US20010047281A1 - Secure on-line authentication system for processing prescription drug fulfillment - Google Patents

Secure on-line authentication system for processing prescription drug fulfillment Download PDF

Info

Publication number
US20010047281A1
US20010047281A1 US09799650 US79965001A US2001047281A1 US 20010047281 A1 US20010047281 A1 US 20010047281A1 US 09799650 US09799650 US 09799650 US 79965001 A US79965001 A US 79965001A US 2001047281 A1 US2001047281 A1 US 2001047281A1
Authority
US
Grant status
Application
Patent type
Prior art keywords
communications network
prescription
via
pharmacy
registered
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US09799650
Inventor
Michael Keresman
Jeffry Bowman
Francis Sherwin
Chandra Balasubramanian
Ravishankar Bhagavatula
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
CardinalCommerce Corp
Original Assignee
CardinalCommerce Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F19/00Digital computing or data processing equipment or methods, specially adapted for specific applications
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/22Social work
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06QDATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q50/00Systems or methods specially adapted for specific business sectors, e.g. utilities or tourism
    • G06Q50/10Services
    • G06Q50/22Social work
    • G06Q50/24Patient record management

Abstract

A method of processing drug prescriptions via a communications network includes registering doctors, pharmacies and patients as participants such that each registered participant's identity is uniquely defined and determinable. Registered doctors from which prescriptions are received via the communications network have their identities authenticated. Each of the received prescriptions indicates a respective registered patient's identity for whom the prescription is intended. Registered patients from which orders are received via the communications network also have their identities authenticated. Each of the received orders indicates the prescription being ordered. The method also includes forwarding the orders to registered pharmacies via the communications network.

