Method, system, and apparatus for patient controlled access of medical records

US 8,185,411 B2
Filed: 02/17/2004
Issued: 05/22/2012
Est. Priority Date: 02/17/2004
Status: Expired due to Fees

First Claim

Patent Images

1. A computer-implemented method of permitting controlled access to medical information of a patient, the method comprising:

supplying medical information of the patient to a central repository by the patient and any medical providers who have treated the patient;

storing and maintaining the medical information of the patient in the central repository;

accessing the medical information by the patient from an access device using a unique patient identifier and a patient PIN;

controlling by the patient an authorization and a scope of access to the medical information by modifying an access control list within the patient'"'"'s profile when the patient is connected to the central repository, wherein the access control list lists each authorized user and the assigned role of each authorized user, wherein the scope of access includes which items of medical information are available to an assigned role and how that information will be viewed;

assigning each authorized user with a unique authorized user ID and an authorized user PIN; and

tracking and notifying the patient of an identity of a user who accessed the medical information, information that was accessed by the user, and when the user accessed the information.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method of permitting controlled access to medical information can include establishing a storage means for containing medical information and establishing a means for accessing the medical information. The method further can include controlling the means for accessing the medical information according to a type of entity accessing the medical information, wherein access is limited according to the type of entity.

27 Citations

View as Search Results

12 Claims

1. A computer-implemented method of permitting controlled access to medical information of a patient, the method comprising:
- supplying medical information of the patient to a central repository by the patient and any medical providers who have treated the patient;
  
  storing and maintaining the medical information of the patient in the central repository;
  
  accessing the medical information by the patient from an access device using a unique patient identifier and a patient PIN;
  
  controlling by the patient an authorization and a scope of access to the medical information by modifying an access control list within the patient'"'"'s profile when the patient is connected to the central repository, wherein the access control list lists each authorized user and the assigned role of each authorized user, wherein the scope of access includes which items of medical information are available to an assigned role and how that information will be viewed;
  
  assigning each authorized user with a unique authorized user ID and an authorized user PIN; and
  
  tracking and notifying the patient of an identity of a user who accessed the medical information, information that was accessed by the user, and when the user accessed the information.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, wherein the access device is controlled using a universally unique identifier.
  - 3. The method of claim 1, wherein said controlling step is overridden by a registered emergency provider.
  - 4. The method of claim 1, wherein the patient is compensated for permitting some of the medical information to be available and used by a research institution.
  - 5. The method of claim 1, wherein during a doctor visit the patient provides access to the medical information for a time period long enough to support the visit at which point the access times out.
  - 6. The method of claim 1, wherein access to the patient'"'"'s medical information expires when a physician logs into another room/appointment.

7. A machine-readable storage having stored thereon, a computer program having a plurality of code sections, said code sections executable by a machine for causing the machine to perform the steps of:
- supplying medical information of the patient to a central repository by the patient and any medical providers who have treated the patient;
  
  storing and maintaining the medical information of the patient in the central repository;
  
  accessing the medical information by the patient from an access device using a unique patient identifier and a patient PIN;
  
  controlling by the patient an authorization and a scope of access to the medical information by modifying an access control list within the patient'"'"'s profile when the patient is connected to the central repository, wherein the access control list lists each authorized user and the assigned role of each authorized user, wherein the scope of access includes which items of medical information are available to an assigned role and how that information will be viewed;
  
  assigning each authorized user with a unique authorized user ID and an authorized user PIN; and
  
  tracking and notifying the patient of an identity of a user who accessed the medical information, information that was accessed by the user, and when the user accessed the information.
- View Dependent Claims (8, 9)
- - 8. The machine-readable storage of claim 7, wherein the access device is controlled using a universally unique identifier.
  - 9. The machine-readable storage of claim 7, wherein said controlling step is overridden by a registered emergency provider.

10. A computer-implemented system for permitting controlled access to medical information of a patient, the system comprising:
- a central repository for storing and maintaining medical information of the patient, the medical information of the patient being supplied to the central repository by the patient and any medical providers who have treated the patient;
  
  an access device for accessing the medical information by the patient or any other authorized user, the patient accessing the medical information from the access device using a unique patient identifier and a patient PIN, each authorized user accessing the medical information from the access device using a unique authorized user ID and an authorized user PIN; and
  
  at least a processor configured tocontrol by the patient an authorization and a scope of access to the medical information by modifying an access control list within the patient'"'"'s profile when the patient is connected to the central repository, wherein the access control list lists each authorized user and the assigned role of each authorized user, wherein the scope of access includes which items of medical information are available to an assigned role and how that information will be viewed;
  
  assign each authorized user with a unique authorized means for user ID and an authorized user PIN, andtrack and notify the patient of an identity of a user who accessed the medical information, information that was accessed by the user, and when the user accessed the information.
- View Dependent Claims (11, 12)
- - 11. The system of claim 10, wherein the access device is controlled using a universally unique identifier.
  - 12. The system of claim 10, wherein the access control is overridden by registered emergency providers.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Allard, David J., Szabo, Robert M.
Primary Examiner(s)
RANGREJ, SHEETAL

Application Number

US10/780,098
Publication Number

US 20050182661A1
Time in Patent Office

3,017 Days
Field of Search

705 2- 3
US Class Current

705/3
CPC Class Codes

G06F 21/6245   Protecting personal data, e...

G06Q 40/08   Insurance

G16H 10/60   for patient-specific data, ...

G16H 10/65   stored on portable record c...

Method, system, and apparatus for patient controlled access of medical records

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

27 Citations

12 Claims

Specification

Use Cases

Quick Links

Others

Method, system, and apparatus for patient controlled access of medical records

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

27 Citations

12 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others