Secure and Mobile Biometric Authentication for Electronic Health Record Management

US 20110178931A1
Filed: 01/20/2011
Published: 07/21/2011
Est. Priority Date: 01/21/2010
Status: Active Grant

First Claim

Patent Images

1. A method for a portable EHR enabled device to perform biometric authentication of a user, comprising:

a) storing a first decryption key;

b) wirelessly receiving a first encrypted message from an EHR database server, said EHR database server storing said user health record;

c) decrypting said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction;

d) prompting said user to speak a pass phrase and storing said spoken voice of said user;

e) creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,f) encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;

g) wirelessly transmitting said second encrypted message to said EHR database server, wherein said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A portable device receives an encrypted message from an electronic health record database server including a request to perform a biometric authentication to approve a transaction. The device prompts a user to speak a pass phrase. The device creates a set of variables including the pass phrase and at least one more variable characterizing the spoken voice. The authentication module transmits an encrypted message to the health record database server including a session identification information and the set of variables. In response, the device receives an encrypted message from the health record database server determining whether the biometric authentication is successful and the transaction is approved, wherein determination is made by the health record database server and is based on verifying the session identification information, the pass phrase, and the user identity.

28 Citations

View as Search Results

20 Claims

1. A method for a portable EHR enabled device to perform biometric authentication of a user, comprising:
- a) storing a first decryption key;
  
  b) wirelessly receiving a first encrypted message from an EHR database server, said EHR database server storing said user health record;
  
  c) decrypting said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction;
  
  d) prompting said user to speak a pass phrase and storing said spoken voice of said user;
  
  e) creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,f) encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;
  
  g) wirelessly transmitting said second encrypted message to said EHR database server, wherein said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
- - 2. The method of claim 1, wherein verifying identity of said user further comprises analyzing the uniqueness of said user voiceprint.
  - 3. The method of claim 1, wherein said EHR database server logs access to the EHR database server for tracking purposes.
  - 4. The method of claim 1, wherein said EHR database server determines a successful biometric authentication if said session identification information, pass phrase, and speaker identity matches with the user health record data.
  - 5. The method of claim 1, wherein said health record data includes at least one of the following:
    - a) said user medical history;
      
      b) said user demographics;
      
      c) said user medical insurance;
      
      d) an employment status;
      
      e) a responsible individual; and
      
      f) pre-existing conditions.
  - 6. The method of claim 1, wherein said session identification information is selected from a group consisting of:
    - a) said portable EHR enabled device phone number;
      
      b) said portable EHR enabled device IP address;
      
      c) said portable EHR enabled device MAC address;
      
      d) said portable EHR enabled device IMSI number; and
      
      e) said portable EHR enabled device IMEI number.
  - 7. The method of claim 1, further comprising:
    - a) wirelessly receiving a requestmessage from an office system;
      
      b) wirelessly transmitting a response message to said office system, said response message including data related to said EHR database server;
      
      c) performing said biometric authentication of said user, wherein said office system receiving information from said EHR database server, if said biometric authentication is successful.
  - 8. The method of claim 7, wherein access to said EHR database server is available for use by said office system for a limited time period.
  - 9. The method of claim 7, wherein said portable EHR enabled device receives said requestmessage from said office system using Bluetooth wireless technology.
  - 10. The method of claim 7, wherein said EHR enabled device receives said requestmessage from said office system using a short range wireless signal.
  - 11. The method of claim 1, further comprising:
    - a) wirelessly transmitting a request to said EHR database server;
      
      b) performing said biometric authentication of said user; and
      
      c) if said biometric authentication is successful, then said portable EHR enabled device requesting for direct delivery of said health record to said EHR enabled device.
  - 12. The method of claim 1, further comprising:
    - a) wirelessly transmitting a request to said EHR database server;
      
      b) performing said biometric authentication of said user; and
      
      c) if said biometric authentication is successful, then said EHR database server transferring said user health record to said office system.
  - 13. The method of claim 1, further comprising:
    - a) said portable EHR enabled device receiving a request from said EHR database server that an office system is requesting access to said user health record;
      
      b) performing said biometric authentication of said user; and
      
      c) if said biometric authentication is successful, then said EHR database server transferring said user health record to said office system.

14. A portable EHR enabled device comprising:
- a) a memory configured to store a first decryption key;
  
  b) a wireless receiver module configured to receive a first encrypted message from an EHR database server, said EHR database server storing a user health record;
  
  c) a decryption module configured to decrypt said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction; and
  
  d) an authentication module configured to;
  
  i) prompt said user to speak a pass phrase and storing said spoken voice of said user;
  
  ii) create a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,iii) encrypt a second message using a second encryption key, said second message including a session identification information and said plurality of variables;
  
  iv) transmit said second encrypted message to said EHR database server, wherein said EHR database server analyzing said plurality of variables to determine the identity of said user, and to determine whether said biometric authentication is successful and said transaction is approved.
- View Dependent Claims (15, 16, 17)
- - 15. The portable EHR enabled device of claim 14, wherein said EHR database server provides a substantially real-time response determining whether said biometric authentication is successful.
  - 16. The portable EHR enabled device of claim 14, wherein verifying identity of said user further comprises analyzing the uniqueness of said user voiceprint.
  - 17. The portable EHR enabled device of claim 14, wherein said session identification information is selected from a group consisting of:
    - a) said portable EHR enabled device phone number;
      
      b) said portable EHR enabled device IP address;
      
      c) said portable EHR enabled device MAC address;
      
      d) said portable EHR enabled device IMSI number; and
      
      e) said portable EHR enabled device IMEI number.

18. A method for an EHR database server to perform biometric authentication of a user, comprising:
- a) storing a first encryption key;
  
  b) encrypting a first message using said first encryption key, said first encrypted message including a request to perform a biometric authentication to approve a transaction;
  
  c) transmitting said first encrypted message to a portable EHR enabled device, wherein said portable EHR enabled device prompts said user to speak a pass phrase;
  
  d) receiving a second encrypted message from said portable EHR enabled device, and decrypting said second message using a second decryption key, said second message including a session identification information and a plurality of variables, said plurality of variables include said pass phrase and at least one more variable characterizing said spoken voice of said user;
  
  e) analyzing said plurality of variables to determine the identity of said user; and
  
  f) determining whether said biometric authentication is successful and said transaction is approved.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, wherein said EHR database server provides a substantially real-time response determining whether said biometric authentication is successful.
  - 20. The method of claim 18, wherein verifying identity of said user further comprises analyzing the uniqueness of said user voiceprint.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Omid Ebrahimi Kia
Original Assignee
Omid Ebrahimi Kia
Inventors
Kia, Omid Ebrahimi

Granted Patent

US 9,553,727 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/50
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06Q 10/06   Resources, workflows, human...

G06Q 40/08   Insurance

G16H 10/60   for patient-specific data, ...

H04L 63/0861   using biometrical features,...

H04L 9/3231   Biological data, e.g. finge...

H04W 12/068   using credential vaults, e....

Secure and Mobile Biometric Authentication for Electronic Health Record Management

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

28 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and Mobile Biometric Authentication for Electronic Health Record Management

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

28 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links