Description

  • This application claims the benefit of U.S. Provisional Application No. 60/187,341 filed Mar. 6, 2000.[0001]
  • BACKGROUND OF THE INVENTION
  • The present invention relates to the art of Internet security and the authentication of otherwise unknown persons. It finds particular application in conjunction with Internet based fulfillment of prescription drug orders and/or access to confidential pharmaceutical or medical records. Consequently, it will be described with particular reference thereto. However, it is to be appreciated that the present invention is also amenable to other like applications. [0002]
  • The Internet is an electronic communications network useful for transferring data or information. Due to its speed and convenience, many individuals and businesses find it advantageous to communicate, exchange data and/or conduct transactions over the Internet. It is desired, e.g., in the medical and pharmaceutical fields, to have a patient's medical or pharmaceutical records readily accessible to doctors and/or pharmacies over the Internet. In this manner, physicians and/or pharmacists may make informed treatment/prescription decisions based on the particular circumstance of the patient (e.g., the patient health, medical history, other drugs being taken or already prescribed, drug allergies, etc.). Additionally, patients may desire to have prescriptions conveniently filled over the Internet. The foregoing propositions, however, present certain difficulties which heretofore have not been sufficiently addressed. [0003]
  • Patient's typically wish to regulate access to sensitive or confidential information, such as medical and pharmaceutical record. Moreover, it advantageous to ensure that prescription drugs are not abused. That is to say, prescription drug fulfillment should be carefully administered so that only the patient for whom the drugs are intended actually receive the drugs, and that they only receive those drugs that are properly prescribed. Consequently, it is advantageous to have a suitable degree of security which prevents unauthorized access to a patient's confidential medical and pharmaceutical records, which prevents unauthorized individual from writing prescriptions, which prevents unauthorized individuals from receiving prescription drugs not meant for them, which prevents pharmacies from filling prescriptions improperly written or order, etc. The Internet is, however, an unsecure network vulnerable to potential mischief and/or fraud, e.g., via an individual's misrepresentation of their true identity. As Internet transactions are not carried out face-to-face, traditional authentication protocols (e.g., visual inspection of the individual, inspect of the individuals signature, direct review of the individuals credentials, etc.) tend to be ineffective or not applicable. Accordingly, there is desired, for use in connection with the Internet or other like communications networks, a processing system and/or technique that provides an appropriate level of security which guards against fraudulent or otherwise unauthorized prescription drug fulfillment transactions and/or unauthorized access to confidential medical and/or pharmaceutical records. [0004]
  • Complicating matters further is that fact that often a patient's medical and/or pharmaceutical records are maintained by multiple medical care givers or pharmaceutical prescription fillers. Previously developed security measures in this respect tend to be limited. For example, many record holders (e.g., medical or pharmaceutical facilities) have separate disparate security measures and/or authentication protocols. This is inconvenient and unduly repetitive for those which desire access to confidential records from a plurality of distinct record holders. A multitude of disparate protocols and security measures results in the users having to maintain numerous distinct passwords, IDs, electronic keys and/or other security software or devices, often, a different one for each record holder. Moreover, some record holders may use four character passwords which are capitalization sensitive while others may use eight character passwords which are capitalization independent. There is no standard authentication protocol among the various record holders having a presence on the Internet. This makes keeping track of the various protocols and remembering the various security passwords and IDs even more difficult for users. Additionally, the various record holders are each separately authenticating users' identities. This is unduly repetitive and inefficient, especially considering that the record holders' core competency is not likely to include identity authentication. [0005]
  • Commonly, the prescription drug fulfillment process or access to medical/pharmaceutical records involves a three party transaction. For example, typical prescription drug processing involves a doctor writing a prescription, a patient ordering the prescription and a pharmacy filling the prescription. As opposed to a “linear” two party transaction which is relatively simple (e.g., a commercial purchase/sale transaction), it can be problematic to coordinated transactions among three parties while maintaining appropriate security safeguards. Furthermore, in traditional prescription drug processing, the doctor often calls in a prescription to a particular pharmacy in order to expedite processing. This in turn locked the patient into using that pharmacy to fill the prescription, which may be undesired by patient for what ever reason (e.g., the patient may want to shop around for the best price before deciding which pharmacy to use). Even if the patient originally tells the doctor what pharmacy to use at the time the prescription is being written, the patient may later change their mind when the prescription is being ordered. Traditional prescription processing is unable to suitably accommodate a patient's desire to freely select a pharmacy after the prescription has been written, at best, filling of the prescription would be delayed or the process further complicated. For example, the doctor may have to be contacted by the patient, and may have to call in changes to both the original pharmacy where the prescription was called in and to the new pharmacy where the patient wishes to have the prescription filled. [0006]
  • The present invention contemplates a new and improved communications network processing system and technique for prescription drug fulfillment and/or regulating access to confidential medical/pharmaceutical records that overcomes the above-referenced problems and others. [0007]
  • SUMMARY OF THE INVENTION
  • In accordance with one aspect of the present invention, a method is provided. The method includes registering doctors, pharmacies and patients as participants such that each registered participant's identity is uniquely defined and determinable. Registered doctors from which prescriptions are received via the communications network have their identities authenticated. Each of the received prescriptions indicates a respective registered patient's identity for whom the prescription is intended. Registered patients from which orders are received via the communications network also have their identities authenticated. Each of the received orders indicates the prescription being ordered. The method also includes forwarding the orders to registered pharmacies via the communications network. [0008]
  • In accordance with a more limited aspect of the present invention, the method further includes receiving, via the communications network, confirmation from pharmacies to which orders were forwarded. Each of the confirmations indicates that at least one of the following has occurred: the pharmacy has received the order, the pharmacy has accepted the order, the pharmacy is filling the order or the pharmacy has completed filling the order. [0009]
  • In accordance with a more limited aspect of the present invention, the method further includes forwarding, via the communications network, the received confirmations to at least one of the patient from which the corresponding order was received and the doctor from which the correspond prescription was received. [0010]
  • In accordance with a more limited aspect of the present invention, the method further includes notifying registered patients via the communications network when prescriptions are received therefor. [0011]
  • In accordance with a more limited aspect of the present invention, the authentication performed is at least two factor authentication. [0012]
  • In accordance with a more limited aspect of the present invention, prescriptions and orders are not accepted from doctors and patients, respectively, which do not have their identities authenticated. [0013]
  • In accordance with a more limited aspect of the present invention, the identity of at least one of the doctor and the patient is withheld from the pharmacy to which the order is forwarded. [0014]
  • In accordance with another aspect of the present invention, a prescription drug fulfillment system includes a computer connected to a communications network and means for registering doctors, pharmacies and patients as participants such that each registered participant's identity is uniquely defined and determinable. A central database is accessible by the computer and contains accounts created by the registering means for each registered participant. The accounts include identifying data collected by the registering means. Means are provided for authenticating registered participants' identities. The authentication means collects authentication data from participants via the communications network and compares it to corresponding data from account records in the central database such that when there is a match the participant providing the authentication data is deemed to be the registered participant to which the account relates. Means are also provided for receiving, via the communications network, prescriptions from authenticated doctors and orders from authenticated patients. Each of the prescriptions indicates a respective registered patient's identity for whom the prescription is intended, and each of the orders indicating the prescription being ordered. Forwarding means forward orders to registered pharmacies via the communications network. [0015]
  • In accordance with a more limited aspect of the present invention, the communications network is the Internet. [0016]
  • In accordance with a more limited aspect of the present invention, the system further includes means for receiving, via the communications network, confirmation from pharmacies to which orders were forwarded. Each of the confirmations indicating that at least one of the following has occurred: the pharmacy has received the order, the pharmacy has accepted the order, the pharmacy is filling the order or the pharmacy has completed filling the order. [0017]
  • In accordance with a more limited aspect of the present invention, the system further includes means for forwarding, via the communications network, the received confirmations to at least one of the patient from which the corresponding order was received and the doctor from which the correspond prescription was received. [0018]
  • In accordance with a more limited aspect of the present invention, the system further includes means for notifying registered patients via the communications network when prescriptions are received therefor. [0019]
  • In accordance with a more limited aspect of the present invention, the authentication means employs at least two factor authentication. [0020]
  • In accordance with a more limited aspect of the present invention, the means for receiving prescriptions and orders does not accept prescriptions and orders from doctors and patients, respectively, which do not have their identities authenticated. [0021]
  • In accordance with a more limited aspect of the present invention, the means for forwarding orders withholds at least one of the doctor's identity and the patient's identity from the pharmacy to which the order is forwarded. [0022]
  • In accordance with another aspect of the present invention, a method of regulating access via a communications network to medical/pharmaceutical data maintained by a record holder having a presence on the communications network includes providing access controls which are selectively set by an account holder. The account holder has medical/pharmaceutical data related thereto maintained by the record holder, and the access controls specify a level of authorization to be granted to identified requesters seeking access to medical/pharmaceutical data. The method also includes receiving, via the communications network, a contact from a requester seeking access to the medical/pharmaceutical data maintained by the record holder and authenticating the requestor's identity. The identified requestor is granted the specified level of authorization determined from the access controls. [0023]
  • In accordance with a more limited aspect of the present invention, the provided access controls specify the level of authorization to be granted to a whole class of requesters. [0024]
  • In accordance with a more limited aspect of the present invention, a determined level of authorization permits a requestor to carry out at least one of the following: writing prescriptions for the account holder, ordering prescriptions for the account holder, filling a prescription for the account holder, receiving the medical/pharmaceutical data from the record holder, and modifying the medical/pharmaceutical data maintained by the record holder. [0025]
  • In accordance with a more limited aspect of the present invention, the identity of the requestor is not revealed to the record holder. [0026]
  • One advantage of the present invention is that access to and communication of confidential medical and/or pharmaceutical records is privately, securely and readily carried out. [0027]
  • Another advantage of the present invention is that participants are protected from fraudulent or otherwise unauthorized access to confidential medical and/or pharmaceutical records. [0028]
  • Yet another advantage of the present invention is that a prescription drug recipient and/or patient may have a prescription expeditiously fill at their pharmacy of choice without the prescribing doctor having to know the patient's choice of pharmacy. [0029]
  • Still further advantages and benefits of the present invention will become apparent to those of ordinary skill in the art upon reading and understanding the following detailed description of the preferred embodiments.[0030]
  • BRIEF DESCRIPTION OF THE DRAWING(S)
  • The invention may take form in various components and arrangements of components, and in various steps and arrangements of steps. The drawings are only for purposes of illustrating preferred embodiments and are not to be construed as limiting the invention. [0031]
  • FIG. 1 is a block diagram showing an authentication system for pharmaceutical prescription fulfillment and data access in accordance with aspects of the present invention for use in connection with a communications network. [0032]
  • FIG. 2 is a block diagram showing an exemplary participant registration process in accordance with aspects of the present invention. [0033]
  • FIG. 3 is a block diagram showing an exemplary authentication process in accordance with aspects of the present invention. [0034]
  • FIG. 4 is a block diagram showing an exemplary prescription fulfillment process in accordance with aspects of the present invention. [0035]
  • FIG. 5 is a block diagram showing an exemplary data access process in accordance with aspects of the present invention.[0036]
  • DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT(S)
  • In accordance with aspects of a preferred embodiment of the present invention, FIG. 1 shows an authentication system A for fulfilling drug prescription processing. The system A includes an authenticating agent [0037] 10 which maintains a presence on the Internet 20 or other like communications network via a server 12 or otherwise. A prescription drug provider 30 (e.g., a pharmacy or the like) also maintains a presence on the Internet 20 via a server 32 or otherwise. A prescription originator or writer 40 (e.g., a medical facility, a doctor, physician or other health care professional, a hospital, etc.) gains access to the Internet 20 using a computer 42 with an appropriate web browser or other like software running thereon. Similarly, a prescription drug recipient or patient 50 gains access to the Internet 20 using a computer 52 with an appropriate web browser or other like software running thereon. Of course, the system A is preferably administered to multiple similarly situated pharmacies 30, doctors 40, and patients 50. However, in the interest of simplicity herein, only one of each is shown in FIG. 1. Moreover, while described herein with reference to the Internet 20, upon reading and understanding the present content it will be appreciated by those of ordinary skill in the art that other communications networks, local or wide area computer networks, cellular networks, hard wired networks, etc., may also be employed as the means for communicating data and/or information between participants. Likewise, various terminals or other desired interfacing hardware optionally replaces the computers and servers as appropriate for a given network. Additionally, while not explicitly proposed in every instance described herein, it is to be appreciated that security of the system A is further enhanced by optionally encrypting, with known encryption techniques, any or all of the communications relayed or otherwise transmitted over the Internet 20.
