WO2001086479A2 - Systeme pour fournir des prescriptions d'informations - Google Patents

Systeme pour fournir des prescriptions d'informations Download PDF

Info

Publication number
WO2001086479A2
WO2001086479A2 PCT/US2001/013868 US0113868W WO0186479A2 WO 2001086479 A2 WO2001086479 A2 WO 2001086479A2 US 0113868 W US0113868 W US 0113868W WO 0186479 A2 WO0186479 A2 WO 0186479A2
Authority
WO
WIPO (PCT)
Prior art keywords
information
individual
prescriptions
access
providing
Prior art date
Application number
PCT/US2001/013868
Other languages
English (en)
Other versions
WO2001086479A3 (fr
Inventor
Terry Knapp
Original Assignee
Terry Knapp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Terry Knapp filed Critical Terry Knapp
Priority to AU2001255778A priority Critical patent/AU2001255778A1/en
Publication of WO2001086479A2 publication Critical patent/WO2001086479A2/fr
Publication of WO2001086479A3 publication Critical patent/WO2001086479A3/fr

Links

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/60ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
    • G16H40/67ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/10Office automation; Time management
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H70/00ICT specially adapted for the handling or processing of medical references
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H80/00ICT specially adapted for facilitating communication between medical practitioners or patients, e.g. for collaborative diagnosis, therapy or health monitoring
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information

