WO2015019186A2 - Computer systems and methods for multi-network connectivity and privacy control - Google Patents

Computer systems and methods for multi-network connectivity and privacy control Download PDF

Info

Publication number
WO2015019186A2
WO2015019186A2 PCT/IB2014/002241 IB2014002241W WO2015019186A2 WO 2015019186 A2 WO2015019186 A2 WO 2015019186A2 IB 2014002241 W IB2014002241 W IB 2014002241W WO 2015019186 A2 WO2015019186 A2 WO 2015019186A2
Authority
WO
WIPO (PCT)
Prior art keywords
user
data
computer
access
social network
Prior art date
Application number
PCT/IB2014/002241
Other languages
French (fr)
Other versions
WO2015019186A3 (en
Inventor
Jeremiah MCAFOOSE
Jordan Mcafoose
Daniel DOUGLAS
Chris Benning
Original Assignee
Imcare Ag
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Imcare Ag filed Critical Imcare Ag
Publication of WO2015019186A2 publication Critical patent/WO2015019186A2/en
Publication of WO2015019186A3 publication Critical patent/WO2015019186A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database

Definitions

  • Embodiments of the present subject matter relate to digital networks, and more particularly to multi-network connectivity and privacy control.
  • a digital environment generally includes interconnected systems of networked computers (e.g., via the Internet), web pages (e.g., the World Wide Web), and communication systems (e.g., mobile phones, tablet PCs, or the like).
  • Communication networks for example, have leveraged this connected digital environment to create modern electronic mailing systems (e.g., email) and voice over IP services (VoIP) that have allowed individuals from around the world to communicate with each other in real-time.
  • Content networks have created specialized platforms for creating, storing and sharing content on a global scale.
  • Social networks have changed the way in which individuals connect with each other by allowing individuals to form online networks based on common interests.
  • Specialized social networks e.g., for professionals, patients, and/or dating), have created dedicated network environments for focused communications and tools that are relevant to these specialized groups of individuals.
  • a computer-implemented system includes a memory including user profile data.
  • the user profile data includes shared data and access data corresponding to the shared data.
  • the shared data is shared with at least one other user through a social network.
  • the computer-implemented system also includes a computer processor operatively coupled to the memory.
  • the computer processor is configured to determine a set of users who have access to the shared data, determine a change to the set of users who have access to the shared data, and update the access data based on the determined change to the set of users who have access to the shared data.
  • a computer-implemented system includes a memory including first profile data associated with a first social network and second profile data associated with a second social network, and a computer processor operatively coupled to the memory and configured to provide access to the first social network and the second social network through a single portal.
  • a computer-implemented method of managing shared data in a social network includes determining, via a computer processor, a set of users who have access to the shared data, determining, via the computer processor, a change to the set of users who have access to the shared data, and updating, via the computer processor, access data based on the determined change to the set of users who have access to the shared data.
  • a non-transitory computer-readable medium having stored thereon a computer program product having instructions configured to cause processing circuitry to manage shared data in a social network is disclosed.
  • the shared data includes associated access data stored in a memory.
  • the instructions are configured to cause the processing circuitry to determine a set of users who have access to the shared data, determine a change to the set of users who have access to the shared data, and update access data based on the determined change to the set of users who have access to the shared data.
  • a computer-implemented method for providing access to a plurality of computer-implemented social networks includes receiving a request to access one of a first social network and a second social network, authenticating a user profile based on the received request, and providing access to a first social network and a second social network through a single portal.
  • a non-transitory computer readable medium having stored thereon a computer program product having instructions is disclosed.
  • the instructions are configured to cause processing circuitry to receive a request to access one of a first social network and a second social network, authenticate a user profile based on the received request, and provide access to a first social network and a second social network through a single portal.
  • a computer-implemented system may include a memory including data.
  • the data includes shared data and access data corresponding to the shared data.
  • the shared data is shared with at least one other user through a network.
  • the system includes a computer processor, operatively coupled to the memory.
  • the computer processor may optionally include an application protocol interface module configured to communicate with a user interface to receive shared data and store the shared data in the memory, and a shared data analysis module configured to determine a set of users who have access to the shared data.
  • the shared data analysis module may determine a change to the set of users who have access to the shared data and update the access data based on the determined change to the set of users who have access to the shared data.
  • the shared data analysis module may optionally be configured to store access data indicating the number of users who have access to the shared data in the memory.
  • the access data may optionally be stored as metadata along with the shared data.
  • the computer processor may optionally include a settings control module configured to interact with the application protocol interface module.
  • the settings control module may be configured to receive and store privacy settings regarding the shared data in the memory.
  • the memory may optionally include network user information including data identifying a plurality of network users.
  • the shared data analysis module may optionally be configured to determine the set of users having access to the shared data based on the privacy settings information and network user information.
  • the shared data analysis module may optionally be configured to filter the network user information based on parameters identified in the privacy settings information.
  • the privacy settings information may optionally include one or more of an identification of a particular user having access to the shared data, identification of a group of users having access to the shared data, and an identification of a particular type of shared data.
  • the shared data analysis module may optionally be configured to determine a change to the privacy setting information and re-determine a number of users having access to the shared data based on the change to the privacy setting information.
  • a computer-implemented system which includes a memory including first profile data associated with a first network and second profile data associated with a second network. The first profile data and the second profile data including a common user identification and authentication information. The system also includes a computer processor operatively coupled to the memory and configured to provide access to the first network and the second network through a single portal based on the common user identification and authentication information.
  • the common user identification and authentication information may optionally include a user name and password.
  • the common user identification and authentication information may optionally be stored in a first memory.
  • the first profile data and the second profile data may optionally be stored in one or more second memories.
  • the first memory may optionally include network identification information for identifying one or more networks associated with the user identification and authentication information.
  • the first memory may optionally include a plurality of entries including common user identification and authentication information stored with associated entry identification information.
  • the second memory may optionally include a plurality of entries including shared data stored with associated entry identification information.
  • the first entry and the second entry may optionally include linked entry identification information.
  • FIG. 1 is a functional block diagram of a computer-implemented networking system according to some embodiments.
  • FIG. 2 illustrates a conceptual representation of a computer-implemented network according to some embodiments.
  • FIG. 3 illustrates a flowchart of a computer-implemented method of accessing multiple networks according to some embodiments.
  • FIG. 4 illustrates some examples of user functionality and connections in a computer- implemented network system according to some embodiments.
  • FIG. 5 illustrates an example of a user interface for controlling a user profile according to some embodiments.
  • FIG. 6 illustrates an example of a user interface for displaying a user's profile to another user in a computer-implemented system according to some embodiments.
  • FIG. 7 illustrates an example of a user interface for communicating information regarding an administrated account according to some embodiments.
  • FIG. 8 illustrates an example of a user interface for communicating information based on a user's shared data according to some embodiments.
  • FIG. 9 illustrates a user interface for controlling user privacy information according to some embodiments.
  • FIG. 10 illustrates examples of access icons and visibility icons according to some embodiments.
  • FIG. 1 1 illustrates a flowchart of a method of monitoring access information associated with shared data according to some embodiments.
  • FIG. 12 illustrates an example of a network data access architecture according to some embodiments.
  • FIG. 13 illustrates examples of a user data entry and network content entries according to some embodiments.
  • computer systems and methods for multi-network communication and privacy control are described.
  • the computer systems and methods described include functionality that is capable of addressing the various shortcomings of current cross-network strategies to connect single -networks.
  • multi-network approaches are described which may provide new dimensions to network connectivity.
  • computer-implemented networks may be implemented to establish one or more of user-to-user, user-to-group, user-to-account connections both within and across networks; content/activity sharing and interaction across networks; data protection and profile sharing based on privacy-by-design principles; privacy icons and notifications systems that inform users corresponding to levels of privacy associated with visited profiles and network pages; interactive notification systems to alert users about activity/content both within and across networks; and/or embedded single and/or private network accounts (e.g., integrated data system) for creating, storing, tracking and reporting of personal and/or sensitive data.
  • privacy measures are provided in order to enhance user control over shared data in a single network and/or across multiple networks.
  • data may be tagged and/or associated with specific privacy settings in order to maintain privacy control of the data as it is disseminated within the network.
  • data that is shared by a user is tracked in order to determine a change to the set of users who have access to the shared data.
  • privacy icons may be displayed on each user profile in order to inform visiting users of the level of access associated with data that is shared with the visited user profile.
  • Examples of the systems and networks will be described in conjunction with a health care, professional, and/or personal network.
  • the various embodiments are not limited to such networks and these types of networks are only utilized as no n- limiting examples.
  • the systems and method described may be applicable to financial systems, immigration/government systems, general social networking systems, collaborative systems for corporate or personal use (e.g., cloud solutions, crowd-sourcing, open source, or the like), in which personal data is collected, stored, tracked, reported and shared within networked information systems.
  • FIG. 1 is a functional block diagram of a computer-implemented networking system 100 according to some embodiments.
  • the computer-implemented networking system 100 includes a network processor 102 coupled to a memory 104.
  • the network processor 102 is in communication with a user device 108 through a communication link 106.
  • the network processor 102 may correspond to a general purpose processor or processing circuitry that is configured to receive and execute instructions for performing the functions which will be described in greater detail below.
  • each of the modules may be implemented in hardware or software. When implemented in software, each of the modules may be implemented by the same or different general purpose processors or processing circuits that are configured to execute the instructions contained therein.
  • the network processor 102 is a server that is operated by and/or is under the control of a network administrator.
  • the computer-implemented network system 100 includes a high-performance, component-based, rapid application development framework with embedded privacy-by-design and event-driven architecture.
  • the computer- implemented system 100 places patients/caregivers within care communities and surrounds them with information, pro-health tools, and/or community services.
  • the modular (component-based) design of the computer-implemented system 100 allows for both the integration of multiple networks into a single -user-interface, as well as, rapid application development.
  • the computer-implemented system 100 utilizes a representation state transfer (REST) application protocol interface (API) which extends the rapid application development to mobile applications and third party developers.
  • REST representation state transfer
  • API application protocol interface
  • the memory 104 includes data associated with users of multiple social networks.
  • the memory 104 includes user profile data for a plurality of users.
  • An example of a data access architecture for accessing data stored in memory 104 will be discussed in greater detail below with reference to FIG. 12
  • Each user profile entry may include user authentication information (e.g., user name and password information) that is associated with a user portal for accessing multiple networks.
  • each user profile entry that is stored in memory 104 is associated with one or more networks that the user is affiliated with as will be described in greater detail below with reference to FIG. 4.
  • a plurality of data files and/or object files may be stored in the memory 104.
  • information regarding a user's associated friends, groups, organizations, profile settings, recommendations, tags, and/or shared data may be stored in the memory 104.
  • An example of a user database and network databases will be described in greater detail below with reference to FIG. 13.
  • a user's profile settings may include one or more privacy settings that are associated with the user profile, a particular type of shared data (e.g., photos, posts, document files, or the like), and/or a particular subset of shared data (e.g., medical test results file, MRI scan file, user's resume, or the like).
  • the memory 104 may store metadata that is associated with shared data. The stored metadata may include privacy setting information that is particular to the shared data. In some embodiments, the memory 104 also includes access information that is associated with the shared data.
  • the access information may indicate the number of instances of access to the shared data, the frequency of access to the shared data, the identity of users who have accessed the shared data, a set and/or number of users who are capable of accessing the shared data, and other analytical statistics regarding the shared data.
  • some or all of the access information may be included as metadata that is stored along with the corresponding shared data.
  • the network processor 102 is configured to communicate with the memory 104 in order to provide user access and connectivity to one or more networks of users.
  • a representation state transfer (REST) system is implemented by the network processor 102 in order to modify and/or provide access to the data stored in memory 104.
  • REST representation state transfer
  • a representation of the data stored in the memory 104 is generated by corresponding modules of the network processor 102 for rendering information for display, modifying, and/or updating the data that is stored in the memory 104.
  • the data that is stored in memory 104 is modified and/or accessed based on a persistence system in which databases and/or entries are retrieved by the various modules of the network processor 102.
  • the network processor 102 includes a profile control module 1 10, an application protocol interface module 1 12, a settings control module 1 14, and a shared data analysis module 116. While not shown, other modules may also be implemented as part of the network processor 102.
  • the portal generation module 110 is configured to retrieve user authentication information from a user device 108 through the communication link 106 and provide access to the data stored in memory 104 to the user device 108. For example, the user device 108 may communicate a request to access one or more networks that are managed by the network processor 102 by sending a message through the communication link 106 (e.g., an internet and/or local area network connection).
  • the portal generation module 110 may be configured to authenticate the user device 108 based on the received message and generate a user portal for accessing the one or more networks.
  • the portal generation module 110 may provide access for the user device 108 to data and/or networks that are associated with the authenticated user information that is received from the user device 108.
  • an application protocol interface module 112 may be configured to generate a user-interface for interacting with the user device 108 through the communication link.
  • the application protocol interface module 112 may be configured to render a web-based interface for communicating with the user-device.
  • the application protocol interface module 1 12 may be configured to translate messages retrieved from the user device 108 and/or communicated to the user device 108. Data that is shared by a user through the user interface may be translated by the application protocol interface module 112 and stored in memory 104.
  • the settings control module 114 may be configured to control and/or update user profile settings that are stored in memory 104.
  • the settings control module 114 may be configured to control one or more privacy settings associated with a user profile.
  • the settings control module 114 may be configured to update and/or communicate privacy settings that are associated with individual shared data files and/or objects, and or with particular types of shared data.
  • the shared data analysis module 116 may be configured to monitor the use of shared data and information regarding access to the shared data based on parameters provided by user as will be discussed in greater detail below with reference to FIGs. 7-8 and 1 1. For example, in some embodiments, the shared data analysis module 1 16 may generate graphical representations based on aggregation of information (e.g., events) that are provided in the shared data. In some embodiments, the shared data analysis module 116 may be configured to monitor access to a user's shared data and generate notifications to the user based on changes in access to the shared data.
  • FIG. 2 illustrates a conceptual representation of a computer-implemented network according to some embodiments.
  • a single network portal 200 provides user access to a plurality of networks.
  • the network portal 200 may be provided by the network processor 102 following authentication of a user.
  • the network portal 200 may be based on user profile information that is stored in a memory 104.
  • Examples of the networks that may be accessed by the user include a professional network 202, a personal network 204, a health accounts network 206, and one or more care networks
  • the professional network 202 may include health care professionals (e.g., doctors, nurses) that may communicate with one another and share information through the professional network 202.
  • health care professionals e.g., doctors, nurses
  • a user that is a mental health professional may have a professional network account in which they collaborate with other health professionals (e.g., physicians, nurses, psychiatrists, or the like) regarding topics that are relevant to their profession (e.g., changes in health care protocols, job opportunities, new research, or the like).
  • the personal network 204 may correspond to a social network through which the user may communicate and interact socially (e.g., with friends, relatives, or the like).
  • family members and friends may document, share, and/or celebrate the life of a person receiving care.
