Patent Issued for Self-Controlled Digital Authorization Over Communication Networks (USPTO 10,963,585)
2021 APR 09 (NewsRx) -- By a
The assignee for this patent, patent number 10,963,585, is
Reporters obtained the following quote from the background information supplied by the inventors: “Technical Field
“The embodiments herein generally relate to electronic records systems, and, more particularly, to storage, access and authorization of electronic records for access over a communication network.
“Description of the Related Art
“Generally, several types of services such as financial services, healthcare services or information services or others, and associated parameters, attributes and responses related to the services are documented by entities such as physicians, doctors, hospitals or other service providers, analysts, specialists, and others dealing in information management. At times, information holders or owners such as patients may also document their information or data. With the advent of new technologies, such types of documented information can be stored electronically which is generally referred to as electronic records.
“Electronic records are user or owner specific and are generally kept as confidential by the owner of the information or the records. In modern days, these records can be deposited and secured in a central database that is connected over a networked platform such as through an internet that can be accessible by the owner easily.
“In certain conditions, an external device other than the patient such as a general consumer of the information or records may be interested in the electronic records and may want to access them. However, as per the conditions prescribed by several authorities and standards such as the Health Insurance Portability and Accountability Act (HIPPA) meant for health-related information and several others, it is imperative and important to gain authorization from an owner for accessing his electronic records. The process of authorization can be fairly simple if the records are limited. An external device or a consumer may directly approach the owner for authorization. However, as the data contained within the records increase to a large extent, the task of identifying relevant data and gaining access and authorization becomes complex and difficult.”
In addition to obtaining background information on this patent, NewsRx editors also obtained the inventor’s summary information for this patent: “The embodiments herein provide a distributed architecture-based system for digitally authorizing access to computerized records. The system includes at least one server. The server includes at least one computerized records data-store storing multiple computer executable files associated with a subject and containing subject data in a digital format and associated with a subject identifier that identifies association of the subject with its respective computer executable file. The system includes an external device communicatively linked to the at least one server. The system includes a scanner operatively linked to the external device. The system includes a communication network communicatively linking at least two of the subject, the server, the external device, and the scanner.
“The system includes a contextual authorization device for authorizing access to the external device. The contextual authorization device includes a database storing a set of custom rules digitally dictating access rights and levels for the external device based on static information associated with the external device and based on dynamically changing contextual information. The contextual authorization device further includes a Global Positioning System (GPS)-based tracking device for tracking a geo-location of the external device such that the custom rules define different rights for different location types as identified from the geo-location of the external device. The different rights define either one of an outright denial or approval of the access or limiting the access to one or more types of digital records based on the location types. The contextual authorization device further includes a credentialing engine to determine a crowdsourced credentialing score associated with an entity associated with the external device. The crowdsourced credentialing score is determined based on credentialing of a digital profile of the entity by a plurality of respondents such that the crowdsourced credentialing score is indicative of a trust of the external device. The custom rules are defined to allow authorization of the external device only when the entity associated with the external device possesses at least a minimum threshold score. The contextual authorization device further includes a user behavior analytics engine to compare dynamically changing contextual details associated with the entity with a set of past requests indicative of historical behavior and determine an index of normality such that the custom rules are defined to allow the access only when a minimum predefined threshold of normality is noted about the external device and the associated entity.
“The contextual authorization device further includes an access module that processes authorization of the external device for access of the computerized records based on an input received from the GPS-based tracking device, credentialing engine, and the user behavior analytics engine. The contextual authorization device further includes a processing component that creates the computerized records based on the authorization by the access module. The processing component transforms the authorized computerized records into a digital data structure readable by the scanner.
“The system may include an interface unit for providing a graphical user interface to the subject and the external entity associated with the external device to respectively update the computerized records of the subject and view or extract the computerized records as authorized by the contextual authorization device. The system may include a communication channel allowing transfer of the computerized records through at least one of a wired and wireless transmission technique to a destination identified by the external device, upon successful authorization of the access by the contextual authorization device. The system may include an input module configured to receive binary values relating authorization access such that the custom rules may be used in association with the input for providing access to the external device by the contextual authorization device. The contextual authorization device may be configured to select a real time automated manner of access authorization for the computerized records based on the custom rules stored in the database.
“The system may include a document usage system which may include one or more document computer systems in communication with a network of devices including the external device and having a machine-accessible medium storing a plurality of program modules configured to determine document utilization information providing an indication of usage of computerized records as authorized to be accessed by the external device associated with the entity. The usage comprises an amount of time that the associated entity or the external devices has accessed particular sections of the authorized computerized records. The computerized records may be classified into discrete types. The system may include a monetization engine configured to associate a price value with the authorized computerized records based on the usage by the external device and based on the classification of authorized computerized records as accessed by the external device are classified into. The digital data structure may include a QR (quick response) code readable by the scanner.
