LAYERING IN USER AUTHENTICATION

US 20160301691A1
Filed: 12/07/2015
Published: 10/13/2016
Est. Priority Date: 04/10/2015
Status: Abandoned Application

First Claim

Patent Images

1. A system comprising:

a processing device to run a medical cart;

computer-readable memory storing data and instructions for access to a medical database server, wherein the instructions are executable by the processing device to perform biometric recognition on medical staff members;

wherein the processing device is to execute the instructions to;

authenticate an identity of a medical staff member with biometric recognition;

receive a location of the medical staff member from a real-time location system (RTLS);

correlate the location of the medical staff member with a location of a patient; and

grant access to data records of the patient on the medical database server according to a security access level authorized the medical staff member, as authenticated, in response to co-location of the medical staff member and the patient.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An asset is disclosed having a processing device and hardware with which to capture a biometric. The asset, with optional input from a remote server, may authenticate an identity of a medical staff member (MSM) with biometric recognition (and/or with other second factor authentication) upon the MSM attempting to access a medical database via the asset. The asset may receive a first location of the MSM from a real-time location system (RTLS) and retrieve a second location of a patient from the RTLS. The asset may further correlate the first location and the second location as being co-located, and thus grant the MSM access to identified data records of the patient within the medical database according to a security access level authorized the MSM. The correlation may include a location of the asset, which correlates to the location of the MSM before access is granted.

92 Citations

View as Search Results

21 Claims

1. A system comprising:
- a processing device to run a medical cart;
  
  computer-readable memory storing data and instructions for access to a medical database server, wherein the instructions are executable by the processing device to perform biometric recognition on medical staff members;
  
  wherein the processing device is to execute the instructions to;
  
  authenticate an identity of a medical staff member with biometric recognition;
  
  receive a location of the medical staff member from a real-time location system (RTLS);
  
  correlate the location of the medical staff member with a location of a patient; and
  
  grant access to data records of the patient on the medical database server according to a security access level authorized the medical staff member, as authenticated, in response to co-location of the medical staff member and the patient.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1, wherein the processing device is further to execute the instructions to receive a location of the medical cart, and wherein to correlate the location further includes to correlate the location of the medical cart with the location of the patient.
  - 3. The system of claim 1, wherein the biometric recognition comprises facial recognition, further comprising:
    - a camera to capture a first image of the medical staff member;
      
      a database storing second images against which to match the first image using facial recognition software; and
      
      wherein the processing device is further to deny access to the data records of the patient when the first image does not sufficiently match any of the second images.
  - 4. The system of claim 3, further comprising a networked device accessible over a network in which is stored the database and on which is executed the facial recognition software.
  - 5. The system of claim 1, wherein the security access level authorized the medical staff member depends on a role of the medical staff member, and wherein a first role is granted access to more confidential data records than a second role.
  - 6. The system of claim 1, wherein the location of the medical staff member or the patient is received as an indicator from a tracking device, wherein the indicator is at least one of a personal area network (PAN) indicator, a received signal strength indicator (RSSID), or a radio frequency identification (RFID) indicator.
  - 7. The system of claim 1, wherein the processing device is further to execute the instructions to, in response to a failure to correlate the location of the medical staff member with the location of the patient, deny access to records of the patient by the medical staff member.
  - 8. The system of claim 1, wherein the processing device is further to execute the instructions to require second factor authentication of the identity of the medical staff member comprising at least one of:
    - a swipe card;
      
      a personal identification number or password;
      
      a biometric other than facial recognition;
      
      or a decryption key of a public-key cryptosystem.

9. A method comprising:
- authenticating, by a processing device incorporated within an asset, an identity of a medical staff member with biometric recognition upon the medical staff member attempting to access a medical database via the asset;
  
  receiving a first location of the medical staff member from a real-time location system;
  
  retrieving a second location of a patient from the real-time location system;
  
  correlating, using the processing device, the first location and the second location as being co-located; and
  