  • Note, as used herein participants refers to any one or more of the aforementioned pharmacies [0038] 30, doctors 40 or patients 50. Likewise, pharmacies 30 refers generally to prescription drug providers, doctors 40 refers generally to medical care givers, medical facilities and the like which write prescriptions or order prescription drugs for patients, and patients 50 refers generally to prescription drug takers or recipients.
  • Each pharmacy [0039] 30 also preferably maintains a database 34. The respective databases 34 contain personal and/or confidential pharmaceutical records, data or information related to patients or prescription drug recipients 50 which are patrons of, or otherwise serviced by, the pharmacy 30. For example, the pharmaceutical records maintained by the pharmacy 30 in their database 34 may contain, without limitation: the patient's name, address, social security number, age, sex, weight and/or other like personal information, a list of known or reported medical conditions which may be impacted by prescription drugs, a list of outstanding prescriptions filled by the pharmacy for the patient, a prescription history for the patient, a list of known or reported drug allergies for the patient, a list of the patient's doctors, medical care givers and/or drug prescribers, a list of prohibit drugs for the patient, an indication of the patient's preference for generic or name brand drugs, data related to the patient's insurance coverage, data related to the patient's preferred form(s) of payment, etc.
  • With additional reference to FIG. 2, a registration process [0040] 100 is administered by the authenticating agent 10 to prospective participants 110, preferably, over the Internet 20. Once registered, the participant 110 becomes part of and/or may utilize the system A.
  • Registration is carried out such that each participants' identity is uniquely defined and determinable. In one preferred embodiment, the registration of a participant [0041] 110 begins with a visit by the participant 110 to the authenticating agent 10. Over the Internet 20, the interested participant 110 using an appropriate web browser accesses or is otherwise provided a registration page 112 which is made available via the agent's sever 12. As the registration process 100 continues, registration data 114 is collected or otherwise obtained by the agent 10 from the potential new participant 110 which is making application for participation in the system A. The registration data 114 may include, e.g., in the case of patients or drug recipients 50, their name, age (date of birth), sex, weight, social security number, and/or other like personal information, address, e-mail address, home phone number, work phone number, mother's maiden name, employer, a list of known or reported medical conditions which may be impacted by prescription drugs, a prescription history for the patient, a list of known or reported drug allergies for the patient, a list of the patient's doctors, medical care givers and/or drug prescribers, a list of prohibit drugs for the patient, an indication of the patient's preference for generic or name brand drugs, data related to the patient's insurance coverage, data related to the patient's preferred form(s) of payment, etc.; and in the case of prescription orders or writers 40 and/or prescription drug providers 30, the nature of the participant (i.e., medical facility, doctor, hospital, physician, pharmacy, etc.), their name, address, phone number, tax ID numbers, identification of their medical or pharmaceutical credentials or licenses, e-mail and/or web address, etc.
  • Prior to accepting a new participant [0042] 110, the participant 110 is evaluated by the agent 10. Preferably, the evaluation process 116 verifies the participant's identity from the collected registration data 114 and determines the user's qualifications for participation, including optionally determining patients' credit worthiness. Optionally, the collected data 114 is used to verify the participant's identity by determining its consistency with information made available from conventional identity verification sources. To retrieve the information from the conventional identity verification sources, the agent 10 preferably obtains consent from the participant 110 to access the same when the registration data 114 is collected.
  • When the participant [0043] 110 intends to process payments for commercial transactions using the system A (e.g., when a patient 50 intends to purchase prescription drugs from a pharmacy 30 using the system A), the participant's credit worthiness is preferably evaluated. In determining credit worthiness, the agent 10 optionally passes relevant user registration data to an appropriate financial institution or credit bureau where it is analyzed for credit worthiness. Alternately, the data is analyzed by the agent's own credit approval system. The analysis preferably includes the application of known credit approval techniques and algorithms which determine credit worthiness. Alternately, one or more, new or previously existing debit or credit accounts are set up for the patient 50 based on the analysis and/or the financial data obtained.
  • For doctors [0044] 40 and pharmacies 30, the evaluation preferably includes a verification of their credentials and/or licenses. To achieve the foregoing verification, the collected registration data 114 is compared to corresponding data made available from the government office or agency which issues the credentials and/or grants the licenses. Where the government office or agency is on-line, the verification of credentials and/or licenses is preferably carried out automatically over the Internet 20.
  • Additionally, the doctors and/or pharmacies are evaluated to determine compatibility of their practices with the system A. For example, it is optionally determined if the pharmacies [0045] 30 maintain suitably reliable records, and if the records are maintained in an accessible manner and/or in a compatible database. Additionally, the doctors' and/or pharmacies' general business practices may be subjectively and/or objectively evaluated and their participation denied to insulate patients 50 from those participants with poor customer or patient relations/satisfaction or other potentially undesirable traits.
  • Upon completion of the evaluation process [0046] 116, the agent 10 decides, at decision step 118, if the potential new participant 110 has passed or failed the evaluation. If the participant 110 has failed the evaluation, they are so notified via an application denial 120 being send to them, preferably, electronically from the agent's server 12, e.g., in the form of a web page or an e-mail message. Once the denial has been sent the registration process 100 ends. Alternately, the participant 110 is given the option to change or correct the registration data 114, and resubmit it. However, the number of resubmissions is preferably limited.
  • On the other hand, if the participant [0047] 110 passes the evaluation, then an appropriate account is opened 122 and the participant 110 notified of the outcome via an application acceptance 124 being sent to the participant 110, again, preferably, electronically from the agent's server 12, e.g., in the form of a web page or an e-mail message. The application acceptance 124 preferably includes information related to the created account including, e.g., an account number or an assigned or selected user ID or name, a list of any limits or restriction placed on the account by the participant 110 or agent 10, and/or other related data, optionally, including confirmation of the submitted registration data 114.
  • The created account and data or information related thereto (e.g., the associated registration data [0048] 114) is preferably maintained by the agent 10 in its database 14 along with the accounts for other registered participants.
  • In another preferred embodiment, the participants [0049] 110 does not directly register with the agent 10. Rather, the registration data 114 is collected for the agent 10 by a trusted representative which in turn conveys it to the agent 10, optionally, in batch form. For example, the trusted representative may be a previously registered participant that independently signs up other participants for the system A. For example, pharmacies 30 may sign up doctors 40 and/or patients 50 who are their patrons, doctors 40 may sign up their patients 50, etc. In any event, the registration process is essentially the same as shown in FIG. 2 with the trusted representative taking the place of the participant 110.
  • In conjunction with the account creation, an authentication vehicle is preferably set up for the doctors [0050] 40 and patients 50 (collectively referred to herein as users). The authentication vehicle is preferably two factor authentication. However, authentication using more or less factors is contemplated depending on the level of security desired. In a preferred embodiment, the authentication vehicle is a dynamically changing password implemented via a hardware token issued to the user, a software object loaded on the user's computer or some combination of both. Alternately, the dynamically changing password is generated by an algorithm which is synchronized to a clock or it is sequentially selected from a limited pre-generated list of random or quasi-random values. In still other contemplated embodiments, other secure authentication vehicles and/or techniques may be employed, e.g., challenge response, quick log mode, other one or more factor authentication methods such as a static username and password or pin number, smart cards, or biometric authentication such as fingerprint recognition and retinal scanners etc. To varying degrees, these authentication techniques all enable the agent 10 to positively identify users of the system A.
  • Preferably, in the case of pharmacies [0051] 30, once acceptance has been finalized, the agent 10 forwards a participation kit to the pharmacy 30 enabling the pharmacy 30 to participate in the system A. On-line, the kit is preferably forwarded via the Internet 20. The participation kit outlines the rights and responsibilities or duties of the pharmacy 30 with respect to their participation in the system A. Optionally, the kit includes a participation agreement and a software object for installation on the pharmacy's server 32. After the pharmacy 30 signs the agreement physically, electronically or otherwise, it is returned to the agent 10, perhaps through the agent's server 12. Upon receipt of the signed agreement, the agent 10 maintains the agreement in its database 14, e.g., along with the pharmacy's account information or records.
  • The software object acts to interface the pharmacy's server [0052] 32 with the system A. Optionally, the software object is functional to recognize pre-authenticated users directed to the pharmacy's server 32 from the agent's server 12. In another embodiment, the software object automatically routes users directly accessing the pharmacy's server 32 to the agent 10 for authentication, preferably, on the agent's server 12.
  • Preferably, in the case of all participants, if approved and participation is still desired, the participant supplies the agent [0053] 10, along with an indication of their acceptance, additional account creation data. In the case of the users the addition account creation data optionally includes, e.g., a secret personal identification number (PIN), the answers to a number of designated or otherwise selected security questions, designated limits or restrictions on the use of the account, etc. The security questions are preferably questions to which only the user is likely to know the answers (e.g., the account holder's first car, the name of the account holder's dog or the like). The security questions preferably provide an added measure by which to positively identify the user during authentication insomuch as only the true user of the account is likely to know the answers to the questions.
  • The accounts for users may also contain information or data relating to account privileges. In a preferred embodiment, the user has the option to customize or modify their account privileges. The account privileges are customized by the user, for example, by accessing the agent's server [0054] 12 over the Internet 20. For security purposes, the user is optionally authenticate as an authorized user of the account, preferably, using the below described authentication procedure, prior to permitting any account modifications. However, at initial account creation, the below described authentication procedure may not be employed. The account privileges are optionally set by the user to limit the use of the account in the system A. That is to say, the set account privileges may restrict the account so that transactions thereon or related thereto are not authorized for specified participants, so that automatically recurring transactions carried out absent the direct participation of the user are not authorized, so that for commercial transactions purchases over a certain price limit are not authorized, and the like.
  • In a preferred embodiment, the participants may selectively update, customize and/or otherwise modify their accounts as desired. Various account options are preferably made available for them to exercise and their choices are maintained with their account information in the agent's database [0055] 14. Consequently, the agent 10 has the information with which to regulate account usage in accordance with the desires of the registered participants.
  • With additional reference to FIG. 3, an authentication process [0056] 200 is shown for positively identifying an otherwise unknown entity 210 which makes contact with the agent 10. The unknown entity 210 may be, e.g., a doctor 40 or patient 50 or other party which the agent 10 is to authenticate. At step 212, the agent 10 receives contact from the unknown entity 210, preferably, via the Internet 20. This prompts the agent's server 12 to provide an authentication page 214 to the unknown entity 210. The authentication page 214 is designed to filled in which authentication data. Depending of the authentication vehicle, the authentication data may include a user name or ID, a secret password, a dynamically changing password, a PIN, answers to security questions, biometric data, etc. The authentication data is filled in and submitted by the unknown entity 210. Upon submission of the completed authentication page 214, the authentication data is collected by the agent 10 at step 216. At step 218, the authentication data collected by the agent 10 is compared for consistency to the account information maintained in the agent's database 14, and where there is a match the entity is deemed authentic and positively identified as the holder of the matching account, i.e., the corresponding registered user or participant. Next, at decision step 220, if the entity fails to pass authentication a denial page 222 is provided thereto and the process 200 ends. Optionally, the denial page 222 permits the unknown entity 210 to change and/or correct previously mis-entered authentication data and try again. The number of tries is, however, preferably limited. On the other hand, if the entity passes authentication an option page 224 is provided thereto. The option page 224 presents the now identified registered user or participant with selected or predetermined options for authenticated parties. The entity is then free to proceed as an authenticated positively identified registered user or participant. Preferably, the options are customized for the identified participant. For example, doctors 40 may be presented with the options of posting prescriptions, modifying or canceling previously posted prescriptions, accessing pharmaceutical records, modifying their accounts etc., and patients 50 may be presented with the options of ordering prescriptions, accessing their pharmaceutical records, modifying their accounts, etc.
