Method, system and computer product for securing patient identity

US 20040215981A1
Filed: 04/22/2003
Published: 10/28/2004
Est. Priority Date: 04/22/2003
Status: Active Grant

First Claim

Patent Images

1. A method for securing patient identity, the method comprising:

accessing an electronic medical records database including patient data for a plurality of patients, wherein each said patient is assigned a unique patient identifier;

retrieving said patient data for a first patient from said electronic medical records database, wherein said patient data for said first patient includes a first patient identifier;

de-identifying said first patient from said patient data for said first patient including the creation of a first encoded patient identifier responsive to said first patient identifier, wherein said de-identifying results in de-identified first patient data and includes the replacement of said first patient identifier with said first encoded patient identifier;

transmitting said de-identified first patient data to a data warehouse system; and

identifying a second patient in response to receiving report data including a second encoded patient identifier from said data warehouse system, wherein said identifying includes the creation of a second patient identifier responsive to said second encoded patient identifier.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for securing patient identity comprising accessing an electronic medical records database including patient data for a plurality of patients. Each patient in the electronic medical records database is assigned a unique patient identifier. Patient data for a first patient, including a first patient identifier, is retrieved from the electronic medical records database. The first patient is de-identified from the patient data. De-identifying includes the creation of a first encoded patient identifier responsive to the first patient identifier. The de-identifying results in de-identified first patient data and includes the replacement of the first patient identifier with the first encoded patient identifier. The de-identified first patient data is transmitted to a data warehouse system. The method further comprises identifying a second patient in response to receiving report data that includes a second encoded patient identifier from the data warehouse system. The identifying includes the creation of a second patient identifier responsive to the second encoded patient identifier.

114 Citations

29 Claims

1. A method for securing patient identity, the method comprising:
- accessing an electronic medical records database including patient data for a plurality of patients, wherein each said patient is assigned a unique patient identifier;
  
  retrieving said patient data for a first patient from said electronic medical records database, wherein said patient data for said first patient includes a first patient identifier;
  
  de-identifying said first patient from said patient data for said first patient including the creation of a first encoded patient identifier responsive to said first patient identifier, wherein said de-identifying results in de-identified first patient data and includes the replacement of said first patient identifier with said first encoded patient identifier;
  
  transmitting said de-identified first patient data to a data warehouse system; and
  
  identifying a second patient in response to receiving report data including a second encoded patient identifier from said data warehouse system, wherein said identifying includes the creation of a second patient identifier responsive to said second encoded patient identifier.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1 wherein said creation of said first encoded patient identifier includes using a hashing algorithm.
  - 3. The method of claim 1 wherein said creation of said first encoded patient identifier includes using an encryption algorithm.
  - 4. The method of claim 1 wherein said creation of said first encoded patient identifier includes using a two-fish algorithm.
  - 5. The method of claim 1 wherein said creation of said first encoded patient identifier includes:
    - receiving a user entered password string;
      
      hashing said user entered password string into a sixteen digit number; and
      
      summing said sixteen digit number with said first patient identifier resulting in said first encoded patient identifier.
  - 6. The method of claim 1 wherein said patient data includes a name, a geographic identifier, a birth date, an admission date, a telephone number, a social security number, a medical record number, an account number, and diagnosis data.
  - 7. The method of claim 1 wherein said de-identifying further includes removing or transforming identifying data from said patient data for said first patient that may be used to identify said first patient.
  - 8. The method of claim 7 wherein said identifying data includes name, geographic subdivisions smaller than state, phone number, health plan number, account number, unified resource locator, internet protocol address and biometric identifiers.
  - 9. The method of claim 1 wherein said creation of said second patient identifier includes accessing an encryption key and applying said encryption key to said second encoded patient identifier.
  - 10. The method of claim 1 wherein said de-identified first patient data includes fully de-identified data.
  - 11. The method of claim 1 wherein said de-identified first patient data includes limited data set data.
  - 12. The method of claim 1 wherein said report data is a patient cohort report.
  - 13. The method of claim 12 wherein said patient cohort report is created by running a query against a data warehouse located on said data warehouse system.
  - 14. The method of claim 1 wherein said data warehouse is a relational database.
  - 15. The method of claim 1 wherein said data warehouse includes data for a plurality of patient care providers.
  - 16. The method of claim 1 wherein said retrieving, de-identifying and transmitting are performed on a periodic basis.
  - 17. The method of claim 1 wherein said retrieving, de-identifying and transmitting are initiated from said data warehouse system.
  - 18. The method of claim 1 wherein said plurality of patients are ambulatory patients.
  - 19. The method of claim 1 wherein said first patient and said second patient are the same patient, said first patient identifier and said second patient identifier contain the same value, and said first encoded patient identifier and said second encoded patient identifier contain the same value.
  - 20. The method of claim 1 further comprising retrieving said patient data for said second patient from said electronic medical records database using said second patient identifier as a key into said electronic medical records database.

