Please download the dossier by clicking on the dossier button x
×

Secure and usable authentication for health care information access

  • US 9,727,937 B2
  • Filed: 08/23/2012
  • Issued: 08/08/2017
  • Est. Priority Date: 08/13/2010
  • Status: Active Grant
First Claim
Patent Images

1. A method, comprising:

  • using a radio frequency tag secured to a badge, wherein the badge is configured to;

    utilize a card authentication protocol to authenticate the radio frequency tag, wherein the card authentication protocol comprises a time-based shared secret stored in the radio frequency tag that is changed on a regular basis, and the radio frequency tag is authenticated by the radio frequency tag communicating with an authentication module on a computer system;

    sense a proximity of the badge to the computer system by utilizing a proximity sensor attached to the computer system, wherein the proximity sensor is configured to sense proximity of the badge to the computer system;

    verify that the shared secret stored on the radio frequency tag is the same as a system secret stored on the computer system;

    in response to the shared secret being the same as the system secret;

    determine whether the health care provider is in a physical area assigned to a first patient by;

    sending a radio frequency signal identification information of the health care provider from the radio frequency tag to the authentication module with a tag reader on the computer system, wherein the radio frequency tag determines the position information of the health care provider based on proximity to a terminal of the computer system,comparing the position of the terminal of the computer system with position information of the physical area assigned to the first patient; and

    comparing position information of the health care provider with position information derived from the computer system of the physical area assigned to the first patient stored on the computer system;

    periodically estimating an appointment time period for the health care provider with the one of the plurality of patients;

    denying the health care provider access to an electronic record of the first patient if the health care provider is logged onto the computer system in a physical area assigned to the first patient outside the periodically estimated appointment time period for the first patient;

    wherein the radio frequency tag is configured to automatically log in the health care provider to the computer system in response to the health care provider being in the physical area assigned to the first patient;

    wherein the computer system is configured to determine whether the health care provider is logged onto the computer system at a time the health care provider is in the physical area assigned to the first patient;

    wherein the computer system is configured to ascertain whether the health care provider is logged onto the computer system during authorized hours of the health care provider;

    wherein the computer system is configured to, in response to the health care provider being logged onto the computer system at the time the health care provider is in the physical area assigned to the first patient, and in response to the health care provider being logged onto the computer system during the authorized hours of the health care provider, provide the health care provider with access to the electronic record of the first patient using the computer system by transmitting authorization for the health care provider to the computer system, thereby providing visual access to the electronic record of the first patient on a computer display of the computer system;

    the computer system is configured to automatically generate a new shared secret, a new system secret, and new authorized hours for the health care provider in response to the health care provider accessing a system to update the shared secret;

    whereby the electronic record of the first patient is available to the health care provider only when the health care provider needs it in order to treat the first patient;

    whereby the health care provider is directly logged into the computer system without the need to type in a password, thus allowing the health care provider to log into the terminal of the computer system in a hands-free fashion; and

    wherein the computer system is configured to log the health care provider out of the computer system after a predetermined time period of inactivity by the health care provider on the computer system.

View all claims
  • 1 Assignment
Timeline View
Assignment View
    ×
    ×