  • In another preferred embodiment, the unknown entity [0057] 210 may have contacted a registered pharmacy 30 directly and was merely referred to the agent 10 solely for the purposes of authentication and optional authorization (step 226) prior to completion of their interaction (i.e., before the delivery of requested information, granting of desired access or carrying out of selected commercial transactions). The process 200 is accordingly administered by the agent 10 and the entity redirected back to the referring pharmacy 30. More specifically, completion of the interaction is optionally initiated by the as of yet unknown entity 210 selecting or otherwise activating a link on a check-out or execution page provided by the pharmacy 30. The link is optionally associated with the software object installed on the pharmacy's server 32, i.e., the software object that came with the pharmacy's registration kit. The link and/or associated software object redirects the unknown entity 210 to the agent's server 12 for authentication and optional authorization. Thereafter, the authentication process 200 is carried out. However, at its conclusion, rather than providing the option page 224, the agent 10 redirects the entity, at step 228, back to the referring pharmacy 30, preferably, along with an indication of the authentication results and/or the entity's identity. At that point, the pharmacy 30 and/or entity may interact as they see fit without further involvement by the agent 10. Nevertheless, the pharmacy 30 is made aware of the entity's authenticity and/or identity prior to completion of a commercial transaction (i.e., purchasing of pharmaceuticals), or forwarding of, and/or granting access to, pharmaceutical records, etc. In this manner, the pharmacy 30 has confirmed reliable information regarding the authenticity and/or identity of the entity they are dealing with and may act accordingly.
  • Optionally, the agent [0058] 10 also determines at step 226 the now identified entity's level of authorization. Selected and/or requested authorization data is then returned to the pharmacy 30, along with the redirected entity. Alternately, the selected authorization data to be sent and/or the desired format thereof is predefined in the pharmacy's account, or it is individually requested and/or defined when the entity is directed to the agent 10 by the pharmacy 30. The authorization data optionally indicates a level of authorization set for the identified user. The level may have been set by the user or pharmacy 30 upon registration or upon subsequent modification of the respective participant accounts maintained by the agent 10. The indicated level returned to the pharmacy 30 preferably informs the pharmacy 30 of the degree of access to be granted the user to pharmaceutical data maintained by the pharmacy 30, the privileges granted to the user (i.e., to write prescriptions, to order prescriptions, etc.), the dollar amount which the user is authorized to spend in a given commercial transaction, etc.
  • In one preferred embodiment, the user's identity is withheld from the pharmacy [0059] 30. In this manner, the users maintain their privacy while the pharmacies 30 are assured by the agent 10 that the users are authorized for the contemplated transaction or to access the information being requested. This privacy aspect is optionally implemented in any of the embodiments described herein where the agent 10 is responsible for both the authentication and optional authorization. By relying on the agent 10 to fulfill both these functions, the pharmacies 30 can carry out their end of a transaction or interaction without knowing the actual identity of the user. All the pharmacy 30 has to know is that the user is in fact authentic and authorized to perform the contemplated interaction.
  • The process [0060] 200 preferably continues, at step 230, with the creation of a record memorializing the same. That is, once the authentication and/or authorization has been processed or simultaneously therewith, the agent 10 creates a record of the transaction and maintains the same in its database 14. The record is optionally stored with one or more of the respective participants' accounts. The transaction record preferably contains data related to the transaction such that the details of a particular transaction may be review for tracking purposes if desired to determine what actions took place or the current status of processing. For example, the transaction record optionally contains the identity of the user or participant involved, the results of the authentication and/or authorization, the actions taken or information accessed, the date and time of the transaction, a unique transaction identifier or authorization number, etc. In this manner, transaction details are preserved such that any potential future discrepancies may readily be resolved.
  • In a preferred embodiment, the agent [0061] 10 also conducts an independent notification procedure 232 wherein participants are independently notified of agent activities. Preferably, independent confirmation that an authentication or authorization has been requested and/or that the processing of the same has been completed is sent to all the participants. Optionally, the notification is automatically forwarded to the respective e-mail addresses on file for the participants in the agent's database 14. The notification preferably includes the data from the record generated in step 230.
  • Additionally, via the notification procedure [0062] 232, the agent 10 preferably independently notifies a registered user when an authentication or authorization attempt fails. The failure notification is preferably forwarded to the e-mail address on file for the user in the agent's database 14. In this manner, a true user is made aware of an attempted use of their account by an imposter.
  • By way of example, FIG. 4 shows a prescription fulfillment process [0063] 300 carried out over the Internet 20 in accordance with a preferred embodiment and/or aspects of the present invention. The process 300 preferably begins with a registered doctor 40 contacting the agent 10. Once the doctor 40 is authenticated and/or authorized by the agent 10, a prescription is posted at step 310. Prescription posting is achieved by the agent 10 collecting or otherwise receiving relevant prescription data (e.g., an identification of the drug being prescribed, the dosage, the number and/or frequency of refills, a date when the prescription expires, the name or identity of the registered patient for which the prescription is intended, instructions for taking the drug, restrictions on and/or instructions for filling the prescription, etc.) from the doctor 40. In a preferred embodiment, the prescription data is collected via a web page which is provided to the doctor 40 who fills it in and submits it back to the agent 10. The agent 10 maintains the prescription data in an associated record in the database 14. Optionally, a unique prescription ID is assigned to the prescription record. Preferably, the posted prescription is correlated with the corresponding patient account maintained by the agent 10 in the database 14. In addition, the prescription preferably remains accessible to the doctor 40 so that, as desired, future changes can be made thereto or the prescription may be canceled altogether.
  • At step [0064] 312, the registered patient 50 for which a prescription was posted is notified by the agent 10 of the posting. In a preferred embodiment, the agent 10 e-mails the prescription data and ID from the prescription record to the patient 50. In this manner, the patient 50 is made aware of the prescription's posting and may act accordingly. Optionally, the patient 50 may actively seek a prescription posting by accessing their account with the agent 10. In either case, once the patient 50 has been authenticated and/or authorized by the agent 10, they may selectively order a posted prescriptions. At step 314, prescription ordering is achieved by the agent 10 collecting or otherwise receiving relevant order data (e.g., the prescription ID of the prescription being ordered, the registered pharmacy at which the patient wishes to have the prescription filled, payment data, insurance data, delivery instructions, etc.) from the patient 50. In a preferred embodiment, the order data is collected via a web page which is provided to the patient 40 who fills it in and submits it back to the agent 10. The agent 10 maintains the order data in an associated record in the database 14. Optionally, a unique order ID is assigned to the order record. Preferably, the order is correlated with the corresponding pharmacy account maintained by the agent 10 in the database 14. At step 316, the agent 10 forwards the order data to the designated registered pharmacy 30 in the order record, along with the prescription data from the identified prescription.
  • The pharmacy [0065] 30 preferably acknowledges receipt of the ordered prescription, fills the prescription and delivers it in accordance with the prescription and order data received. Upon completion of or simultaneously with each of the aforementioned acts, the pharmacy 30 returns confirmation data to the agent 10 confirming the same. The confirmation data is received by the agent 10 at step 318 and an associated record is created and/or maintained in the database 14. At step 320, the involved users are notified of the pharmacy's actions, e.g., by forwarding of the confirmation data to the users.
  • In a preferred embodiment, participants may selectively place access controls on their accounts, set account privileges or set defaults to customize their respective accounts. The account controls and/or privileges are used by the agent [0066] 10 to determine the appropriate authorizations granted to authenticated participant. For example, a patient 50 may designate their account so that only specified doctors 40 may post prescriptions for them. Accordingly, if an unspecified doctor 40 attempts to post a prescription for a patient 50 they are denied authorization and the prescription is not posted. Similarly, the patient 50 may designate a default pharmacy 30 to fill ordered prescriptions. Accordingly, when a prescription is ordered, it is automatically forwarded to the default pharmacy unless the patient 50 indicates otherwise. Other defaults that are optionally chosen by the patient 50 may be a default method of payment or default credit or debit account from which to make payment for ordered prescriptions, a default delivery address and/or default insurance data. Pharmacies 30 may opt to restrict authorization of selected doctors 40 or patient 50. Therefore, ordered prescriptions involving the restricted user are not authorized by the agent 10. Optionally, other instances where orders may not be authorized by the agent 10 include attempts to order expired prescriptions, prescriptions which have already been fill or prescriptions for which no refills remain.
  • In a preferred embodiment, the agent [0067] 10 regulates unauthorized actions by only providing authorized options to the participants. For example, web pages provided to participant to collect data or to present options are limited or custom designed so that only authorized actions may be taken by the participant. Additionally, interest participants are preferably notified of attempted unauthorized actions via a notification process similar to that of step 320. Additionally, notification may be forwarded to interested participants when drugs are prescribed and/or ordered which may have a potentially harmful effect either due to interactions with other prescribed drugs which the patient 50 may be taking or due to the patient's particular circumstances or health. Such information may be readily available from the patient's account maintained by the agent 10 in its database 14. Alternately, the pharmacy 30 filling a particular order may have the information. The patient's account may be selectively customized by the patient 50 so that when such instances arise notification of the same is sent out to interested participants or the appropriate authorizations are automatically denied.
  • With additional reference to FIG. 5, a data access process [0068] 400 is shown. Via the data access process 400, the agent 10 authenticates and optionally authorizes a requester 410 seeking access to data maintained by a record holder 420. In this manner, access to confidential and/or personal records is regulated. The data relates to a registered account holder 430, i.e., a patient 50 or participant of the system A. The record holder 430 is preferably a registered doctor 40 or pharmacy 30 which maintains medical or pharmaceutical records of registered patients 50. Optionally, the requestor 410 contacts the agent 10 directly or contacts the record holder 420 directly and is redirected to the agent 10 for authentication and/or authorization. The requestor 410 may be any registered participant (including the account holder himself 430) or a registered interested third party (e.g., an insurance agent or agency) seeking access to an account holder's records.
  • In a preferred embodiment, the access regulation process [0069] 440 is essentially the same as process 200 with the requestor 410 substituting for the user or entity, the record holder 420 substituting for the pharmacy 30 and the transaction or selected interaction being considered access to the records maintained by the record holder 420. That is to say, the option selected is by the requestor 420 or interaction between the requester 410 and record holder 420 involves access to the records or data of interest. Depending on the degree or level of authorization granted to the requester 410, access to the records may amount to the communication of selected data to the requestor 410 or may permit the requester 410 to modify or update selected records.
  • In the access process [0070] 400, access controls 450 are preferably set by the account holder 430. The access controls 450 define the level of access and/or authorization granted to requesters 410 via the regulation process 440. They may control the extent of the access granted or the number of times access is granted. The data reflecting predefined access controls 450 is preferably maintained by the agent 10 in its database 14 along with the account to which they relate. The predefined access controls 450 are set at the time of the account's creation or subsequent modification.
  • The access controls [0071] 450 may regulate access based on the particular requestor 410 or may regulate access for a whole class of requesters 450. For example, the access controls 450 may be set so that when the requester 410 is identified by the agent 10 as the account holder 430 himself, unfettered access and/or authorization is granted. In another example, the access controls 450 may be set so that that when the requestor 410 is identified by the agent 10 as a specified doctor 40 or pharmacy 30 a desired level of access or authorization is granted. In selected instances, access may be limited to a one time access. For example, the access controls 450 may be set so that when the requestor 410 is identified by the agent 10 as a specified insurance agent or agency, access or authorization is granted, but only once. Optionally, the access controls 450 may be set so that when the requestor 410 is not identifiable by the agent 10 no access or authorization is granted.
  • With respect to classes of requestors [0072] 410, a desired level of access or authorization may be granted when the agent 10 identifies the requestor 410 as belonging to a defined class. This can be particularly useful when the requestor 410 belongs to a defined class such as emergency room doctors or facilities. While the particular requestor 410 may not have been expressly specified beforehand as authorized by the account holder 430, due to the exigency of the situation the account holder 430 may nevertheless desire that access or authorization be granted to their medical and/or pharmaceutical records.
  • Optionally, the access controls [0073] 450 may set on a per-request basis. That is to say, when an otherwise unauthorized access is attempted by a requestor 410, the corresponding account holder 430 is notified (e.g., via e-mail or otherwise) and given the opportunity to allow, deny or otherwise restrict the level of access granted to the particular requestor 410. In this instance, the notification preferably includes any information the agent 10 is able to discern regarding the requestor 410 so that the account holder 430 can make an informed decision. Preferably, the otherwise unauthorized requestor's access is delayed or put on hold until the account holder 410 responses or until a set time period has elapsed at which time access is automatically denied.
  • Preferably, the process and/or procedure carried out by the agent [0074] 10 as described above are implements via software, computer programs or the like running on the agent's server 12, via hardware connected to the agent's server 12 or via a combination thereof.
  • The invention has been described with reference to the preferred embodiments. Obviously, modifications and alterations will occur to others upon reading and understanding the preceding detailed description. It is intended that the invention be construed as including all such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof. [0075]

