SYSTEM AND METHOD FOR SECURELY MANAGING AND STORING INDIVIDUALLY IDENTIFIABLE INFORMATION IN WEB-BASED AND ALLIANCE-BASED NETWORKS USING A TOKEN MECHANISM

US 20110112970A1
Filed: 11/19/2010
Published: 05/12/2011
Est. Priority Date: 11/06/2009
Status: Abandoned Application

First Claim

Patent Images

1. A computer-implemented method of providing a restricted access database containing de-identified user information for use by a service provider, comprising:

providing a user account containing limited identification information for a user accessing services provided by a plurality of service providers;

receiving instruction string information from the user to generate an alphanumeric token allowing access to the user account;

distributing the generated token to the user through a communication service provider system;

registering each authorized service provider of the plurality of service providers by setting up a service provider account and receiving authorization from the user for the service provider to provide the service to the user;

providing an access identifier and password to each authorized service provider of the plurality of service providers, to access the user account through the generated token;

generating an alliance based identification key specifically for the user and the user account, and containing service provider identification information and alliance identification information within a unitary data string;

storing the user individual identification information in an electronic record data table that is indexed by the alliance based identification key; and

storing the information related to services provided to the user in a personal record database that is indexed by the alliance based identification key, wherein the personal record database includes de-identified user information that does not contain any user individual identification information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of a secure method to access a de-identified database on a website are described. A dual-portal web-based system is implemented that provides healthcare related information to healthcare users through a first website, and registry/management tools to care providers through a second website. No identifiable fields relating to the user are stored or accessible in the database of the first website. All user information is de-identified by total exclusion from the database. A re-identification process allows an authorized care provider view his or her clients in combination with registered personal information from the system. An alliance-based identification (ABID) key is used to index both the individually identifiable information and the personal health data/information that are stored in separate databases. A token generation process generates tokens that allow different ABID keys to be generated for use with different care providers through a single user account.

Citations

23 Claims

1. A computer-implemented method of providing a restricted access database containing de-identified user information for use by a service provider, comprising:
- providing a user account containing limited identification information for a user accessing services provided by a plurality of service providers;
  
  receiving instruction string information from the user to generate an alphanumeric token allowing access to the user account;
  
  distributing the generated token to the user through a communication service provider system;
  
  registering each authorized service provider of the plurality of service providers by setting up a service provider account and receiving authorization from the user for the service provider to provide the service to the user;
  
  providing an access identifier and password to each authorized service provider of the plurality of service providers, to access the user account through the generated token;
  
  generating an alliance based identification key specifically for the user and the user account, and containing service provider identification information and alliance identification information within a unitary data string;
  
  storing the user individual identification information in an electronic record data table that is indexed by the alliance based identification key; and
  
  storing the information related to services provided to the user in a personal record database that is indexed by the alliance based identification key, wherein the personal record database includes de-identified user information that does not contain any user individual identification information.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1 wherein the user individual identification information comprises user identification, name, birthdate, home address, telephone number, photographic data, and optionally user social security number and family relationship information.
  - 3. The method of claim 2 wherein the service provider identification information comprises a provider identification code, a nationality code, a location code, and an institutional affiliation code.
  - 4. The method of claim 3 further comprising:
    - automatically generating a unique identification number for the alliance between the user and the service provider, wherein the unique identification number is serialized by the provider identifier; and
      
      combining the unique identification number and the provider information and storing as the alliance based identification key in the form of a unitary data string.
  - 5. The method of claim 4 further comprising:
    - a user portal website comprising a first plurality of web pages providing information relating to counseling aspects of the service, and a basic search engine for searching the website;
      
      registering an authorized user of the user portal website by setting up the user account and receiving information related to services provided to the user;
      
      a provider portal website comprising a second plurality of web pages relating to management and care provider aspects of the service, and an advanced search engine for searching the website and authorized users of the website; and
      
      storing the alliance based identification key in a provider portal website.
  - 6. The method of claim 5 further comprising:
    - receiving a request through a query input to the advanced search engine on the provider portal website from an authorized service provider to access the user account and the information related to services provided to the user;
      
      validating the authorized service provider by a first network protocol;
      
      searching for de-identified user information in the personal record database that is response to the query using the alliance based identification key; and
      
      displaying the responsive de-identified user information in the service provider portal.
  - 7. The method of claim 1 wherein the service provider comprises a healthcare provider, and the user information comprises medical health records and information.
  - 8. The method of claim 1 wherein the service provider comprises a financial services provider, and the user information comprises personal financial records and information.
  - 9. The method of claim 1 wherein the service provider comprises a home energy usage or saving consultant, and the user information comprises home energy usage or saving information.

