Creating an access control policy based on consumer privacy preferences
First Claim
1. A system for controlling access to medical documents associated with a user in a patient database, comprising:
- a processing device that includes;
a user interface that receives a topic and a set of permissions from a user;
a document analyzer that analyzes content of the medical documents associated with the user to find a plurality of documents relating to the topic;
a property finder that analyzes the content of the plurality of documents to find at least one distinguishing property of the documents relating to the topic; and
a document selector that selects a set of documents based on the at least one distinguishing property; and
wherein the user interface enables the user to select some or all of the set of documents found by the document analyzer; and
an associating subsystem that associates the set of permissions with the selected set of documents to obtain an access control policy;
a non-transitory memory element that stores the access control policy for subsequent access control to the set of documents; and
an access control subsystem that;
receives an access request for one or more of the medical documents associated with the user from another user,retrieves the access control policy from the memory element, andcontrols access to each of the one or more medical documents associated with the user based on the access control policy.
1 Assignment
0 Petitions
Accused Products
Abstract
A system for generating an access control policy comprises a user interface (1) for enabling a user to indicate a topic (10) and a set of permissions (15). A document analyzer (2) analyzes the content of a plurality of documents (11) to find a set of documents (13) relating to the topic (10). A property finder (5) analyzes the content of a plurality of documents (11) to find at least one distinguishing property (12) of documents relating to the topic (10). A document selector (6) selects the set of documents (13), based on the distinguishing property (12). An associating subsystem (3) associates the set of permissions (15) with the set of documents (13) to obtain an access control policy (4).
8 Citations
13 Claims
-
1. A system for controlling access to medical documents associated with a user in a patient database, comprising:
-
a processing device that includes; a user interface that receives a topic and a set of permissions from a user; a document analyzer that analyzes content of the medical documents associated with the user to find a plurality of documents relating to the topic; a property finder that analyzes the content of the plurality of documents to find at least one distinguishing property of the documents relating to the topic; and a document selector that selects a set of documents based on the at least one distinguishing property; and wherein the user interface enables the user to select some or all of the set of documents found by the document analyzer; and an associating subsystem that associates the set of permissions with the selected set of documents to obtain an access control policy; a non-transitory memory element that stores the access control policy for subsequent access control to the set of documents; and an access control subsystem that; receives an access request for one or more of the medical documents associated with the user from another user, retrieves the access control policy from the memory element, and controls access to each of the one or more medical documents associated with the user based on the access control policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
-
10. A method of controlling access to medical records associated with a user in a patient database, comprising
enabling the user to indicate a topic and a set of permissions; -
analyzing content of the medical documents associated with the user to find a plurality of documents relating to the topic; identifying at least one distinguishing property of the plurality of documents relating to the topic; selecting a set of documents from the medical documents associated with the user based on the at least one distinguishing property relating to the topic; and enabling the user to select some or all of the set of documents found by a document analyzer, and associating the set of permissions with the selected set of documents to obtain an access control policy; and storing the access control policy in a non-transitory computer readable memory element to enable subsequent enforcement of the set of permissions with regard to access to the set of documents; receiving an access request for one or more of the medical documents associated with the user from an other user; retrieving the access control policy from the memory element; and controlling access to each of the one or more medical documents associated with the user based on the access control policy.
-
-
11. A non-transitory computer readable medium that includes one or more computer programs that, when executed by a processor, cause the processor to:
-
receive a topic and a set of permissions from a user;
search content of medical documents associated with the user to identify a plurality of documents relating to the topic;analyze the content of the plurality of documents to find at least one distinguishing property of the plurality of documents relating to the topic; and select a set of documents from the medical records associated with the user based on the at least one distinguishing property; enable the user to select some or all of the set of documents found by a document analyzer, and associate the set of permissions with the selected set of documents to obtain an access control policy; and store the access control policy in a memory element to enable subsequent enforcement of the set of permissions with regard to access to the set of documents; receive an access request for one or more of the medical documents associated with the user from another user; retrieve the access control policy from the memory element; and
control access to each of the one or more medical documents associated with the user based on the access control policy. - View Dependent Claims (12, 13)
-
Specification