21. A method for securing patient identity, the method comprising:
- accessing an electronic medical records database including patient data for a plurality of patients, wherein each said patient is assigned a unique patient identifier;
  
  retrieving said patient data for a first patient from said electronic medical records database, wherein said patient data for said first patient includes a first patient identifier;
  
  de-identifying said first patient from said patient data for said first patient resulting in de-identified first patient data, wherein said de-identifying includes;
  
  creating a first encoded patient identifier responsive to said first patient identifier, wherein said creating includes;
  
  receiving a user entered password string;
  
  hashing said user entered password string into a sixteen digit number; and
  
  summing said sixteen digit number with said first patient identifier resulting in said first encoded patient identifier;
  
  replacing said first patient identifier with said first encoded patient identifier; and
  
  removing or transforming identifying data from said patient data for said first patient that may be used to identify said first patient;
  
  transmitting said de-identified first patient data to a data warehouse system; and
  
  identifying a second patient in response to receiving report data including a second encoded patient identifier from said data warehouse system, wherein said identifying includes subtracting said sixteen digit number from said second encoded patient identifier resulting in a second patient identifier.

22. A system for securing patient identify, the system comprising:
- a network;
  
  a storage device; and
  
  a patient care provider system including a storage device in communication with said network and said storage device, said patient care provider system including software to implement a method comprising;
  
  accessing an electronic medical records database located on said storage device including patient data for a plurality of patients, wherein each said patient is assigned a unique patient identifier;
  
  retrieving said patient data for a first patient from said electronic medical records database, wherein said patient data for said first patient includes a first patient identifier;
  
  de-identifying said first patient from said patient data for said first patient including the creation of a first encoded patient identifier responsive to said first patient identifier, and wherein said de-identifying results in de-identified first patient data and includes the replacement of said first patient identifier with said first encoded patient identifier;
  
  transmitting said de-identified first patient data via said network to a data warehouse system; and
  
  identifying a second patient in response to receiving report data via said network including a second encoded patient identifier from said data warehouse system, wherein said identifying includes the creation of a second patient identifier responsive to said second encoded patient identifier.
- View Dependent Claims (23, 24, 25, 26, 27)
- - 23. The system of claim 22 wherein said network is an Internet.
  - 24. The system of claim 22 wherein said network is an intranet.
  - 25. The system of claim 22 wherein said electronic medical records database is a relational database.
  - 26. The system of claim 22 wherein said storage device is in communication with said network and is physically located in a different geographic location than said patient care provider system.
  - 27. The system of claim 22 wherein said storage device is physically located in said patient care provider system.

28. A computer program product for securing patient identity, the product comprising:
- a storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for;
  
  accessing an electronic medical records database including patient data for a plurality of patients, wherein each said patient is assigned a unique patient identifier;
  
  retrieving said patient data for a first patient from said electronic medical records database, wherein said patient data for said first patient includes a first patient identifier;
  
  de-identifying said first patient from said patient data for said first patient including the creation of a first encoded patient identifier responsive to said first patient identifier, and wherein said de-identifying results in de-identified first patient data and includes the replacement of said first patient identifier with said first encoded patient identifier;
  
  transmitting said de-identified first patient data to a data warehouse system; and
  
  identifying a second patient in response to receiving report data including a second encoded patient identifier from said data warehouse system, wherein said identifying includes the creation of a second patient identifier responsive to said second encoded patient identifier.

29. A computer program product for securing patient identity, the product comprising:
- a storage medium readable by a processing circuit and storing instructions for execution by the processing circuit for;
  
  accessing an electronic medical records database including patient data for a plurality of patients, wherein each said patient is assigned a unique patient identifier;
  
  retrieving said patient data for a first patient from said electronic medical records database, wherein said patient data for said first patient includes a first patient identifier;
  
  de-identifying said first patient from said patient data for said first patient resulting in de-identified first patient data, wherein said de-identifying includes;
  
  creating a first encoded patient identifier responsive to said first patient identifier, wherein said creating includes;
  
  receiving a user entered password string;
  
  hashing said user entered password string into a sixteen digit number; and
  
  summing said sixteen digit number with said first patient identifier resulting in said first encoded patient identifier;
  
  replacing said first patient identifier with said first encoded patient identifier; and
  
  removing or transforming identifying data from said patient data for said first patient that may be used to identify said first patient;
  
  transmitting said de-identified first patient data to a data warehouse system; and
  
  identifying a second patient in response to receiving report data including a second encoded patient identifier from said data warehouse system, wherein said identifying includes subtracting said sixteen digit number from said second encoded patient identifier resulting in a second patient identifier.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
GE Medical Systems Information Technologies Incorporated (General Electric Company)
Original Assignee
GE Medical Systems Information Technologies Incorporated (General Electric Company)
Inventors
White, Curtis, Ricciardi, Thomas N.

Granted Patent

US 7,543,149 B2
Time in Patent Office

Days
Field of Search
US Class Current

713/202
CPC Class Codes

G06Q 10/10   Office automation; Time man...

G16H 10/60   for patient-specific data, ...

G16H 50/30   for calculating health indi...

H04L 2209/88   Medical equipments

H04L 63/0407   wherein the identity of one...

H04L 63/0428   wherein the data content is...

H04L 63/083   using passwords cryptograph...

H04L 9/3226   using a predetermined code,...

H04L 9/3236   using cryptographic hash fu...

Y10S 707/99936   Pattern matching access

Method, system and computer product for securing patient identity

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

114 Citations

29 Claims

Specification

Solutions

Use Cases

Quick Links

Method, system and computer product for securing patient identity

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

114 Citations

29 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links