Claims (19)

    Having thus described the preferred embodiments, the invention is now claimed to be:
  1. 1. A method of processing drug prescriptions via a communications network, said method comprising:
    (a) registering doctors, pharmacies and patients as participants such that each registered participant's identity is uniquely defined and determinable;
    (b) authenticating registered doctors' identities from which prescriptions are received via the communications network, each of said prescriptions indicating a respective registered patient's identity for whom the prescription is intended;
    (c) authenticating registered patients' identities from which orders are received via the communications network, each of said orders indicating the prescription being ordered; and,
    (d) forwarding orders to registered pharmacies via the communications network.
  2. 2. The method according to
    claim 1
    , further comprising:
    (e) receiving, via the communications network, confirmation from pharmacies to which orders were forwarded, each of said confirmations indicating that at least one of the following has occurred: the pharmacy has received the order, the pharmacy has accepted the order, the pharmacy is filling the order and the pharmacy has completed filling the order.
  3. 3. The method according to
    claim 2
    , further comprising:
    (f) forwarding, via the communications network, the received confirmations to at least one of the patient from which the corresponding order was received and the doctor from which the correspond prescription was received.
  4. 4. The method according to
    claim 1
    , further comprising:
    notifying registered patients via the communications network when prescriptions are received therefor.
  5. 5. The method according to
    claim 1
    , wherein the authentication performed in steps (b) and (c) is at least two factor authentication.
  6. 6. The method according to
    claim 1
    , wherein prescriptions and orders are not accepted from doctors and patients, respectively, which do not have their identities authenticated.
  7. 7. The method according to
    claim 1
    , wherein the identity of at least one of the doctor and the patient is withheld from the pharmacy to which the order is forwarded.
  8. 8. A prescription drug fulfillment system comprising:
    a computer connected to a communications network;
    means for registering doctors, pharmacies and patients as participants such that each registered participant's identity is uniquely defined and determinable;
    a central database accessible by the computer, said central database containing accounts created by the registering means for each registered participant, said accounts including identifying data collected by the registering means;
    means for authenticating registered participants' identities, said authentication means collecting authentication data from participants via the communications network and comparing it to corresponding data from account records in the central database such that when there is a match the participant providing the authentication data is deemed to be the registered participant to which the account relates;
    means for receiving, via the communications network, prescriptions from authenticated doctors, each of said prescriptions indicating a respective registered patient's identity for whom the prescription is intended;
    means for receiving, via the communications network, orders from authenticated patients, each of said orders indicating the prescription being ordered; and,
    means for forwarding orders to registered pharmacies via the communications network.
  9. 9. The prescription drug fulfillment system according to
    claim 8
    , wherein the communications network is the Internet.
  10. 10. The prescription drug fulfillment system according to
    claim 8
    , further including means for receiving, via the communications network, confirmation from pharmacies to which orders were forwarded, each of said confirmations indicating that at least one of the following has occurred: the pharmacy has received the order, the pharmacy has accepted the order, the pharmacy is filling the order and the pharmacy has completed filling the order.
  11. 11. The prescription drug fulfillment system according to
    claim 10
    , further including means for forwarding, via the communications network, the received confirmations to at least one of the patient from which the corresponding order was received and the doctor from which the correspond prescription was received.
  12. 12. The prescription drug fulfillment system according to
    claim 8
    , further including means for notifying registered patients via the communications network when prescriptions are received therefor.
  13. 13. The prescription drug fulfillment system according to
    claim 8
    , wherein the authentication means employs at least two factor authentication.
  14. 14. The prescription drug fulfillment system according to
    claim 8
    , wherein the means for receiving prescriptions and orders does not accept prescriptions and orders from doctors and patients, respectively, which do not have their identities authenticated.
  15. 15. The prescription drug fulfillment system according to
    claim 8
    , wherein the means for forwarding orders withholds at least one of the doctor's identity and the patient's identity from the pharmacy to which the order is forwarded.
  16. 16. A method of regulating access via a communications network to medical/pharmaceutical data maintained by a record holder having a presence on the communications network, said method comprising:
    (a) providing access controls which are selectively set by an account holder, said account holder having medical/pharmaceutical data related thereto maintained by the record holder, said access controls specifying a level of authorization to be granted to identified requestors seeking access to medical/pharmaceutical data;
    (b) receiving, via the communications network, a contact from a requestor seeking access to the medical/pharmaceutical data maintained by the record holder;
    (c) authenticating the requestor's identity; and,
    (d) granting the identified requester the specified level of authorization determined from the access controls.
  17. 17. The method according to
    claim 16
    , wherein the provided access controls specify the level of authorization to be granted to a whole class of requesters.
  18. 18. The method according to
    claim 16
    , wherein a determined level of authorization permits a requestor to carry out at least one of the following: writing prescriptions for the account holder, ordering prescriptions for the account holder, filling a prescription for the account holder, receiving the medical/pharmaceutical data from the record holder, and modifying the medical/pharmaceutical data maintained by the record holder.
  19. 19. The method according to
    claim 16
    , wherein the identity of the requester is not revealed to the record holder.
US09799650 2000-03-06 2001-03-06 Secure on-line authentication system for processing prescription drug fulfillment Abandoned US20010047281A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US18734100 true 2000-03-06 2000-03-06
US09799650 US20010047281A1 (en) 2000-03-06 2001-03-06 Secure on-line authentication system for processing prescription drug fulfillment