“The embodiments herein provide a portable device for encapsulating computerized records of multiple types. The portable device includes a plurality of memory segments, wherein each of the plurality of memory segments stores a specified type of computerized records and is accessible by an external device upon successful authorization. The portable device includes an access module that processes authorization to access the computerized records by the external device based on certain inputs received from external components to the portable device. The portable device includes a processing component that creates the computerized records based on the authorization by the access module, wherein the processing component transforms the authorized computerized records into a digital data structure readable by a scanner communicatively connected with the external device.
“The portable device is communicatively connected with a remote server. The remote server includes a contextual authorization device for generating the certain inputs for use by the access module in authorizing access to the external device for the computerized records. The contextual authorization device includes a database storing a set of custom rules digitally dictating access rights and levels for the external device based on static information associated with the external device and based on dynamically changing contextual information. The contextual authorization device includes a Global Positioning System (GPS)-based tracking device for tracking geo-location of the external device such that the custom rules define different rights for different location types as identified from the geo-location of the external device. The different rights define either one of an outright denial or approval of the access or limiting the access to one or more types of computerized records based on the location types. The portable device includes a user interface with a plurality of single-click configurable menu options defined to provide authorization request in a single click such that a single-click configurable menu option of the plurality of single-click configurable menu options is defined to authenticate only a particular type of computerized record with a particular level of access. The level of access includes one of a full access, limited access, and no access, wherein the level of access is defined based on geo-location of the external system and the portable device.
“The portable device includes a communication terminal configured to establish a communication link between the portable device and the external device as soon as any of the plurality of single-click configurable menu options is pressed by a user. The access module is allowed to authorize the access of the computerized records either based on the certain inputs received from the remote server without any manual intervention or alternatively based on single click manual authorization using one of the plurality of single-click configurable menu options to allow access of the computerized records of a particular type defined for a particular context.
“The contextual authorization device may include a credentialing engine to determine a crowdsourced credentialing score associated with an entity associated with the external device. The crowdsourced credentialing score may be determined based on credentialing of a digital profile of the entity by a plurality of respondents such that the crowdsourced credentialing score is indicative of a trust of the external device. The custom rules may be defined to allow authorization of the external device only when the entity associated with the external device possesses at least a minimum threshold score. The contextual authorization device may include a user behavior analytics engine to compare dynamically changing contextual details associated with the entity with a set of past requests indicative of historical behavior and determine an index of normality such that the custom rules may be defined to allow the access only when a minimum predefined threshold of normality is noted about the external device and the associated entity.
“The communication terminal may be a near-field communication (NFC) terminal with one or more NFC taps configured to establish a communication link between the portable device and the external device as soon as any of the plurality of single-click configurable menu options is pressed by a user and the one or more NFC taps is activated. The communication terminal may be a WiFi hotspot with one or more WiFi taps configured to establish a communication link between the portable device and the external device as soon as any of the plurality of single-click configurable menu options is pressed by a user and the one or more WiFi taps is activated. The plurality of single-click configurable menu options may include a single-click configurable option for a hospital terminal computer, a single-click configurable option for a pharmacy terminal computer, a single-click configurable option for a lab terminal computer such that each of the plurality of single-click configurable options may be defined by respective location types associated with particular levels of access to particular types of computerized records as defined through associated geo-locations. The external device may include a mobile computing device associated with the entity and may be configured to process a request to access the computerized records. The external device may include a swipe machine configured to receive a portion of the integrated chip such that the scanner may include a swipe machine reader configured to read the integrated chip for extracting the computerized records according to authorization by the authorization module. The digital data structure may include a QR (quick response) code readable by the scanner. The portable device may further include a printed circuit board mounting the plurality of memory segments, the processing component, and electrical circuitry. The portable device may include a housing component for encapsulating the printed circuit board, and a battery for providing a power source for the portable device.”