10. A system for storing and managing de-identified electronic health records comprising:
- a plurality of physician portal websites running on a client computer operated by an physician, each physician portal website including an advanced search engine to request personal health records of one or more patients, and wherein each physician is authorized to provide medical services to the one or more patients through an authorization process;
  
  an electronic health record database storing health record information for a plurality of patients, wherein the health record information comprises de-identified user information that does not contain any individual identification information for the one or more patients;
  
  a patient identification datastore that is separate from the electronic health record database and storing individual identification information for the one or more patients in a physician'"'"'s personal computer or portable memory device; and
  
  an alliance based identification (ABID) key generation process creating an ABID-indexed personal health data account for each patient in the electronic health record database and for each physician, wherein the ABID key includes a physician identification information and a serial number uniquely generate for the alliance between the physician and the respective patient, wherein the ABID key is generated from a user account accessed by a token that allows access to the user account separately by each of the physicians.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
- - 11. The system of claim 10 further comprising a patient portal website running on a client computer operated by an authorized patient, the patient portal website including a basic search engine to request information relating to health care relevant to the authorized patient.
  - 12. The system of claim 11 wherein the authorization process comprises receiving authorization from the patient for the service provider to provide the service to each respective patient through an in-person visit between the service provider and each of the one or more patients.
  - 13. The system of claim 12 wherein the physician identification information comprises a physician identification code, a nationality code, a location code, and an institutional affiliation code.
  - 14. The system of claim 13 wherein the individual identification information for the one or more patients comprises user name, birthdate, home address, telephone number, photographic data, and optionally user social security number and family relationship information.
  - 15. The system of claim 11 further comprising a physician website configured to:
    - receive a request through a query input to the advanced search engine by the authorized physician to access a patient account;
      
      validate the physician as an authorized physician by a first network protocol;
      
      search for de-identified patient information in the electronic health record database that is response to the query using the alliance based identification key; and
      
      display the responsive de-identified patient information through the physician website.
  - 16. The system of claim 15 further comprising a file generation process configured to generate a composite file including the physician identification information and the ABID key appended with the patient individual identification information.
  - 17. The system of claim 16 wherein the composite file comprises combination text file and markup language file.
  - 18. The system of claim 17 wherein the composite file is indexed through the ABID key through the uniquely generated alliance serial number, and allows the authorized physician to view and modify patient information stored in the electronic health record database in a manner that identifies the patient information as belonging to a particular patient.
  - 19. The system of claim 17 wherein the composite file is indexed through the ABID key through the uniquely generated alliance serial number, and allows only limited viewing of patient information by unauthorized individuals and that de-identifies any accessed information in the electronic health record database.
  - 20. The system of claim 18 wherein the composite file is generated, and the responsive de-identified patient information through the physician website only during a single web browsing session of the physician on the physician client computer.
  - 21. The system of claim 20 wherein the physician client computer includes a re-identification process operable to associate de-identified patient information with respective patient individual identification information based on the ABID key.
  - 22. The system of claim 20 wherein the physician client computer includes a web server process and database server process that stores the composite file for response to requests from an electronic health record server for re-identification of associated de-identified patient information with respective patient individual identification information, based on the ABID key.
  - 23. The system of claim 20 wherein the physician client computer comprises a networked apparatus that includes an auto-run re-identification process operable to associate de-identified patient information with respective patient individual identification information based on the ABID key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Advanced Business Sciences, Inc. (Sage Analytics International, Inc.)
Original Assignee
Advanced Business Sciences, Inc. (Sage Analytics International, Inc.)
Inventors
Yu, Yi-Cheng

Application Number

US12/950,035
Publication Number

US 20110112970A1
Time in Patent Office

Days
Field of Search
US Class Current

705/51
CPC Class Codes

G06F 21/6254   by anonymising data, e.g. d...

G06Q 10/10   Office automation; Time man...

G06Q 40/00   Finance; Insurance; Tax str...

G16H 10/60   for patient-specific data, ...

SYSTEM AND METHOD FOR SECURELY MANAGING AND STORING INDIVIDUALLY IDENTIFIABLE INFORMATION IN WEB-BASED AND ALLIANCE-BASED NETWORKS USING A TOKEN MECHANISM

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

SYSTEM AND METHOD FOR SECURELY MANAGING AND STORING INDIVIDUALLY IDENTIFIABLE INFORMATION IN WEB-BASED AND ALLIANCE-BASED NETWORKS USING A TOKEN MECHANISM

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links