Patent Issued for Mobile device network traffic modification and user based restrictions on data access (USPTO 11797706): Health2047 Inc.

2023 NOV 10 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- According to news reporting originating from Alexandria, Virginia, by NewsRx journalists, a patent by the inventors Klein, Justin James (San Francisco, CA, US), Mangold, Bernard Pierce (Mercer Island, WA, US), Stockert, Jack (Los Altos, CA, US), Walker, Michael James (Portland, OR, US), Whitkin, Josh O. (Hunters Hill, AU), filed on February 9, 2017, was published online on October 24, 2023.

The assignee for this patent, patent number 11797706, is Health2047 Inc. (Menlo Park, California, United States).

Reporters obtained the following quote from the background information supplied by the inventors: “Protected health information of patients can include specific identifiers such as name, address, date information, social security numbers and medical record numbers and so on. This protected health information is statutorily required to be treated with special care by medical professionals or other covered entities. For example, protected health information in an electronic form may be maintained in an encrypted state, and access to the protected health information can be tightly controlled. With the advent of mobile devices utilized by medical professionals for both their personal and career lives, utilizing mobile devices can create problems with respect to conforming to statutory requirements as related to protected health information.”

In addition to obtaining background information on this patent, NewsRx editors also obtained the inventors’ summary information for this patent: “Particular embodiments of the subject matter described in this specification can be implemented so as to realize one or more of the following advantages. A medical professional’s mobile device (for example, smart phone, tablet, wearable device) can be easily toggled between a personal or normal mode and a protected mode that complies with statutes related to protecting personal health information. An example statute is the Health Insurance Portability and Accountability Act (HIPAA), which in part requires covered entities to treat protected health information with special care. For example, the protected health information may be required to be encrypted, and access to, or sharing of, protected health information may include various constraints. To ensure compliance with these statutory rules, a mobile device can include functionality to be placed in a normal mode, in which the normal functionality of the mobile device is enabled, and a protected mode, in which all functionality of the mobile device conforms to statutory requirements.

“As will be described, to enter and/or exit the protected mode, strong authentication can be required, such as biometric information coupled with global navigation satellite system (GNSS) information to ensure that a medical professional is only accessing protected health information at work, and so on. Additionally, the mobile device can automatically encrypt, and keep separate from access while in public mode, any protected health information. In this way, the features described herein solve technical problems associated with protecting and controlling access to protected health information. The mobile device can automatically analyze network traffic to ensure compliance with statutory requirements. For example, the mobile device can determine that an application executing on the mobile device is attempting to transmit protected health information, and the mobile device can block the transmission, or automatically filter the transmission to remove any protected health information.

“The details, including optional details, of one or more embodiments of the subject matter of this specification are set forth in the accompanying drawings and the description below. Other optional features, aspects, and advantages of the subject matter will become apparent from the description, the drawings, and the claims.”

The claims supplied by the inventors are:

“1. Non-transitory computing storage media storing instructions that, when executed by a personal mobile computing device, cause the personal mobile computing device to implement operations for a health-data protected operation mode which prevents health information from being accessed or sent in an unauthorized manner, wherein the operations comprise: receiving a request, by the personal mobile computing device, to enter the health-data protection mode, the health-data protection mode constraining functionality of the personal mobile computing device; updating a user interface presenting a plurality of applications accessible via the personal mobile computing device, wherein updating comprises: updating a visual representation of a first application of the plurality of applications, the updated visual representation being presented in the user interface and indicating inaccessibility of the first application, presenting a new application that is positioned at a same location in the user interface as a second application of the plurality of applications, wherein the second application is disabled during the health-data protection mode and removed from the user interface, and wherein the new application replaces the second application during the health-data protection mode and is associated with same functionality, wherein visual representations of a remaining of the plurality of applications are unaltered and remain presented in the user interface as being accessible; and constraining the functionality of the personal mobile computing device based on the health-data protection mode such that selection of the plurality of applications is constrained, wherein information generated during the health-data protection mode is encrypted on the personal mobile computing device.

“2. The computer storage media of claim 1, wherein the operations further comprise: in response to receiving the request, prompting a user of the personal mobile computing device for authentication information.

“3. The computer storage media of claim 2, wherein authentication information comprises one or more of user account information, biometric information, and location information of the personal mobile computing device.