  • friends and family can create, share, view and comment on a patient's life story. Members can also share their memories of important life events by posting messages and/or photos to or about the patient.
  • the personal network 204 may serve as a meaningful activity for family members as they deal with the loss of a loved one and may reassure the patient that others care.
  • the personal network 204 may provide future caregivers with the information needed to render care based on a personal relationship (i.e. knowledge about the patient's major life events, number of children, hobbies, former careers, or the like).
  • the health account network 206 may correspond to a network in which the user has administrative and/or access rights to one or more health accounts for tracking the health of a patient, relative, and/or friend. As will be described in greater detail below with reference to FIG. 7, a plurality of users may have access to the same health account information for a particular individual through the health accounts network 206.
  • the network portal 200 may also provide a user access to a plurality of individual care networks 208A-208E as shown in FIG. 2.
  • a user may access a dementia care network 208A, a diabetes care network 208B, a general mental health care network 208C, a heart health care network 208D, and/or a cancer care network 208E.
  • Each of the care networks 208A- 208E may provide user collaboration regarding care for the associated health topic.
  • a user may seamlessly transition from one network to another network (e.g., without having to re-enter one or more a user name and/or password). Furthermore, through the network portal 200, data that is shared through one or more of the social networks may be monitored, analyzed, communicated, and/or associated with a single user profile regardless of the origin network of the shared data.
  • Each network may correspond to a web-based network that provides users with social support and the ability to share ideas and experiences with other users, family, and friends. Through each of the networks, users may view latest activity, recent discussions, and comments from within their network; quickly view and manage the connections with other users within their network; view and share photos from members within their network and participating groups; participate in support groups or lead their own discussion group; and/or access physician reviewed and/or certified information.
  • users can build a community by creating and participating in discussion groups, and/or supporting organization online communities, among other things.
  • groups users can support other users and develop networks such that they can engage in peer support, community support, share photos, and/or engage in social conversation.
  • groups can create and manage discussion boards to help raise awareness about caregiving issues and solutions to better manage the particular challenges associated with each network.
  • users may be provided with mobile access to the network portal 202 and the plurality of networks shown in FIG. 2.
  • the mobile access may include web- based access to tools and information provided through the various networks, as well as, applications for mobile management, tracking, and/or reporting of health status.
  • FIG. 3 illustrates a flowchart of a computer-implemented method 300 of accessing multiple networks according to some embodiments.
  • the computer-implemented method 300 may be implemented, for example, by a computer processor such as network processor 102 as discussed above with reference to FIG. 1.
  • the method 300 includes receiving a request to access one or more computer-implemented social networks as shown in block 302.
  • the request may include user authentication information that is associated with a user profile.
  • the user information may be authenticated based on the received request.
  • the request information may include user name and password information that is associated with a particular profile.
  • the received user name and password information may be authenticated with reference to information that is stored in a memory (e.g, memory 104 discussed above with reference to FIG. 1). As shown in block 306, following authentication, a user is provided access to a first social network and a second social network through a single portal.
  • a memory e.g, memory 104 discussed above with reference to FIG. 1.
  • FIG. 4 illustrates some examples of user functionality and connections in a computer- implemented network system according to some embodiments.
  • FIG. 4 illustrates a professional network and a care network that may be accessed by a user through a common portal 420.
  • the professional network may correspond to the professional network 202 discussed above with FIG. 2, while the care network may correspond to one of the care networks 208A-208E discussed above with reference to FIG. 2.
  • each network may maintain and uphold proactive privacy decision-making functionality.
  • a user 402 can connect with other users in a social network via individual user-driven specific placement of a networked user 408 into network groups.
  • network groups may be pre-defined and/or configured by the user 402 as public networks 406 A, restricted networks 406B, and/or private networks 406C.
  • Each of the network groups 406A-406C thereby provides sub-networks having different associated privacy settings for sharing of data.
  • the privacy settings for each of the groups may be pre-defined and/or configured by the user 402
  • the association of each user within the network can be non-mutual.
  • a user 402 may place another user 408 within a private network group 406C, whereas the other user 408 may place the user 402 within a public network group 406A.
  • the two users are connected, but are not sharing the same level of information with each other.
  • users can modify their network groups (e.g., by switching users from one group to another) or remove users from their network (e.g., by disconnecting or withdrawing another user's privileges).
  • User classification may be set based on interaction with a user interface (e.g., through drop down menus, or the like).
  • a user 402 may have access to administrative tools and collaborative tools to manage, analyze, and/or control access to shared data 404A-404E in the professional network.
  • shared data 404A may correspond to personal data regarding the user 402
  • shared data 404B may correspond to data associated with a clinic and/or hospital for which the user 402 has administrative and collaborative control
  • shared data 404C may correspond to a particular study or research results for which the user 402 has administrative and collaborative control.
  • a user 402 may also have collaborative access to some shared data without having administrative access to that shared data.
  • the user 402 may follow and/or be a member of a professional organization having a profile on the professional network.
  • the user 402 may also be a friend, member, and/or follow other entities (e.g., hospitals, clinics, or the like).
  • the user 402 may have access to shared data and information that is administered by other members and/or entities in the network.
  • each of the various entities may have additional users 408 as members and/or contributors.
  • the user 402 may also have access to tracking tools as shown in FIG. 4.
  • the tracking tools may include a data aggregation tool 406A, a professional network shared data tracking tool 406B, and/or analysis tools 406C for analyzing patient and/or other user data to generate reports.
  • the tracking tools may be utilized in conjunction with the portal 420 to track and analyze data that is shared in other networks that the user 402 is affiliated with.
  • the various tracking tools may be implemented through the use of a module (e.g., shared data analysis module 116) within a computer-processor (e.g., network processor 102).
  • the user 402 may share data that is uploaded by the user 402 and/or retrieved from another user or entity in the professional network with users and/or entities within the professional network and/or across other networks (e.g., a care network as shown in FIG. 4).
  • a care network a user 402 may interact with other users who are professional and/or non-professional caregivers for another person (e.g., a friend or family member).
  • a care network may be specific to a particular type of illness or issue for which the caregiver oversees care. Similar to the professional network, in the care network shown in FIG. 4, the user 402 may interact with other users in a social network.
  • users 408 may be associated with the user 402 and/or classified as public, private, and or restricted participants.
  • the user 402 may also interact with other users 408 through discussion groups and/or support organizations that are part of the care network.
  • the user 402 may publish information and share data with entities and/or users that are part of other networks that the user is affiliated with through the portal 420.
  • a user 402 may establish a personal profile on behalf of themselves or another person (e.g., a person for which care is being administered). Through the personal network, users 402 may share personal information (e.g., photos, biographical information, or the like) with other users 408 regarding themselves or the person for which care is being administered. Other users 408 may then collaborate and/or contribute to the personal profile based on their administrative access and/or network relationship with the user 402 in the personal network. [0070] The user 402 may also have access to tracking tools that may be tailored to the particular care network. For example, the user 402 may have access to a reporting tool 41 OA configured to automatically or periodically communicate data regarding the care of a patient by the user 402.
  • a reporting tool 41 OA configured to automatically or periodically communicate data regarding the care of a patient by the user 402.
  • the tools may also include data aggregation and analysis tools 410B and 410C for analyzing and illustrating aggregated results of data that is input by the user 402 regarding care of a patient.
  • the analysis and aggregation tools 410B and 410C may also be configured to generate alerts and/or provide recommendations for the care of a patient based on the analyzed data.
  • the user 402 may have access to a library of information that is certified by professionals in the related field.
  • the analysis and aggregation tools 410B and 410C may correlate the information that is provided by the user 402 with information that is provided in the library of information in order to assist in the diagnosis and/or early detection of illnesses, management of symptoms, and/or caregiver challenges.
  • recommender system algorithms or data analytics may be provided that can detect changes in health status and make recommendations or push content (e.g. management strategies) to a patient and/or caregiver in order to provide targeted intervention.
  • the various tracking and/or reporting tools may be implemented through the use of a module (e.g., shared data analysis module 1 16) within a computer-processor (e.g., network processor 102).
  • real-time tracking of data may be provided in conjunction with the administration of medication.
  • an intervention strategy may be provided that includes drug administration and the use of the data recording and/or tracking system for drug adherence.
  • a user in the same network and/or a different network e.g., a doctor, family member, caregiver, or the like
  • tracking tools may be utilized to monitor side effects, as well as, drug efficacy.
  • users 402 may grant shared access to a personal account. As such, the invited user gains privileged access to a personal account, thus allowing both users to manage that account collaboratively.
  • a user 402 can invite and/or allow an external user that resides in a different network, to have privileged access to their personal account. For example, the privileged user can view and interact with the personal account, but may not have full administrative access.
  • user connections may be made by individual user-driven decisions.
  • real-time data may be utilized by professionals for research and/or other purposes.
  • the aggregation and analysis of data from single or multiple patients could be used in clinical trials, clinical research, epidemiological research or other research.
  • long-term secondary preventative therapies for dementia need to be monitored closely over years or decades.
  • the use of real-time health tracking in conjunction with secondary preventative therapy may provide a highly effective approach to the treatment of such conditions.
  • informed consent processes and account access controls e.g., as part of the multi-network connectivity model, may insure that the use of the data is compliant with regulations and privacy concerns.
  • care networks can be connected with professional networks as shown in FIG. 4, as well as, other disease-specific networks, personal networks, and/or health accounts as discussed with reference to FIG. 2.
  • structured connections between users can be made across networks, and/or data/communications can be published across the various networks.
  • a process for single or private network account integration with a network for creating, storing, tracking and reporting of personal/sensitive information may be provided.
  • These 'integrated data systems' or components within a network may enable users to create, store, track, report and/or share personal data, confidential data, sensitive data and/or original data.
  • an added layer of security may be provided to separate accounts from network activity to create highly secure environments for private data storage and controlled sharing.
  • account privileges can be given by administrators to create a shared or collaborative system. Sharing of data may be structured through defined communication channels in which the account administrator has the ability to assign or revoke privileged access to the account.
  • the ability to transfer ownership (e.g., administrative controls) may be initiated with acceptance by the current administrator and/or owner in conjunction with acceptance by a receiving account owner and/or administrator.
  • the multi-network system may provide a closed-looped connection between patients, caregivers, and doctors through the sharing of health information through privileged account access controls.
  • the system may be used to enable the organization of care activities amongst multiple caregivers.
  • FIG. 5 illustrates an example of a user interface 500 for controlling a user profile according to some embodiments.
  • the user interface 500 may be provided to a user in order to control the user's profile in the social network as it appears to other users, as well as to share data and interact with other users in the network.
  • the user interface 500 includes an avatar 501 which may correspond to a picture of the user that is associated with the user's profile. The user may change and/or delete the avatar 501 through interaction with interface 500.
  • the user interface may also include a header 502 including an identification of the network in which the user is currently interacting. While not shown, the header 502 may also include access to navigation elements, notifications, and/or session control (e.g., log out). In some embodiments, the header 502 is persistent on all views as the user navigates the network.
  • the user may have access to different networks by accessing a drop down menu 503 or the like.
  • the access to different networks allows users to join multiple networks and navigate between them seamlessly through a common portal connecting the user's device to the corresponding network server(s).
  • the header 502 may also include main navigation objects such that a user may access the main components of the network (e.g., person search field, home page, notifications, and/or other important network wide information). For example, notifications may inform a user when there has been activity on one of the nodes they have created or are following. As a result, the user can quickly see and navigate to the node from anywhere in the site.
  • the user interface 500 also includes a footer 504.
  • the footer 504 may provide users access to additional information about the network.
  • the footer 504 may include information such as copyright information, access to an about page, legal information, help information, contact information, language settings, and/or links to other social media profiles.
  • the footer 504 is persistent in all views of the interface throughout interacting in the network.
  • the user interface 500 may display a user's name and an access control icon 506 as shown in FIG. 5.
  • the access control icon 506 allows a user to see what the access control setting (e.g., public, private, restricted, or the like) is for their profile at all times.
  • the user may also post updates using an entry field 508.
  • the user may select who to share the update with by assigning the desired set of users for whom the update will be broadcast. The assignment may be based on pre-defined groupings of users (e.g., close friends, familiar users, and/or extended users) and/or may be personalized at the time of posting the information.
  • the entry field 508 the user may share text, data, photos, and/or other types of information with the selected users or entities in the network.
  • the user may also view other updates that are shared by other users in the network through a display area 510, and may filter views based on interaction with corresponding user interface objects.
  • the user interface 500 may also include a sub-navigation field 512 to allow the user to view different areas of the network (e.g., updates, friends, photos, groups, settings, and/or a user's personal biographical page).
  • Other functions may also be provided to the user through the user interface 500. For example, through the user interface 500, a user may search for other users or entities, request connections, invite friends, view advertisements, view site news, or the like.
  • FIG. 6 illustrates an example of a user interface 600 for displaying a user's profile to another user in a computer-implemented system according to some embodiments.
  • the profile view shown in FIG. 6 is an example of what other user see when viewing each other's profiles in a network.
  • users may view a snapshot into another user's activity, friends, and/or shared data (e.g., uploaded photos).
  • shared data e.g., uploaded photos.
  • a user may view another user's avatar 601 , post directly on the user's page through entry field 608, view a user's activity, associations, and shared data through display area 610, and navigate to other information available through the user's profile through navigation area 612.
  • the user interface 600 also includes a privacy icon 606 for informing a visiting user of the access associated with the visited user profile. As a result, a user may be better informed regarding the audience and set of users that would have access to information and/or data that is shared through the visited user's profile.
  • the user interface 600 may also correspond to a group and/or organization rather than a particular user.
  • group profiles may be created for health or other organizations.
  • Group profiles may be created by a user and can be administrated by multiple users. In some embodiments, groups can be followed by any users in the network community. Different and/or additional features (e.g., discussion areas) may be available through a user interface 600 that is displaying a group profile. Similar to user profiles, group profiles may be managed from a dashboard similar to the user interface 500 discussed above with reference to FIG. 5.
  • FIG. 7 illustrates an example of a user interface 700 for communicating information regarding an administrated account according to some embodiments.
  • a health account may be utilized by a user in order to manage care for a patient, friend, and/or family member.
  • users can record problems in real time or at any convenient time for the user. In some embodiments, this recorded information may then be used to show trends and help the user provide better care.
  • the user interface 700 includes a navigation area 712 which allows a user to navigate through information that is associated with the accessed health account.
  • the navigation area 712 may allow users to access statistics related to recorded information, updates and/or latest activity associated with the account, upcoming appointments and important calendar entries, medical information and medical files, identification of users (e.g., caregivers and/or family members) having access to the health account, access to discussions regarding the health account, and/or other settings (e.g., administrative rights, privacy, or the like) that are associated with the health account.
  • users e.g., caregivers and/or family members
  • other settings e.g., administrative rights, privacy, or the like
  • the user interface 700 includes an entry interface 708 through which the user can enter information regarding a particular health related event and/or upcoming appointments or the like.
  • the user interface 700 may also include a display area 710 that is configured to display statistical and/or graphical representations of events that are associated with the health account. The user may interact with the display area 710 in order to define particular parameters (e.g., relevant time periods, types of events, or the like) regarding the data that the user wishes to analyze.
