MANAGING ACCESS TO A HEALTH-RECORD

US 20090320096A1
Filed: 06/24/2008
Published: 12/24/2009
Est. Priority Date: 06/24/2008
Status: Abandoned Application

First Claim

Patent Images

1. A method to regulate access to a health record of an individual, the method comprising:

receiving a request from an application, the request identifying an item in the health record to which access is requested and indicating whether the application is configured to service the individual if access is denied;

presenting the request to a marshal of the health record via a user interface;

receiving a response from the marshal of the health record via the user interface, the response indicating whether access to the item is authorized or withheld;

granting the application access to the item if the response indicates that access to the item is authorized; and

denying access to the item from the application if the response indicates that access to the item is withheld.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method to regulate access to a health record of an individual includes receiving a request from an application, the request identifying an item in the health record to which access is requested. The method further includes presenting the request to a marshal of the health record via a user interface and receiving a response from the marshal of the health record via the user interface, the response indicating whether access to the item is authorized or withheld. The method further includes granting the application access to the item if the response indicates that access to the item is authorized, and denying access to the item from the application if the response indicates that access to the item is withheld.

Citations

20 Claims

1. A method to regulate access to a health record of an individual, the method comprising:
- receiving a request from an application, the request identifying an item in the health record to which access is requested and indicating whether the application is configured to service the individual if access is denied;
  
  presenting the request to a marshal of the health record via a user interface;
  
  receiving a response from the marshal of the health record via the user interface, the response indicating whether access to the item is authorized or withheld;
  
  granting the application access to the item if the response indicates that access to the item is authorized; and
  
  denying access to the item from the application if the response indicates that access to the item is withheld.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, wherein the response distinguishes a level of access to the item from among two or more different levels of access.
  - 3. The method of claim 2, wherein the two or more different levels of access include a first level of access where reading the item and writing to the item are permitted, and a second level of access where reading the item is permitted but writing to the item is not permitted.
  - 4. The method of claim 3, wherein the two or more different levels of access further include a third level of access where one or more of creating the item and deleting the item are permitted.
  - 5. The method of claim 1, wherein the item is one of a plurality of items in the health record to which access is requested via the request.
  - 6. The method of claim 1, wherein the request further includes an item-specific text string indicating a reason why the application is requesting access to the item.
  - 7. The method of claim 1, wherein the marshal authorizes access via an authorizing input sequence and withholds access via a withholding input sequence, and the authorizing input sequence is longer than the withholding input sequence.
  - 8. The method of claim 1, wherein the marshal authorizes access via an authorizing input sequence and withholds access via a withholding input sequence, and the authorizing input sequence is shorter than the withholding input sequence.
  - 9. The method of claim 1, further comprising maintaining an historical record of access granted the application.

10. A method to regulate access to a health record of an individual, the method comprising:
- receiving a request from an application, the request identifying an item in the health record to which access is requested;
  
  presenting the request to a marshal of the health record via a user interface;
  
  receiving a response from the marshal via the user interface, the response indicating whether access to the item is authorized or withheld, and further indicating a condition for accessing the item;
  
  granting the application access to the item subject to the condition if the response indicates that access to the item is authorized; and
  
  denying access to the item from the application if the response indicates that access to the item is withheld.
- View Dependent Claims (11, 12, 13, 14)
- - 11. The method of claim 10, wherein the condition is one of a plurality of different conditions for accessing the item.
  - 12. The method of claim 11, wherein the plurality of different conditions includes a first condition where the marshal is using or logged into the application when the application attempts to access the item, and wherein the application is granted access to the item if the first condition is satisfied.
  - 13. The method of claim 11, wherein the plurality of different conditions includes a first condition where the individual is receiving a service from a provider of the application when the application attempts to access the item, and wherein the application is granted access to the item if the first condition is satisfied.
  - 14. The method of claim 11, wherein the plurality of different conditions includes a first condition where a time when the application attempts to access the item is within a predetermined range, and wherein the application is granted access to the item if the first condition is satisfied.

15. A method of incrementally querying one or more marshals of a health record for access to one or more items in the health record, the method comprising:
- in a first session, receiving a first request from an application to access one or more items in the health record;
  
  presenting the first request to a first marshal of the health record via a user interface;
  
  receiving a first response from the first marshal of the health record via the user interface, the first response indicating whether access to the one or more items is authorized or withheld;
  
  if the first response indicates that access to the one or more items is withheld, then denying access to the one or more items; and
  
  if the first response indicates that access to the one or more items is authorized, then granting the application access to the one or more items;
  
  in a second session, after the first session, receiving a second request from the application to access subsequent one or more items of the health record;
  
  presenting the second request to a second marshal of the health record via a user interface;
  
  receiving a second response from the second marshal of the health record via the user interface, the second response indicating whether access to the subsequent one or more items is authorized or withheld;
  
  granting the application access to the subsequent one or more items if the second response indicates that access to the subsequent one or more items is authorized; and
  
  denying access to the subsequent one or more items if the second response indicates that access to the subsequent one or more items is withheld.
- View Dependent Claims (16, 17, 18, 19, 20)
- - 16. The method of claim 15, wherein at least one of the one or more items to which access is requested in the first session is included in the subsequent one or more items to which access is requested in the second session.
  - 17. The method of claim 16, wherein the first response authorizes a first level of access, and the second response authorizes a second level of access different than the first level of access.
  - 18. The method of claim 17, wherein the first and second marshals are the same.
  - 19. The method of claim 15, wherein the application is configured, when withheld access in the second response, to provide a first level of service to the individual, and when authorized access in the second response, to provide a second, greater level of service to the individual.
  - 20. The method of claim 15, wherein the subsequent one or more items includes at least one of the one or more items to which access is withheld in the first response.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
May, Robert, Apacible, Johnson, Wagner, Matthew, Suwandy, Tien, Gordon, Michael Patrick, Nolan, Sean

Application Number

US12/145,481
Publication Number

US 20090320096A1
Time in Patent Office

Days
Field of Search
US Class Current

726/2
CPC Class Codes

G06F 21/6245 Protecting personal data, e...

MANAGING ACCESS TO A HEALTH-RECORD

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

MANAGING ACCESS TO A HEALTH-RECORD

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links