Method of and system for controlling access to personal information records

US 20040111622A1
Filed: 12/10/2002
Published: 06/10/2004
Est. Priority Date: 12/10/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of controlling access to personal information records, comprising the steps of:

A. categorizing personal information for an individual into a plurality of hierarchical sets of personal information;

B. assigning, by said individual, access priority data representative of an access priority level to each of said plurality of sets of personal information in said hierarchical sets, said access priority levels being based on differing criteria for release authorization for each of said plurality of sets of personal information established by said individual;

C. storing, at a datastore, each of said plurality of sets of personal information in said hierarchy and associated access priority data;

D. providing, by said individual to one or more requesters, access priority data corresponding to a desired level in said hierarchy;

E. receiving, from a requester, by way of a communications network, a request for at least one of said plurality of sets of health information in said hierarchy, said request including access priority data correlated to an access priority level;

F. processing said access priority data to determine whether said access priority data corresponds to said access priority level for said requested health information; and

i. when said access priority data corresponds to said access priority level for said requested health information, transmitting said requested health information to said requester by way of said communications network; and

ii. when said access data fails to correspond to said access priority level, denying access to said requestor to said health information.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system for distributing information for an individual over a communications network includes a host server system having a computer processor and associated memory, the host server system having a database of a plurality information categories for the individual. Each of the categories has an information set of the individual contained therein, and each of the categories has one or more security access codes assigned thereto. A request system includes a computer processor and associated memory, the request system for inputting one or more of the security access codes provided to the requestor, by the individual, to the host server system over the communications network. The system further includes an access determining device for transmitting, to the request system, the information in each of the categories in which the input security access codes match the assigned security access codes.

Citations

25 Claims

1. A method of controlling access to personal information records, comprising the steps of:
- A. categorizing personal information for an individual into a plurality of hierarchical sets of personal information;
  
  B. assigning, by said individual, access priority data representative of an access priority level to each of said plurality of sets of personal information in said hierarchical sets, said access priority levels being based on differing criteria for release authorization for each of said plurality of sets of personal information established by said individual;
  
  C. storing, at a datastore, each of said plurality of sets of personal information in said hierarchy and associated access priority data;
  
  D. providing, by said individual to one or more requesters, access priority data corresponding to a desired level in said hierarchy;
  
  E. receiving, from a requester, by way of a communications network, a request for at least one of said plurality of sets of health information in said hierarchy, said request including access priority data correlated to an access priority level;
  
  F. processing said access priority data to determine whether said access priority data corresponds to said access priority level for said requested health information; and
  
  i. when said access priority data corresponds to said access priority level for said requested health information, transmitting said requested health information to said requester by way of said communications network; and
  
  ii. when said access data fails to correspond to said access priority level, denying access to said requestor to said health information.
- View Dependent Claims (2, 3, 4)
- - 2. The method according to claim 1, wherein said communications network is the internet.
  - 3. The method according to claim 1, wherein said transmitted health information is encrypted.
  - 4. The method according to claim 2 further comprising the step of designating certain of said access priority data as identification constraints which must be received in step D before access to said personal information is granted.

5. A method of distributing information for an individual over a communications network comprising the steps of:
- A. generating a plurality of access security codes;
  
  B. generating a plurality of hierarchical categories, ranging from a low security category to a high security category;
  
  C. categorizing the individual'"'"'s information into privacy levels ranging from a least private level to a most private level;
  
  D. inputting the individual'"'"'s categorized information into said plurality of hierarchical categories, said least private level being input into said low security category and said most private level being input into said high security category;
  
  E. assigning, by said individual, to each of said categories, one or more of said access security codes, such that said information in each category will be released only if the assigned access security codes are received;
  
  F. providing, by said individual, to one or more requestors access priority data corresponding to a desired level in said hierarchy;
  
  G. receiving, from a requestor, one or more of said access security codes over said communications network;
  
  H. determining whether said received access security codes match one or more of said assigned access security codes; and
  
  I. transmitting, to said requestor over said communications network, said information in said categories in which said received security access codes match said assigned security access codes.
- View Dependent Claims (6, 7, 8, 9, 10, 11)
- - 6. The method of distributing information for an individual over a network according to claim 5, wherein said communications network is the internet.
  - 7. The method of distributing information for an individual over a network according to claim 6, wherein said released information is encrypted.
  - 8. The method of distributing information for an individual over a network according to claim 6 further comprising the step of designating certain of said security access codes as identification constraints which must be received in step F before access to said information is granted.
  - 9. The method of distributing information for an individual over a network according to claim 6 wherein, prior to step F, identification information is received from the requestor, said identification information being for identifying the individual.
  - 10. The method of distributing information for an individual over a network according to claim 9 wherein said identification information is selected from the group consisting of the individual'"'"'s medical record numbers, demographic data, information from a smart card that identifies the patient, retinal scans, iris scans and fingerprints.
  - 11. The method of distributing information for an individual over a network according to claim 9 wherein said identification information is any information about the individual which is available to said requester.

12. A system for distributing information for an individual over a communications network comprising:
- a host server system including a computer processor and associated memory, said host server system having a database of a plurality information categories for the individual, each of said categories having an information set of said individual contained therein, each of said categories having one or more security access codes assigned thereto;
  
  a request system including a computer processor and associated memory, said request system for inputting one or more of said security access codes provided to said requester by said individual, to said host server system over said communications network; and
  
  an access determining device for transmitting, to said request system, the information in each of said categories in which said input security access codes match said assigned security access codes.
- View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
- - 13. The system of claim 12 wherein said communications network is the internet.
  - 14. The system of claim 13, further including a setup system, including a computer processor and associated memory, for inputting said information to said database.
  - 15. The system of claim 14 wherein said security access codes are defined by a user and are assigned to said categories by said user through said setup system.
  - 16. The system of claim 13 wherein more of said security access codes are required to access high security categories than low security categories.
  - 17. The system of claim 13 wherein said setup system and said requestor system are the same system.
  - 18. The system of claim 13 wherein said request system is coupleable to said network by a wired connection.
  - 19. The system of claim 18 wherein said request system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
  - 20. The system of claim 13 wherein said request system is coupleable to said network by a wireless connection.
  - 21. The system of claim 20 wherein said request system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
  - 22. The system of claim 14 wherein said setup system is coupleable to said network by a wired connection.
  - 23. The system of claim 22 wherein said setup system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
  - 24. The system of claim 14 wherein said setup system is coupleable to said network by a wireless connection.
  - 25. The system of claim 24 wherein said setup system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
CareKey, Inc. (Cognizant Technology Solutions Corp.)
Original Assignee
CareKey, Inc. (Cognizant Technology Solutions Corp.)
Inventors
Schoenberg, Roy

Application Number

US10/315,301
Publication Number

US 20040111622A1
Time in Patent Office

Days
Field of Search
US Class Current

713/182
CPC Class Codes

G06Q 10/10   Office automation; Time man...

G16H 10/60   for patient-specific data, ...

G16H 40/67   for remote operation

Method of and system for controlling access to personal information records

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

Citations

25 Claims

Specification

Solutions

Use Cases

Quick Links

Method of and system for controlling access to personal information records

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

25 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links