Mediated data encryption for longitudinal patient level databases

US 20050256741A1
Filed: 05/05/2005
Published: 11/17/2005
Est. Priority Date: 05/05/2004
Status: Abandoned Application

First Claim

Patent Images

1. A process for assembling a longitudinally linked database from individual patient healthcare transaction data records, the process comprising the steps of:

(a) deploying an implementation partner (IP) to mediate processing of acquired data records having patient-identifying attributes and non-identifying attributes at a data supplier site, whereby at least the patient-identifying attributes in the data records are encrypted so that the data records can be securely transmitted to a longitudinal database facility (LDF);

(b) receiving the encrypted data records at the LDF; and

(c) deploying the IP to mediate processing of the received data records, whereby LDF identifiers (IDs) are assigned to the data records based on the values of the encrypted patient-identifying attributes in the data records, and whereby the encrypted data records can be linked longitudinally ID by ID, wherein in steps (a) and (c) the processing of the data records is performed in a secure processing environment that is accessible only to the IP.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method for the assembly of a longitudinally linked database of patient healthcare data records involve a neutral implementation partner to ensure that sensitive patient-identifying information contained in the data records is secure at all times. The implementation partner is deployed to mediate processing of the data records in a secure environment, which is inaccessible to unauthorized parties including data supplier and database facility personnel. At data supplier sites, the implementation partner mediates processing of the data records so that the patient-identifying attributes in the data records are encrypted before they are transmitted to a common longitudinal database facility. At the common longitudinal database facility, the implementation partner mediates processing of the data records so that internal tags are assigned to data records based on the values of the encrypted patient-identifying attributes. The internal tags are used to longitudinally link the encrypted data records in a statistically meaningful manner. The implementation partner may be any combination of software, hardware and organizational entities.

36 Citations

View as Search Results

19 Claims

1. A process for assembling a longitudinally linked database from individual patient healthcare transaction data records, the process comprising the steps of:
- (a) deploying an implementation partner (IP) to mediate processing of acquired data records having patient-identifying attributes and non-identifying attributes at a data supplier site, whereby at least the patient-identifying attributes in the data records are encrypted so that the data records can be securely transmitted to a longitudinal database facility (LDF);
  
  (b) receiving the encrypted data records at the LDF; and
  
  (c) deploying the IP to mediate processing of the received data records, whereby LDF identifiers (IDs) are assigned to the data records based on the values of the encrypted patient-identifying attributes in the data records, and whereby the encrypted data records can be linked longitudinally ID by ID, wherein in steps (a) and (c) the processing of the data records is performed in a secure processing environment that is accessible only to the IP.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The process of claim 1 wherein the processing of the acquired data records in step (a) comprises:
    - (d) encrypting the patient-identifying attributes in the data records using a first encryption key specific to the LDF; and
      
      (e) further encrypting the patient-identifying attributes with a second encryption key specific to the data supplier site.
  - 3. The process of claim 2 wherein the processing of the received data records in step (c) comprises:
    - (f) partially decrypting the received data records so that the patient-identifying attributes retain only the step (d) encryption by the first encryption key specific to the LDF.
  - 4. The process of claim 3 further comprising the step (g) of additionally encrypting the attributes after step (f) using a third encryption key.
  - 5. The process of claim 3 further comprising the step (h) of using an attribute-matching algorithm to assign an LDF identifier (ID) to the encrypted data records.
  - 6. The process of claim 5 further comprising the step (i) of linking the encrypted data records ID by ID, whereby the longitudinally linked database is formed.
  - 7. The method of claim 1 wherein the IP consists one of software, hardware, a neutral entity, and any combination thereof.
  - 8. The process of claim 1 further comprising the step of preprocessing the acquired data records to place their data fields in a standard format.
  - 9. The process of claim 1 wherein steps (a) and (c) comprise provision of encryption/decryption keys by the IP.
  - 10. The process of claim 1 wherein mediation by the IP in steps (a) and (c) comprises provision of a secure processing environment that limits unauthorized access to patient-identifying attribute information in the data records.

11. A system for assembling a longitudinally linked database from individual patient healthcare transaction data records received from multiple data suppliers by a longitudinal database facility (LDF), the system comprising:
- an implementation partner (IP) who mediates processing of data records having patient-identifying attributes and non-identifying attributes at a data supplier site, whereby at least the patient-identifying attributes in the data records are encrypted so that the data records can be securely transmitted to the LDF, and who further mediates processing of the received data records at the LDF, whereby identifiers (IDs) are assigned to data records based on the values of the encrypted patient-identifying attributes in the data records, and whereby the encrypted data records can be linked longitudinally ID by ID at the LDF; and
  
  a secure data processing environment extending over the data suppler site and the LDF that is accessible only to the IP.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
- - 12. The system of claim 11 wherein the IP mediates the processing of the data records at a data supplier site so that attributes in the data records are placed in a standard format.
  - 13. The system of claim 11 wherein the IP mediates the processing of the data records at a data supplier site so that:
    - (a) the patient-identifying attributes in the data records are encrypted using a first encryption key specific to the LDF; and
      
      (b) the patient-identifying attributes in the data records are further encrypted with a second encryption key specific to the data supplier site.
  - 14. The system of claim 13 wherein the IP mediates the processing of the received data records at the LDF so that the received data records are partially decrypted, whereby the patient-identifying attributes retain only the encryption by the first encryption key specific to the LDF.
  - 15. The system of claim 13 wherein the IP mediates the processing of the received data records at the LDF so that the received data records are further encrypted using a third encryption key.
  - 16. The system of claim 11 comprising an attribute-matching algorithm designed to assign IDs to the encrypted data records based on the values of the encrypted attributes.
  - 17. The system of claim 11 wherein the IP consists one of software, hardware, a neutral entity, and any combination thereof.
  - 18. The system of claim 11 wherein the IP provides encryption/decryption keys.
  - 19. The system of claim 11 further comprising a cross database of IDs and corresponding attributes.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
IMS Software Services Ltd. (IQVIA Holdings, Inc.)
Original Assignee
IMS Software Services Ltd. (IQVIA Holdings, Inc.)
Inventors
Kohan, Mark E., Wolfe, Clinton J.

Application Number

US11/122,565
Publication Number

US 20050256741A1
Time in Patent Office

Days
Field of Search
US Class Current

705/2
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06F 21/6254   by anonymising data, e.g. d...

G06Q 10/10   Office automation; Time man...

G16H 10/60   for patient-specific data, ...

Mediated data encryption for longitudinal patient level databases

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Mediated data encryption for longitudinal patient level databases

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links