System and method for medical privacy management
First Claim
1. Computer-storage media having a system embodied thereon that, when executed, performs a method for managing a release of clinically related information, the system comprising:
- an input interface that receives a request from a requesting party for the release of the clinically related information associated with a patient and validates a standing of the requesting party; and
privacy management logic, wherein upon communicating with the input interface, the privacy management logic;
after the input interface receives the request, annotates a receipt status of the request in an access history database to create a privacy disclosure history for the patient, the privacy disclosure history being stored for a specified history-interval and being accessible through a privacy management user interface;
determines a privacy status of the patient;
validates the request based on the standing of the requesting party and a patient-specified time-interval and, if the request cannot be validated based on the standing of the requesting party and the patient specified time-interval, annotates a denial status of the request in the access history database;
generates a response to the request based on the privacy status of the patient;
extracts data from an electronic medical record associated with the patient, wherein the privacy status of the patient includes at least one recorded patient consent for the release of the clinically related information within the electronic medical record associated with the patient to the requesting party within the patient-specified time-interval, and wherein the at least one recorded patient consent permits release of only a portion of the clinically related information within the electronic medical record associated with the patient, the portion being less than a whole of the clinically related information within the electronic medical record associated with the patient and being-specified within the at least one recorded patient consent; and
after extracting data from the electronic medical record associated with the patient, annotates a completion status of the request in the access history database.
1 Assignment
0 Petitions
Accused Products
Abstract
A system and related techniques provide an integrated platform for privacy management of electronic medical records, encompassing the entire life cycle of privacy management including the capture of patient consents and other privacy status information, request management to receive and filter requests by health insurance companies and others, publishing management and release management of the contents of the electronic medical record. According to embodiments of the invention in one regard, various modules and logic may directly access the patient EMR and extract appropriate segments of information called for by validated requests, to publish that information as well as record or log that access history. The invention may thus provide an integrated tool to document compliance with HIPAA and other regulatory requirements. According to embodiments of the invention in another regard, medical information requests and other transactions which were originally made in paper or hard-copy form may likewise be assimilated into the access database, along with release requests which are electronic in nature.
12 Citations
15 Claims
-
1. Computer-storage media having a system embodied thereon that, when executed, performs a method for managing a release of clinically related information, the system comprising:
-
an input interface that receives a request from a requesting party for the release of the clinically related information associated with a patient and validates a standing of the requesting party; and privacy management logic, wherein upon communicating with the input interface, the privacy management logic; after the input interface receives the request, annotates a receipt status of the request in an access history database to create a privacy disclosure history for the patient, the privacy disclosure history being stored for a specified history-interval and being accessible through a privacy management user interface; determines a privacy status of the patient; validates the request based on the standing of the requesting party and a patient-specified time-interval and, if the request cannot be validated based on the standing of the requesting party and the patient specified time-interval, annotates a denial status of the request in the access history database; generates a response to the request based on the privacy status of the patient; extracts data from an electronic medical record associated with the patient, wherein the privacy status of the patient includes at least one recorded patient consent for the release of the clinically related information within the electronic medical record associated with the patient to the requesting party within the patient-specified time-interval, and wherein the at least one recorded patient consent permits release of only a portion of the clinically related information within the electronic medical record associated with the patient, the portion being less than a whole of the clinically related information within the electronic medical record associated with the patient and being-specified within the at least one recorded patient consent; and after extracting data from the electronic medical record associated with the patient, annotates a completion status of the request in the access history database. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A method for managing a release of clinically related information, comprising:
-
receiving a request from a requesting party for the release of clinically related information associated with a patient and after receiving the request, annotating, via a first computing process, a receipt status of the request in an access history database, wherein the access history database provides a privacy disclosure history for the patient, the privacy disclosure history being stored for a specified history-interval and being accessible through a privacy management user interface; validating, via a second computing process, a standing of the requesting party; determining, via a third computing process, a privacy status of the patient, wherein the privacy status includes at least one recorded consent of the patient for the release of the clinically related information associated with the patient within an electronic medical record associated with the patient to the requesting party within a patient-specified time interval, wherein the at least one recorded consent of the patient permits the release of only a portion of the clinically related information within the electronic medical record associated with the patient, the portion being less than a whole of the clinically related information within the electronic medical record associated with the patient and being specified within the at least one recorded consent of the patient; generating, via a fourth computing process, a response to the request based on the privacy status of the patient; validating, via a fifth computing process, the request based on the standing of the requesting party and the patient-specified time-interval and if the request cannot be validated based on the standing of the requesting party and the patient-specified time-interval, annotating, via a sixth computing process, a denial status of the request in the access history database; and extracting, via a seventh computing process, data from the electronic medical record associated with the patient, after extracting the data from the electronic medical record associated with the patient, annotating, via eighth computing process, a completion status of the request in the access history database; wherein each computing process is performed by one or more computing devices. - View Dependent Claims (10, 11)
-
-
12. A method for creating a set of clinically related data, selected from an electronic medical record associated with a patient and based upon privacy criteria associated with the patient, the method comprising:
-
receiving a request from a requesting party for a release of the set of clinically related information associated with the patient and after receiving the request, annotating, via a first computing process, a receipt status of the request in an access history database, wherein the access history database provides a privacy disclosure history for the patient, the privacy disclosure history being stored for a specified history-interval and being accessible through a privacy management user interface; validating, via a second computing process, a standing of the requesting party; determining, via a third computing process, a privacy status of the patient, wherein the privacy status includes at least one recorded consent of the patient for the release of the set of clinically related information within the electronic medical record associated with the patient to the requesting party within a patient-specified time-interval, and wherein the at least one recorded consent of the patient permits release of only a portion of the set of clinically related information within the electronic medical record associated with the patient, the portion being less than a whole of the set of clinically related information within the electronic medical record associated with the patient and being specified within the at least one recorded consent of the patient; generating, via a fourth computing process, a response to the request based on the privacy status of the patient; validating the request, via a fifth computing process, based on the standing of the requesting party and the patient-specified time-interval and if the request cannot be validated based on the standing of the requesting party and the patient-specified time-interval, annotating, via a sixth computing process, a denial status of the request in the access history database; and extracting, via a seventh computing process, the set of clinically related data from the electronic medical record associated with the patient, after extracting the set of clinically related data, annotating, via a eighth computing process, a completion status of the request in the access history database; wherein each of the computing processes are performed by one or more computing devices. - View Dependent Claims (13, 14, 15)
-
Specification