  • Health accounts Through the use of health accounts, users may be equipped with tools to control, structure, and/or organize health care activities for more complete insight, awareness, and/or communication of changes in health status. Unlike current methods, which may miss significant events or important signals of declining function or may poorly characterize detected events, through the use of health accounts, an accurate representation of a person's overall health symptoms and events may be analyzed and diagnosed. Health accounts may enable users to capture rare, irregular, and/or transient events; symptoms that are difficult for a patient (or caregiver) to report; and/or changes in condition that evolve slowly over time. Through the use of health accounts, more accurate and earlier detection of changes may be detected, diagnosed, and/or treated.
  • FIG. 8 illustrates an example of a user interface 800 for communicating information based on a user's shared data according to some embodiments.
  • the user interface 800 may be configured to display an information center in order to assist in educating the user regarding a particular topic of interest.
  • an information interface 810 a user may search directly for information that is available through the network regarding particular topics using keywords and/or by browsing through particular categories.
  • recommendations may also be provided to the user in display area 812.
  • a user's history and/or desired reading list may also be displayed to the user in display area 812.
  • a user may be provided access to trending topics in order to browse topics that are being viewed most by a user's community and/or network.
  • caregivers can be provided with the knowledge and confidence to handle daily challenges with professional quality care by offering an in-depth knowledgebase that brings together multi-disciplinary approaches for practical solutions to manage daily challenges.
  • this knowledgebase may be delivered via content immersion strategies and recommender systems.
  • shared data may be utilized to the benefit of other members of a user's social network.
  • privacy is a relevant aspect to control the use of and access to shared data. This is particularly important in the context of healthcare networks, in which the shared data may correspond to a person's sensitive medical information.
  • regulations are generally more stringent with regard to healthcare information relative to other types of data that can be shared in a social network.
  • Social networks may be described as an instance of data-management applications, which are focused around so-called CRUD actions that create, read, update, and delete data.
  • Such applications are often implemented as multi-tier systems, where the application manipulates data stored in a persistent database and interacts with users through a graphical interface (GUI).
  • GUI graphical interface
  • fine-grained access control policies which are essential for defining social networking privacy, may depend not only on the user's credentials but also on the satisfaction of constraints (e.g., user-defined privacy preferences/settings) on the state of the persistence database.
  • constraints e.g., user-defined privacy preferences/settings
  • authorization checks may be implemented pro grammatically, by directly encoding them at appropriate places in the application.
  • FIG. 9 illustrates a user interface 900 for controlling user privacy information according to some embodiments.
  • the user interface 900 shown in FIG. 9 may correspond to a privacy settings view of the same user profile that is described in FIG. 5 above.
  • a user may control how other users see their activity, profile, receive notifications, and link their other social media sites.
  • Settings controls may include adjustment of general settings for the profile such as password and email address; adjustment of services settings to allow users to link their other social network credentials to a particular profile, notifications settings to allow users to control what they receive notifications for, and privacy settings to provide users with multi-level control over who can see their profile, shared data, and/or activity.
  • a user may adjust privacy settings in order to adjust the visibility of their profile. For example, a user may set their profile to private such that no profile information is visible; restricted, such that a limited subset of profile information is visible to the network; or public such that all profile information is visible to the network. As discussed above with reference to FIG. 4, users may also classify other users in the network in a non-mutual manner such that the visibility of information may be different for different users and/or groups of users in the network.
  • a user may also assign privacy settings that are unique to particular types of data and/or particular data items that are shared by the user in the network. For example, a user may identify data that can be accessible only upon the user's explicit consent. A user may identify a specific purpose that is to be pursued when accessing the user's sensitive data, such that only the minimum data that is necessary to achieve this purpose becomes accessible. A user may identify specific circumstances (e.g., undesired visibility of the user's sensitive data due to actions impacting the data) that trigger a privacy notification to the user.
  • shared data may be tagged by a user (e.g., as confidential and/or sensitive). When the shared data is stored in a server memory (e.g., memory 104), the shared data may be stored with the associated privacy setting and/or data indicative of a tag associated with the shared data.
  • fine- grain control of access to the shared data may be provided. For example, in some embodiments, if shared data is tagged, the data cannot be viewed without clicking an acknowledgement that is communicated to a user requesting access to the shared data. The interaction with the acknowledgment may in turn both notify the creator that receiving person has acknowledged the privacy concern, and upon acknowledgment make available the data. In some embodiments, the shared data may not be accessed by the requesting party without the express approval and/or acknowledgment of the administrator and/or owner of the shared data. In some embodiments, activity-dependent notifications that notify a user of a request to access data and forward an informed consent agreement requiring review by the owner of the shared data may be provided in an access request message.
  • FIG. 10 illustrates examples of access icons 1000 and visibility icons 1002 according to some embodiments.
  • the examples shown in FIG. 10 are non-limiting examples of icon designs that may be utilized to indicate access and privacy status. Other designs, visual, auditory, and/or other notifications may also be utilized in order to communicate access and privacy information to a user.
  • access icons and privacy icons may be utilized in the network to inform users of the access levels associated with the visited profile and/or their own profiles.
  • the access icons 1000 and visibility icons 1002 may be utilized to visualize privacy levels using one or more of visual cues, hover- state descriptors, and/or pop-up detailed descriptions with active links for further information.
  • Privacy icons 1002 may visually represent account access privileges (e.g., personal, shared, privileged, and/or de-identified as shown in FIG. 10.
  • Visibility icons 1000 e.g., private, restricted, or public
  • hover-states may be associated with these icons to provide added information about the privacy level, such that, with the click of the icon a pop-up is provided with a full detailed description of the privacy level.
  • a number may be displayed to represent the number of profile connections or shared access to an account, thus providing users with a quantified description of the privacy level. For example, a restricted profile that is connected to five other users, versus a restricted profile that is connected to five- hundred other users.
  • One particular obstacle that may be encountered when sharing data in a network is the indirect change to the number and/or set of users that have access to data that has been shared by the user. For example, a first user may share data with a second user in a network while the second user has a restricted privacy setting. However, when the second user changes their privacy setting, additional users may have access to the first user's shared data without the first user's knowledge or control.
  • FIG. 1 1 illustrates a flowchart of a computer- implemented method 1100 of monitoring access information associated with shared data according to some embodiments.
  • the computer-implemented method 1100 may be implemented, for example, by a computer processor such as network processor 102 as discussed above with reference to FIG. 1.
  • the method 1100 includes determining a set of users who have access to the shared data through a social network as shown in block 1102. For example, quantification may be performed (e.g., through the use of a shared data analysis module 1 16) to indicate the number of restricted connections or shared access privileges to a profile or account.
  • the quantified set of users may be stored along with the shared data in memory 104 as access data that is associated with the shared data.
  • a change to the set of users who have access to the shared data may be determined.
  • the shared data analysis module 1 16 may receive a request to access the shared data and/or detect a change to the privacy settings associated with a profile through which the shared data may be accessed.
  • the access data that is associated with the shared data may be updated based on the determined change to the set of users.
  • users may be provided with privacy-driven notifications that inform them about privacy levels, data sharing privileges, account access privileges, and warnings/reminders to protect personal or sensitive data/information.
  • the privacy preference system may further enable users to set notification preference for shared information/data/conversations if visible to an audience greater than a set number. For example, if a user posts a comment on a restricted group that has, at that time of posting, 50 members, but later grows to 200 or more member, a privacy notification may be triggered in order to notify the user. The triggering thresholds may be set based on a user's privacy settings. Similarly, if a user originally posts a comment/data on a private or restricted profile/group, which later becomes public, a notification may be sent to the creator informing them of this change and allowing them to respond accordingly.
  • a privacy mapping system may also be provided to present to the user the actual visibility of their sensitive data, over a selected period of time, and the resulting consequences.
  • the tracking of access may be performed by the shared data analysis module 116 and maintained as part of access data that is stored in memory 104 and associated with shared data.
  • the tracking and/or mapping of access may depend not only on the user's privacy preference and settings, but also on both the user's and other stakeholders' privacy-relevant behavior, since they may possibly interact with each other.
  • the shared data analysis module 116 may be configured to present to a user, that during the last 6 months, 70% of posted updates were to their public network and that 85% of their group activities were within public groups. As a result, a user may realize that they are actually engaging in more public activity than they would prefer.
  • Such a proactive feedback system presents meaningful privacy information and provides a user the tools needed to manage their online privacy, including their own behavior.
  • the shared data analysis module 116 may also implement notification systems to inform users about recent network activity.
  • notifications about activity within one network can trigger a notification process within a separate but connected network. This allows users from within connected networks to be notified about recent activity, even if that activity takes place outside their currently viewed network. Furthermore, this analysis allows users to stay informed about sharing and use of their data when posted on multiple networks. Through the use of cross-network tracking of shared data, fine-grained privacy policies may be implemented across connected networks.
  • This may include notifications systems to a user within a first network (e.g., a professional network) seeking approval for a user in a second network (e.g., a care network) to have access to their data and/or the ability to share that information within the second network.
  • a first network e.g., a professional network
  • a second network e.g., a care network
  • Multi-network notifications enable users to stay informed and in control of their data and the activity associated with it.
  • FIG. 12 illustrates an example of a network data access architecture according to some embodiments.
  • a memory access system 1200 e.g., a data server
  • the memory access system 1200 may be configured to communicate with or be a part of memory 104 discussed above with reference to FIG. 1.
  • the user database 1208 includes a plurality of user data entries that include user specific data (e.g., such as username, password, biographical information, or the like).
  • the network databases 1206A, 1206B include a plurality of network content entries that include network specific data (e.g., shared posts, documents, photos, or the like). Examples of the user data entries and network data entries will be described in greater detail below with reference to FIG. 13.
  • the user database 1208 may correspond to a central database that includes data that is utilized by a plurality of networks. For example, a user may logon to a particular network (e.g.,
  • a network application interface 1202 may be called by an application program (e.g., application protocol interface module 1 12, FIG.
  • the network application interface 1202 may be configured to communicate the user log-in information to a data processor 1204 in order to query the databases for the particular combination of user information and network information that corresponds to the user's login.
  • the data processor 1204 may be configured to retrieve the particular user's common profile information from the user database 1208 based on the user's login information
  • Network 1 e.g., a particular professional or care network
  • the data processor 1204 may also retrieve content entries corresponding to Network 1 that are affiliated with the particular user. For example, as will be discussed in greater detail with reference to FIG. 13, each of the Network 1 content entries may include a data entry database ID that corresponds to a user entry's database ID.
  • the data processor 1204 may then communicate the compiled data to the network application interface 1202.
  • the network application interface 1202 may in -turn format the data appropriately for communication with a network processor (e.g., network processor 102, Fig. 1 through application protocol interface module 112) in order to generate the user interface for display to the user.
  • a network processor e.g., network processor 102, Fig. 1 through application protocol interface module 112
  • FIG. 13 illustrates examples of a user data entry 1310 and network content entries 1320, 1330 according to some embodiments.
  • the user data entry 1310 may correspond to a user data entry within a user database 1208 as discussed above with reference to FIG. 12.
  • the content data entries 1320 and 1330 may correspond to content entries in a particular network database (e.g., Network 1 Database 1206A or Network 2 Database 1206B).
  • the user data entry 1310 may include an entry ID 1312 identifying the entry within the memory as a user data entry corresponding to a particular user.
  • the entry ID 1312 may include a pre-fix identifying the entry as a user data entry, and a field including data (e.g., an integer or character value) for uniquely identifying the user data entry.
  • the user data entry 1310 may include user information that can be utilized across multiple networks, such as username, password, contact information, status information, biographical information (e.g., user profile text), notification settings, privacy settings, and social network information.
  • the social network information may include external social network IDs for social networks that hosted by third parties as well as internal affiliated networks that are accessible by the user through the common network portal. Other information may also be included in a user data entry that may be common across all networks.
  • FIG. 13 illustrates two examples of network content entries. These examples are non-limiting examples and the number, content, and type of the network content entries is not limited to those illustrated in FIG. 13.
  • Content table 1320 illustrates an example posts entry corresponding to Network 1.
  • Content table 1320 includes an entry ID 1322 for identifying the content entry within the memory and associating the content entry with a particular user and network combination.
  • the entry ID 1322 may include a pre-fix for identifying the type of content of the content entry (e.g., post) and a field including data (e.g., an integer or character value) for uniquely identifying the content entry.
  • Content entry 1320 may include data corresponding to a post that is associated with a user's profile for a particular network, such as topic ID, board ID, post content, post metadata (e.g., creation date, modification date, or the like), and a member ID identifying the member associated with the particular post.
  • topic ID e.g., topic ID, board ID, post content, post metadata (e.g., creation date, modification date, or the like), and a member ID identifying the member associated with the particular post.
  • Content table 1330 illustrates an example comments entry corresponding to Network 1.
  • Content table 1330 includes an entry ID 1332 for identifying the content entry within the memory and associating the content entry with a particular user and network combination.
  • the entry ID 1332 may include a pre-fix for identifying the type of content of the content entry (e.g., comment) and a field including data (e.g., an integer or character value) for uniquely identifying the content entry.
  • Content entry 1330 may include data corresponding to a comment that is associated with a user's profile for a particular network, such as message content, comment type, comment metadata (e.g., creation date, modification date, or the like), and a member ID identifying the member associated with the particular comment. While not shown, other information may also be stored along with the content data, or as part of the content metadata, such as data specific privacy control settings and/or access information regarding the content data.
  • entry ID 1322 and entry ID 1332 may include the same data as entry ID 1312 such that the content entry 1320 may be associated with the particular user.
  • entry ID 1322 and entry ID 1332 may be linked to entry ID 1312 by a user association table linking the user data entry 1310 with corresponding content information for a particular network. Associations between the various data entries may be utilized by various application modules in order to generate a user profile for display, update user information, and enable cross-network and/or multi-network access to content by users as discussed above.
  • Each of the various illustrative logical blocks, modules, processors, and circuits described in connection with the embodiments disclosed herein may be implemented or performed with a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein.
  • DSP digital signal processor
  • ASIC application specific integrated circuit
  • FPGA field programmable gate array
  • a general purpose processor may be a microprocessor, but in the alternative, the processor may be any processor, controller, microcontroller, or state machine.
  • a processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
  • the functions and methods described may be implemented in hardware, software, or firmware executed on a processor, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium or memory.
  • Computer-readable media include both non-transitory computer storage media and communication media including any medium that facilitates transfer of a computer program.
  • a storage medium may be any available media that can be accessed by a computer.
  • such computer-readable media can include non-transitory computer-readable media including
  • a computer-readable medium can include a communication signal path.
  • the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium.
  • DSL digital subscriber line
  • the system may include various modules as discussed above.
  • each of the modules may include one or more of a variety of sub routines, procedures, definitional statements and macros.
  • Each of the modules may be separately compiled and linked into a single executable program. Therefore, the description of each of the modules is used for convenience to describe the functionality of the disclosed embodiments.
  • the processes that are undergone by each of the modules may be redistributed to one of the other modules, combined together in a single module, or made available in, for example, a shareable dynamic link library.
  • the system may be used in connection with various operating systems such as
  • Linux® UNIX® or Microsoft Windows®.
  • the system may be written in any conventional programming language such as C, C++, BASIC, Pascal, or Java, and ran under a conventional operating system.
  • the system may also be written using interpreted languages such as Visual Basic (VB.NET), Perl, Python, Ruby, PHP, HTML, and/or CSS.

