System and method for privacy management
First Claim
1. A computer-implemented method for managing access to a patient'"'"'s protected health information (PHI) within a healthcare domain, comprising:
- (i) providing a user identity for each user;
(ii) providing a patient identity for each patient;
(iii) for each patient'"'"'s patient identity, associating at least one user'"'"'s user identity with the patient'"'"'s circle-of-care;
(iv) for each user request for access to the patient'"'"'s PHI, determining access based on whether the user'"'"'s user identity is associated with the patient'"'"'s circle-of-care.
0 Assignments
0 Petitions
Accused Products
Abstract
There is disclosed a system and method for managing the privacy of a patient'"'"'s PHI within a medical/healthcare domain (e.g. within a healthcare institution or organization). More generally, listing of a caregiver or assistant in a patient'"'"'s circle-of-care is managed by a circle-of-care manager that tracks the names and any aliases for any caregivers/assistants, as well as the name and any aliases of the patient, throughout the medical/healthcare domain. Using a set of hierarchical rules determining access restrictions, the circle-of-care list is updated by the circle-of-care manager to reflect any changes in membership. Within the circle-of-care list, multi-level permissions and restrictions may be assigned to each caregiver/assistant, depending on the level of access required. Permissions and/or restrictions may be time-limited to expire automatically.
-
Citations
35 Claims
-
1. A computer-implemented method for managing access to a patient'"'"'s protected health information (PHI) within a healthcare domain, comprising:
-
(i) providing a user identity for each user;
(ii) providing a patient identity for each patient;
(iii) for each patient'"'"'s patient identity, associating at least one user'"'"'s user identity with the patient'"'"'s circle-of-care;
(iv) for each user request for access to the patient'"'"'s PHI, determining access based on whether the user'"'"'s user identity is associated with the patient'"'"'s circle-of-care. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A system for managing access to a patient'"'"'s protected health information (PHI) within a healthcare domain, comprising:
-
means for providing a user identity for each user;
means for providing a patient identity for each patient;
means for associating at least one user'"'"'s user identity with the patient'"'"'s circle-of-care for each patient'"'"'s patient identity;
means for determining, for each user request for access to the patient'"'"'s PHI, access based on whether the user'"'"'s user identity is associated with the patient'"'"'s circle-of-care. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
Specification