim 66, further comprising means for notifying that the customer has rejected the customer record in response to the customer rejecting the customer record.
  - 68. The apparatus of claim 66, wherein the customer record is received from a healthcare service provider.
  - 69. The apparatus of claim 66, wherein the means for receiving comprises a secure access portal.
  - 70. The apparatus of claim 66, further comprising means for receiving a selection of a customer to which the customer record belongs.
  - 71. The apparatus of claim 66, further comprising means for notifying a customer that the customer record has been received.
  - 72. The apparatus of claim 71, wherein the means for notifying comprises a simulated e-mail system.
  - 73. The apparatus of claim 66, wherein the customer record is in electronic form.

74. A computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions that, when executed by a processor, cause the processor to:
- receive a customer record into a database, the database including a customer data vault;
  
  provide an opportunity to the customer to reject the customer record; and
  
  in response to the customer not rejecting the customer record, add the customer record to the customer data vault.
- View Dependent Claims (75, 76, 77)
- - 75. The medium of claim 74, further comprising sequences of instructions, the sequences of instructions including instructions that, when executed by a processor, cause the processor to notifying that the customer has rejected the customer record in response to the customer rejecting the customer record.
  - 76. The medium of claim 74, further comprising sequences of instructions, the sequences of instructions including instructions that, when executed by a processor, cause the processor to receive a selection of a customer to which the customer record belongs.
  - 77. The medium of claim 74, further comprising sequences of instructions, the sequences of instructions including instructions that, when executed by a processor, cause the processor to notify a customer that the customer record has been received.

78. A computer-readable medium having stored thereon sequences of instructions, the sequences of instructions including instructions that, when executed by a processor, cause the processor to:
- receive an access key relative to a customer record, the access key specifying at least one record-access criterion;
  
  permit access to the customer record via the access key;
  
  set the access key so as to permit access to the customer record only within a database; and
  
  transmit data relative to the access key outside the database in an encrypted fashion.
- View Dependent Claims (79, 80, 81)
- - 79. The medium of claim 78, wherein the access key prevents the participant from moving or copying the customer record to a location outside a data vault that includes the database.
  - 80. The method of claim 78, wherein the at least one record-access criterion comprises at least one of a time based criterion and a use based criterion.
  - 81. The method of claim 78, wherein the access key is provided via a simulated e-mail system.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Mydatavault Incorporated
Original Assignee
Mydatavault Incorporated
Inventors
Bailey, Steven, Masson, Robert, Rosemeyer, John

Application Number

US10/202,793
Publication Number

US 20030023562A1
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06F 21/6245 Protecting personal data, e...

Secure records storage and retrieval system and method

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

81 Claims

Specification

Solutions

Use Cases

Quick Links

Secure records storage and retrieval system and method

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

81 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links