SYSTEM AND METHOD FOR SECURELY MANAGING AND STORING INDIVIDUALLY IDENTIFIABLE INFORMATION IN WEB-BASED AND ALLIANCE-BASED NETWORKS USING A TOKEN MECHANISM
First Claim
1. A computer-implemented method of providing a restricted access database containing de-identified user information for use by a service provider, comprising:
- providing a user account containing limited identification information for a user accessing services provided by a plurality of service providers;
receiving instruction string information from the user to generate an alphanumeric token allowing access to the user account;
distributing the generated token to the user through a communication service provider system;
registering each authorized service provider of the plurality of service providers by setting up a service provider account and receiving authorization from the user for the service provider to provide the service to the user;
providing an access identifier and password to each authorized service provider of the plurality of service providers, to access the user account through the generated token;
generating an alliance based identification key specifically for the user and the user account, and containing service provider identification information and alliance identification information within a unitary data string;
storing the user individual identification information in an electronic record data table that is indexed by the alliance based identification key; and
storing the information related to services provided to the user in a personal record database that is indexed by the alliance based identification key, wherein the personal record database includes de-identified user information that does not contain any user individual identification information.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of a secure method to access a de-identified database on a website are described. A dual-portal web-based system is implemented that provides healthcare related information to healthcare users through a first website, and registry/management tools to care providers through a second website. No identifiable fields relating to the user are stored or accessible in the database of the first website. All user information is de-identified by total exclusion from the database. A re-identification process allows an authorized care provider view his or her clients in combination with registered personal information from the system. An alliance-based identification (ABID) key is used to index both the individually identifiable information and the personal health data/information that are stored in separate databases. A token generation process generates tokens that allow different ABID keys to be generated for use with different care providers through a single user account.
-
Citations
23 Claims
-
1. A computer-implemented method of providing a restricted access database containing de-identified user information for use by a service provider, comprising:
-
providing a user account containing limited identification information for a user accessing services provided by a plurality of service providers; receiving instruction string information from the user to generate an alphanumeric token allowing access to the user account; distributing the generated token to the user through a communication service provider system; registering each authorized service provider of the plurality of service providers by setting up a service provider account and receiving authorization from the user for the service provider to provide the service to the user; providing an access identifier and password to each authorized service provider of the plurality of service providers, to access the user account through the generated token; generating an alliance based identification key specifically for the user and the user account, and containing service provider identification information and alliance identification information within a unitary data string; storing the user individual identification information in an electronic record data table that is indexed by the alliance based identification key; and storing the information related to services provided to the user in a personal record database that is indexed by the alliance based identification key, wherein the personal record database includes de-identified user information that does not contain any user individual identification information. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A system for storing and managing de-identified electronic health records comprising:
-
a plurality of physician portal websites running on a client computer operated by an physician, each physician portal website including an advanced search engine to request personal health records of one or more patients, and wherein each physician is authorized to provide medical services to the one or more patients through an authorization process; an electronic health record database storing health record information for a plurality of patients, wherein the health record information comprises de-identified user information that does not contain any individual identification information for the one or more patients; a patient identification datastore that is separate from the electronic health record database and storing individual identification information for the one or more patients in a physician'"'"'s personal computer or portable memory device; and an alliance based identification (ABID) key generation process creating an ABID-indexed personal health data account for each patient in the electronic health record database and for each physician, wherein the ABID key includes a physician identification information and a serial number uniquely generate for the alliance between the physician and the respective patient, wherein the ABID key is generated from a user account accessed by a token that allows access to the user account separately by each of the physicians. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23)
-
Specification