MULTI-FACTOR AUTHENTICATION FOR REMOTE ACCESS OF PATIENT DATA

US 20110246235A1
Filed: 03/30/2011
Published: 10/06/2011
Est. Priority Date: 03/31/2010
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for authenticating a mobile device and a user of the mobile device to receive patient data from a clinical information system of a medical facility, comprising:

receiving a logon request at a data management system, the logon request comprising credentials and at least one technical factor;

accessing, at the data management system, a validation database based on the at least one technical factor;

determining, at the data management system, that the mobile device is an authorized mobile device based on information provided by the validation database and the at least one technical factor;

validating the credentials to ensure that the user is authorized to access patient data provided by the clinical information system; and

then, upon determining that the user is authorized to access patient data;

establishing a session to communicate patient data between the mobile device and the clinical information system, the data managements system processing the patient data communicated during the session.

View all claims

11 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

The present disclosure is directed to authenticating a mobile device and a user of the mobile device to receive patient data from a clinical information system of a medical facility. In some implementations, methods include receiving a logon request, the logon request comprising credentials and at least one technical factor, accessing a validation database based on the at least one technical factor, determining that the mobile device is an authorized mobile device based on information provided by the validation database and the at least one technical factor, validating the credentials to ensure that the user is authorized to access patient data provided by the clinical information system, and then, upon determining that the user is authorized to access patient data: establishing a session to communicate patient data between the mobile device and the clinical information system, the data managements system processing the patient data communicated during the session.

61 Citations

View as Search Results

18 Claims

1. A computer-implemented method for authenticating a mobile device and a user of the mobile device to receive patient data from a clinical information system of a medical facility, comprising:
- receiving a logon request at a data management system, the logon request comprising credentials and at least one technical factor;
  
  accessing, at the data management system, a validation database based on the at least one technical factor;
  
  determining, at the data management system, that the mobile device is an authorized mobile device based on information provided by the validation database and the at least one technical factor;
  
  validating the credentials to ensure that the user is authorized to access patient data provided by the clinical information system; and
  
  then, upon determining that the user is authorized to access patient data;
  
  establishing a session to communicate patient data between the mobile device and the clinical information system, the data managements system processing the patient data communicated during the session.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The computer-implemented method of claim 1, wherein the credentials comprise a username and a password.
  - 3. The computer-implemented method of claim 1, wherein the at least one technical factor comprises a device identification associated with the mobile device.
  - 4. The computer-implemented method of claim 3, wherein the mobile device comprises a mobile phone, and the at least one technical factor further comprises a telephone number associated with the mobile device.
  - 5. The computer-implemented method of claim 1, wherein the data management system comprises a web server and an application server.
  - 6. The computer-implemented method of claim 5, wherein the web server operates in a perimeter network and provides services to the application server and an external network, the perimeter network limiting access from the external network to the application server.
  - 7. The computer-implemented method of claim 5, wherein the web server and the application server are provided on a common physical device and are logically separated from one another.
  - 8. The computer-implemented method of claim 5, wherein the web server and the application server are provided on respective physical devices to be physically separate from one another.
  - 9. The computer-implemented method of claim 1, further comprising transmitting the credentials from the data management system to the clinical information system when it is determined that the mobile device is an authorized mobile device, the clinical information system performing the validating.
  - 10. The computer-implemented method of claim 1, further comprising retrieving authentication information from the information system, the data management system performing the validating based on the authentication information.
  - 11. The computer-implemented method of claim 1, further comprising:
    - generating digital patient data and/or patient information at a facility;
      
      storing the patient data and/or the patient information in memory of an information system associated with the facility; and
      
      copying the patient data and/or the patient information to the data management system, the data management system being remotely located from the facility.
  - 12. The computer-implemented method of claim 11, wherein the facility includes a first facility of a facility system, and wherein the data management system is located at a second facility of the facility system.
  - 13. The computer-implemented method of claim 11, wherein the facility is a member of a facility system, and wherein the data management system is resident at a third party location, which is outside of the facility system.
  - 14. The computer-implemented method of claim 11, wherein the facility is a member of a first facility system, and wherein the data management system communicates with the first facility system and a second facility system.
  - 15. The computer-implemented method of claim 11, further comprising generating the digital patient data using a patient monitoring device that is in communication with the information system.
  - 16. The computer-implemented method of claim 11, further comprising generating the patient information based on user input into the information system.

17. A computer-readable storage device encoded with a computer program comprising instructions that, when executed, operate to cause one or more processors to perform operations comprising:
- receiving a logon request, the logon request comprising credentials and at least one technical factor;
  
  accessing a validation database based on the at least one technical factor;
  
  determining that a mobile device sending the logon request is an authorized mobile device based on information provided by the validation database and the at least one technical factor;
  
  validating the credentials to ensure that a user of the mobile device is authorized to access patient data provided by a clinical information system; and
  
  then, upon determining that the user is authorized to access patient data;
  
  establishing a session to communicate patient data between the mobile device and the clinical information system, and processing the patient data communicated during the session.

18. A system comprising:
- one or more processors; and
  
  a computer-readable medium coupled to the one or more processors having instructions stored thereon which, when executed by the one or more processors, causes the one or more processors to perform operations comprising;
  
  receiving a logon request, the logon request comprising credentials and at least one technical factor;
  
  accessing a validation database based on the at least one technical factor;
  
  determining that a mobile device sending the logon request is an authorized mobile device based on information provided by the validation database and the at least one technical factor;
  
  validating the credentials to ensure that a user of the mobile device is authorized to access patient data provided by a clinical information system; and
  
  then, upon determining that the user is authorized to access patient data;
  
  establishing a session to communicate patient data between the mobile device and the clinical information system, and processing the patient data communicated during the session.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Airstrip IP Holdings LLC
Original Assignee
Airstrip IP Holdings LLC
Inventors
Moore, Stephen Trey, Powell, William Cameron

Granted Patent

US 10,956,867 B2
Time in Patent Office

Days
Field of Search
US Class Current

705/3
CPC Class Codes

G06F 21/31   User authentication

G06F 21/44   Program or device authentic...

G06Q 10/10   Office automation; Time man...

G16H 10/60   for patient-specific data, ...

H04L 2209/80   Wireless network architectu...

H04L 2209/88   Medical equipments

H04L 63/083   using passwords cryptograph...

H04L 63/0876   based on the identity of th...

H04L 67/12   specially adapted for propr...

H04L 9/3226   using a predetermined code,...

H04W 12/062   Pre-authentication

H04W 12/068   using credential vaults, e....

MULTI-FACTOR AUTHENTICATION FOR REMOTE ACCESS OF PATIENT DATA

First Claim

11 Assignments

0 Petitions

Accused Products

Abstract

61 Citations

18 Claims

Specification

Solutions

Use Cases

Quick Links

MULTI-FACTOR AUTHENTICATION FOR REMOTE ACCESS OF PATIENT DATA

First Claim

11 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

61 Citations

18 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links