Definitions

  • This system relates to the field of information delivery and, in particular, to a system for managing and tracking an individual's access to and retrieval of prescribed information, and for support of legally valid acknowledgment and attestation by the individual to the receipt and understanding of the information and agreement to the stipulations described in the information.
  • organ donor agreements including, but not limited to: organ donor agreements, real estate broker agreements, financing arrangements, medical and surgical procedure authorizations, on line software license agreements, and the like.
  • the individual is provided with a set of information which constitutes an "information prescription" in that the set of information is typically predetermined in scope and content, and the individual is requested to read and understand the information. The individual must then attest to receipt of the information and agreement to the terms and conditions contained therein.
  • the information prescription may be prescribed to the individual as a condition precedent to receipt of goods, services, and the like from a provider or the individual may seek out the information prescription in order to access goods, services, and the like.
  • the provider (doctor or hospital), or other responsible professional or business entity, is held legally accountable for delivery of this information in a complete and consistent manner. Therefore, every provider or other responsible professional or business entity must obtain legally defensible informed consent from the patient before instituting treatment or administering certain drugs or medical devices, conducting clinical research, using sensitive personal patient data, collecting tissue or organs for donation or banking, or obtaining medical power-of-attorney or living wills, and the like. Not only is this task daunting, but the physician or other responsible entity is without an adequate audit trail to demonstrate that the information was not only provided to the patient but also understood by the patient.
  • the traditional nature of medical practice is that the time spent by the physician in patient education is typically compressed into a portion of an office visit, where the patient arrives unprepared and leaves without having had adequate time to fully ponder the information that was provided, while the physician is unsure how much of the presentation of information was understood by the patient.
  • This traditional information transfer process reduces the likelihood that the patient makes the effort to raise their questions with the physician in a follow up communication.
  • This problem is often better addressed in the area of surgical procedures, where the patient is typically more prepared to understand the teaching provided by the surgeon, since the surgery is typically authorized after a number of prior physician visits and the repeated presentation of information during this series of meetings reduces the likelihood that the patient fails to understand at least the basic information that is presented.
  • the system for providing information prescriptions provides a data access transaction environment (including Data Informed Consent) in its entirety, in order to reduce the cost of providing relevant medical information to patients as well as to ensure that the prescribed information was provided to the patient and this information was understood by the patient, Moreover, there presently is no method by which the patient can attest to the receipt of and understanding of the information prescribed by the provider or other responsible entity and agree to the recommendations of the provider or other responsible entity attendant to that information in a manner that cannot be repudiated.
  • This system for providing information prescriptions maintains a time and date stamped log, that identifies: providers or other responsible entity, patients, the set of information prescribed for each patient, the purpose for which the prescribed set of information is used.
  • the system for providing information prescriptions also provides for multimedia information content that is archived and versioned for future reference to assure the integrity of the transaction.
  • the system for providing information prescriptions also includes the capability to test the patient's understanding of the information and provides the patient with a mechanism to generate inquiries and to access additional information relating to the prescribed set of information.
  • the provider or other responsible entity is therefore able to utilize the resources available from many sources to provide the patient with relevant information in a timely and efficient manner.
  • the system for providing information prescriptions also contains the mechanisms by which the patient can attest to the viewing and understanding of the information and to the acceptance of the providers treatment and product use recommendations such that the patient ' s consent is thereby informed and the attestation cannot be legally repudiated.
  • the present system for providing information prescriptions introduces a new paradigm in the field of information delivery and the secure attestation by an individual to terms and conditions associated with a transaction related to the delivered information.
  • Various means of securing the data are available, such as symmetric and asymmetric encryption key systems and protected lists.
  • Various means of authentication of users are available, including digital signatures, passwords, biometrics and smart cards.
  • the security of data is addressed through the means of a public key infrastructure and digital certificate issuance to authorized and authenticated users.
  • Each transaction participant consists of a client company, care provider, other responsible entity, or information source that holds a general Digital Certificate to authenticate that company, provider or information source.
  • Each Digital Certificate bears a unique identifier to ensure that it can be tracked.
  • Each Digital Certificate issued is accompanied by a set of requirements governing its use that are designed for compliance with regulations and the access limitations defined by the issuer.
  • Each patient is authenticated and issued a Digital Certificate or other means of authentication to use in the generation of a Dynamic Data Informed Consent and for use in providing information to the patient and tracking the use of this information by the patient, and for logging, archiving and tracking patient sign-off for understanding of the information and for treatment and product use authorization.
