INFORMATION RECORD INFRASTRUCTURE, SYSTEM AND METHOD
First Claim
1. A method for controlling access to a medical record of a patient hosted by at least one medical record repository, comprising a plurality of sub-records, each sub-record having an associated different patient-controlled access control criteria, comprising:
- (a) receiving, by an intermediary, a request for a medical record from a requester, said request comprising a medical record identifier, a requestor identifier, requestor authentication information, and patient-provided access control authorization;
(b) automatically processing, by the intermediary, the request for the medical record to authenticate the requestor and determine sufficiency of the patient-provided access control authorization to meet the patient-controlled access control criteria for each respective sub-record encompassed by the request; and
(c) selectively communicating, from the intermediary to the at least one medical record repository, an identification of each sub-record for which access control criteria are determined to be sufficient for access by the requester.
6 Assignments
0 Petitions
Accused Products
Abstract
A method for controlling access to a medical record of a patient hosted by at least one medical record repository, comprising a plurality of sub-records, each sub-record having an associated different patient-controlled access control criteria, comprising: receiving, by an intermediary, a request for a medical record from a requester, said request comprising a medical record identifier, a requester identifier, requester authentication information, and patient-provided access control authorization; automatically processing, by the intermediary, the request for the medical record to authenticate the requester and determine sufficiency of the patient-provided access control authorization to meet the patient-controlled access control criteria for each respective sub-record encompassed by the request; and selectively communicating, from the intermediary to the at least one medical record repository, an identification of each sub-record for which access control criteria are determined to be sufficient for access by the requestor. An electronic payment authorization associated with the request may be generated, for compensation of at least one of the intermediary and a medical record repository.
-
Citations
20 Claims
-
1. A method for controlling access to a medical record of a patient hosted by at least one medical record repository, comprising a plurality of sub-records, each sub-record having an associated different patient-controlled access control criteria, comprising:
-
(a) receiving, by an intermediary, a request for a medical record from a requester, said request comprising a medical record identifier, a requestor identifier, requestor authentication information, and patient-provided access control authorization; (b) automatically processing, by the intermediary, the request for the medical record to authenticate the requestor and determine sufficiency of the patient-provided access control authorization to meet the patient-controlled access control criteria for each respective sub-record encompassed by the request; and (c) selectively communicating, from the intermediary to the at least one medical record repository, an identification of each sub-record for which access control criteria are determined to be sufficient for access by the requester. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system adapted to control access to a patient medical record hosted by at least one medical record repository comprising a plurality of sub-records, each sub-record being associated with different patient-controlled access control criteria, said system comprising an automated processor, a database adapted to store information for authenticating requesters, a database adapted to store information for determining patient-controlled access control criteria for respective sub-records of a patient medical record, and a computer network interface, said processor being controlled by instructions stored on a computer readable storage medium to:
-
(a) receive a request for a medical record from a requester, said request comprising a medical record identifier, a requestor identifier, requestor authentication information, and patient-provided access control authorization; (b) process the request for the medical record, to authenticate the requestor and determine sufficiency of the patient-provided access control authorization to meet the patient-controlled access control criteria for each respective sub-record encompassed by the request; and (c) selectively communicate through the computer network interface to the at least one medical record repository, an identification of each sub-record for which access control criteria are determined to be sufficient for access by the requestor. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A method for controlling access to a medical record of a patient hosted by at least one medical record repository, comprising:
-
(a) receiving, by an intermediary, a request for a medical record from a requestor, said request comprising a medical record identifier, a requester identifier, and requester authentication information; (b) automatically processing, by the intermediary, the request for the medical record to authenticate the requestor; (c) selectively communicating, from the intermediary to the at least one medical record repository, an authenticated request for access to the medical record by the requestor; and (d) generating an electronic payment authorization associated with the request, for compensation of at least one of the intermediary and a medical record repository. - View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
-
Specification