  granting the medical staff member memory access, by the processing device, to identified data records of the patient within the medical database according to a security access level authorized the medical staff member.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The method of claim 9, wherein the medical database is stored at a medical database server with which the asset communicates over a network, the method further comprising retrieving the security access level of the medical staff member from the medical database server before granting access.
  - 11. The method of claim 9, wherein the security access level of a physician is higher than the security access level of a nurse, and wherein the security access level of a nurse is higher than the security access level of a specimen collector.
  - 12. The method of claim 9, further comprising denying the medical staff member access to the medical database in response to failure to authenticate the identity of the medical staff member or failure to correlate the first location and the second location as being co-located.
  - 13. The method of claim 9, wherein, to authenticate the identity of the medical staff member, the method further comprising requiring second factor authentication of the identity of the medical staff member comprising any or a combination of:
    - a swipe card;
      
      a gesture;
      
      a secret shape;
      
      a personal identification number;
      
      a second biometric; and
      
      a decryption key of a public-key cryptosystem.
  - 14. The method of claim 9, further comprising determining the first location from a location tracking device located on the medical staff member.
  - 15. The method of claim 9, further comprising determining the second location from a location tracking device on the patient, on a bed of the patient, or based on a location of the asset.
  - 16. The method of claim 9, wherein the correlation comprises a first correlation, the method further comprising:
    - determining a third location of the asset;
      
      correlating the first location with the third location to generate a second correlation; and
      
      wherein granting access by the medical staff member to the identified data records of the patient is dependent on the first correlation and the second correlation.

17. A processing device to execute instructions stored in non-transitory computer readable storage medium to:
- validate credentials received from a user through an asset to provide access to an authentication system used to authenticate access to a medical database comprising medical information;
  
  authenticate an identity of the user through a first type of user authentication;
  
  determine a level of accuracy of the first type of user authentication;
  
  perform additional authentication of the identity of the user through at least a second type of user authentication until an accuracy level of a combination of the first type and the at least the second type of user authentication exceeds a predetermined threshold level of accuracy; and
  
  grant a level of access to records of the medical database according to a security access level associated with the user responsive to reaching the predetermined threshold level of accuracy of user authentication.
- View Dependent Claims (18, 19, 20, 21)
- - 18. The processing device of claim 17, wherein the first type or the at least the second type of user authentication comprises biometric recognition, and further to execute the instructions to:
    - capture a biometric of the user through a biometric capturing device;
      
      send, over a network, the biometric captured of the user to an authentication server in which is stored one or more biometrics for the user; and
      
      receive a validation from the authentication server authenticating the user based on the biometric meeting a threshold match with a stored biometric.
  - 19. The processing device of claim 18, wherein, upon receipt of the validation from the authentication server, further to execute the instructions to provide the user single sign-on access to applications that access the medical database according to the security access level of the user.
  - 20. The processing device of claim 17, wherein the user is a medical staff member, and further to execute the instructions to:
    - receive a first location of the medical staff member from a real-time location system;
      
      receive a second location of a patient from the real-time location system;
      
      determine a third location of the asset;
      
      correlate the first location with the second location and with the third location; and
      
      deny the user access to the records of the medical database when the first location fails to sufficiently correlate with the second location or with the third location.
  - 21. The processing device of claim 20, further to execute the instructions to determine the location of the patient from a location tracking device on the patient or based on a location of the asset.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Enovate Medical, LLC (Enovate Medical Holdings, LLC)
Original Assignee
Enovate Medical, LLC (Enovate Medical Holdings, LLC)
Inventors
Miller, David R., Sims, Frank, Jones, Michael, Farrell, Arlow

Application Number

US14/961,743
Publication Number

US 20160301691A1
Time in Patent Office

Days
Field of Search
US Class Current

1/1
CPC Class Codes

G01S 1/68   Marker, boundary, call-sign...

G01S 5/0226   Transmitters

G01S 5/08   Position of single directio...

G01S 5/14   Determining absolute distan...

G06Q 10/08   Logistics, e.g. warehousing...

G16H 10/60   for patient-specific data, ...

H04L 43/16   Threshold monitoring

H04L 63/0815   providing single-sign-on or...

H04L 63/0861   using biometrical features,...

H04L 63/10   for controlling access to d...

H04W 4/80   Services using short range ...

H04W 48/12   using downlink control channel

H04W 72/542   using measured or perceived...

H04W 72/56   based on priority criteria

H04W 88/04   adapted for relaying to or ...

LAYERING IN USER AUTHENTICATION

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

92 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

LAYERING IN USER AUTHENTICATION

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

92 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links