  • the medium for data transmission among the parties served by the system for providing information prescriptions is any electronic data communication system, such as: the Internet, Intranet, Virtual Private Network (VPN), Wide Area Network, and the like.
  • the system for providing information prescriptions acts as a compliance clearinghouse for the data flow and maintains a log of patients, category of data, purpose for which the data is used, time and date stamped.
  • the system for providing information prescriptions maintains the audit trail of all uses of data, together with audit analysis software to determine if any breach of the system ' s authorization structure occurs.
  • the system for providing information prescriptions supports and records transactions entailing legally valid authorization fortreatment and product use based on receipt and understanding of the information.
  • Figure 2 illustrates additional details of the data informed consent system
  • Figures 3 and 4 illustrate in flow diagram form the operation of the system for providing information prescriptions of Figures 1A & 1B in processing a typical transaction
  • Figure 5 illustrates in block diagram form the structure of the Dynamic Data
  • the system for providing information prescriptions ensures that the individual who receives the information understands the information and acquiesces to the terms and conditions associated with the transaction for which the information is relevant.
  • this system for providing information prescriptions enables medical professionals to verify that a prescribed set of information was provided to the patient and this information was understood by the patient.
  • the Information Prescription System provides a data access transaction environment (including Data Informed Consent) in its entirety, in order to reduce the cost of providing relevant medical information to patients as well as to ensure that the information was provided to the patient and this information was understood by the patient.
  • the example of a medical information delivery scenario is used herein to illustrate the concepts of the Information Prescription System but this example is not intended to limit the scope and applicability of the Information Prescription System to the multitude of other fields and analogous applications where this paradigm is also applicable.
  • Figures 1 A & 1 B illustrate in block diagram form the overall architecture of the Information Prescription System 101 and a typical environment in which it is operational.
  • the present Information Prescription System 101 is incorporated into a data storage and processing complex 100 that is connected to at least one communication medium CM (such as the Public Switched Telephone Network, or a wireless network, or the Internet, or other switched data network) to thereby enable individuals to obtain communication connections with the Information Prescription System 101.
  • CM such as the Public Switched Telephone Network, or a wireless network, or the Internet, or other switched data network
  • the data storage and processing system 100 on which the Information Prescription System 101 resides includes: interactive web server WS1 , communications and data router DR1 , a plurality of servers S1-Sn which function to manage a plurality of databases and provide an interface to the Information Prescription System 101 and the Dynamic Data Informed Consent System 102.
  • the Information Prescription System 101 includes various data management processes, some of which are described below.
  • the individuals who access the Information Prescription System 101 are typically equipped with a personal computer, hand held computing device, cellular communication device, telephone station set or other data interface device, collectively termed "terminal equipment" T1-Tn herein.
  • a typical terminal equipment T1 can be equipped with a processor PC, display device D, Web browser software AB, and one or more databases or data storage devices, such as database E which is used to store information retrieved from the sites served by the Internet and database F which stores programs used to operate the processor PC.
  • the data communication connection between the individual's terminal equipment T1 and the Information Prescription System 101 can be via the Internet, using the well known personal computer modem and Internet browser technology available at the individual's terminal equipment T1.
  • the physical connection that supports this data communication connection is typically effected from individual's terminal equipment T1 through the Local Exchange Carrier LEC1 of the Public Switched Telephone Network (PSTN) to the Internet CM which is also connected thereto.
  • PSTN Public Switched Telephone Network
  • the Internet CM is also connected to a Local Exchange Carrier LEC2 which serves the communications and data router DR1 of the Information Prescription System 101.
  • providers are typically equipped with a provider communication system P that enables the provider to communicate with the data storage and processing complex 100 via the Internet CM.
  • the provider communication system typically is equipped with a plurality of databases, such as database C, which may store information, and database D, which may store information for access by the individuals, such as educational scripts. This information may alternatively be incorporated, in whole or in part, into a standalone interactive teaching system (not shown).
  • database C which may store information
  • database D which may store information for access by the individuals, such as educational scripts.
  • This information may alternatively be incorporated, in whole or in part, into a standalone interactive teaching system (not shown).
  • there are a multitude of information vendors who maintain information repositories illustrated in conceptual form in Figure 1 A as information vendor Web site IV.
  • the information vendor Web site IV typically consists of a data router/server DR2, Web server software WS2 and a plurality of databases, such as database A for storing prescription drug data for access by patients, and database B for storing access control software and data to enable the information vendor to authenticate a patient's right of access, create an information audit trail, and manage the information transaction.
  • the information vendor Web site IV can optionally be equipped with one or more stand-alone interactive teaching systems (not shown).
