Patent Issued for Automated consent management system and method for managing autoreply messages to incoming calls (USPTO 11496620): Rhinogram Inc.

2022 NOV 25 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- A patent by the inventors Dressler, Keith (Ooltewah, TN, US), Dressler, Stanley (Chattanooga, TN, US), Roberts, Austin (Ooltewah, TN, US), filed on May 31, 2022, was published online on November 8, 2022, according to news reporting originating from Alexandria, Virginia, by NewsRx correspondents.

Patent number 11496620 is assigned to Rhinogram Inc. (Chattanooga, Tennessee, United States).

The following quote was obtained by the news editors from the background information supplied by the inventors: “In 1991, Congress passed the Telephone Consumer Protection Act (TCPA) to restrict unsolicited telemarketing phone calls to consumers. The TCPA protects consumers from receiving unwanted “robocalls” by placing restrictions on when and how such automated calls may be made and allowing consumers to opt out from receiving such calls. In accordance with the TCPA, the Federal Trade Commission (FTC) established a national “do not call” registry to protect consumers who do not wish to be contacted. Short Message Service (SMS) text messages sent to a consumer’s cellular phone are considered “calls” for purposes of the TCPA. As described herein, however, a telephone call comprises voice information and possibly additional information and/or metadata and therefore also may be referred to as a voice call, whereas a text message is a text-based message that does not include voice information.

“According to the TCPA, and related Federal Communications Commission (FCC) rules, a consumer must provide its prior express consent before a telemarketer or other entity can make unsolicited calls or text messages to the consumer in a manner that would otherwise violate the TCPA’s restrictions. For some communications, such as containing unsolicited advertisements, the consumer’s prior express consent must be in writing. The TCPA’s regulations generally mean that, as a practical matter, organizations sending marketing and advertising materials must receive express written consent from individuals prior to sending any text messages to them.

“In some cases, an individual’s consent under the TCPA can be implied based on the individual’s actions, even in the absence of receiving an express consent. For example, a customer’s consent to receive telephone calls from a business may be implied if the customer provides a telephone number to the business without any limiting instructions regarding whether or when the business may contact that customer using the provided number. The customer’s consent to receive telephone calls from the business also may be implied if the customer first calls the business and leaves a message requesting a response. Similarly, the customer’s consent to receive text messages may be implied under the TCPA if the customer first initiates a conversation with the business using a text message, such as by sending a request or another text message requiring a response.

“In general, however, a customer’s consent for a business to contact the customer using text messages is not implied solely based on that customer first making a telephone call to the business. Rather, in order for the customer to receive text messages in response to a telephone call, the customer must have either previously provided their express consent to receive text messages from the business or otherwise have established their implied consent. As used herein, a “business” broadly refers to any company, enterprise, organization, association, agency, partnership, joint venture, or other entity of any type, size, or structure, whether private or public, and whether for-profit or non-profit, that may communicate with one or more individuals.

“For example, when a health care provider wants to send text messages to a patient, the health care provider first must obtain the patient’s consent as required by the TCPA. The health care provider also must give the patient an option to subsequently opt-out of text-message communications and, if they choose to opt out, the provider cannot send them any more text messages. As a result, health care providers that lack the required TCPA consents from patients cannot respond to incoming telephone calls from patients using text-message responses. For this reason, an employee of the health care practice is typically tasked with manually responding to each incoming telephone call by calling back each patient separately, which can be extremely time consuming and may take the employee away from other needed tasks in the health care practice. This same problem exists for other types of businesses that must comply with the TCPA (or similar) consent requirements.

“In 1996, President Clinton signed the Health Insurance Portability and Accountability Act (HIPAA) into law. HIPAA protects the security and privacy of a patient’s health information when it is in the possession of a third party, such as a doctor or other health care provider. For example, HIPAA requires a patient’s written authorization before his or her protected health information (PHI) may be used or disclosed for marketing purposes. HIPAA security and privacy protections also cover electronic protected health information (ePHI) that is created, stored, transmitted, or received in any electronic format, including for example, via text messages.