Abstract

Computer systems and methods for multi-network communication and privacy control are described. According to one aspect, computer-implemented networks may be implemented to establish one or more of user-to-user, user-to-group, user-to-account connections both within and across networks and content/activity sharing and interaction across networks. According to some embodiments, privacy measures may be implemented in order to enhance user control over shared data in a single network and/or across multiple networks. According to some embodiments, data that is shared by a user is tracked in order to determine a change to the set of users who have access to the shared data.

Description

COMPUTER SYSTEMS AND METHODS FOR
MULTI-NETWORK CONNECTIVITY AND PRIVACY CONTROL
CROSS-REFERENCE TO RELATED APPLICATIONS
[0001] The present application claims priority to U.S. Provisional Patent Application No. 61/840,951 to McAfoose et al., filed June 28, 2013, and entitled "Computer Systems and Methods for Multi-Network Connectivity and Privacy Control," and incorporates its disclosure herein by reference in its entirety.
BACKGROUND
Technical Field
[0002] Embodiments of the present subject matter relate to digital networks, and more particularly to multi-network connectivity and privacy control.
Related Art
[0003] A digital environment generally includes interconnected systems of networked computers (e.g., via the Internet), web pages (e.g., the World Wide Web), and communication systems (e.g., mobile phones, tablet PCs, or the like). A significant advancement of this digital environment has been the creation of various network platforms that connect users from across the world. Communication networks, for example, have leveraged this connected digital environment to create modern electronic mailing systems (e.g., email) and voice over IP services (VoIP) that have allowed individuals from around the world to communicate with each other in real-time. Content networks have created specialized platforms for creating, storing and sharing content on a global scale. Social networks have changed the way in which individuals connect with each other by allowing individuals to form online networks based on common interests. Specialized social networks (e.g., for professionals, patients, and/or dating), have created dedicated network environments for focused communications and tools that are relevant to these specialized groups of individuals.
[0004] Collectively, these technologies generally represent the current state of single digital networks with limited cross-network connectivity and without multi-network connectivity. For example, current cross-network connectivity includes methods or mechanisms for distribution and redistribution of a single network's content/activity across other networks. However, a void currently exists for methods to connect multiple independent networks, both within an organization and across organizations/industries.
[0005] Current social networks also generally apply a mutual connection approach to linking users within a network. As such, when two users make a connection they generally have equal access to each other's information. Networks have implemented some privacy measures to help protect user information that is shared within the network. However, current privacy settings generally do not sufficiently protect shared data from un-intended access by users in the network. The repercussions of privacy concerns related to social networks have yet to be fully resolved within our legal systems and societies. In addition, socio-cultural changes on how privacy is viewed within digital environments have resulted in a demand for higher privacy awareness and more advanced privacy controls.
SUMMARY
[0006] According to one embodiment, a computer-implemented system is disclosed that includes a memory including user profile data. The user profile data includes shared data and access data corresponding to the shared data. The shared data is shared with at least one other user through a social network. The computer-implemented system also includes a computer processor operatively coupled to the memory. The computer processor is configured to determine a set of users who have access to the shared data, determine a change to the set of users who have access to the shared data, and update the access data based on the determined change to the set of users who have access to the shared data.
[0007] According to another embodiment, a computer-implemented system is disclosed that includes a memory including first profile data associated with a first social network and second profile data associated with a second social network, and a computer processor operatively coupled to the memory and configured to provide access to the first social network and the second social network through a single portal.
[0008] According to another embodiment, a computer-implemented method of managing shared data in a social network is disclosed. The shared data has associated access data stored in a memory. The method includes determining, via a computer processor, a set of users who have access to the shared data, determining, via the computer processor, a change to the set of users who have access to the shared data, and updating, via the computer processor, access data based on the determined change to the set of users who have access to the shared data.
[0009] According to another embodiment, a non-transitory computer-readable medium having stored thereon a computer program product having instructions configured to cause processing circuitry to manage shared data in a social network is disclosed. The shared data includes associated access data stored in a memory. The instructions are configured to cause the processing circuitry to determine a set of users who have access to the shared data, determine a change to the set of users who have access to the shared data, and update access data based on the determined change to the set of users who have access to the shared data.
[0010] According to another embodiment, a computer-implemented method for providing access to a plurality of computer-implemented social networks is disclosed. The method includes receiving a request to access one of a first social network and a second social network, authenticating a user profile based on the received request, and providing access to a first social network and a second social network through a single portal.
[0011] According to another embodiment, a non-transitory computer readable medium having stored thereon a computer program product having instructions is disclosed. The instructions are configured to cause processing circuitry to receive a request to access one of a first social network and a second social network, authenticate a user profile based on the received request, and provide access to a first social network and a second social network through a single portal.
[0012] According to some embodiments, a computer-implemented system is disclosed which may include a memory including data. The data includes shared data and access data corresponding to the shared data. The shared data is shared with at least one other user through a network. The system includes a computer processor, operatively coupled to the memory. The computer processor may optionally include an application protocol interface module configured to communicate with a user interface to receive shared data and store the shared data in the memory, and a shared data analysis module configured to determine a set of users who have access to the shared data. The shared data analysis module may determine a change to the set of users who have access to the shared data and update the access data based on the determined change to the set of users who have access to the shared data.
[0013] The shared data analysis module may optionally be configured to store access data indicating the number of users who have access to the shared data in the memory.
[0014] The access data may optionally be stored as metadata along with the shared data.
[0015] The computer processor may optionally include a settings control module configured to interact with the application protocol interface module. The settings control module may be configured to receive and store privacy settings regarding the shared data in the memory.
[0016] The memory may optionally include network user information including data identifying a plurality of network users.
[0017] The shared data analysis module may optionally be configured to determine the set of users having access to the shared data based on the privacy settings information and network user information.
[0018] The shared data analysis module may optionally be configured to filter the network user information based on parameters identified in the privacy settings information.
[0019] The privacy settings information may optionally include one or more of an identification of a particular user having access to the shared data, identification of a group of users having access to the shared data, and an identification of a particular type of shared data.
[0020] The shared data analysis module may optionally be configured to determine a change to the privacy setting information and re-determine a number of users having access to the shared data based on the change to the privacy setting information.
[0021] According to some embodiments, a computer-implemented system is disclosed which includes a memory including first profile data associated with a first network and second profile data associated with a second network. The first profile data and the second profile data including a common user identification and authentication information. The system also includes a computer processor operatively coupled to the memory and configured to provide access to the first network and the second network through a single portal based on the common user identification and authentication information.
[0022] The common user identification and authentication information may optionally include a user name and password. [0023] The common user identification and authentication information may optionally be stored in a first memory. The first profile data and the second profile data may optionally be stored in one or more second memories.
[0024] The first memory may optionally include network identification information for identifying one or more networks associated with the user identification and authentication information.
[0025] The first memory may optionally include a plurality of entries including common user identification and authentication information stored with associated entry identification information.
[0026] The second memory may optionally include a plurality of entries including shared data stored with associated entry identification information. The first entry and the second entry may optionally include linked entry identification information.
BRIEF DESCRIPTION OF THE DRAWINGS
[0027] Aspects and embodiments of the present disclosure will be described with reference to the following figures. It should be appreciated that the figures are not necessarily drawn to scale. Items appearing in multiple figures are indicated by the same reference number in all the figures in which they appear.
[0028] FIG. 1 is a functional block diagram of a computer-implemented networking system according to some embodiments.
[0029] FIG. 2 illustrates a conceptual representation of a computer-implemented network according to some embodiments.
[0030] FIG. 3 illustrates a flowchart of a computer-implemented method of accessing multiple networks according to some embodiments.
[0031] FIG. 4 illustrates some examples of user functionality and connections in a computer- implemented network system according to some embodiments.
[0032] FIG. 5 illustrates an example of a user interface for controlling a user profile according to some embodiments.
[0033] FIG. 6 illustrates an example of a user interface for displaying a user's profile to another user in a computer-implemented system according to some embodiments. [0034] FIG. 7 illustrates an example of a user interface for communicating information regarding an administrated account according to some embodiments.
[0035] FIG. 8 illustrates an example of a user interface for communicating information based on a user's shared data according to some embodiments.
[0036] FIG. 9 illustrates a user interface for controlling user privacy information according to some embodiments.
[0037] FIG. 10 illustrates examples of access icons and visibility icons according to some embodiments.
[0038] FIG. 1 1 illustrates a flowchart of a method of monitoring access information associated with shared data according to some embodiments.
[0039] FIG. 12 illustrates an example of a network data access architecture according to some embodiments.
[0040] FIG. 13 illustrates examples of a user data entry and network content entries according to some embodiments.
DETAILED DESCRIPTION OF EMBODIMENTS
[0041] According to some embodiments, computer systems and methods for multi-network communication and privacy control are described. The computer systems and methods described include functionality that is capable of addressing the various shortcomings of current cross-network strategies to connect single -networks. According to some embodiments, multi-network approaches are described which may provide new dimensions to network connectivity. For example, in some embodiments, computer-implemented networks may be implemented to establish one or more of user-to-user, user-to-group, user-to-account connections both within and across networks; content/activity sharing and interaction across networks; data protection and profile sharing based on privacy-by-design principles; privacy icons and notifications systems that inform users corresponding to levels of privacy associated with visited profiles and network pages; interactive notification systems to alert users about activity/content both within and across networks; and/or embedded single and/or private network accounts (e.g., integrated data system) for creating, storing, tracking and reporting of personal and/or sensitive data. [0042] According to some embodiments, privacy measures are provided in order to enhance user control over shared data in a single network and/or across multiple networks. For example, data may be tagged and/or associated with specific privacy settings in order to maintain privacy control of the data as it is disseminated within the network. According to some embodiments, data that is shared by a user is tracked in order to determine a change to the set of users who have access to the shared data. According to some embodiments, privacy icons may be displayed on each user profile in order to inform visiting users of the level of access associated with data that is shared with the visited user profile.
[0043] Examples of the systems and networks will be described in conjunction with a health care, professional, and/or personal network. The various embodiments are not limited to such networks and these types of networks are only utilized as no n- limiting examples. The systems and method described may be applicable to financial systems, immigration/government systems, general social networking systems, collaborative systems for corporate or personal use (e.g., cloud solutions, crowd-sourcing, open source, or the like), in which personal data is collected, stored, tracked, reported and shared within networked information systems.
[0044] FIG. 1 is a functional block diagram of a computer-implemented networking system 100 according to some embodiments. As shown in FIG. 1 , the computer-implemented networking system 100 includes a network processor 102 coupled to a memory 104. The network processor 102 is in communication with a user device 108 through a communication link 106. The network processor 102 may correspond to a general purpose processor or processing circuitry that is configured to receive and execute instructions for performing the functions which will be described in greater detail below. Further, each of the modules may be implemented in hardware or software. When implemented in software, each of the modules may be implemented by the same or different general purpose processors or processing circuits that are configured to execute the instructions contained therein. In some embodiments, the network processor 102 is a server that is operated by and/or is under the control of a network administrator.
[0045] In some embodiments, the computer-implemented network system 100 includes a high-performance, component-based, rapid application development framework with embedded privacy-by-design and event-driven architecture. In some embodiments, the computer- implemented system 100 places patients/caregivers within care communities and surrounds them with information, pro-health tools, and/or community services. The modular (component-based) design of the computer-implemented system 100 allows for both the integration of multiple networks into a single -user-interface, as well as, rapid application development. In some embodiments, the computer-implemented system 100 utilizes a representation state transfer (REST) application protocol interface (API) which extends the rapid application development to mobile applications and third party developers. As a result, the computer-implemented system 100 delivers flexibility, stability, and scalability.
[0046] The memory 104 includes data associated with users of multiple social networks. For example, the memory 104 includes user profile data for a plurality of users. An example of a data access architecture for accessing data stored in memory 104 will be discussed in greater detail below with reference to FIG. 12 Each user profile entry may include user authentication information (e.g., user name and password information) that is associated with a user portal for accessing multiple networks. In some embodiments, each user profile entry that is stored in memory 104 is associated with one or more networks that the user is affiliated with as will be described in greater detail below with reference to FIG. 4. In some embodiments, for each user within each of the networks, a plurality of data files and/or object files may be stored in the memory 104. For example, for each network, information regarding a user's associated friends, groups, organizations, profile settings, recommendations, tags, and/or shared data may be stored in the memory 104. An example of a user database and network databases will be described in greater detail below with reference to FIG. 13.
