Patent Issued for System and method for transferring data (USPTO 11734650): Mend VIP Inc.

2023 SEP 07 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- Mend VIP Inc. (Orlando, Florida, United States) has been issued patent number 11734650, according to news reporting originating out of Alexandria, Virginia, by NewsRx editors.

The patent’s inventors are Decurnou, Alexander (Winter Park, FL, US), Hoffman, Jessica (Orlando, FL, US), Lassiter, Brandon (Orlando, FL, US), Latorre, Gabriel (Orange City, FL, US), Mcbride, Matthew D. (Orlando, FL, US), Senzee, Paul (Apopka, FL, US).

This patent was filed on October 20, 2022 and was published online on August 22, 2023.

From the background information supplied by the inventors, news correspondents obtained the following quote: “The health care system needs to collect information from patients, providers, and others in order to function. This information is frequently of a sensitive nature, so sufficient security precautions must be taken to safeguard the information and comply with government regulations. For example, such systems must comply with the requirements of the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), as well as the Health Information Technology for Economic and Clinical Health Act, enacted under Title XIII of the American Recovery and Reinvestment Act of 2009 (“HITECH”).

“However, security often must be balanced against accessibility. Very secure processes for collecting healthcare information may be inconvenient to patients or caregivers, and sufficiently onerous processes might be an obstacle to actually collecting healthcare information. Alternatively, such processes might be bypassed or worked around if the capability exists to do so, negating much of their security value.”

Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “An efficient and secure process by which users may enter sensitive information into an electronic information system may be provided. When information is required from a user, the electronic information system may be configured to generate a unique access link (uniform resource locator, or URL) for that user. The link may be sent to the user via electronic communication, such as a text message or email. When the user follows the link with a web browser, the system prompts the user to enter an additional piece of personal information that is not known to the general public. (Certain examples of this additional piece of information may include, for example, a video connection in which the user’s physical appearance may be verified or an audio connection in which a voice recognition system may verify the user’s voice, or alternatively may include a medical history, a clinical assessment, a survey, a photo, a PDF document or any other electronic document, payment information such as credit card information, or any other information or agreements such as may be desired. According to some exemplary embodiments, a portion of a document or piece of information, such as a portion of a medical history or even a single line item in the medical history, or a combination of documents or pieces of information-or a combination of portions-may be used instead.) Once identity is verified, the user may be required to electronically sign agreements. The user is then prompted to enter the required information.

“Such a system may, by design, permit a user to enter information without requiring the user to enter a username and password. If the user accesses the system in such a manner, without entering a username and password, the user may be given access in a “no-login” state.

“In the “no-login” state, the user may not have access to any protected health information. This means that the user may not be provided with any information by following the unique link. (However, in an exemplary embodiment, the user may thereafter be able to provide a username and password, or other information, to gain access to a “login” state.)

“In the “no-login” state, the user may be able to push data into the system. However, as discussed, the user may be “firewalled” from doing anything else. This may be analogized to a bank deposit, wherein a user may be able to deposit funds in the bank account of another (or a bank account for which they have not provided appropriate credentials) but may be firewalled from withdrawing money from the account or otherwise accessing its funds.

“In an exemplary embodiment, such a process for collecting electronic protected health information without a login may comply with security recommendations regarding two-factor authentication. Although a login and password may not be required to deposit information, a sufficient level of security may be achieved because two factors are required to submit information: something the user has (the unique link) and something the user knows (personally identifying information).”

The claims supplied by the inventors are:

“1. A method for providing an efficient and secure interface for transferring protected electronic information, comprising: providing a transfer page, the transfer page comprising a web page supporting at least one of uploading of protected electronic information, submission of intake forms, or live video or audio conferencing; generating and providing, from a server to a user device or kiosk, a unique access link to access the transfer page, the unique access link comprising a uniform resource locator (URL) directed to the transfer page, wherein the unique access link is sent by one or more of email, SMS, or push notification; requesting entry of a personal identifier when the unique access link is accessed, the personal identifier comprising at least one of a record of the user or an identification of at least one personal characteristic of the user; receiving the personal identifier from the user device or kiosk; verifying the personal identifier by comparing the personal identifier with a previously stored set of personally identifiable information; when the personal identifier is verified, granting the user device or kiosk access to transfer protected electronic information, submit intake forms, or connect to live video or audio conferencing on the transfer page; and wherein the transfer page is a no-login page using identity verification for transferring electronic information, submitting intake forms, or connecting to live video or audio conferencing.