“In addition to receiving the patient’s TCPA consent to receive text messages, the health care provider also needs to obtain a separate prior written consent from the patient, as required by HIPAA, to begin exchanging ePHI with the patient using text messages. In some cases, additional patient consents also may be required to comply with the European Union’s General Data Protection Regulation (GDPR) data protection requirements and/or U.S. data privacy laws. In short, a health care provider desiring to communicate with its patients using text messages may need to acquire and manage a large number of user consents, for example, including several different types of consents (e.g., TCPA, HIPAA, etc.) for many patients.

“Further, different types of communication channels may be subject to different user-consent requirements. As used herein, a “communication channel” refers to a physical or logical connection for communicating information between two or more entities. A communication channel may convey analog and/or digital information. In some cases, a communication channel may be implemented as an end-to-end communication session established over a public or private network using one or more network protocols. A single communication channel can comprise one or more different types of communication channels that collectively provide end-to-end communications between communicating entities. Types of communication channels may include, but are not limited to, end-to-end connections for telephone calls, text messages, e-mail messages, instant messages, and data or voice communications over any wireless or wireline protocols. Accordingly, telephone calls and text messages may correspond to different types of communication channels subject to different user-consent requirements.

“In view of the foregoing, user consent management at health care providers and at other types of businesses can be a very complicated and burdensome process, typically managed manually through data entry. For example, each user consent is conventionally entered manually as a binary value (e.g., “yes” or “no” consent). Frequent changes and updates to the various user consents, however, can quickly become an unwieldy process that is prone to error. The opportunities for data-entry error increase with the number of users. As used herein, a “user” is any person or group of people that must provide its consent to another entity before that other entity may create, send, receive, and/or store information of the user in compliance with one or more statutes, rules, policies, and/or regulations (regardless how defined or by whom). The user consent may be required based on governmental laws, rules, or regulations, but need not be. For example, one or more user consents may be required to comply with a company’s policies or with certain contractual terms or conditions. As used herein, a “user consent” is an indication of a user’s permission or authorization to allow another entity to perform an associated action.

“Failures to obtain the required user consents can result in severe financial penalties. For example, TCPA violations are enforced by the FCC, which may levy up to more than $18,000 per violation. Consent and opt-out management violations are common reasons for TCPA fines. It is therefore important for health care providers, as well as other types of businesses, to comply with the user-consent requirements of the TCPA and other laws, rules, and regulations requiring user consents for certain types of communications.

“There is a current need for a more efficient way for an organization, such as a health care provider, corporation, governmental agency, or other entity, to manage communications with remote users over different types of communication channels, such as using telephone calls and text messages, in compliance with the TCPA and other laws, rules, and regulations requiring user consents before communicating over one or more of the communication channels.”

In addition to the background information obtained for this patent, NewsRx journalists also obtained the inventors’ summary information for this patent: “The present invention overcomes the disadvantages of the prior art by providing systems and methods for managing user consents in connection with sending autoreply messages to users. As used herein, an “autoreply message” or “autoreply” refers to a message that is automatically generated by a computer system in response to a received communication from a user. The autoreply message may be transmitted as a text message, e-mail message, instant message, or the like. In some cases, the computer system cannot send the autoreply message to the user if the system has not received one or more user consents. For example, if the autoreply is a text message, the user may need to have provided a TCPA consent; if the autoreply contains ePHI, the computer system may need to confirm that the user has provided a HIPAA consent. Unlike existing systems and methods, the disclosed embodiments are configured to integrate automated user-consent compliance for TCPA, HIPAA, GDPR, and/or other laws, rules, and regulations with the automatic generation and transmission of autoreply messages.

“In accordance with the disclosed embodiments, a computer system may be configured to communicate with a user over both first and second communication channels, where the system requires the user’s consent before it can communicate with the user over the second communication channel. The system may receive an incoming communication, such as a telephone call, from the user over the first communication channel. In the disclosed embodiments, a consent management system determines whether the user has provided all necessary user consents for the computer system to send an autoreply message, such as a text message, to the user over the second communication channel. The computer system may automatically generate the autoreply message and transmit it to the user over the second communication channel if the consent management system has determined the user has provided all necessary user consents for sending the autoreply message over the second channel.