[0047] As will be described in greater detail below with reference to FIGs. 9-1 1 , a user's profile settings may include one or more privacy settings that are associated with the user profile, a particular type of shared data (e.g., photos, posts, document files, or the like), and/or a particular subset of shared data (e.g., medical test results file, MRI scan file, user's resume, or the like). In some embodiments, the memory 104 may store metadata that is associated with shared data. The stored metadata may include privacy setting information that is particular to the shared data. In some embodiments, the memory 104 also includes access information that is associated with the shared data. For example, the access information may indicate the number of instances of access to the shared data, the frequency of access to the shared data, the identity of users who have accessed the shared data, a set and/or number of users who are capable of accessing the shared data, and other analytical statistics regarding the shared data. In some embodiments, some or all of the access information may be included as metadata that is stored along with the corresponding shared data.
[0048] The network processor 102 is configured to communicate with the memory 104 in order to provide user access and connectivity to one or more networks of users. In some embodiments, a representation state transfer (REST) system is implemented by the network processor 102 in order to modify and/or provide access to the data stored in memory 104. In a REST implementation, a representation of the data stored in the memory 104 is generated by corresponding modules of the network processor 102 for rendering information for display, modifying, and/or updating the data that is stored in the memory 104. In other embodiments, the data that is stored in memory 104 is modified and/or accessed based on a persistence system in which databases and/or entries are retrieved by the various modules of the network processor 102.
[0049] As shown in FIG. 1 , the network processor 102 includes a profile control module 1 10, an application protocol interface module 1 12, a settings control module 1 14, and a shared data analysis module 116. While not shown, other modules may also be implemented as part of the network processor 102. The portal generation module 110 is configured to retrieve user authentication information from a user device 108 through the communication link 106 and provide access to the data stored in memory 104 to the user device 108. For example, the user device 108 may communicate a request to access one or more networks that are managed by the network processor 102 by sending a message through the communication link 106 (e.g., an internet and/or local area network connection). In response, the portal generation module 110 may be configured to authenticate the user device 108 based on the received message and generate a user portal for accessing the one or more networks. The portal generation module 110 may provide access for the user device 108 to data and/or networks that are associated with the authenticated user information that is received from the user device 108.
[0050] Once a portal is generated by the portal generation module 110, an application protocol interface module 112 may be configured to generate a user-interface for interacting with the user device 108 through the communication link. For example, the application protocol interface module 112 may be configured to render a web-based interface for communicating with the user-device. The application protocol interface module 1 12 may be configured to translate messages retrieved from the user device 108 and/or communicated to the user device 108. Data that is shared by a user through the user interface may be translated by the application protocol interface module 112 and stored in memory 104.
[0051] The settings control module 114 may be configured to control and/or update user profile settings that are stored in memory 104. For example, the settings control module 114 may be configured to control one or more privacy settings associated with a user profile. In some embodiments, the settings control module 114 may be configured to update and/or communicate privacy settings that are associated with individual shared data files and/or objects, and or with particular types of shared data.
[0052] The shared data analysis module 116 may be configured to monitor the use of shared data and information regarding access to the shared data based on parameters provided by user as will be discussed in greater detail below with reference to FIGs. 7-8 and 1 1. For example, in some embodiments, the shared data analysis module 1 16 may generate graphical representations based on aggregation of information (e.g., events) that are provided in the shared data. In some embodiments, the shared data analysis module 116 may be configured to monitor access to a user's shared data and generate notifications to the user based on changes in access to the shared data.
[0053] FIG. 2 illustrates a conceptual representation of a computer-implemented network according to some embodiments. As shown in FIG. 2, a single network portal 200 provides user access to a plurality of networks. As discussed above with reference to FIG. 1 , the network portal 200 may be provided by the network processor 102 following authentication of a user.
The network portal 200 may be based on user profile information that is stored in a memory 104.
Examples of the networks that may be accessed by the user include a professional network 202, a personal network 204, a health accounts network 206, and one or more care networks
208A-208E. The professional network 202 may include health care professionals (e.g., doctors, nurses) that may communicate with one another and share information through the professional network 202. For example, a user that is a mental health professional may have a professional network account in which they collaborate with other health professionals (e.g., physicians, nurses, psychiatrists, or the like) regarding topics that are relevant to their profession (e.g., changes in health care protocols, job opportunities, new research, or the like).
[0054] The personal network 204 may correspond to a social network through which the user may communicate and interact socially (e.g., with friends, relatives, or the like). In some embodiments, through the personal network 204, family members and friends may document, share, and/or celebrate the life of a person receiving care. For example, using a private network that may be embedded within the personal network 204, friends and family can create, share, view and comment on a patient's life story. Members can also share their memories of important life events by posting messages and/or photos to or about the patient. As a result, the personal network 204 may serve as a meaningful activity for family members as they deal with the loss of a loved one and may reassure the patient that others care. The personal network 204 may provide future caregivers with the information needed to render care based on a personal relationship (i.e. knowledge about the patient's major life events, number of children, hobbies, former careers, or the like).
[0055] The health account network 206 may correspond to a network in which the user has administrative and/or access rights to one or more health accounts for tracking the health of a patient, relative, and/or friend. As will be described in greater detail below with reference to FIG. 7, a plurality of users may have access to the same health account information for a particular individual through the health accounts network 206.
[0056] The network portal 200 may also provide a user access to a plurality of individual care networks 208A-208E as shown in FIG. 2. For example, a user may access a dementia care network 208A, a diabetes care network 208B, a general mental health care network 208C, a heart health care network 208D, and/or a cancer care network 208E. Each of the care networks 208A- 208E may provide user collaboration regarding care for the associated health topic.
[0057] Through the network portal 200, a user may seamlessly transition from one network to another network (e.g., without having to re-enter one or more a user name and/or password). Furthermore, through the network portal 200, data that is shared through one or more of the social networks may be monitored, analyzed, communicated, and/or associated with a single user profile regardless of the origin network of the shared data.
[0058] Each network may correspond to a web-based network that provides users with social support and the ability to share ideas and experiences with other users, family, and friends. Through each of the networks, users may view latest activity, recent discussions, and comments from within their network; quickly view and manage the connections with other users within their network; view and share photos from members within their network and participating groups; participate in support groups or lead their own discussion group; and/or access physician reviewed and/or certified information.
[0059] Within each network illustrated in FIG. 2, users can build a community by creating and participating in discussion groups, and/or supporting organization online communities, among other things. Within groups, users can support other users and develop networks such that they can engage in peer support, community support, share photos, and/or engage in social conversation. For example, groups can create and manage discussion boards to help raise awareness about caregiving issues and solutions to better manage the particular challenges associated with each network.
[0060] In some embodiments, users may be provided with mobile access to the network portal 202 and the plurality of networks shown in FIG. 2. The mobile access may include web- based access to tools and information provided through the various networks, as well as, applications for mobile management, tracking, and/or reporting of health status.
[0061] FIG. 3 illustrates a flowchart of a computer-implemented method 300 of accessing multiple networks according to some embodiments. The computer-implemented method 300 may be implemented, for example, by a computer processor such as network processor 102 as discussed above with reference to FIG. 1. As shown in FIG. 3, the method 300 includes receiving a request to access one or more computer-implemented social networks as shown in block 302. As discussed above with reference to FIG. 2, the request may include user authentication information that is associated with a user profile. As shown in block 304, the user information may be authenticated based on the received request. For example, the request information may include user name and password information that is associated with a particular profile. The received user name and password information may be authenticated with reference to information that is stored in a memory (e.g, memory 104 discussed above with reference to FIG. 1). As shown in block 306, following authentication, a user is provided access to a first social network and a second social network through a single portal.
[0062] FIG. 4 illustrates some examples of user functionality and connections in a computer- implemented network system according to some embodiments. FIG. 4 illustrates a professional network and a care network that may be accessed by a user through a common portal 420. The professional network may correspond to the professional network 202 discussed above with FIG. 2, while the care network may correspond to one of the care networks 208A-208E discussed above with reference to FIG. 2.
[0063] As shown in FIG. 4, within each network, user-to-user, user-to-group, and/or user-to- account connections may be established both within and across networks. Each network may maintain and uphold proactive privacy decision-making functionality. For example, as shown in FIG. 4, a user 402 can connect with other users in a social network via individual user-driven specific placement of a networked user 408 into network groups. As shown in FIG. 4, network groups may be pre-defined and/or configured by the user 402 as public networks 406 A, restricted networks 406B, and/or private networks 406C. Each of the network groups 406A-406C thereby provides sub-networks having different associated privacy settings for sharing of data. The privacy settings for each of the groups may be pre-defined and/or configured by the user 402
[0064] In some embodiments, the association of each user within the network can be non-mutual. For example, a user 402 may place another user 408 within a private network group 406C, whereas the other user 408 may place the user 402 within a public network group 406A. As such, the two users are connected, but are not sharing the same level of information with each other. At any time, users can modify their network groups (e.g., by switching users from one group to another) or remove users from their network (e.g., by disconnecting or withdrawing another user's privileges). User classification may be set based on interaction with a user interface (e.g., through drop down menus, or the like).
[0065] In a professional network, as shown in FIG. 4, a user 402 may have access to administrative tools and collaborative tools to manage, analyze, and/or control access to shared data 404A-404E in the professional network. For example, shared data 404A may correspond to personal data regarding the user 402, shared data 404B may correspond to data associated with a clinic and/or hospital for which the user 402 has administrative and collaborative control, and shared data 404C may correspond to a particular study or research results for which the user 402 has administrative and collaborative control. While not shown, a user 402 may also have collaborative access to some shared data without having administrative access to that shared data.
[0066] Through the professional network, the user 402 may follow and/or be a member of a professional organization having a profile on the professional network. In some embodiments, the user 402 may also be a friend, member, and/or follow other entities (e.g., hospitals, clinics, or the like). Through the connection with these entities in the professional network, the user 402 may have access to shared data and information that is administered by other members and/or entities in the network. As shown in FIG. 4, each of the various entities may have additional users 408 as members and/or contributors.
[0067] The user 402 may also have access to tracking tools as shown in FIG. 4. For example, the tracking tools may include a data aggregation tool 406A, a professional network shared data tracking tool 406B, and/or analysis tools 406C for analyzing patient and/or other user data to generate reports. The tracking tools may be utilized in conjunction with the portal 420 to track and analyze data that is shared in other networks that the user 402 is affiliated with. The various tracking tools may be implemented through the use of a module (e.g., shared data analysis module 116) within a computer-processor (e.g., network processor 102).
[0068] Through the portal 420, the user 402 may share data that is uploaded by the user 402 and/or retrieved from another user or entity in the professional network with users and/or entities within the professional network and/or across other networks (e.g., a care network as shown in FIG. 4). In a care network, a user 402 may interact with other users who are professional and/or non-professional caregivers for another person (e.g., a friend or family member). A care network may be specific to a particular type of illness or issue for which the caregiver oversees care. Similar to the professional network, in the care network shown in FIG. 4, the user 402 may interact with other users in a social network. In the social network, users 408 may be associated with the user 402 and/or classified as public, private, and or restricted participants. The user 402 may also interact with other users 408 through discussion groups and/or support organizations that are part of the care network. Furthermore, the user 402 may publish information and share data with entities and/or users that are part of other networks that the user is affiliated with through the portal 420.
[0069] Within the care network, a user 402 may establish a personal profile on behalf of themselves or another person (e.g., a person for which care is being administered). Through the personal network, users 402 may share personal information (e.g., photos, biographical information, or the like) with other users 408 regarding themselves or the person for which care is being administered. Other users 408 may then collaborate and/or contribute to the personal profile based on their administrative access and/or network relationship with the user 402 in the personal network. [0070] The user 402 may also have access to tracking tools that may be tailored to the particular care network. For example, the user 402 may have access to a reporting tool 41 OA configured to automatically or periodically communicate data regarding the care of a patient by the user 402. The tools may also include data aggregation and analysis tools 410B and 410C for analyzing and illustrating aggregated results of data that is input by the user 402 regarding care of a patient. The analysis and aggregation tools 410B and 410C may also be configured to generate alerts and/or provide recommendations for the care of a patient based on the analyzed data. For example, the user 402 may have access to a library of information that is certified by professionals in the related field. The analysis and aggregation tools 410B and 410C may correlate the information that is provided by the user 402 with information that is provided in the library of information in order to assist in the diagnosis and/or early detection of illnesses, management of symptoms, and/or caregiver challenges. In some embodiments, recommender system algorithms or data analytics may be provided that can detect changes in health status and make recommendations or push content (e.g. management strategies) to a patient and/or caregiver in order to provide targeted intervention. The various tracking and/or reporting tools may be implemented through the use of a module (e.g., shared data analysis module 1 16) within a computer-processor (e.g., network processor 102).
[0071] In some embodiments, real-time tracking of data may be provided in conjunction with the administration of medication. For example, through the use of tracking tools, an intervention strategy may be provided that includes drug administration and the use of the data recording and/or tracking system for drug adherence. Through the network, a user in the same network and/or a different network (e.g., a doctor, family member, caregiver, or the like) may send reminders to a patient and/or caregiver to take medication. In some embodiments, tracking tools may be utilized to monitor side effects, as well as, drug efficacy.
