Context management with audit capability
DCFirst Claim
1. In a system comprising at least two software applications, a context manager which facilitates a sharing of a context among the at least two software applications in accordance with the Clinical Context Object Workgroup (CCOW) standard, a centralized database accessible to the context manager, and an auditor which provides an interface to enable the extraction of information from the centralized database relating to attempts to access patient data by the at least two software applications, a method comprising acts of:
- (A) storing, in the centralized database, information relating to attempts to access patient data by the at least two software applications; and
(B) extracting, by the auditor, at least some of the information stored in the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA).
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A context management framework is given that provides in various embodiments, numerous advantages over previously-existing systems. In some instances, an architecture having a centralized storage location coupled to a context manager is provided for servicing and logging context events from a plurality of sources. This type of system uses a synchronization scheme to perform orderly storage and retrieval of data to and from the centralized storage location. In other instances, information stored in the centralized storage location or signals from the context manager are used to achieve an auditing capability for reviewing and acting on context data events and gestures. Selective blocking or allowance of impending context gestures or data-access events is accomplished based on a rule set or lookup table containing rules or other data to make such access-control decisions. Access to private data and other security measures may thus be implemented using the teachings presented herein. Furthermore, a communication paradigm, using a Web-proxy, which identifies ordinarily-unidentified applications to a context manager is provided according to some embodiments of the invention.
75 Citations
39 Claims
-
1. In a system comprising at least two software applications, a context manager which facilitates a sharing of a context among the at least two software applications in accordance with the Clinical Context Object Workgroup (CCOW) standard, a centralized database accessible to the context manager, and an auditor which provides an interface to enable the extraction of information from the centralized database relating to attempts to access patient data by the at least two software applications, a method comprising acts of:
-
(A) storing, in the centralized database, information relating to attempts to access patient data by the at least two software applications; and
(B) extracting, by the auditor, at least some of the information stored in the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA). - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A system for auditing attempts to access patient data in a computer system comprising at least two software applications operable to access patient data and a context manager which facilitates a sharing of a context among the at least two software applications in accordance with the Clinical Context Object Workgroup (CCOW) standard, the system comprising:
-
a centralized database that stores information relating to attempts to access patient data by the at least two software applications; and
an auditor that provides an interface to enable an extraction of at least some of the information from the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA). - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. At least one computer readable medium encoded with instructions for execution in a computer system comprising at least two software applications, a context manager which facilitates a sharing of a context among the at least two software applications in accordance with the Clinical Context Object Workgroup (CCOW) standard, a centralized database accessible to the context manager, and an auditor which provides an interface to enable the extraction of information from the centralized database relating to attempts to access patient data by the at least two software applications, the instructions, when executed on the computer system, perform a method comprising acts of:
-
(A) storing, in the centralized database, information relating to attempts to access patient data by the at least two software applications; and
(B) extracting, by the auditor, at least some of the information stored in the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA). - View Dependent Claims (14, 15, 16, 17, 18, 19)
-
-
20. In a system comprising at least two software applications capable of accessing patient data, a centralized database, and an auditor that is coupled to the centralized database, a method comprising acts of:
-
(A) storing, in the centralized database, information relating to attempts to access patient data by the at least two software applications; and
(B) extracting, by the auditor, at least some of the information stored in the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA). - View Dependent Claims (21, 22, 23, 24, 25)
-
-
26. A system for auditing attempts to access patient data in a computer system comprising at least two software applications operable to access patient data, the system comprising:
-
a centralized database that stores information relating to attempts to access patient data by the at least two software applications; and
an auditor that provides an interface to enable an extraction of at least some of the information from the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA). - View Dependent Claims (27, 28, 29, 30, 31, 32)
-
-
33. At least one computer readable medium encoded with instructions for execution in a computer system comprising at least two software applications capable of accessing patient data, a centralized database, and an auditor that is coupled to the centralized database, the instructions, when executed on the computer system, perform a method comprising acts of:
-
(A) storing, in the centralized database, information relating to attempts to access patient data by the at least two software applications; and
(B) extracting, by the auditor, at least some of the information stored in the centralized database relating to attempts to access patient data by the at least two software applications, the at least some of the information being suitable for making an assessment as to compliance with at least one provision of the Health Insurance Portability and Accountability Act (HIPPA). - View Dependent Claims (34, 35, 36, 37, 38, 39)
-
Specification