  • the confidential exchange of information implies that the information is exchanged or shared with the trusted other who is trusted to keep the information secret, i.e. the trusted other will not disclose the information to others.
  • Privacy This comprises the state of being free from unsanctioned intrusion. Privacy is often confused with security. Security implies safety from intrusion, while privacy invokes the ability of a person to avoid intrusion unless that person authorizes the intrusion.
  • Security This comprises the level to which data is safe from unauthorized use. Security requires mechanisms which protect the data from unauthorized use.
  • the dynamic process of authorization or revocation of authorization via operation of a security mechanism is the exercise of privacy.
  • Data Informed Consent The process by which a patient is informed about their rights under the law, and the responsibilities of parties who use their personalized information (General Advisory), as well as the manner in which their data is used, managed and protected (Specific Advisory). This process provides for interactive patient control of disclosure authorization and the revocation thereof (Dynamic Consent).
  • Data Informed Consent dictates what client companies (providers, payers, drug and device manufacturers, research organizations, e-health companies) can do with the patient's data - hence a two-way interaction: the present system informs the patient of the various options; patients consent to client companies accessing their data via the present system pursuant to the parameters specified by the patient.
  • Clients - The term "client” is used to identify any of the class of providing health care businesses or other responsible entities that interact with the patient, such as: health care providers, product vendors, information vendors, e-health companies, payers, laboratories, research organizations, attorneys, data storage companies, and the like.
  • the components of the Information Prescription system include: A public key infrastructure (PKI) that provides robust encryption of all data routed through the Information Prescription system. Encryption modalities other than PKI may be employed to implement this function.
  • PKI public key infrastructure
  • Digital certificates to provide ongoing authentication of approved parties, and associated constraints on use and attestations provided by the parties to whom they are issued. Other means of authentication such as passwords, biometrics and smart cards may be used to implement this function.
  • Dynamic Data Informed Consent The Dynamic Data Informed Consent system 102 is cooperatively operative with, and may be part of, the Information Prescription System 101 and functions to interactively manage the information exchange with the patient and maintain a confidential audit trail of the information accesses and retrievals by the patient.
  • This Dynamic Data Informed Consent system 102 is described in detail in the above-noted U.S.
  • Dynamic Data Informed Consent segment 102 of the present Information Prescription System 101 typically includes the following: 1.) There is a duty not to use or disclose information except as authorized by the patient, or as explicitly permitted by legislation or regulations.
  • Clients are permitted to use the information only for purposes compatible with and directly related to the purposes for which the information was collected or received, or for which they are authorized to disclose the information.
  • the Dynamic Data Informed Consent System 102 ensures the integrity and confidentiality of information; and b.) The Dynamic Data Informed Consent System 102 protects against any reasonably anticipated threats or hazards to the security or integrity of the information and unauthorized uses or disclosures of the information. Architecture of the Dynamic Data Informed Consent System
  • FIG. 2 illustrates additional details of the Dynamic Data Informed Consent System 102 in conceptual block diagram form to illustrate the functionality of this system.
  • the Dynamic Data Informed Consent System 102 functions to regulate the exchange of proprietary patient specific data among the plurality of clients served by the Dynamic Data Informed Consent System 102.
  • the Dynamic Data Informed Consent System 102 in a typical embodiment, itself comprises one or more servers 221 , 222 which interface the Dynamic Data Informed Consent System 102 to the various elements contained in the data storage and processing system 100.
  • the Dynamic Data Informed Consent System 102 can be viewed as a plurality of components, which can be implemented as an integrated facility or portions thereof can be outsourced to other vendors.
  • the data storage function can optionally be implemented within Dynamic Data Informed Consent System 102 as an Information Management System (IMS1)
  • the Public Key Infrastructure (PKI) can optionally be implemented within Dynamic Data Informed Consent System 102.
  • the Information Management System (IMS1) includes a data storage manager 251 , administrator interface terminal 254 and its associated data storage devices 252, 253, which stores the proprietary patient specific data.
  • the core element of the Dynamic Data Informed Consent System 102 is the dynamic Data Informed Consent Management system (DIG Management).
  • the Public Key Infrastructure (PKI) comprises a subscriber manager 220 and a key management element 230, shared between the Data Informed Consent Management system (DIC Management) and the Public Key Infrastructure (PKI).
  • the Public Key Infrastructure (PKI) includes a digital certificate processing element 240.
  • the Data Informed Consent Management system typically comprises one or more servers 221 , 222 to manage interactions with patients and clients.
  • the Data Informed Consent Management system (DIC Management) includes a patient/client subscription module comprising the RA Control Center 225, an associated administrator data terminal device 226 and data storage elements 227.
  • a digital certificate module comprising the CA Control Center 223, an associated administrator data terminal device 224 and data storage elements 228, is provided.
  • the Data Informed Consent Management system (DIC Management) includes a data informed consent module 260, comprising DIC Control Center 261 , an associated administrator data terminal device 262 and data storage elements 263, 264. The operation of these elements is described below. Dynamic Data Informed Consent Transaction
  • Dynamic Data Informed Consent System 102 For clients and patients to be served by the Dynamic Data Informed Consent System 102, their identity must be verified and ensured in future transactions. This is typically accomplished by use of the well known paradigm of Digital Certificates.
