Secure and usable authentication for health care information access

US 8,533,800 B2
Filed: 08/13/2010
Issued: 09/10/2013
Est. Priority Date: 08/13/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising:

a device authentication module that authenticates a portable wireless device associated with a health care provider;

an appointment estimate module that periodically estimates a respective appointment time for one of a plurality of patients including estimating an appointment time period for a first patient;

a record access module that denies the health care provider access to an electronic record of the first patient if the health care provider is logged onto a computer system in a physical area assigned to the first patient outside the periodically estimated respective appointment time period for the first patient, and if the health care provider accesses more than a specified number of different patients'"'"' records simultaneously,wherein the health care provider is denied access to a second electronic record of a second patient not assigned to the physical area assigned to the first patient if the record access module determines that the health care provider is logged onto the computer system in the physical area assigned to the first patient.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments of the invention relate to providing a health care provider access to an electronic record of a patient may be provided. A determination is made as to whether the health care provider is logged onto a computer system in a physical area assigned to the patient. Whether the health care provider is logged onto the computer system during working hours of the provider is also ascertained. The health care provider is provided with access to the electronic record of the patient via the computer system if the determining resolves to true and the ascertaining resolves to true.

15 Citations

View as Search Results

9 Claims

1. A system comprising:
- a device authentication module that authenticates a portable wireless device associated with a health care provider;
  
  an appointment estimate module that periodically estimates a respective appointment time for one of a plurality of patients including estimating an appointment time period for a first patient;
  
  a record access module that denies the health care provider access to an electronic record of the first patient if the health care provider is logged onto a computer system in a physical area assigned to the first patient outside the periodically estimated respective appointment time period for the first patient, and if the health care provider accesses more than a specified number of different patients'"'"' records simultaneously,wherein the health care provider is denied access to a second electronic record of a second patient not assigned to the physical area assigned to the first patient if the record access module determines that the health care provider is logged onto the computer system in the physical area assigned to the first patient.
- View Dependent Claims (2, 3, 4)
- - 2. The system of claim 1, wherein the device authentication module authenticates the portable wireless device associated with the health care provider by verifying a time-based secret stored within the portable wireless device.
  - 3. The system of claim 2, wherein the device authentication module authenticates the portable wireless device associated with the health care provider based on determining whether time of authentication is within the working hours of the health care provider associated with the portable wireless device.
  - 4. The system of claim 1, wherein the health care provider is allowed access to electronic records of patients via the health care provider'"'"'s computer system in the health provider'"'"'s office if the device authentication module successfully authenticates the portable wireless device and if the record access module determines that the health care provider is logged onto the computer system in the health provider'"'"'s office.

5. A computer program product for authenticating access to health care records, said computer program product comprising a tangible computer readable storage device having computer readable program code embodied therewith, the computer readable program code being executable by a computer to:
- determine if a health care provider is logged onto a computer system in a physical area assigned to a first patient;
  
  ascertain if the health care provider is logged onto the computer system during working hours of the health care provider; and
  
  deny the health care provider access to the electronic record of the first patient via the computer system responsive to determining that the health care provider is not in the physical area assigned to the first patient and the health care provider is not in a personal private secure office of the health care provider; and
  
  allow the health care provider access to the electronic record of the first patient via the computer system if the health care provider has been continuously logged onto the computer system since the end of the working hours of the health care provider, anddeny the health care provider access to the electronic record of the first patient via the computer system responsive to determining that the health care provider is logged onto the computer system outside the working hours of the health care provider.
- View Dependent Claims (6, 7, 8, 9)
- - 6. The computer program product of claim 5,wherein the computer readable program code is executable by the computer to deny the health care provider access to a second electronic record of a second patient via the computer system, responsive to the health care provider'"'"'s logging in to the computer system in the physical area assigned to the first patient, if the second patient is not assigned to the physical area assigned to the first patient.
  - 7. The computer program product of claim 5, wherein the computer readable program code is executable by the computer to:
    - detect that a portable wireless device assigned to the health care provider is near the computer system;
      
      detect the health care provider in the physical area assigned to the first patient;
      
      log the detected health care provider onto the computer system in the physical area assigned to the first patient; and
      
      log the health care provider off of the computer system in the physical area assigned to the first patient if the health care provider is no longer detected in the physical area assigned to the first patient.
  - 8. The computer program product of claim 5, wherein the computer readable program code is executable by the computer to:
    - determine an elapsed time to when the health care provider last accessed electronic records of patients if the health care provider is outside of his working hours; and
      
      extend the working hours of the health care provider by a particular amount of time if the elapsed time is less than a particular threshold.
  - 9. The computer program product of claim 5, wherein the computer program code is executable by the computer todeny the health care provider access to the electronic record of the first patient if the health care provider has had access to more than a particular number of electronic records of patients in less than a particular amount of time.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation
Original Assignee
International Business Machines Corporation
Inventors
Jin, Hongxia, Wang, Qihua
Primary Examiner(s)
Yalew, Fikremariam A

Application Number

US12/855,855
Publication Number

US 20120042366A1
Time in Patent Office

1,124 Days
Field of Search

None
US Class Current

726/7
CPC Class Codes

G06F 21/31   User authentication

G06F 21/35   communicating wirelessly

G06F 21/6245   Protecting personal data, e...

G06F 2221/2111   Location-sensitive, e.g. ge...

G06F 2221/2137   Time limited access, e.g. t...

G16H 10/60   for patient-specific data, ...

G16H 40/20   for the management or admin...

H04L 2209/88   Medical equipments

H04L 9/3228   One-time or temporary data,...

H04L 9/3234   involving additional secure...

Secure and usable authentication for health care information access

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

15 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and usable authentication for health care information access

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

15 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links