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US09799650 US20010047281A1 (en) 2000-03-06 2001-03-06 Secure on-line authentication system for processing prescription drug fulfillment
US12952680 US8099301B2 (en) 2000-03-06 2010-11-23 Secure on-line authentication system for processing prescription drug fulfillment
US13338586 US20120130747A1 (en) 2000-03-06 2011-12-28 Secure on-line authentication system for processing prescription drug fulfillment

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US12952680 Continuation US8099301B2 (en) 2000-03-06 2010-11-23 Secure on-line authentication system for processing prescription drug fulfillment

Publications (1)

Publication Number Publication Date
US20010047281A1 true true US20010047281A1 (en) 2001-11-29

Family

ID=26882935

Family Applications (3)

Application Number Title Priority Date Filing Date
US09799650 Abandoned US20010047281A1 (en) 2000-03-06 2001-03-06 Secure on-line authentication system for processing prescription drug fulfillment
US12952680 Active US8099301B2 (en) 2000-03-06 2010-11-23 Secure on-line authentication system for processing prescription drug fulfillment
US13338586 Abandoned US20120130747A1 (en) 2000-03-06 2011-12-28 Secure on-line authentication system for processing prescription drug fulfillment

Family Applications After (2)

Application Number Title Priority Date Filing Date
US12952680 Active US8099301B2 (en) 2000-03-06 2010-11-23 Secure on-line authentication system for processing prescription drug fulfillment
US13338586 Abandoned US20120130747A1 (en) 2000-03-06 2011-12-28 Secure on-line authentication system for processing prescription drug fulfillment

Country Status (1)

Country Link
US (3) US20010047281A1 (en)

Cited By (51)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020171865A1 (en) * 2001-05-18 2002-11-21 Parry Travis J. Image forming devices and methods of obtaining medication information
US20030061074A1 (en) * 2001-09-27 2003-03-27 International Business Machines Corporation Patient information management system
US20030167190A1 (en) * 2002-03-01 2003-09-04 Rincavage Barbara A. System and method for preventing fraud and mistake in the issuance, filling and payment of medical prescriptions
WO2003098400A2 (en) * 2002-05-16 2003-11-27 Ndchealth Corporation Systems and methods for identifying fraud and abuse in prescription claims
US20030236681A1 (en) * 2002-06-24 2003-12-25 Fujitsu Limited Medicine prescription apparatus
US20030236683A1 (en) * 2002-06-21 2003-12-25 Dwight Henderson Closed loop medication use system and method
US20040019567A1 (en) * 2002-07-23 2004-01-29 International Business Machines Corporation Electronic prescription ordering method, system, and program product
US20040039241A1 (en) * 2002-05-29 2004-02-26 Biodose Llc Integrated distribution and communication process and algorithm for providing, handling, distributing or generating reports regarding radioactive pharmaceuticals
US20040117205A1 (en) * 2002-12-17 2004-06-17 Reardan Dayton T. Sensitive drug distribution system and method
US20040249665A1 (en) * 2003-06-09 2004-12-09 Lindee David System and method for processing and managing claim forms
US20050005168A1 (en) * 2003-03-11 2005-01-06 Richard Dick Verified personal information database
US20050101822A1 (en) * 2001-10-30 2005-05-12 Biodose Llc Pharmacy based method and algorithm for handling of radioactive pharmaceuticals and generating of reports therefor
US6915279B2 (en) * 2001-03-09 2005-07-05 Mastercard International Incorporated System and method for conducting secure payment transactions
US20050256741A1 (en) * 2004-05-05 2005-11-17 Kohan Mark E Mediated data encryption for longitudinal patient level databases
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US20060106647A1 (en) * 2004-11-18 2006-05-18 Brummel Anthony C Method and apparatus for determining pharmacy order parameters based on patient context data
US20060259330A1 (en) * 2005-05-10 2006-11-16 Schranz Paul S Electronic prescription system for internet pharmacies and method threfor
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US20070067832A1 (en) * 2003-03-11 2007-03-22 Microsoft Corporation System and method for protecting identity information
US20070094138A1 (en) * 2005-09-19 2007-04-26 James Andrews Method for dispensing, paying for, and advertising prescription drugs
US7240363B1 (en) * 1999-10-06 2007-07-03 Ellingson Robert E System and method for thwarting identity theft and other identity misrepresentations
US20070255584A1 (en) * 2003-09-08 2007-11-01 Pavlatos Christ J Patient Physician Connectivity System and Method
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US20080162187A1 (en) * 2007-01-02 2008-07-03 Starko Dan G Prescription fulfillment apparatus and method
US20080228519A1 (en) * 2006-01-04 2008-09-18 Leon Mauricio A System and Method for Optimizing Prescription Delivery Related Applications
WO2008149251A2 (en) * 2007-06-06 2008-12-11 Catalina Marketing Corporation Pos printing triggered by pharmacy prescription orders
US20090048864A1 (en) * 2007-08-15 2009-02-19 Walgreen Co. Method and apparatus for therapeutic interchange
US20090164376A1 (en) * 2007-12-20 2009-06-25 Mckesson Financial Holdings Limited Systems and Methods for Controlled Substance Prescription Monitoring Via Real Time Claims Network
US20090327363A1 (en) * 2008-06-30 2009-12-31 Peter Cullen Systems and methods for processing electronically transmitted healthcare related transactions
US20100153136A1 (en) * 2001-10-30 2010-06-17 Biodose, Llc Algorithm and program for the handling and administration of radioactive pharmaceuticals
US7941324B1 (en) * 2007-04-26 2011-05-10 Intuit Inc. Method and system for identification of a patient
US7996881B1 (en) * 2004-11-12 2011-08-09 Aol Inc. Modifying a user account during an authentication process
US20120124067A1 (en) * 2010-11-11 2012-05-17 International Business Machines Corporation User Identifier Management
WO2013062777A1 (en) * 2011-10-23 2013-05-02 Nandakumar Gopal Authentication system and method
US20130191139A1 (en) * 2012-01-23 2013-07-25 James F. Chen Systems and methods for electronically prescribing controlled substances
US8505079B2 (en) 2011-10-23 2013-08-06 Gopal Nandakumar Authentication system and related method
US8533802B2 (en) 2011-10-23 2013-09-10 Gopal Nandakumar Authentication system and related method
US8566957B2 (en) 2011-10-23 2013-10-22 Gopal Nandakumar Authentication system
US8695071B2 (en) 2011-10-23 2014-04-08 Gopal Nandakumar Authentication method
US20140108546A1 (en) * 2004-03-05 2014-04-17 Aol Inc. Announcing new users of an electronic communications system to existing users
US8713656B2 (en) 2011-10-23 2014-04-29 Gopal Nandakumar Authentication method
US8725532B1 (en) 2012-06-29 2014-05-13 Mckesson Financial Holdings Systems and methods for monitoring controlled substance distribution
US8768725B2 (en) 2005-09-12 2014-07-01 Mymedicalrecords, Inc. Method and system for providing online records
US8800014B2 (en) 2011-10-23 2014-08-05 Gopal Nandakumar Authentication method
US20140236614A1 (en) * 2013-02-15 2014-08-21 Passport Health Communications, Inc. Financial Triage
US20140297654A1 (en) * 2009-12-29 2014-10-02 Cleversafe, Inc. Record addressing information retrieval based on user data descriptors
US9355273B2 (en) 2006-12-18 2016-05-31 Bank Of America, N.A., As Collateral Agent System and method for the protection and de-identification of health care data
US9372986B1 (en) * 2014-12-16 2016-06-21 International Business Machines Corporation Selective password synchronization
WO2016210347A1 (en) * 2015-06-26 2016-12-29 Alibaba Group Holding Limited System, method, and apparatus for electronic prescription
US9672515B2 (en) 2000-03-15 2017-06-06 Mastercard International Incorporated Method and system for secure payments over a computer network
US9886558B2 (en) 1999-09-20 2018-02-06 Quintiles Ims Incorporated System and method for analyzing de-identified health care data