“In some embodiments, the consent management system may be configured to not only determine whether all necessary user consents have been received from the user before the autoreply message may be sent to the user over the second communication channel, but also may be configured to generate and/or transmit the autoreply message itself. In other embodiments, the consent management system may be coupled to separate hardware and/or software in a computer system that is configured to automatically generate and send the autoreply. In some embodiments, the autoreply message may be a predefined message, either for all users or predefined for one or more specific users. In some embodiments, the contents and/or metadata (including addressing) of the autoreply message may be automatically determined based on at least a portion of a communication received from the user over the first communication channel.

“For example, a computer system at a health care provider may comprise a communication interface (such as a cellular-network interface) and a phone application configured to receive an incoming telephone call from a patient. The phone application may identify certain caller identification (“Caller ID”) information received with the incoming call to identify the patient, for example, based on a name or phone number included in the Caller ID information. In this example, the computer system may also comprise (or may be coupled to) a consent management system that receives from the phone application certain information corresponding to the patient’s identity, which may or may not be the same as the Caller ID information, to determine if the patient has previously provided consent to receive text messages from the health care provider. The consent management system also may determine if any other consents, such as a HIPAA consent, has been received for the patient. If the patient has provided the required consent(s), the consent management system, the phone application, and/or a separate messaging application may automatically generate and send an autoreply text message to the patient. The telephone number for the autoreply text message may be determined from the Caller ID information and/or other stored contact information associated with the patient.

“In some embodiments, the autoreply message may acknowledge receipt of the user’s telephone call. In other embodiments, the autoreply message may be customized or personalized for the specific user. In yet other embodiments, a messaging application or another application on the computer system may process a transcribed (e.g., voice-to-text) version of a voice message from the user and then dynamically prepare the autoreply message based on the contents of the transcribed message. For example, if the user’s voice message includes the word “appointment” or the phrase “schedule an appointment,” an autoreply text message could be automatically generated indicating that “Someone will contact you soon about your appointment inquiry.” In some embodiments, one or more machine learning and/or natural language processing engines may be used to extract and/or identify words, phrases, and contents from a user’s voice message in order to generate an appropriate autoreply message to send to the user.”

The claims supplied by the inventors are:

“1. A method for integrating an automated consent management system with automatic generation and transmission of autoreply messages at a computer system, the computer system having one or more communication interfaces for communicating with one or more users over first and second communication channels, the method comprising: receiving, at the one or more communication interfaces, an incoming communication from a user over the first communication channel; identifying the user based on information received with the incoming communication; using the automated consent management system to determine whether the identified user has provided a consent to receive messages from the computer system over the second communication channel; using the automated consent management system to determine whether the identified user has provided an additional consent required to receive messages from the computer system over the second communication channel; and transmitting, through the one or more communication interfaces, an autoreply message to the user over the second communication channel if the automated consent management system has determined that the identified user has provided both the consent and the additional consent for receiving messages from the computer system over the second communication channel.

“2. The method of claim 1, wherein the incoming communication is a telephone call and the autoreply message is transmitted to the user in a text message.

“3. The method of claim 2, wherein the first communication channel corresponds to a voice-call connection from the user to the computer system, and the second communication channel corresponds to a text-message connection from the computer system to the user.

“4. The method of claim 2, wherein the one or more communication interfaces include a cellular network interface configured to receive the telephone call from the user and to also transmit the autoreply message to the user in a text message.

“5. The method of claim 1, wherein the consent indicates that the user has consented to receiving text messages from the computer system.

“6. The method of claim 5, wherein the consent indicates that the user has provided consent to receive text messages pursuant to the Telephone Consumer Protection Act (TCPA).

“7. The method of claim 1, wherein the additional consent indicates that the user has provided consent for the computer system to communicate the user’s health information.

