Secure and usable authentication for health care information access
First Claim
Patent Images
1. A system comprising:
- a device authentication module that authenticates a portable wireless device associated with a health care provider;
an appointment estimate module that periodically estimates a respective appointment time for one of a plurality of patients including estimating an appointment time period for a first patient;
a record access module that denies the health care provider access to an electronic record of the first patient if the health care provider is logged onto a computer system in a physical area assigned to the first patient outside the periodically estimated respective appointment time period for the first patient, and if the health care provider accesses more than a specified number of different patients'"'"' records simultaneously,wherein the health care provider is denied access to a second electronic record of a second patient not assigned to the physical area assigned to the first patient if the record access module determines that the health care provider is logged onto the computer system in the physical area assigned to the first patient.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the invention relate to providing a health care provider access to an electronic record of a patient may be provided. A determination is made as to whether the health care provider is logged onto a computer system in a physical area assigned to the patient. Whether the health care provider is logged onto the computer system during working hours of the provider is also ascertained. The health care provider is provided with access to the electronic record of the patient via the computer system if the determining resolves to true and the ascertaining resolves to true.
15 Citations
9 Claims
-
1. A system comprising:
-
a device authentication module that authenticates a portable wireless device associated with a health care provider; an appointment estimate module that periodically estimates a respective appointment time for one of a plurality of patients including estimating an appointment time period for a first patient; a record access module that denies the health care provider access to an electronic record of the first patient if the health care provider is logged onto a computer system in a physical area assigned to the first patient outside the periodically estimated respective appointment time period for the first patient, and if the health care provider accesses more than a specified number of different patients'"'"' records simultaneously, wherein the health care provider is denied access to a second electronic record of a second patient not assigned to the physical area assigned to the first patient if the record access module determines that the health care provider is logged onto the computer system in the physical area assigned to the first patient. - View Dependent Claims (2, 3, 4)
-
-
5. A computer program product for authenticating access to health care records, said computer program product comprising a tangible computer readable storage device having computer readable program code embodied therewith, the computer readable program code being executable by a computer to:
-
determine if a health care provider is logged onto a computer system in a physical area assigned to a first patient; ascertain if the health care provider is logged onto the computer system during working hours of the health care provider; and deny the health care provider access to the electronic record of the first patient via the computer system responsive to determining that the health care provider is not in the physical area assigned to the first patient and the health care provider is not in a personal private secure office of the health care provider; and allow the health care provider access to the electronic record of the first patient via the computer system if the health care provider has been continuously logged onto the computer system since the end of the working hours of the health care provider, and deny the health care provider access to the electronic record of the first patient via the computer system responsive to determining that the health care provider is logged onto the computer system outside the working hours of the health care provider. - View Dependent Claims (6, 7, 8, 9)
-
Specification