Standing order database search system and method for internet and intranet application
First Claim
1. A method implemented by a computer-based system for controlling access to confidential data, comprising:
- receiving a request for access to particular confidential data stored on one or more servers relating to one or more individuals, said request including a search query having one or more search terms, wherein a search engine is interfaced with said one or more servers containing confidential data for said one or more individuals in said one or more data bases, said one or more individuals being able to control access to their respective confidential data by defining data attributes;
communicating with said one or more servers containing said one or more data bases including confidential data relating to said one or more individuals via said search engine;
identifying said particular confidential data relating to said one or more individuals in said one or more data bases based upon said search terms;
identifying one or more conditions for access to said particular confidential data by analyzing said data attributes;
denying access to said particular confidential data when said conditions are not satisfied; and
permitting access to said particular confidential data to said party when said conditions are satisfied.
7 Assignments
0 Petitions
Accused Products
Abstract
An internet and/or intranet based database search system and method for conducting searches of highly confidential records such as individual patient medical records and to automate the process of securing required approvals to make such records available to a properly authorized and authenticated requesting party. The system'"'"'s central premise is that the patient has a fundamental right to the confidentiality of their personal medical records and should control that right through specific, informed consent each time that a party requests to receive them. It reinforces the widely held conception of privacy in general as well as of the sanctity of the doctor/patient relationship by granting the doctor the right, subject to the patient'"'"'s express permission, to initiate a search request. At the same time, it provides an expedited and cost-efficient means for transfer of such records as demanded by many healthcare reform proposals and gives the repositories where these records are held the right to stipulate the specific terms and conditions that must be fulfilled before they will release litigation alleging breaches of patient confidentiality. And it carries out all of documents entrusted to their care, thereby substantially reducing the risk of these legitimate interests in a way that is fast, simple to use and easy to audit. The system optionally includes a billing mechanism to pay for any added cost associated with providing this additional protection; and in its preferred embodiment, is applicable to both digital as well as non-digital records.
58 Citations
17 Claims
-
1. A method implemented by a computer-based system for controlling access to confidential data, comprising:
-
receiving a request for access to particular confidential data stored on one or more servers relating to one or more individuals, said request including a search query having one or more search terms, wherein a search engine is interfaced with said one or more servers containing confidential data for said one or more individuals in said one or more data bases, said one or more individuals being able to control access to their respective confidential data by defining data attributes; communicating with said one or more servers containing said one or more data bases including confidential data relating to said one or more individuals via said search engine; identifying said particular confidential data relating to said one or more individuals in said one or more data bases based upon said search terms; identifying one or more conditions for access to said particular confidential data by analyzing said data attributes; denying access to said particular confidential data when said conditions are not satisfied; and permitting access to said particular confidential data to said party when said conditions are satisfied. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. A system for controlling access to confidential data, comprising:
-
one or more servers containing confidential data for one or more individuals in one or more data bases; said servers programmed for one or more individuals to control access to their respective confidential data by defining data attributes; means for receiving a request for access to particular confidential data relating to said one or more individuals, said means including a search engine, and said request including a search query including one or more search terms; means for communicating with said one or more servers containing said one or more data bases including said particular confidential data relating to said one or more individuals; means for identifying said particular confidential data relating to said one or more individuals on said one or more servers containing said one or more data bases based upon said search terms; means for identifying one or more conditions for access to said particular confidential data by analyzing said data attributes; means for denying access to said particular confidential data when said conditions are not satisfied; and means for permitting access to said particular confidential data when said conditions are satisfied.
-
Specification