ESTABLISHING PATIENT CONSENT ON BEHALF OF A THIRD PARTY
First Claim
1. A method managing access to an electronic medical record, comprising:
- assigning a master-application-identification-code to a clinical system;
associating a privacy statement of the clinical system with the master-application-identification-code;
receiving a child-code-generation-request from the clinical system on behalf of a healthcare provider, the child-code-generation-request specifying the master-application-identification-code assigned to the clinical system and a provider identifier identifying the healthcare provider;
associating the child-application-identification-code with the provider identifier and the privacy statement of the clinical system;
receiving an access request from the clinical system on behalf of the healthcare provider, the access request specifying the child-application-identification-code;
requesting patient approval of the access request by presenting to the patient;
the provider identifier and the privacy statement associated with the child-application-identification-code;
receiving a request response from the patient, the request response including an approval of the access request or a denial of the access request by the patient; and
permitting the healthcare provider associated with the child-application-identification-code to access the electronic medical record of the patient only after the request response including the approval of the access request is received from the patient.
2 Assignments
0 Petitions
Accused Products
Abstract
A database system, which stores electronic medical records, may assign a child-application-identification-code to a healthcare provider via a clinical system intermediary acting on behalf of the healthcare provider. The database system may associate the child-application-identification-code assigned to the healthcare provider with a privacy statement and terms of use associated with the clinical system. The privacy statement and terms of use may be presented to the patient when the patient is prompted by the database system to approve or deny a request by the healthcare provider to access the electronic medical record of the patient stored at the database system.
-
Citations
20 Claims
-
1. A method managing access to an electronic medical record, comprising:
-
assigning a master-application-identification-code to a clinical system; associating a privacy statement of the clinical system with the master-application-identification-code; receiving a child-code-generation-request from the clinical system on behalf of a healthcare provider, the child-code-generation-request specifying the master-application-identification-code assigned to the clinical system and a provider identifier identifying the healthcare provider; associating the child-application-identification-code with the provider identifier and the privacy statement of the clinical system; receiving an access request from the clinical system on behalf of the healthcare provider, the access request specifying the child-application-identification-code; requesting patient approval of the access request by presenting to the patient;
the provider identifier and the privacy statement associated with the child-application-identification-code;receiving a request response from the patient, the request response including an approval of the access request or a denial of the access request by the patient; and permitting the healthcare provider associated with the child-application-identification-code to access the electronic medical record of the patient only after the request response including the approval of the access request is received from the patient. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A database system, comprising:
-
a data store configured to store an electronic medical record of a patient; a processing subsystem configured to execute instructions; and computer readable storage media comprising instructions executable by the processing subsystem to; assign a master-application-identification-code to a clinical system; associate a privacy statement of the clinical system with the master-application-identification-code; receive a child-code-generation-request from the clinical system on behalf of a healthcare provider, the child-code-generation-request specifying the master-application-identification-code assigned to the clinical system and a provider identifier identifying the healthcare provider; associate the child-application-identification-code with the provider identifier and the privacy statement of the clinical system; receive an access request from the clinical system on behalf of the healthcare provider, the access request specifying the child-application-identification-code; request patient approval of the access request by presenting to the patient;
the provider identifier and the privacy statement associated with the child-application-identification-code;receive a request response from the patient, the request response including an approval of the access request or a denial of the access request by the patient; and permit the healthcare provider associated with the child-application-identification-code to access the electronic medical record of the patient only after the request response including the approval of the access request is received from the patient. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A method of managing access to an electronic medical record, comprising:
-
receiving a master-code-generation-request from a clinical system via an application programming interface, the master-code-generation-request including a privacy statement and a service agreement; assigning a master-application-identification-code to the clinical system upon receiving the master-code-generation-request; associating the privacy statement and the service agreement with the master-application-identification-code; receiving a child-code-generation-request from the clinical system on behalf of a healthcare provider via the application programming interface, the child-code-generation-request specifying the master-application-identification-code assigned to the clinical system and a provider identifier identifying the healthcare provider; associating the child-application-identification-code with the provider identifier, the privacy statement, and the service agreement; receiving an access request from the clinical system on behalf of the healthcare provider via the application programming interface, the access request specifying the child-application-identification-code; requesting patient approval of the access request by presenting the provider identifier, the privacy statement, and the service agreement associated with the child-application-identification-code to the patient via a patient interface; receiving a request response from the patient via the patient interface, the request response including an approval of the access request or a denial of the access request by the patient; and permitting the healthcare provider associated with the child-application-identification-code to access the electronic medical record of the patient via the application programming interface only after the request response including the approval of the access request is received from the patient via the patient interface. - View Dependent Claims (20)
-
Specification