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8361026B2 (en) * 2005-02-01 2013-01-29 Intelliject, Inc. Apparatus and methods for self-administration of vaccines and other medicaments
US8392220B2 (en) 2010-11-09 2013-03-05 Carekinesis, Inc. Medication management system and method
US20130339044A1 (en) * 2012-06-15 2013-12-19 Celgene Corporation Mobile applications for risk evaluation and mitigation strategy (rems) programs
US20140297320A1 (en) * 2013-03-29 2014-10-02 Mckesson Specialty Care Distribution Corporation Systems and methods for operating a personal healthcare management portal
US9675523B2 (en) 2013-08-26 2017-06-13 James Dean Ducatt Prescription control system
US9542534B1 (en) 2013-08-26 2017-01-10 James Dean Ducatt Prescription control system

Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5297189A (en) * 1990-05-30 1994-03-22 Alcatel N.V. Wireless telephone service subscription data user access method
US5867821A (en) * 1994-05-11 1999-02-02 Paxton Developments Inc. Method and apparatus for electronically accessing and distributing personal health care information and services in hospitals and homes
US5889942A (en) * 1996-12-18 1999-03-30 Orenshteyn; Alexander S. Secured system for accessing application services from a remote station
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
US6283322B1 (en) * 1995-10-18 2001-09-04 Telepharmacy Solutions, Inc. Method for controlling a drug dispensing system
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method
US20020052762A1 (en) * 1998-06-16 2002-05-02 Paul Kobylevsky Remote prescription refill system
US20020062228A1 (en) * 1998-02-06 2002-05-23 Harold D. Portnoy Interactive computer system for obtaining informed consent from a patient

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO1998040835A1 (en) * 1997-03-13 1998-09-17 First Opinion Corporation Disease management system
US7769601B1 (en) * 1999-11-15 2010-08-03 Walgreen Co. Apparatus and method for accessing pharmacy information and ordering prescriptions

Patent Citations (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5297189A (en) * 1990-05-30 1994-03-22 Alcatel N.V. Wireless telephone service subscription data user access method
US5867821A (en) * 1994-05-11 1999-02-02 Paxton Developments Inc. Method and apparatus for electronically accessing and distributing personal health care information and services in hospitals and homes
US6283322B1 (en) * 1995-10-18 2001-09-04 Telepharmacy Solutions, Inc. Method for controlling a drug dispensing system
US5943423A (en) * 1995-12-15 1999-08-24 Entegrity Solutions Corporation Smart token system for secure electronic transactions and identification
US5889942A (en) * 1996-12-18 1999-03-30 Orenshteyn; Alexander S. Secured system for accessing application services from a remote station
US20020062228A1 (en) * 1998-02-06 2002-05-23 Harold D. Portnoy Interactive computer system for obtaining informed consent from a patient
US20020052762A1 (en) * 1998-06-16 2002-05-02 Paul Kobylevsky Remote prescription refill system
US6363485B1 (en) * 1998-09-09 2002-03-26 Entrust Technologies Limited Multi-factor biometric authenticating device and method