  • a patient or client wishes to avail themselves of the services of the Dynamic Data Informed Consent System 102, they establish a communication connection via data communication medium CM to the Dynamic Data Informed Consent System 102 and interconnect with servers 221 , 222 via communication paths WA.
  • the Dynamic Data Informed Consent System 102 then executes a script via RA Control Center 225 and certificate processing system 240, to identify the patient/client and record their identity and set of permissions in the registration database stored in memory 227.
  • the Dynamic Data Informed Consent System 102 in well known fashion issues a Digital Certificate via certificate processing system 240, which Digital Certificate is transmitted via servers 221 , 222 and communication paths WA to the patient/client to thereby authorize future access to the Dynamic Data Informed Consent System 102.
  • Dynamic Data Informed Consent System 102 When Digital Certificates are issued by the Dynamic Data Informed Consent System 102 to clients, these parties can access the Dynamic Data Informed Consent System 102 to assure compliance with a patient's dynamic data informed consent when accessing patients' proprietary patient specific data and providing data to patients.
  • the patients are also provided with Digital Certificates, which they use to access the Dynamic Data Informed Consent System 102 to create the Data Informed Consent for the patient's personal data.
  • the patient via data communication medium 201 , accesses the Dynamic Data Informed Consent System 102 and, in particular, the Data Informed Consent module 260 to create a Data Informed Consent file for the patient's proprietary patient specific data which is stored in informed consent database memory 263.
  • This data informed consent data created by the patient is the basis of empowering the clients to access, exchange and process the patients' proprietary patient specific data. It is apparent that the patient can create the data informed consent data via the submission of a paper form, which is then input into the Dynamic Data Informed Consent System 102 by clerical staff. In either case, the data informed consent stored in Dynamic Data Informed Consent System 102 is the basis for the transactions described herein.
  • FIG. 5 illustrates in block diagram form the structure of the Dynamic Data Informed Consent Domain.
  • the patient has a one to one mapping to a Data Informed Consent, since the Dynamic Data Informed Consent System 102 maintains a single Data Informed Consent for each patient.
  • the Data Informed Consent is mapped to up to n clients, although at any time there may be no clients authorized under the patient's Data Informed Consent.
  • the patient has a one to one correspondence to an audit trail file maintained by the Dynamic Data Informed Consent System 102.
  • the audit trail file is mapped to up to n Data Informed Consent Updates, although at any time there may be no Data Informed Consent Updates authorized under the patient's Data Informed Consent.
  • the Data Informed Consent Updates are mapped to up to n clients, although at any time there may be no clients authorized under the patient's Data Informed Consent Updates.
  • the patient's audit trail file is mapped to up to n Health Information Transactions, although at any time there may be no Health Information Transactions authorized under the patient's Data Informed Consent.
  • each Health Information Transaction is mapped to up to n transmitting and n receiving clients, although at any time there may be no clients authorized under the patient's Data Informed Consent. Operation of the Information Prescription System
  • FIGs 3 and 4 illustrate in flow diagram form the operation of the Information Prescription System 101 of Figures 1 A & 1 B in processing a typical transaction.
  • Digital Certificates are issued to clients, these parties can access the Information Prescription System 101 to assure compliance when transacting with or accessing the Information Prescription System 101.
  • the patients are also provided with Digital Certificates, which they use to access the Information Prescription System 101 to create the Data Informed Consent for the patient's data and for the access of information, with the associated audit trail creation.
  • the patient accesses the Information Prescription System 101 and, in particular, the Data Informed Consent Management module 201 to create a Data Informed Consent file for the patient's personal data which is stored in memory in one or more data storage systems, such as a rules-driven relational database system.
  • the provider at step 301 instructs the patient to retrieve a predetermined set of information ("information prescription") for review prior to a conference scheduled between the patient and the provider.
  • the information can reside in a single location or can be distributed across many locations.
  • an initial segment of the information prescription may reside on the provider's information system P
  • a second segment may reside on the data storage and processing system 100
  • a third segment may reside on an information vendor information system IV.
  • the issuance of an information prescription can be implemented electronically at step 302 by the provider, using provider information system P, encrypting the patient personal data, using PKI software and interface supplied by the company (PrivaComp, Inc.) that operates the Information Prescription System 101.
  • the provider's Digital Certificate, issued by the Information Prescription System 101 , at step 303 is attached and the "wrapped" data is sent through the PKI encryption module 203 to ensure security of the transaction.
  • the data access request flows to the Information Prescription System 101 Certificate Authority and Certificate Management module 202 at step 304 where the authorization of the provider is verified, as a client of the Information Prescription System 101.
  • the verified request is then forwarded to Data Informed Consent module 201 at step 305 to be processed and the granted request is output through PKI encryption module 203 and transmitted over the data transmission medium 103 at step 306 to the patient's terminal device T1 to thereby enable the patient to execute the information prescription issued by the provider.
  • the information prescription is self defining, in that it identifies the patient and all segments of information (and optionally their sources) that are to be retrieved by the patient.