“4. The computer storage media of claim 2, wherein the request is triggered based on (1) a first location of the personal mobile computing device being within a particular geofence, (2) information indicating a user of the personal mobile computing device is associated with a second location within the particular geofence or information indicating the user is navigating along a route associated with the second location, and (3) receipt of correct authentication information provided in response to the prompting.

“5. The computer storage media of claim 1, wherein constraining functionality of the personal mobile computing device comprises: modifying functionality associated with one or more of the applications based on the health-data protection mode.

“6. The computer storage media of claim 5, wherein a particular application is a messaging application, and wherein the messages sent or received while the personal mobile computing device is in the health-data protection mode are inaccessible upon the personal mobile computing device leaving the health-data protection mode.

“7. The computer storage media of claim 1, wherein constraining functionality comprises modifying one or more applications to be inaccessible in the health-data protection mode, and wherein the operations further comprises: establishing a virtual private network connection with an outside system, the outside system receiving all network traffic being provided to, or being provided from, the personal mobile computing device, such that the outside system is configured to block network traffic associated with the inaccessible applications.

“8. The computer storage media of claim 1, wherein the operations further comprise: receiving a request to leave the health-data protection mode; and upon leaving the health-data protection mode, deleting the particular health information.

“9. The computer storage media of claim 8, wherein deleting the particular health information comprises: obtaining, from an outside server, one or more hash values generated based on health information of one or more patients associated with a user of the personal mobile computing device; generating hash values based on information locally stored on the personal mobile computing device; and deleting information locally stored on the personal mobile computing device with hash values corresponding to the obtained hash values.

“10. The computer storage media of claim 1, wherein upon exiting of the health-data protection mode particular health information is identified for deletion from local storage based, at least in part, on hash information generated from information stored in local storage.

“11. The computer storage media of claim 1, wherein the received request adjusts a normal operating mode of the personal mobile computing device to the health-data protection mode, wherein the second application is accessible during the normal operating mode, and wherein based on leaving the health-data protection mode, updating the user interface to return to the normal operating mode.

“12. A method implemented by a user device of one or more processors, the method comprising receiving a request to enter a health data protection mode, the health data protection mode constraining functionality of the user device; updating a user interface presenting a plurality of applications accessible via the user device, wherein updating comprises: updating a visual representation of a first application of the plurality of applications, the updated visual representation being presented in the user interface and indicating inaccessibility of the first application, swapping a second application of the plurality of applications with a new application associated with same functionality, wherein the new application is included in the user interface at a same location as the second application, and wherein the second application is disabled during the health data protection mode and removed from the user interface, wherein visual representations of a remaining of the plurality of applications are unaltered and remain presented in the user interface; and constraining the functionality based on the health data protection mode such that selection of the plurality of applications is constrained, wherein information generated during the health data protection mode is encrypted on the user device.

“13. The method of claim 12, further comprising: in response to receiving the request, prompting a user of the user device for authentication information.

“14. The method of claim 13, wherein authentication information comprises one or more of user account information, biometric information, and location information of the user device.

“15. The method of claim 12, wherein constraining functionality of the user device comprises: modifying functionality associated with one or more of the applications based on the health data protection mode.

“16. The method of claim 15, wherein a particular application is a messaging application, and wherein the messages sent or received while the user device is in the health data protection mode are inaccessible upon the user device leaving the health data protection mode.

“17. The method of claim 12, wherein constraining functionality comprises modifying one or more applications to be inaccessible in the health data protection mode, and wherein the method further comprises: establishing a virtual private network connection with an outside system, the outside system receiving all network traffic being provided to, or being provided from, the user device, such that the outside system is configured to block network traffic associated with the inaccessible applications.

“18. The method of claim 12, wherein the method further comprises: receiving a request to leave the health data protection mode; and upon leaving the health data protection mode, deleting particular health information.

“19. The method of claim 18, wherein deleting the particular health information comprises: obtaining, from an outside server, one or more hash values generated based on health information of one or more patients associated with a user of the user device; generating hash values based on information locally stored on the user device; and deleting information locally stored on the user device with hash values corresponding to the obtained hash values.

“20. The method of claim 18, wherein upon exiting of the health-data protection mode particular health information is identified for deletion from local storage based, at least in part, on hash information generated from information stored in local storage.

“21. The method of claim 12, wherein exiting of the health data protection mode is constrained based on a location of the user device.”

For more information, see this patent: Klein, Justin James. Mobile device network traffic modification and user based restrictions on data access. U.S. Patent Number 11797706, filed February 9, 2017, and published online on October 24, 2023. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11797706)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)