The claims supplied by the inventors are:
“What is claimed is:
“1. A system for providing access authorization to an external device for access to computerized records of multiple types in a computerized records data store, the system comprising: a portable device; a communication terminal communicatively linking the portable device to the external device; a plurality of memory segments in the portable device and comprising a specified type of computerized records that have been authorized for access by the external device; a user interface on the portable device and comprising a plurality of single-click computer-executable menu options defined by a location type comprising particular levels of access to particular types of computerized records that allow authorizing access to the external device by selecting the location type for the external device; an access module in the portable device and comprising electronic circuits that execute computer logic instructions that authorizes that access to computerized records by the external device, wherein the electronic circuits of the access module receive a first signal comprising a geo-location associated with the external device, wherein the electronic circuits of the access module determine levels of access and types of computerized records in the computerized records data store that are allowed to be accessed by the external device, wherein the electronic circuits of the access module extract and place data structures comprising the computerized records that are allowed to be accessed by the external device in one or more of the plurality of memory segments for access by the external device, and wherein the electronic circuits of the access module execute computer logic instructions that authorize the external device to access the computerized records based on the geo-location associated with the external device; and an integrated circuit chip in the portable device and containing a processing component that executes computer logic instructions that create the computerized records in the plurality of memory segments, wherein the electronic circuits of the access module execute computer logic instructions that specifies the level of access and type of computerized records in the computerized records data store that are to be extracted and placed in the plurality of memory segments for access by the external device, wherein the processing component executes computer logic instructions that (i) extract the computerized records from the computerized records data store based upon authorization instructions from the electronic circuits of the access module, and (ii) store extracted computerized records in the plurality of memory segments, wherein the electronic circuits of the access module execute computer logic instructions that process the authorization using the geo-location of the external device in conjunction with custom computer-executable rules digitally dictating access rights and levels for the external device based on static information associated with the external device and based on dynamically changing contextual information stored in a database storing the custom computer-executable rules, wherein the electronic circuits of the access module execute computer logic instructions that process the authorization using the location type of the external device in conjunction with the custom computer-executable rules when the location type of the external device is selected by pressing at least one of the plurality of single-click computer-executable menu options, wherein the custom computer-executable rules define different rights for different location types based on the geo-location of the external device or as identified by selecting at least one of the plurality of single-click computer-executable menu options, wherein the different rights define either one of an outright denial or approval of access or limiting the access to the computerized records based on the location types, wherein the communication terminal provides a communication link through a near-field communication (NFC) or a WiFi communication protocol between the portable device and the external device when at least one of the plurality of single-click computer-executable menu options is selected, and wherein the electronic circuits of the access module execute computer logic instructions that authorize access of the computerized records based on the geo-location of the external device or based on the location type for the external device identified by selecting at least one of the plurality of single-click computer-executable menu options that grants access to authorized types of the computerized records.
“2. The system of claim 1, wherein the plurality of single-click computer-executable menu options comprise a single-click computer-executable menu option for a hospital terminal computer, a single-click computer-executable menu option for a pharmacy terminal computer, a single-click computer-executable menu option for a lab terminal computer such that each of the plurality of single-click computer-executable options are defined by respective location types associated with particular levels of access to particular types of computerized records as defined through associated geo-locations.
“3. The system of claim 1, comprising a Global Positioning System (GPS)-based tracking device operatively connected to the portable device, wherein the GPS-based tracking device tracks the geo-location of the external device.
“4. The system of claim 1, wherein the processing component executes computer logic instructions that transform the authorized computerized records into a digital data structure readable by a scanner communicatively connected with the external device.
“5. The system of claim 4, wherein the digital data structure comprises a QR (quick response) code readable by the scanner.
“6. The system of claim 1, wherein the integrated circuit chip comprises the plurality of memory segments, wherein the external device comprises a scanner, and wherein the scanner comprises a swipe machine reader that electronically reads the integrated circuit chip and executes computer-executable instructions that extract computerized records according to authorization by the access module.”
For more information, see this patent: Shah, Shahid N. Self-Controlled Digital Authorization Over Communication Networks.
(Our reports deliver fact-based news of research and discoveries from around the world.)
Safetree, an Insure Tech, makes a good beginning in insurance premium collection
Florida plans audit of program that blocks parents of brain-damaged newborns from suing
Advisor News
- CFP Board appoints K. Dane Snowden as CEO
- TIAA unveils ‘policy roadmap’ to boost retirement readiness
- 2026 may bring higher volatility, slower GDP growth, experts say
- Why affluent clients underuse advisor services and how to close the gap
- America’s ‘confidence recession’ in retirement
More Advisor NewsAnnuity News
- Insurer Offers First Fixed Indexed Annuity with Bitcoin
- Assured Guaranty Enters Annuity Reinsurance Market
- Ameritas: FINRA settlement precludes new lawsuit over annuity sales
- Guaranty Income Life Marks 100th Anniversary
- Delaware Life Insurance Company Launches Industry’s First Fixed Indexed Annuity with Bitcoin Exposure
More Annuity NewsHealth/Employee Benefits News
- Far fewer people buy Obamacare coverage as insurance premiums spike
- Dems criticize Senate challengers for end of subsidies
- Democrats criticize U.S. Senate challengers for end of health insurance subsidies
- HOW HEALTH-INSURANCE CONSOLIDATION HURTS PATIENTS, PHYSICIANS
- Why health care costs hit harder in Alaska
More Health/Employee Benefits NewsLife Insurance News