[0072] In some embodiments, within the multi-network system, users 402 may grant shared access to a personal account. As such, the invited user gains privileged access to a personal account, thus allowing both users to manage that account collaboratively. Similarly, a user 402 can invite and/or allow an external user that resides in a different network, to have privileged access to their personal account. For example, the privileged user can view and interact with the personal account, but may not have full administrative access. In some embodiments, user connections may be made by individual user-driven decisions. [0073] In some embodiments, through tracking and sharing of data that is provided by users across different networks, real-time data may be utilized by professionals for research and/or other purposes. In the healthcare context, the aggregation and analysis of data from single or multiple patients could be used in clinical trials, clinical research, epidemiological research or other research. For example, long-term secondary preventative therapies for dementia need to be monitored closely over years or decades. The use of real-time health tracking in conjunction with secondary preventative therapy may provide a highly effective approach to the treatment of such conditions. In some embodiments, informed consent processes and account access controls (e.g., as part of the multi-network connectivity model), may insure that the use of the data is compliant with regulations and privacy concerns.
[0074] In some embodiments, care networks can be connected with professional networks as shown in FIG. 4, as well as, other disease-specific networks, personal networks, and/or health accounts as discussed with reference to FIG. 2. In some embodiments, structured connections between users can be made across networks, and/or data/communications can be published across the various networks.
[0075] As shown in FIG. 4, a process for single or private network account integration with a network for creating, storing, tracking and reporting of personal/sensitive information may be provided. These 'integrated data systems' or components within a network may enable users to create, store, track, report and/or share personal data, confidential data, sensitive data and/or original data. Within each network, an added layer of security may be provided to separate accounts from network activity to create highly secure environments for private data storage and controlled sharing. In some embodiments, account privileges can be given by administrators to create a shared or collaborative system. Sharing of data may be structured through defined communication channels in which the account administrator has the ability to assign or revoke privileged access to the account. In some embodiments, the ability to transfer ownership (e.g., administrative controls) may be initiated with acceptance by the current administrator and/or owner in conjunction with acceptance by a receiving account owner and/or administrator.
Through the use of integrated data systems, cross network functionality may be provided in which network specific data is made visible and/or shared with other users or entities. For example, in a healthcare environment, the multi-network system may provide a closed-looped connection between patients, caregivers, and doctors through the sharing of health information through privileged account access controls. In some embodiments, the system may be used to enable the organization of care activities amongst multiple caregivers.
[0076] Users may interact in the social network through user interfaces that are generated by modules of a computer processor (e.g., application protocol interface module 112 of network processor 102). FIG. 5 illustrates an example of a user interface 500 for controlling a user profile according to some embodiments. As shown in FIG. 5, the user interface 500 may be provided to a user in order to control the user's profile in the social network as it appears to other users, as well as to share data and interact with other users in the network. The user interface 500 includes an avatar 501 which may correspond to a picture of the user that is associated with the user's profile. The user may change and/or delete the avatar 501 through interaction with interface 500. The user interface may also include a header 502 including an identification of the network in which the user is currently interacting. While not shown, the header 502 may also include access to navigation elements, notifications, and/or session control (e.g., log out). In some embodiments, the header 502 is persistent on all views as the user navigates the network.
[0077] Within the header 502, the user may have access to different networks by accessing a drop down menu 503 or the like. The access to different networks allows users to join multiple networks and navigate between them seamlessly through a common portal connecting the user's device to the corresponding network server(s). The header 502 may also include main navigation objects such that a user may access the main components of the network (e.g., person search field, home page, notifications, and/or other important network wide information). For example, notifications may inform a user when there has been activity on one of the nodes they have created or are following. As a result, the user can quickly see and navigate to the node from anywhere in the site.
[0078] The user interface 500 also includes a footer 504. The footer 504 may provide users access to additional information about the network. For example, the footer 504 may include information such as copyright information, access to an about page, legal information, help information, contact information, language settings, and/or links to other social media profiles. In some embodiments, the footer 504 is persistent in all views of the interface throughout interacting in the network.
[0079] The user interface 500 may display a user's name and an access control icon 506 as shown in FIG. 5. The access control icon 506 allows a user to see what the access control setting (e.g., public, private, restricted, or the like) is for their profile at all times. Through the user interface 500, the user may also post updates using an entry field 508. The user may select who to share the update with by assigning the desired set of users for whom the update will be broadcast. The assignment may be based on pre-defined groupings of users (e.g., close friends, familiar users, and/or extended users) and/or may be personalized at the time of posting the information. In some embodiments, the entry field 508, the user may share text, data, photos, and/or other types of information with the selected users or entities in the network. The user may also view other updates that are shared by other users in the network through a display area 510, and may filter views based on interaction with corresponding user interface objects.
[0080] The user interface 500 may also include a sub-navigation field 512 to allow the user to view different areas of the network (e.g., updates, friends, photos, groups, settings, and/or a user's personal biographical page). Other functions may also be provided to the user through the user interface 500. For example, through the user interface 500, a user may search for other users or entities, request connections, invite friends, view advertisements, view site news, or the like.
[0081] FIG. 6 illustrates an example of a user interface 600 for displaying a user's profile to another user in a computer-implemented system according to some embodiments. The profile view shown in FIG. 6 is an example of what other user see when viewing each other's profiles in a network. Through the user interface 600, users may view a snapshot into another user's activity, friends, and/or shared data (e.g., uploaded photos). Through the user interface 600, a user may view another user's avatar 601 , post directly on the user's page through entry field 608, view a user's activity, associations, and shared data through display area 610, and navigate to other information available through the user's profile through navigation area 612. The user interface 600 also includes a privacy icon 606 for informing a visiting user of the access associated with the visited user profile. As a result, a user may be better informed regarding the audience and set of users that would have access to information and/or data that is shared through the visited user's profile.
[0082] The user interface 600 may also correspond to a group and/or organization rather than a particular user. For example, group profiles may be created for health or other organizations.
Group profiles may be created by a user and can be administrated by multiple users. In some embodiments, groups can be followed by any users in the network community. Different and/or additional features (e.g., discussion areas) may be available through a user interface 600 that is displaying a group profile. Similar to user profiles, group profiles may be managed from a dashboard similar to the user interface 500 discussed above with reference to FIG. 5.
[0083] FIG. 7 illustrates an example of a user interface 700 for communicating information regarding an administrated account according to some embodiments. As discussed above, a health account may be utilized by a user in order to manage care for a patient, friend, and/or family member. Through the user interface 700, users can record problems in real time or at any convenient time for the user. In some embodiments, this recorded information may then be used to show trends and help the user provide better care. As shown in FIG. 7, the user interface 700 includes a navigation area 712 which allows a user to navigate through information that is associated with the accessed health account. For example, the navigation area 712 may allow users to access statistics related to recorded information, updates and/or latest activity associated with the account, upcoming appointments and important calendar entries, medical information and medical files, identification of users (e.g., caregivers and/or family members) having access to the health account, access to discussions regarding the health account, and/or other settings (e.g., administrative rights, privacy, or the like) that are associated with the health account.
[0084] The user interface 700 includes an entry interface 708 through which the user can enter information regarding a particular health related event and/or upcoming appointments or the like. The user interface 700 may also include a display area 710 that is configured to display statistical and/or graphical representations of events that are associated with the health account. The user may interact with the display area 710 in order to define particular parameters (e.g., relevant time periods, types of events, or the like) regarding the data that the user wishes to analyze.
[0085] Through the use of health accounts, users may be equipped with tools to control, structure, and/or organize health care activities for more complete insight, awareness, and/or communication of changes in health status. Unlike current methods, which may miss significant events or important signals of declining function or may poorly characterize detected events, through the use of health accounts, an accurate representation of a person's overall health symptoms and events may be analyzed and diagnosed. Health accounts may enable users to capture rare, irregular, and/or transient events; symptoms that are difficult for a patient (or caregiver) to report; and/or changes in condition that evolve slowly over time. Through the use of health accounts, more accurate and earlier detection of changes may be detected, diagnosed, and/or treated.
[0086] FIG. 8 illustrates an example of a user interface 800 for communicating information based on a user's shared data according to some embodiments. As shown in FIG. 8, the user interface 800 may be configured to display an information center in order to assist in educating the user regarding a particular topic of interest. Through an information interface 810 a user may search directly for information that is available through the network regarding particular topics using keywords and/or by browsing through particular categories. Based on the user's profile and analysis of the user's shared data that is volunteered by the user, recommendations may also be provided to the user in display area 812. A user's history and/or desired reading list may also be displayed to the user in display area 812. In addition, a user may be provided access to trending topics in order to browse topics that are being viewed most by a user's community and/or network.
[0087] In the health care context, through the use of the user interface 800, caregivers can be provided with the knowledge and confidence to handle daily challenges with professional quality care by offering an in-depth knowledgebase that brings together multi-disciplinary approaches for practical solutions to manage daily challenges. As discussed above, this knowledgebase may be delivered via content immersion strategies and recommender systems.
[0088] In an electronic social networking environment, shared data may be utilized to the benefit of other members of a user's social network. However, privacy is a relevant aspect to control the use of and access to shared data. This is particularly important in the context of healthcare networks, in which the shared data may correspond to a person's sensitive medical information. In addition, regulations are generally more stringent with regard to healthcare information relative to other types of data that can be shared in a social network.
[0089] The ever-growing development and use of information and communication technologies is a constant source of security and reliability problems, of which the aforementioned privacy-related issues in the social networking area is a manifestation. Social networks may be described as an instance of data-management applications, which are focused around so-called CRUD actions that create, read, update, and delete data. Such applications are often implemented as multi-tier systems, where the application manipulates data stored in a persistent database and interacts with users through a graphical interface (GUI). When the data managed is sensitive, as it is the case for social networks, then security and privacy is a serious concern. When access control policies are sufficiently simple, it may be possible to utilize support built into the application server. In contrast, fine-grained access control policies, which are essential for defining social networking privacy, may depend not only on the user's credentials but also on the satisfaction of constraints (e.g., user-defined privacy preferences/settings) on the state of the persistence database. In such cases, authorization checks may be implemented pro grammatically, by directly encoding them at appropriate places in the application.
[0090] According to some embodiments, a privacy-by-design approach is described. The privacy-by-design approach includes an architecture that addresses profile visibility, user classification and data sharing. FIG. 9 illustrates a user interface 900 for controlling user privacy information according to some embodiments. The user interface 900 shown in FIG. 9 may correspond to a privacy settings view of the same user profile that is described in FIG. 5 above. Through interacting with the user interface 900, a user may control how other users see their activity, profile, receive notifications, and link their other social media sites. Settings controls may include adjustment of general settings for the profile such as password and email address; adjustment of services settings to allow users to link their other social network credentials to a particular profile, notifications settings to allow users to control what they receive notifications for, and privacy settings to provide users with multi-level control over who can see their profile, shared data, and/or activity.
[0091] A user may adjust privacy settings in order to adjust the visibility of their profile. For example, a user may set their profile to private such that no profile information is visible; restricted, such that a limited subset of profile information is visible to the network; or public such that all profile information is visible to the network. As discussed above with reference to FIG. 4, users may also classify other users in the network in a non-mutual manner such that the visibility of information may be different for different users and/or groups of users in the network.
[0092] A user may also assign privacy settings that are unique to particular types of data and/or particular data items that are shared by the user in the network. For example, a user may identify data that can be accessible only upon the user's explicit consent. A user may identify a specific purpose that is to be pursued when accessing the user's sensitive data, such that only the minimum data that is necessary to achieve this purpose becomes accessible. A user may identify specific circumstances (e.g., undesired visibility of the user's sensitive data due to actions impacting the data) that trigger a privacy notification to the user. In some embodiments, shared data may be tagged by a user (e.g., as confidential and/or sensitive). When the shared data is stored in a server memory (e.g., memory 104), the shared data may be stored with the associated privacy setting and/or data indicative of a tag associated with the shared data.
[0093] Based on privacy settings and/or tags associated with the particular shared data, fine- grain control of access to the shared data may be provided. For example, in some embodiments, if shared data is tagged, the data cannot be viewed without clicking an acknowledgement that is communicated to a user requesting access to the shared data. The interaction with the acknowledgment may in turn both notify the creator that receiving person has acknowledged the privacy concern, and upon acknowledgment make available the data. In some embodiments, the shared data may not be accessed by the requesting party without the express approval and/or acknowledgment of the administrator and/or owner of the shared data. In some embodiments, activity-dependent notifications that notify a user of a request to access data and forward an informed consent agreement requiring review by the owner of the shared data may be provided in an access request message.
[0094] The ease at which information can be mass distributed both within and across networks has created obstacles, including issues regarding privacy and the sharing and use of personal information, as well as, copyright material or other sensitive data. Current digital networks have responded with increased passive privacy settings for personal information. However, these technologies are vulnerable to accidental sharing of personal information to public audiences.