Cited By (90)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9886558B2 (en) 1999-09-20 2018-02-06 Quintiles Ims Incorporated System and method for analyzing de-identified health care data
US7240363B1 (en) * 1999-10-06 2007-07-03 Ellingson Robert E System and method for thwarting identity theft and other identity misrepresentations
US9672515B2 (en) 2000-03-15 2017-06-06 Mastercard International Incorporated Method and system for secure payments over a computer network
US7177848B2 (en) 2000-04-11 2007-02-13 Mastercard International Incorporated Method and system for conducting secure payments over a computer network without a pseudo or proxy account number
US6990470B2 (en) 2000-04-11 2006-01-24 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US7379919B2 (en) 2000-04-11 2008-05-27 Mastercard International Incorporated Method and system for conducting secure payments over a computer network
US6915279B2 (en) * 2001-03-09 2005-07-05 Mastercard International Incorporated System and method for conducting secure payment transactions
US20020171865A1 (en) * 2001-05-18 2002-11-21 Parry Travis J. Image forming devices and methods of obtaining medication information
US7184155B2 (en) * 2001-05-18 2007-02-27 Hewlett-Packard Development Company, L.P. Image forming devices and methods of obtaining medication information
US20030061074A1 (en) * 2001-09-27 2003-03-27 International Business Machines Corporation Patient information management system
US20090023974A9 (en) * 2001-10-30 2009-01-22 Biodose Llc Pharmacy based method and algorithm for handling of radioactive pharmaceuticals and generating of reports therefor
US20050101822A1 (en) * 2001-10-30 2005-05-12 Biodose Llc Pharmacy based method and algorithm for handling of radioactive pharmaceuticals and generating of reports therefor
US8145502B2 (en) 2001-10-30 2012-03-27 Biodose, Llc Algorithm and program for the handling and administration of radioactive pharmaceuticals
US8175890B2 (en) 2001-10-30 2012-05-08 Biodose, Llc Pharmacy based method and algorithm for handling of radioactive pharmaceuticals and generating of reports therefrom
US20100153136A1 (en) * 2001-10-30 2010-06-17 Biodose, Llc Algorithm and program for the handling and administration of radioactive pharmaceuticals
US20030167190A1 (en) * 2002-03-01 2003-09-04 Rincavage Barbara A. System and method for preventing fraud and mistake in the issuance, filling and payment of medical prescriptions
WO2003098400A3 (en) * 2002-05-16 2004-07-22 Ndchealth Corp Systems and methods for identifying fraud and abuse in prescription claims
US20030229519A1 (en) * 2002-05-16 2003-12-11 Eidex Brian H. Systems and methods for identifying fraud and abuse in prescription claims
WO2003098400A2 (en) * 2002-05-16 2003-11-27 Ndchealth Corporation Systems and methods for identifying fraud and abuse in prescription claims
US20040039241A1 (en) * 2002-05-29 2004-02-26 Biodose Llc Integrated distribution and communication process and algorithm for providing, handling, distributing or generating reports regarding radioactive pharmaceuticals
US8478604B2 (en) 2002-06-21 2013-07-02 Mckesson Technologies Inc. Closed loop medication use system and method
US20030236683A1 (en) * 2002-06-21 2003-12-25 Dwight Henderson Closed loop medication use system and method
US20030236681A1 (en) * 2002-06-24 2003-12-25 Fujitsu Limited Medicine prescription apparatus
US20040019567A1 (en) * 2002-07-23 2004-01-29 International Business Machines Corporation Electronic prescription ordering method, system, and program product
US20040117205A1 (en) * 2002-12-17 2004-06-17 Reardan Dayton T. Sensitive drug distribution system and method
US20050222874A1 (en) * 2002-12-17 2005-10-06 Orphan Medical, Inc. Sensitive drug distribution system and method
US8589182B1 (en) 2002-12-17 2013-11-19 Jazz Pharmaceuticals, Inc. Sensitive drug distribution system and method
US20050216309A1 (en) * 2002-12-17 2005-09-29 Orphan Medical, Inc.. Sensitive drug distribution system and method
US7895059B2 (en) 2002-12-17 2011-02-22 Jazz Pharmaceuticals, Inc. Sensitive drug distribution system and method
US20050090425A1 (en) * 2002-12-17 2005-04-28 Orphan Medical, Inc. Sensitive drug distribution system and method
US8457988B1 (en) 2002-12-17 2013-06-04 Jazz Pharmaceuticals, Inc. Sensitive drug distribution system and method
US7668730B2 (en) 2002-12-17 2010-02-23 JPI Commercial, LLC. Sensitive drug distribution system and method
US8731963B1 (en) 2002-12-17 2014-05-20 Jazz Pharmaceuticals, Inc. Sensitive drug distribution system and method
US7797171B2 (en) 2002-12-17 2010-09-14 Jpi Commercial, Llc Sensitive drug distribution system and method
US7765106B2 (en) 2002-12-17 2010-07-27 Jpi Commercial, Llc Sensitive drug distribution system and method
US20110119085A1 (en) * 2002-12-17 2011-05-19 Orphan Medical, Inc. Sensitive drug distribution system and method
US7765107B2 (en) 2002-12-17 2010-07-27 JPI Commercial, LLC. Sensitive drug distribution system and method
US7882548B2 (en) * 2003-03-11 2011-02-01 Microsoft Corporation System and method for protecting identity information
US20050005168A1 (en) * 2003-03-11 2005-01-06 Richard Dick Verified personal information database
US8255978B2 (en) 2003-03-11 2012-08-28 Innovatrend, Inc. Verified personal information database
US20070067832A1 (en) * 2003-03-11 2007-03-22 Microsoft Corporation System and method for protecting identity information
WO2004081750A3 (en) * 2003-03-11 2005-04-28 Innovatrend Inc Verified personal information database
US20040249665A1 (en) * 2003-06-09 2004-12-09 Lindee David System and method for processing and managing claim forms
US20070255584A1 (en) * 2003-09-08 2007-11-01 Pavlatos Christ J Patient Physician Connectivity System and Method
US9413699B2 (en) * 2004-03-05 2016-08-09 Aol Inc. Announcing new users of an electronic communications system to existing users
US9948599B2 (en) * 2004-03-05 2018-04-17 Oath Inc. Announcing new users of an electronic communications system to existing users
US20160308820A1 (en) * 2004-03-05 2016-10-20 Aol Inc. Announcing new users of an electronic communications system to existing users
US20140108546A1 (en) * 2004-03-05 2014-04-17 Aol Inc. Announcing new users of an electronic communications system to existing users
US20050256741A1 (en) * 2004-05-05 2005-11-17 Kohan Mark E Mediated data encryption for longitudinal patient level databases
US8671442B2 (en) 2004-11-12 2014-03-11 Bright Sun Technologies Modifying a user account during an authentication process
US7996881B1 (en) * 2004-11-12 2011-08-09 Aol Inc. Modifying a user account during an authentication process
US20060106647A1 (en) * 2004-11-18 2006-05-18 Brummel Anthony C Method and apparatus for determining pharmacy order parameters based on patient context data
US20060259330A1 (en) * 2005-05-10 2006-11-16 Schranz Paul S Electronic prescription system for internet pharmacies and method threfor
US8768725B2 (en) 2005-09-12 2014-07-01 Mymedicalrecords, Inc. Method and system for providing online records
US20070094138A1 (en) * 2005-09-19 2007-04-26 James Andrews Method for dispensing, paying for, and advertising prescription drugs
US20080228519A1 (en) * 2006-01-04 2008-09-18 Leon Mauricio A System and Method for Optimizing Prescription Delivery Related Applications
US9355273B2 (en) 2006-12-18 2016-05-31 Bank Of America, N.A., As Collateral Agent System and method for the protection and de-identification of health care data
US20080162187A1 (en) * 2007-01-02 2008-07-03 Starko Dan G Prescription fulfillment apparatus and method
US7941324B1 (en) * 2007-04-26 2011-05-10 Intuit Inc. Method and system for identification of a patient
WO2008149251A3 (en) * 2007-06-06 2009-02-05 Catalina Marketing Corp Pos printing triggered by pharmacy prescription orders
WO2008149251A2 (en) * 2007-06-06 2008-12-11 Catalina Marketing Corporation Pos printing triggered by pharmacy prescription orders
US20080306769A1 (en) * 2007-06-06 2008-12-11 Catalina Marketing Corporation, A Delaware Corporation Pos printing triggered by pharmacy prescription orders
US8799020B2 (en) 2007-06-06 2014-08-05 Catalina Marketing Corporation POS printing triggered by pharmacy prescription orders
US20090048864A1 (en) * 2007-08-15 2009-02-19 Walgreen Co. Method and apparatus for therapeutic interchange
US20090164376A1 (en) * 2007-12-20 2009-06-25 Mckesson Financial Holdings Limited Systems and Methods for Controlled Substance Prescription Monitoring Via Real Time Claims Network
US20090327363A1 (en) * 2008-06-30 2009-12-31 Peter Cullen Systems and methods for processing electronically transmitted healthcare related transactions
US9697244B2 (en) * 2009-12-29 2017-07-04 International Business Machines Corporation Record addressing information retrieval based on user data descriptors
US20140297654A1 (en) * 2009-12-29 2014-10-02 Cleversafe, Inc. Record addressing information retrieval based on user data descriptors
US20120209866A1 (en) * 2010-11-11 2012-08-16 International Business Machines Corporation User Identifier Management
US20120124067A1 (en) * 2010-11-11 2012-05-17 International Business Machines Corporation User Identifier Management
US9449306B2 (en) * 2010-11-11 2016-09-20 International Business Machines Corporation User identifier management
US9412094B2 (en) * 2010-11-11 2016-08-09 International Business Machines Corporation User identifier management
US8800014B2 (en) 2011-10-23 2014-08-05 Gopal Nandakumar Authentication method
US8713656B2 (en) 2011-10-23 2014-04-29 Gopal Nandakumar Authentication method
US8695071B2 (en) 2011-10-23 2014-04-08 Gopal Nandakumar Authentication method
US8566957B2 (en) 2011-10-23 2013-10-22 Gopal Nandakumar Authentication system
WO2013062777A1 (en) * 2011-10-23 2013-05-02 Nandakumar Gopal Authentication system and method
US8505079B2 (en) 2011-10-23 2013-08-06 Gopal Nandakumar Authentication system and related method
US8533802B2 (en) 2011-10-23 2013-09-10 Gopal Nandakumar Authentication system and related method
US20130191138A1 (en) * 2012-01-23 2013-07-25 James F. Chen Systems and methods for electrnically prescribing controlled substances
US20130191137A1 (en) * 2012-01-23 2013-07-25 James F. Chen Systems and methods for electronically prescribing controlled substances
US20130191139A1 (en) * 2012-01-23 2013-07-25 James F. Chen Systems and methods for electronically prescribing controlled substances
US8725532B1 (en) 2012-06-29 2014-05-13 Mckesson Financial Holdings Systems and methods for monitoring controlled substance distribution
US20140236614A1 (en) * 2013-02-15 2014-08-21 Passport Health Communications, Inc. Financial Triage
US9930032B2 (en) * 2014-12-16 2018-03-27 International Business Machines Corporation Selective password synchronization
US9544281B2 (en) * 2014-12-16 2017-01-10 International Business Machines Corporation Selective password synchronization
US20160241529A1 (en) * 2014-12-16 2016-08-18 International Business Machines Corporation Selective Password Synchronization
US9372986B1 (en) * 2014-12-16 2016-06-21 International Business Machines Corporation Selective password synchronization
US20170118194A1 (en) * 2014-12-16 2017-04-27 International Business Machines Corporation Selective Password Synchronization
WO2016210347A1 (en) * 2015-06-26 2016-12-29 Alibaba Group Holding Limited System, method, and apparatus for electronic prescription

Also Published As

Publication number Publication date Type
US20120130747A1 (en) 2012-05-24 application
US20110071847A1 (en) 2011-03-24 application
US8099301B2 (en) 2012-01-17 grant

Similar Documents

Publication Publication Date Title
US7085840B2 (en) Enhanced quality of identification in a data communications network
US8453925B2 (en) Method and system for performing two factor authentication in mail order and telephone order transactions
US7275260B2 (en) Enhanced privacy protection in identification in a data communications network
US7707120B2 (en) Mobile account authentication service
US8533118B2 (en) Online challenge-response
US8489513B2 (en) Methods and apparatus for conducting electronic transactions
US20060265243A1 (en) System and method for establishing or verifying a person's identity using SMS and MMS over a wireless communications network
US20070078677A1 (en) Controlling access to medical records
US20010056487A1 (en) Method and system for authenticating identity on internet
US7437330B1 (en) System and method for categorizing transactions
US20060106738A1 (en) Automatic address validation
US20060026042A1 (en) Privacy compliant consent and data access management system and methods
US20060229911A1 (en) Personal control of healthcare information and related systems, methods, and devices
US20080288299A1 (en) System and method for user identity validation for online transactions
US20070078760A1 (en) Authentication by owner to shared payment instruments
US20100312703A1 (en) System and method for providing authentication for card not present transactions using mobile device
US20030088771A1 (en) Method and system for authorizing and certifying electronic data transfers
US20030154405A1 (en) Information processing system and method
US20070276944A1 (en) Apparatus for access control and processing
US20010051924A1 (en) On-line based financial services method and system utilizing biometrically secured transactions for issuing credit
US7457950B1 (en) Managed authentication service
US20050043964A1 (en) Data processing system for patent data
US20020194131A1 (en) Method and system for electronically transmitting authorization to release medical information
US7624073B1 (en) System and method for categorizing transactions
US20060004588A1 (en) Method and system for obtaining, maintaining and distributing data

Legal Events

Date Code Title Description
AS Assignment

Owner name: CARDINALCOMMERCE CORPORATION, OHIO

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:KERESMAN, MICHAEL A. III;BOWMAN, JEFFRY J.;SHERWIN, FRANCIS M.;AND OTHERS;REEL/FRAME:011765/0301;SIGNING DATES FROM 20010421 TO 20010424