“8. The method of claim 1, wherein the incoming communication comprises a voice message from the user and the autoreply message is transmitted to the user in a text message.

“9. The method of claim 8, further comprising: transcribing the voice message from the user; and automatically generating the autoreply message to send to the user based on at least a portion of the contents of the transcribed voice message from the user.

“10. The method of claim 1, wherein the computer system is implemented at a health care provider.

“11. The method of claim 1, wherein the computer system is configured to transmit the same autoreply message to each of the one or more users.

“12. A computer system configured to integrate an automated consent management system with automatic generation and transmission of autoreply messages, the computer system comprising: one or more communication interfaces configured to communicate with a user over first and second communication channels, wherein the one or more communication interfaces are configured to receive an incoming communication from the user over the first communication channel; one or more processors; a memory configured to store one or more user records and further configured to store computer-executable instructions, that when executed by the one or more processors, implement a consent manager, a phone application, and a message application, wherein execution of the computer-executable instructions further configure the computer system to: identify, by the phone application, information corresponding to the user’s identity based on information received with the incoming communication at the one or more communication interfaces; provide, by the phone application, the information corresponding to the user’s identity to the consent manager; access, by the consent manager, a user record from the one or more user records based on the information corresponding to the user’s identity provided by the phone application; determine, by the consent manager, whether the accessed user record indicates that the user has provided a consent to receive messages from the computer system over the second communication channel; determine, by the consent manager, whether the accessed user record indicates that the user has provided an additional consent to receive messages from the computer system over the second communication channel; and automatically generate, by the message application, an autoreply message to send to the user in response to the consent manager determining that the user has provided the consent and the additional consent to receive messages from the computer system over the second communication channel; and transmit, through the one or more communication interfaces, the generated autoreply message to the user over the second communication channel if the automated consent management system has determined that the user has provided both the consent and the additional consent for receiving messages from the computer system over the second communication channel.

“13. The computer system of claim 12, wherein the incoming communication is a telephone call and the autoreply message is transmitted to the user in a text message.

“14. The computer system of claim 13, wherein the first communication channel corresponds to a voice-call connection from the user to the computer system, and the second communication channel corresponds to a text-message connection from the computer system to the user.

“15. The computer system of claim 13, wherein the one or more communication interfaces include a cellular network interface configured to receive the telephone call from the user and to also transmit the autoreply message to the user in a text message.

“16. The computer system of claim 12, wherein the consent indicates that the user has consented to receiving text messages from the computer system.

“17. The computer system of claim 12, wherein the additional consent indicates that the user has provided consent for the computer system to communicate the user’s health information.

“18. The computer system of claim 12, wherein the incoming communication comprises a voice message from the user and the autoreply message is transmitted to the user in a text message.

“19. A non-transitory computer-readable medium comprising a set of computer-executable instructions that, when executed by one or more processors of a computer system, cause the computer system to integrate an automated consent management system with automatic generation and transmission of autoreply messages, the computer system having one or more communication interfaces for communicating with one or more users over first and second communication channels, wherein execution of the computer-executable instructions configure the computer system to: receive, at the one or more communication interfaces, an incoming communication from a user over the first communication channel; identify the user based on information received with the incoming communication; use the automated consent management system to determine whether the identified user has provided a consent to receive messages from the computer system over the second communication channel; use the automated consent management system to determine whether the identified user has provided an additional consent required to receive messages from the computer system over the second communication channel; and transmit, through the one or more communication interfaces, an autoreply message to the user over the second communication channel if the automated consent management system has determined that the identified user has provided both the consent and the additional consent for receiving messages from the computer system over the second communication channel.

“20. The computer-readable medium of claim 19, wherein the incoming communication is a telephone call and the autoreply message is a text message.”

URL and more information on this patent, see: Dressler, Keith. Automated consent management system and method for managing autoreply messages to incoming calls. U.S. Patent Number 11496620, filed May 31, 2022, and published online on November 8, 2022.

(Our reports deliver fact-based news of research and discoveries from around the world.)