Secure and mobile biometric authentication for electronic health record management

US 9,553,727 B2
Filed: 01/20/2011
Issued: 01/24/2017
Est. Priority Date: 01/21/2010
Status: Expired due to Fees

First Claim

Patent Images

1. A method employing a portable Electronic Health Record (EHR) enabled device to perform biometric authentication of a user, comprising:

a) storing a first decryption key on said portable EHR enabled device;

b) receiving a request at an EHR database server from an office system, said EHR database server comprising an EHR database, said EHR database comprising a user health record;

c) wirelessly communicating a first encrypted message from said EHR database server to said portable EHR enabled device in response to said requestd) decrypting said first encrypted message on the portable EHR enabled device using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction between said EHR database server and an EHR Database client;

e) said portable EHR enabled device prompting said user to speak a pass phrase and storing said spoken voice of said user;

f) said portable EHR enabled device creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,g) said portable EHR enabled device encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;

h) said portable EHR enabled device wirelessly transmitting said second encrypted message to said EHR database server; and

i) said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A portable device receives an encrypted message from an electronic health record database server including a request to perform a biometric authentication to approve a transaction. The device prompts a user to speak a pass phrase. The device creates a set of variables including the pass phrase and at least one more variable characterizing the spoken voice. The authentication module transmits an encrypted message to the health record database server including a session identification information and the set of variables. In response, the device receives an encrypted message from the health record database server determining whether the biometric authentication is successful and the transaction is approved, wherein determination is made by the health record database server and is based on verifying the session identification information, the pass phrase, and the user identity.

11 Citations

View as Search Results

9 Claims

1. A method employing a portable Electronic Health Record (EHR) enabled device to perform biometric authentication of a user, comprising:
- a) storing a first decryption key on said portable EHR enabled device;
  
  b) receiving a request at an EHR database server from an office system, said EHR database server comprising an EHR database, said EHR database comprising a user health record;
  
  c) wirelessly communicating a first encrypted message from said EHR database server to said portable EHR enabled device in response to said requestd) decrypting said first encrypted message on the portable EHR enabled device using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction between said EHR database server and an EHR Database client;
  
  e) said portable EHR enabled device prompting said user to speak a pass phrase and storing said spoken voice of said user;
  
  f) said portable EHR enabled device creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice,g) said portable EHR enabled device encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;
  
  h) said portable EHR enabled device wirelessly transmitting said second encrypted message to said EHR database server; and
  
  i) said EHR database server analyzing said plurality of variables to determine the identity of said user and to determine whether said biometric authentication is successful and said transaction is approved.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1, further comprising said EHR database server logging access to the EHR database server for tracking purposes.
  - 3. The method of claim 1, further comprising EHR database server determining a successful biometric authentication if said session identification information, pass phrase, and speaker identity matches with the user health record data.
  - 4. The method of claim 1, wherein said health record data includes at least one of the following:
    - a) said user medical history;
      
      b) said user demographics;
      
      c) said user medical insurance;
      
      d) an employment status;
      
      e) a responsible individual; and
      
      f) pre-existing conditions.
  - 5. The method of claim 1, wherein said session identification information is selected from a group consisting of:
    - a) said portable EHR enabled device phone number;
      
      b) said portable EHR enabled device IP address;
      
      c) said portable EHR enabled device MAC address;
      
      d) said portable EHR enabled device IMSI number; and
      
      e) said portable EHR enabled device IMEI number.
  - 6. The method of claim 1, wherein access to said EHR database server is available for use by said office system for a limited time period.

7. A portable Electronic Health Record (EHR) enabled device comprising:
- a processor;
  
  a non-transitory memory having instructions stored thereon that, in response to execution by the processor, cause the processor to perform operations comprising;
  
  a) storing a first decryption key;
  
  b) receiving a first encrypted message from an EHR database server, said EHR database server storing a user health record in an EHR database, said first encrypted message transmitted by said EHR database server in response to a request from an office system;
  
  c) decrypting said first encrypted message using said first decryption key, said first decrypted message including a request to perform a biometric authentication to approve a transaction between said EHR database server and an EHR Database client;
  
  d) prompting said user to speak a pass phrase and storing said spoken voice of said user;
  
  e) creating a plurality of variables, said plurality of variables are obtained by analyzing said stored spoken voice and include said pass phrase and at least one more variable characterizing said spoken voice;
  
  f) encrypting a second message using a second encryption key, said second message including a session identification information and said plurality of variables;
  
  g) transmitting said second encrypted message to said EHR database server; and
  
  h) receiving a determination from said EHR database server of whether said biometric authentication is successful and said transaction is approved.
- View Dependent Claims (8, 9)
- - 8. The portable EHR enabled device of claim 7, wherein said EHR database server provides a real-time response determining whether said biometric authentication is successful.
  - 9. The portable EHR enabled device of claim 7, wherein said session identification information is selected from a group consisting of:
    - a) said portable EHR enabled device phone number;
      
      b) said portable EHR enabled device IP address;
      
      c) said portable EHR enabled device MAC address;
      
      d) said portable EHR enabled device IMSI number; and
      
      e) said portable EHR enabled device IMEI number.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Omid Ebrahimi Kia
Original Assignee
Omid Ebrahimi Kia
Inventors
Kia, Omid Ebrahimi
Primary Examiner(s)
Hayes, John
Assistant Examiner(s)
FENSTERMACHER, JASON B

Application Number

US13/010,743
Publication Number

US 20110178931A1
Time in Patent Office

2,196 Days
Field of Search

705/50
US Class Current

1/1
CPC Class Codes

G06F 21/32   using biometric data, e.g. ...

G06Q 10/06   Resources, workflows, human...

G06Q 40/08   Insurance

G16H 10/60   for patient-specific data, ...

H04L 63/0861   using biometrical features,...

H04L 9/3231   Biological data, e.g. finge...

H04W 12/068   using credential vaults, e....

Secure and mobile biometric authentication for electronic health record management

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

11 Citations

9 Claims

Specification

Solutions

Use Cases

Quick Links

Secure and mobile biometric authentication for electronic health record management

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

11 Citations

9 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links