[0095] FIG. 10 illustrates examples of access icons 1000 and visibility icons 1002 according to some embodiments. The examples shown in FIG. 10 are non-limiting examples of icon designs that may be utilized to indicate access and privacy status. Other designs, visual, auditory, and/or other notifications may also be utilized in order to communicate access and privacy information to a user. As discussed above with reference to FIGs. 5, 6, and 10, access icons and privacy icons may be utilized in the network to inform users of the access levels associated with the visited profile and/or their own profiles. The access icons 1000 and visibility icons 1002 may be utilized to visualize privacy levels using one or more of visual cues, hover- state descriptors, and/or pop-up detailed descriptions with active links for further information. Privacy icons 1002 may visually represent account access privileges (e.g., personal, shared, privileged, and/or de-identified as shown in FIG. 10. Visibility icons 1000 (e.g., private, restricted, or public) may be displayed on a user's own profile in order to inform users about privacy levels and visually alert/remind users regarding the status of their privacy settings. In some embodiments, hover-states may be associated with these icons to provide added information about the privacy level, such that, with the click of the icon a pop-up is provided with a full detailed description of the privacy level. In some embodiments, a number may be displayed to represent the number of profile connections or shared access to an account, thus providing users with a quantified description of the privacy level. For example, a restricted profile that is connected to five other users, versus a restricted profile that is connected to five- hundred other users.
[0096] One particular obstacle that may be encountered when sharing data in a network is the indirect change to the number and/or set of users that have access to data that has been shared by the user. For example, a first user may share data with a second user in a network while the second user has a restricted privacy setting. However, when the second user changes their privacy setting, additional users may have access to the first user's shared data without the first user's knowledge or control.
[0097] FIG. 1 1 illustrates a flowchart of a computer- implemented method 1100 of monitoring access information associated with shared data according to some embodiments. The computer-implemented method 1100 may be implemented, for example, by a computer processor such as network processor 102 as discussed above with reference to FIG. 1. The method 1100 includes determining a set of users who have access to the shared data through a social network as shown in block 1102. For example, quantification may be performed (e.g., through the use of a shared data analysis module 1 16) to indicate the number of restricted connections or shared access privileges to a profile or account. The quantified set of users may be stored along with the shared data in memory 104 as access data that is associated with the shared data. At block 1104, a change to the set of users who have access to the shared data may be determined. For example, the shared data analysis module 1 16 may receive a request to access the shared data and/or detect a change to the privacy settings associated with a profile through which the shared data may be accessed. At block 1106, the access data that is associated with the shared data may be updated based on the determined change to the set of users. Through the user of the method 1100, users may be provided with privacy-driven notifications that inform them about privacy levels, data sharing privileges, account access privileges, and warnings/reminders to protect personal or sensitive data/information.
[0098] The privacy preference system may further enable users to set notification preference for shared information/data/conversations if visible to an audience greater than a set number. For example, if a user posts a comment on a restricted group that has, at that time of posting, 50 members, but later grows to 200 or more member, a privacy notification may be triggered in order to notify the user. The triggering thresholds may be set based on a user's privacy settings. Similarly, if a user originally posts a comment/data on a private or restricted profile/group, which later becomes public, a notification may be sent to the creator informing them of this change and allowing them to respond accordingly.
[0099] Through tracking of access of shared data throughout one or more interconnected networks, a privacy mapping system may also be provided to present to the user the actual visibility of their sensitive data, over a selected period of time, and the resulting consequences.
The tracking of access may be performed by the shared data analysis module 116 and maintained as part of access data that is stored in memory 104 and associated with shared data. The tracking and/or mapping of access may depend not only on the user's privacy preference and settings, but also on both the user's and other stakeholders' privacy-relevant behavior, since they may possibly interact with each other. For example, the shared data analysis module 116 may be configured to present to a user, that during the last 6 months, 70% of posted updates were to their public network and that 85% of their group activities were within public groups. As a result, a user may realize that they are actually engaging in more public activity than they would prefer.
Such a proactive feedback system presents meaningful privacy information and provides a user the tools needed to manage their online privacy, including their own behavior.
[0100] The shared data analysis module 116 may also implement notification systems to inform users about recent network activity. Within a multi-network system, notifications about activity within one network can trigger a notification process within a separate but connected network. This allows users from within connected networks to be notified about recent activity, even if that activity takes place outside their currently viewed network. Furthermore, this analysis allows users to stay informed about sharing and use of their data when posted on multiple networks. Through the use of cross-network tracking of shared data, fine-grained privacy policies may be implemented across connected networks. This may include notifications systems to a user within a first network (e.g., a professional network) seeking approval for a user in a second network (e.g., a care network) to have access to their data and/or the ability to share that information within the second network. Multi-network notifications enable users to stay informed and in control of their data and the activity associated with it.
[0101] In some embodiments, multi-network and cross-network data may be implemented by linking common user data across one or more networks having corresponding network specific data. FIG. 12 illustrates an example of a network data access architecture according to some embodiments. As shown in FIG. 12, a memory access system 1200 (e.g., a data server) may include a network application interface 1202, a data processor 1204, a plurality of network databases 1206A, 1206B, and a user database 1208. The memory access system 1200 may be configured to communicate with or be a part of memory 104 discussed above with reference to FIG. 1.
[0102] As shown in FIG. 12, the user database 1208 includes a plurality of user data entries that include user specific data (e.g., such as username, password, biographical information, or the like). The network databases 1206A, 1206B include a plurality of network content entries that include network specific data (e.g., shared posts, documents, photos, or the like). Examples of the user data entries and network data entries will be described in greater detail below with reference to FIG. 13.
[0103] The user database 1208 may correspond to a central database that includes data that is utilized by a plurality of networks. For example, a user may logon to a particular network (e.g.,
Network 1) through a user interface as discussed above. A network application interface 1202 may be called by an application program (e.g., application protocol interface module 1 12, FIG.
1) in order to generate a network interface for the user based on the login information. The network application interface 1202 may be configured to communicate the user log-in information to a data processor 1204 in order to query the databases for the particular combination of user information and network information that corresponds to the user's login.
For example, the data processor 1204 may be configured to retrieve the particular user's common profile information from the user database 1208 based on the user's login information
(e.g., username and password). For a user accessing Network 1 (e.g., a particular professional or care network), the data processor 1204 may also retrieve content entries corresponding to Network 1 that are affiliated with the particular user. For example, as will be discussed in greater detail with reference to FIG. 13, each of the Network 1 content entries may include a data entry database ID that corresponds to a user entry's database ID. The data processor 1204 may then communicate the compiled data to the network application interface 1202. The network application interface 1202 may in -turn format the data appropriately for communication with a network processor (e.g., network processor 102, Fig. 1 through application protocol interface module 112) in order to generate the user interface for display to the user.
[0104] As the user switches between networks, separate log-in information is not required. Rather, data retrieved from the user database 1208 is utilized and updated data corresponding to the new network is retrieved from the corresponding network database. For example, as a user switches from Network 1 to Network 2, the same user data entry information is maintained and/or retrieved by the data processor 1204, while the corresponding updated network data entries are retrieved from the Network 2 database 1206B. While only two networks are shown in the example of FIG. 12, as discussed above with reference to FIG. 2, a user may have access to any number of different networks, each having different network content entries.
[0105] FIG. 13 illustrates examples of a user data entry 1310 and network content entries 1320, 1330 according to some embodiments. The user data entry 1310 may correspond to a user data entry within a user database 1208 as discussed above with reference to FIG. 12. The content data entries 1320 and 1330 may correspond to content entries in a particular network database (e.g., Network 1 Database 1206A or Network 2 Database 1206B). As shown in FIG. 13, the user data entry 1310 may include an entry ID 1312 identifying the entry within the memory as a user data entry corresponding to a particular user. For example, the entry ID 1312 may include a pre-fix identifying the entry as a user data entry, and a field including data (e.g., an integer or character value) for uniquely identifying the user data entry. The user data entry 1310 may include user information that can be utilized across multiple networks, such as username, password, contact information, status information, biographical information (e.g., user profile text), notification settings, privacy settings, and social network information. The social network information may include external social network IDs for social networks that hosted by third parties as well as internal affiliated networks that are accessible by the user through the common network portal. Other information may also be included in a user data entry that may be common across all networks.
[0106] FIG. 13 illustrates two examples of network content entries. These examples are non-limiting examples and the number, content, and type of the network content entries is not limited to those illustrated in FIG. 13. Content table 1320 illustrates an example posts entry corresponding to Network 1. Content table 1320 includes an entry ID 1322 for identifying the content entry within the memory and associating the content entry with a particular user and network combination. For example, the entry ID 1322 may include a pre-fix for identifying the type of content of the content entry (e.g., post) and a field including data (e.g., an integer or character value) for uniquely identifying the content entry. Content entry 1320 may include data corresponding to a post that is associated with a user's profile for a particular network, such as topic ID, board ID, post content, post metadata (e.g., creation date, modification date, or the like), and a member ID identifying the member associated with the particular post.
[0107] Content table 1330 illustrates an example comments entry corresponding to Network 1. Content table 1330 includes an entry ID 1332 for identifying the content entry within the memory and associating the content entry with a particular user and network combination. For example, the entry ID 1332 may include a pre-fix for identifying the type of content of the content entry (e.g., comment) and a field including data (e.g., an integer or character value) for uniquely identifying the content entry. Content entry 1330 may include data corresponding to a comment that is associated with a user's profile for a particular network, such as message content, comment type, comment metadata (e.g., creation date, modification date, or the like), and a member ID identifying the member associated with the particular comment. While not shown, other information may also be stored along with the content data, or as part of the content metadata, such as data specific privacy control settings and/or access information regarding the content data.
[0108] In some embodiments, entry ID 1322 and entry ID 1332 may include the same data as entry ID 1312 such that the content entry 1320 may be associated with the particular user. In other embodiments, entry ID 1322 and entry ID 1332 may be linked to entry ID 1312 by a user association table linking the user data entry 1310 with corresponding content information for a particular network. Associations between the various data entries may be utilized by various application modules in order to generate a user profile for display, update user information, and enable cross-network and/or multi-network access to content by users as discussed above.
[0109] Each of the various illustrative logical blocks, modules, processors, and circuits described in connection with the embodiments disclosed herein may be implemented or performed with a general purpose processor, a digital signal processor (DSP), an application specific integrated circuit (ASIC), a field programmable gate array (FPGA) or other programmable logic device, discrete gate or transistor logic, discrete hardware components, or any combination thereof designed to perform the functions described herein. A general purpose processor may be a microprocessor, but in the alternative, the processor may be any processor, controller, microcontroller, or state machine. A processor may also be implemented as a combination of computing devices, e.g., a combination of a DSP and a microprocessor, a plurality of microprocessors, one or more microprocessors in conjunction with a DSP core, or any other such configuration.
[0110] In one or more example embodiments, the functions and methods described may be implemented in hardware, software, or firmware executed on a processor, or any combination thereof. If implemented in software, the functions may be stored on or transmitted over as one or more instructions or code on a computer-readable medium or memory. Computer-readable media include both non-transitory computer storage media and communication media including any medium that facilitates transfer of a computer program. A storage medium may be any available media that can be accessed by a computer. By way of example, and not limitation, such computer-readable media can include non-transitory computer-readable media including
RAM, ROM, EEPROM, CD-ROM or other optical disk storage, magnetic disk storage or other magnetic storage devices, or any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer. A computer-readable medium can include a communication signal path. For example, if the software is transmitted from a website, server, or other remote source using a coaxial cable, fiber optic cable, twisted pair, digital subscriber line (DSL), or wireless technologies such as infrared, radio, and microwave, then the coaxial cable, fiber optic cable, twisted pair, DSL, or wireless technologies such as infrared, radio, and microwave are included in the definition of medium.
[0111] The system may include various modules as discussed above. As can be appreciated by one of ordinary skill in the art, each of the modules may include one or more of a variety of sub routines, procedures, definitional statements and macros. Each of the modules may be separately compiled and linked into a single executable program. Therefore, the description of each of the modules is used for convenience to describe the functionality of the disclosed embodiments. Thus, the processes that are undergone by each of the modules may be redistributed to one of the other modules, combined together in a single module, or made available in, for example, a shareable dynamic link library.
[0112] The system may be used in connection with various operating systems such as
Linux®, UNIX® or Microsoft Windows®. The system may be written in any conventional programming language such as C, C++, BASIC, Pascal, or Java, and ran under a conventional operating system. The system may also be written using interpreted languages such as Visual Basic (VB.NET), Perl, Python, Ruby, PHP, HTML, and/or CSS.
[0113] It will be appreciated by those skilled in the art that various modifications and changes may be made without departing from the scope of the described technology. Such modifications and changes are intended to fall within the scope of the embodiments that are described. It will also be appreciated by those of skill in the art that features included in one embodiment are interchangeable with other embodiments; and that one or more features from a depicted embodiment can be included with other depicted embodiments in any combination. For example, any of the various components described herein and/or depicted in the figures may be combined, interchanged, or excluded from other embodiments.