  • the information prescription can optionally also establish thresholds for each segment of the information, where the threshold defines the required minimum patient comprehension level for the received information, as measured by the entity providing the information.
  • step 307 An additional optional feature of this process is executed at step 307 where the Information Prescription System 101 generates a Digital Certificate, which is transmitted overthe data transmission medium 103 to client information vendor(s) IV who may then process the patient personal data transmitted by the provider and/or the Information Prescription System 101 to enable the patient to access data stored in the information vendor system IV.
  • the patient can initiate the information retrieval process.
  • the patient receives an information prescription from the Information Prescription System 101 via the Internet CM at their terminal device T1.
  • the patient (or other individual) may initiate an information access independent of the provider.
  • the patient then initiates a communication connection at step 402 to the Information Prescription System 101 via the Internet (as described above) in well known manner using terminal device T1.
  • the Information Prescription System 101 receives the information prescription from the patient and verifies the authenticity of the information prescription via the operation of the Dynamic Data Informed Consent System 102, as described above.
  • the Information Prescription System 101 provides the patient with access to a predetermined set of information that is stored in database G, which information constitutes a portion of the information defined in the information prescription.
  • the patient's access of this information and, optionally, the test results obtained via queries provided to the patient as part of the information retrieval process are time stamped and recorded in a transaction file in database H to thereby provide an audit trail for future reference.
  • the Information Prescription System 101 at step 406 routes the patient to the repository of the next segment of the information contained in the information prescription, if there is another segment. If not, the patient is routed to step 412 as described below.
  • the information vendor's information system IV can be accessed via the URL of this Web site, so the patient is automatically provided with the next portion of the information defined in the information prescription.
  • the access to the information vendor Web site IV is accomplished by the Information Prescription System 101 at step 407 transmitting an information access request to the information vendor Web site IV in encrypted form as described above, including the Digital Certificate that was issued to the patient.
  • the information vendor Web site IV processes the information request by validating the permission of the patient to retrieve the identified information, then provides the patient with access to this information and creates an audit trail of the information access and, optionally, the test results obtained via queries provided to the patient as part of the information retrieval process.
  • the information retrieval process data is time stamped and recorded in a transaction file in database B at step 409 to thereby provide an audit trail for future reference.
  • the audit trail data including identification of the patient, the data accesses and test results, are transmitted to the Information Prescription System 101 at step 410 for storage in the transaction file associated with this patient at step 411.
  • the Information Prescription System 101 obtains a digital signature sign-off by the patient, that cannot be repudiated, confirming patient understanding of the information and agreement to physician-recommended treatment and product use, or other responsible entity-recommended authorization.
  • the Information Prescription System 101 Upon the conclusion of all of the information accesses defined in the information prescription, or upon termination of the session by the patient, the Information Prescription System 101 at step 413 transmits an encrypted message to the provider's (or other responsible entities) information system P to advise the provider or other responsible entity of the patient's use of the information prescription, and whether the patient has executed the entirety of the information prescription.
  • the provider or other responsible entity can make use of resources available from many sources to provide the patient with information relating to a particular illness or medical condition or related transaction.
  • the provider or other responsible entity exercises control overthe nature and content of the information by defining the information content of the information prescription, receives verification of the patient's use (in whole or in part) of the information prescription, and receives legally-valid, patient consent (authorization) that cannot be repudiated, for recommended treatment and/or product use, or other legally-required authorization in accordance with the information provided (i.e., legally defensible "informed consent").
  • the Information Prescription System 101 may remain connected to the patient's terminal device T1 for the entirety of the communication connection in order that the Information Prescription System 101 monitor the transaction and record the data relating to the patient's access of the information contained in the information prescription.
  • the Information Prescription System 101 can facilitate the transfer of the data communication connection to an information vendor and simply receive data from the information vendor relating to the patient's access of the information contained in the information prescription. In either case, the Information Prescription System 101 maintains a record of the information prescription and its use for future validation of the patient's access to the information contained in the information prescription. Summary
  • the Information Prescription System is a dynamic patient authorization management tool that differs from existing data management systems in that it enables medical professionals or other responsible entities to prescribe a set of information for the patient to review.
  • the Information Prescription System provides a data access transaction environment (including Data Informed Consent) in its entirety, in order to reduce the cost of providing relevant medical and related information to patients as well as to ensure that the prescribed information was provided to the patient and that this information was understood by the patient and that the recommendations were accepted by the patient.