“2. The method of claim 1, wherein the unique access link expires after a set time interval.

“3. The method of claim 1, wherein the user device or kiosk is connected to a real-time audio, video, or audio/video conference.

“4. The method of claim 1, wherein identity verification requires data captured in real-time by a user device or kiosk.

“5. The method of claim 1, wherein the personal identifier is collected during account creation.

“6. The method of claim 1, wherein the personal identifier is a date of birth.

“7. The method of claim 5, wherein account creation privileges are restricted to providers.

“8. A system for providing an efficient and secure interface for transferring protected electronic information, the system comprising a server device and a network connection, the server device being configured to execute steps comprising: providing a transfer page, the transfer page comprising a web page supporting at least one of uploading of protected electronic information, submission of intake forms, or live video or audio conferencing; generating and providing, from a server to a user device or kiosk, a unique access link to access the transfer page, the unique access link comprising a uniform resource locator (URL) directed to the transfer page, wherein the unique access link is sent by one or more of email, SMS, or push notification; requesting entry of a personal identifier when the unique access link is accessed, the personal identifier comprising at least one of a record of the user or an identification of at least one personal characteristic of the user; receiving the personal identifier from the user device or kiosk; verifying the personal identifier by comparing the personal identifier with a previously stored set of personally identifiable information; when the personal identifier is verified, granting the user device or kiosk access to transfer protected electronic information, submit intake forms, or connect to live video or audio conferencing on the transfer page; and wherein the transfer page is a no-login page using identity verification for transferring electronic information, submitting intake forms, or connecting to live video or audio conferencing.

“9. The system of claim 8, wherein the unique access link expires after a set time interval.

“10. The method of claim 8, wherein the user device or kiosk is connected to a real-time audio, video, or audio/video conference.

“11. The system of claim 8, wherein identity verification requires data captured in real-time by a user device or kiosk.

“12. The system of claim 8, wherein the personal identifier is collected during account creation.

“13. The system of claim 8, wherein the personal identifier is a date of birth.

“14. The system of claim 12, wherein account creation privileges are restricted to providers.

“15. A non-transitory computer readable medium having stored thereon software instructions that, when executed by a processor, cause the processor to: receive, from a server, a unique access link directed to a transfer page, wherein the transfer page supports at least one of transfer of protected electronic information, submission of intake forms, or live video or audio conferencing; request access to the transfer page using a personal identifier comprising at least one of a record of a user or an identification of at least one personal characteristic of the user, wherein the personal identifier is among a previously stored set of personally identifiable information associated with an account; upon verification of the personal identifier, access the transfer page to transfer protected electronic information, submit intake forms, or connect to live video or audio conferencing on the transfer page; wherein the transfer page is a no-login page using identity verification for uploading electronic information, submitting intake forms, or connecting to live video or audio conferencing.

“16. The non-transitory computer readable medium of claim 15, wherein the unique access link expires after a predetermined time interval or after being followed a predetermined number of times.

“17. The non-transitory computer readable medium of claim 15, further comprising capturing real time data using a camera, audio recording device, or graphical user interface for identity verification and sending the real time data to a server for verification.

“18. The non-transitory computer readable medium of claim 15, wherein the personal identifier is collected during account creation.

“19. The non-transitory computer readable medium of claim 15, wherein the personal identifier is a date of birth.

“20. The non-transitory computer readable medium of claim 18, wherein account creation privileges are restricted to providers.”

For the URL and additional information on this patent, see: Decurnou, Alexander. System and method for transferring data. U.S. Patent Number 11734650, filed October 20, 2022, and published online on August 22, 2023. Patent URL (for desktop use only): https://ppubs.uspto.gov/pubwebapp/external.html?q=(11734650)&db=USPAT&type=ids

(Our reports deliver fact-based news of research and discoveries from around the world.)