Claims

What is claimed is:
1. A computer-implemented system comprising:
a memory including user profile data, wherein the user profile data includes shared data and access data corresponding to the shared data, and wherein the shared data is shared with at least one other user through a social network; and
a computer processor, operatively coupled to the memory, and configured to:
determine a set of users who have access to the shared data;
determine a change to the set of users who have access to the shared data; and update the access data based on the determined change to the set of users who have access to the shared data.
2. The computer- implemented system of Claim 1, wherein the computer processor is configured to send a notification to the first user based on the change to the set of users.
3. The computer-implemented system of Claim 1 , wherein the user profile data includes first user profile data corresponding to a first user and second user profile data corresponding a second user, and wherein the shared data comprises data that is shared by the first user with the second user through the social network.
4. The computer-implemented system of Claim 3, wherein the second user profile data includes a privacy setting, and wherein the computer processor is configured to:
determine a set of users corresponding to the privacy setting;
receive a request to change the privacy setting;
determine a change to the set of users corresponding to the change in the privacy setting; and
update the access data based on the determined change to the set of users.
5. The computer- implemented system of Claim 3, further comprising a user-interface, and wherein the access data is displayed to the first user through the user-interface.
6. The computer-implemented system of Claim 5, wherein the computer processor is configured to receive parameters for analyzing the access data, and wherein the computer processor is configured to generate a statistical representation of the access data based on the received parameters.
7. The computer- implemented system of Claim 1, further comprising a user- interface configured to display the profile data to a user, wherein the profile data includes data corresponding to a plurality of users, wherein each of the plurality of users has a corresponding privacy setting, and wherein the user-interface is configured to display a privacy icon for each of the plurality of users based on the corresponding privacy setting.
8. The computer- implemented system of Claim 7, wherein the user-interface is configured to display additional information regarding the corresponding privacy setting through interaction with the user icon.
9. The computer-implemented system of Claim 7, wherein the notification includes a request to grant access to the shared data.
10. The computer- implemented system of Claim 1, wherein the computer processor is configured to, in response to the updated access data, receive a request to change a privacy setting associated with the shared data; and adjust the set of users having access to the shared data based on the change to the privacy setting.
11. The computer-implemented system of Claim 1 , wherein the access data comprises data indicative of one or more of a number of times the shared data has been accessed, the number of users that have accessed the shared data, user identification information associated with users who have accessed the shared data, and date information for each access instance.
12. The computer- implemented system of Claim 1, wherein the access data comprises threshold data indicative of the number of users that can have access to the shared data, and wherein the computer processor is configured to compare the number of users in the set of users having access to the shared data to the threshold data prior to granting access to the shared data.
13. The computer- implemented system of Claim 1 , wherein the shared data includes data having a first privacy setting and data having a second privacy setting that is different than the first privacy setting.
14. The computer-implemented system of Claim 13, wherein the first privacy setting and the second privacy setting include information indicative of user consent to access the shared data, a particular purpose required to access the shared data, and a plurality of triggering events that trigger a notification to the user regarding the shared data.
15. The computer- implemented system of Claim 1, wherein the computer processor is configured to receive a request to access the shared data, determine a privacy setting associated with the shared data, and grant access to the shared data based on the privacy setting.
16. The computer- implemented system of Claim 15, wherein the computer processor is configured to, based on the privacy setting, request an acknowledgment of confidentiality from a user requesting access to the shared data; determine a user having administrative access to the shared data; and send a notification to the user having administrative access to the shared data.
17. The computer- implemented system of Claim 1, wherein the computer processor is configured to receive a request to change a privacy setting associated with the shared data, and wherein the computer processor stores an updated privacy setting in the memory based on the received request.
18. A computer-implemented system comprising:
a memory including first profile data associated with a first social network and second profile data associated with a second social network; and
a computer processor operatively coupled to the memory and configured to provide access to the first social network and the second social network through a single portal.
19. The computer-implemented system of Claim 18, wherein the first social network comprises a professional network, and wherein the second social network comprises a medical care network.
20. The computer-implemented system of Claim 18, wherein the single portal includes user identification information that is common to the first social network and the second social network.
21. The computer- implemented system of Claim 20, wherein the user identification information includes user name and password information.
22. The computer- implemented system of Claim 18, wherein the computer processor is configured to request user identification information prior to permitting access to one of the first social network and the second social network.
23. The computer-implemented system of Claim 22, wherein the user identification information is not required to transition from the first social network to the second social network.
24. The computer- implemented system of Claim 23, wherein the computer processor is configured to receive a request to transition from the first social network to the second social network; and, in response to the request, display the second user profile data through a user- interface.
25. The computer-implemented system of Claim 24, wherein the first user profile data and the second user profile data each include data indicative of different group associations and friend associations.
26. The computer-implemented system of Claim 18, wherein the first profile data includes first shared data that is shared with one or more users of the first social network, and wherein the second profile data includes second shared data that is shared with one or more users of the second social network.
27. The computer-implemented system of Claim 26, wherein the first shared data is different than the second shared data.
28. The computer-implemented system of Claim 18, wherein a plurality of users have administrative rights over the second profile data, and wherein a single user has administrative rights over the first profile data.
29. The computer- implemented system of Claim 28, wherein the second social network comprises a health account.
30. The computer-implemented system of Claim 18, wherein the first social network includes health care professionals that are provided access to particular shared data regarding patients that are members of the second social network.
31. The computer-implemented system of Claim 30, wherein patient data is shared by a user through the second social network, wherein the patient data includes medication or patient events, and wherein the computer processor is configured to share the patient data to members of the first social network.
32. The computer- implemented system of Claim 31 , wherein the computer processor is configured to receive parameters for analyzing the patient data, and wherein the computer processor is configured to perform analysis of the patient data based on the received parameters.
33. The computer-implemented system of Claim 32, wherein the patient data comprises data associated with multiple patients.
34. A computer-implemented method of managing shared data in a social network, the shared data having associated access data stored in a memory, the method comprising: determining, via a computer processor, a set of users who have access to the shared data; determining, via the computer processor, a change to the set of users who have access to the shared data; and
updating, via the computer processor, access data based on the determined change to the set of users who have access to the shared data.
35. The computer-implemented method of Claim 34, further comprising sending a notification to the first user based on the change to the set of users.
36. The computer-implemented method of Claim 34, wherein the shared data comprises data that is shared by the first user with the second user through the social network.
37. The computer-implemented method of Claim 36, wherein the second user profile data includes a privacy setting, the method further comprising:
determining a set of users corresponding to the privacy setting;
receiving a request to change the privacy setting;
determining a change to the set of users corresponding to the change in the privacy setting; and
updating the access data based on the determined change to the set of users.
38. The computer-implemented method of Claim 34, further comprising receiving a request to access the shared data, determining a privacy setting associated with the shared data, and granting access to the shared data based on the privacy setting.
39. A non-transitory computer-readable medium having stored thereon a computer program product having instructions configured to cause processing circuitry to manage shared data in a social network, the shared data having associated access data stored in a memory, the instructions configured to cause the processing circuitry to:
determine a set of users who have access to the shared data;
determine a change to the set of users who have access to the shared data; and update access data based on the determined change to the set of users who have access to the shared data.
40. The non-transitory computer-readable medium of Claim 39, further comprising instructions configured to cause the processing circuitry to send a notification to the first user based on the change to the set of users.
41. The non-transitory computer-readable medium of Claim 39, wherein the shared data comprises data that is shared by the first user with the second user through the social network.
42. The non-transitory computer-readable medium of Claim 41 , wherein the second user profile data includes a privacy setting, the non-transitory computer-readable medium having stored thereon instructions configured to cause the processing circuitry to:
determine a set of users corresponding to the privacy setting;
receive a request to change the privacy setting;
determine a change to the set of users corresponding to the change in the privacy setting; and
update the access data based on the determined change to the set of users.
43. The non-transitory computer-readable medium of Claim 39, further comprising instructions configured to cause the processing circuitry to receive a request to access the shared data, determine a privacy setting associated with the shared data, and grant access to the shared data based on the privacy setting.
44. A computer-implemented method for providing access to a plurality of computer- implemented social networks; the method comprising:
receiving a request to access one of a first social network and a second social network; authenticating a user profile based on the received request; and
providing access to a first social network and a second social network through a single portal.
45. The computer-implemented method of Claim 44, wherein the first social network comprises a professional network, and wherein the second social network comprises a medical care network.
46. The computer-implemented method of Claim 44, wherein the single portal includes user identification information that is common to the first social network and the second social network.
47. The computer-implemented method of Claim 44, wherein the second social network comprises a health account.
48. The computer-implemented method of Claim 44, wherein the first social network includes health care professionals that are provided access to particular shared data regarding patients that are members of the second social network.
49. A non-transitory computer readable medium having stored thereon a computer program product having instructions configured to cause processing circuitry to:
receive a request to access one of a first social network and a second social network; authenticate a user profile based on the received request; and
provide access to a first social network and a second social network through a single portal.
50. The non-transitory computer readable medium of Claim 49, wherein the first social network comprises a professional network, and wherein the second social network comprises a medical care network.
51. The non-transitory computer readable medium of Claim 49, wherein the single portal includes user identification information that is common to the first social network and the second social network.
52. The non-transitory computer readable medium of Claim 49, wherein the second social network comprises a health account.
53. The non-transitory computer readable medium of Claim 49, wherein the first social network includes health care professionals that are provided access to particular shared data regarding patients that are members of the second social network.
PCT/IB2014/002241 2013-06-28 2014-06-27 Computer systems and methods for multi-network connectivity and privacy control WO2015019186A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201361840951P 2013-06-28 2013-06-28
US61/840,951 2013-06-28

Publications (2)

Publication Number Publication Date
WO2015019186A2 true WO2015019186A2 (en) 2015-02-12
WO2015019186A3 WO2015019186A3 (en) 2015-07-16

Family

ID=52134249

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2014/002241 WO2015019186A2 (en) 2013-06-28 2014-06-27 Computer systems and methods for multi-network connectivity and privacy control

Country Status (1)

Country Link
WO (1) WO2015019186A2 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020180615A1 (en) 2019-03-01 2020-09-10 Graphite Systems Inc. Social graph database with compound connections
WO2022157712A1 (en) * 2021-01-23 2022-07-28 Kodidala Mallikarjunarao A computer- implemented system and method to define hidden followers and hidden comments in a social networking portal
US11657368B2 (en) * 2019-05-17 2023-05-23 Samsung Electronics Co., Ltd. Server and control method thereof

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090125521A1 (en) * 2007-11-08 2009-05-14 William Petty System and method for representation of multiple-identities of a user in a social networking environment
US8843554B2 (en) * 2011-05-26 2014-09-23 Facebook, Inc. Social data overlay
US9098720B2 (en) * 2011-11-21 2015-08-04 Facebook, Inc. Location aware shared spaces

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
None

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2020180615A1 (en) 2019-03-01 2020-09-10 Graphite Systems Inc. Social graph database with compound connections
US11562442B2 (en) 2019-03-01 2023-01-24 Graphite Systems Inc. Social graph database with compound connections
US11657368B2 (en) * 2019-05-17 2023-05-23 Samsung Electronics Co., Ltd. Server and control method thereof
WO2022157712A1 (en) * 2021-01-23 2022-07-28 Kodidala Mallikarjunarao A computer- implemented system and method to define hidden followers and hidden comments in a social networking portal

Also Published As

Publication number Publication date
WO2015019186A3 (en) 2015-07-16

Similar Documents

Publication Publication Date Title
US10530760B2 (en) Relationship-based authorization
Al-Muhtadi et al. Cybersecurity and privacy issues for socially integrated mobile healthcare applications operating in a multi-cloud environment
US20230402140A1 (en) Patient-centric health record system and related methods
US20210142872A1 (en) Immerse software-as-a-service patient empowerment platform for clinical trial participants
Mandl et al. Public standards and patients' control: how to keep electronic medical records accessible but privateMedical information: access and privacyDoctrines for developing electronic medical recordsDesirable characteristics of electronic medical recordsChallenges and limitations for electronic medical recordsConclusionsCommentary: Open approaches to electronic patient recordsCommentary: A patient's viewpoint
US9202084B2 (en) Security facility for maintaining health care data pools
Gajanayake et al. Sharing with care: An information accountability perspective
US20070061393A1 (en) Management of health care data
AU2016211464A1 (en) System and method for controlling permissions for selected recipients by owners of data
US20140067418A1 (en) Method and system for facilitating communication between a patient and a care provider
Soleimani et al. Participation of patients with chronic illness in nursing care: An Iranian perspective
Ammar et al. Using a personal health library–enabled mHealth recommender system for self-management of diabetes among underserved populations: use case for knowledge graphs and linked data
US20140136236A1 (en) Patient and physician gateway to clinical data
JP2020522816A (en) Device, system and method for valid personal health records
AU2015306081B2 (en) System and method for management of medical records
Sunyaev Evaluation of Microsoft HealthVault and Google Health personal health records
WO2015019186A2 (en) Computer systems and methods for multi-network connectivity and privacy control
Wuyts et al. What electronic health records don’t know just yet. A privacy analysis for patient communities and health records interaction
US20140222445A1 (en) Health related social networking
Parrend et al. Cerberus, an Access Control Scheme for Enforcing Least Privilege in Patient Cohort Study Platforms: A Comprehensive Access Control Scheme Applied to the GENIDA Project–Study of Genetic Forms of Intellectual Disabilities and Autism Spectrum Disorders
De Backere et al. Sharing health data in Belgium: A home care case study using the Vitalink platform
TW201514909A (en) System and method for sharing data in a clinical network environment
US20170098036A1 (en) Method of managing patient information and distribution to specific users
Ahmed et al. Virtual Hospitals: Integration of Telemedicine, Healthcare Services, and Cloud Computing
Ghare et al. A Platform for Video Consultations with Patients and Collaboration with Healthcare Professionals

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 14815863

Country of ref document: EP

Kind code of ref document: A2

122 Ep: pct application non-entry in european phase

Ref document number: 14815863

Country of ref document: EP

Kind code of ref document: A2