Landscapes

  • Engineering & Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Public Health (AREA)
  • Primary Health Care (AREA)
  • Business, Economics & Management (AREA)
  • General Health & Medical Sciences (AREA)
  • Epidemiology (AREA)
  • Biomedical Technology (AREA)
  • Human Resources & Organizations (AREA)
  • Strategic Management (AREA)
  • Entrepreneurship & Innovation (AREA)
  • General Business, Economics & Management (AREA)
  • Computer Security & Cryptography (AREA)
  • Operations Research (AREA)
  • Data Mining & Analysis (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Tourism & Hospitality (AREA)
  • Quality & Reliability (AREA)
  • Marketing (AREA)
  • Economics (AREA)
  • Pathology (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Medical Treatment And Welfare Office Work (AREA)
  • Storage Device Security (AREA)

Abstract

Ce système, qui sert à fournir des prescriptions d'informations, permet à des professionnels de la santé et à d'autres entités responsables de prescrire un ensemble d'informations à une personne à examiner, afin d'obtenir une autorisation légalement valide de la personne. Ce système conserve un registre avec tampon de l'heure et de la date, qui identifie: les fournisseurs de soins, d'autres entités responsables, les patients, l'ensemble d'informations prescrit à chaque patient et l'objectif pour lequel cet ensemble prescrit d'informations est utilisé. Ce système de prescription d'informations offre également la possibilité de tester la compréhension du patient face à ces informations et il dote le patient d'un mécanisme lui permettant de produire des questions et d'accéder à des informations supplémentaires relatives à l'ensemble prescrit d'informations. Ce système de prescription d'informations offre également au patient la possibilité de signer électroniquement un consentement (autorisation) pour le traitement et pour l'utilisation d'un produit (médicament et/ou dispositif médical).
PCT/US2001/013868 2000-05-05 2001-04-30 Systeme pour fournir des prescriptions d'informations WO2001086479A2 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
AU2001255778A AU2001255778A1 (en) 2000-05-05 2001-04-30 System for providing information prescriptions

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US56514400A 2000-05-05 2000-05-05
US09/565,144 2000-05-05

Publications (2)

Publication Number Publication Date
WO2001086479A2 true WO2001086479A2 (fr) 2001-11-15
WO2001086479A3 WO2001086479A3 (fr) 2003-06-05

Family

ID=24257372

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2001/013868 WO2001086479A2 (fr) 2000-05-05 2001-04-30 Systeme pour fournir des prescriptions d'informations

Country Status (2)

Country Link
AU (1) AU2001255778A1 (fr)
WO (1) WO2001086479A2 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004038604A1 (fr) * 2002-10-25 2004-05-06 Vivantti Pty Ltd Nouveau procede de stockage de donnees
WO2006000060A1 (fr) * 2004-06-29 2006-01-05 Mca Medicorp (International) Pty Ltd Procede et produit logiciel servant a etablir un consentement en toute connaissance de cause
US20150113430A1 (en) * 2010-02-23 2015-04-23 Farmacia Electronica, Inc. Method and system for consumer-specific communication based on cultural normalization techniques

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108786104A (zh) * 2018-04-27 2018-11-13 北京鲸世科技有限公司 游戏运行方法、装置及系统,存储介质,电子装置

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0766165A2 (fr) * 1995-08-31 1997-04-02 Fujitsu Limited Système de notification de licenses
US5689565A (en) * 1995-06-29 1997-11-18 Microsoft Corporation Cryptography system and method for providing cryptographic services for a computer application
US5857028A (en) * 1996-01-11 1999-01-05 Frieling; Edward Computer access control by finger anatomy and comprehension testing
US5996076A (en) * 1997-02-19 1999-11-30 Verifone, Inc. System, method and article of manufacture for secure digital certification of electronic commerce
WO2000017837A1 (fr) * 1998-09-18 2000-03-30 Vtl Link Procedes et dispositif d"authentification d"un consentement eclaire

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5689565A (en) * 1995-06-29 1997-11-18 Microsoft Corporation Cryptography system and method for providing cryptographic services for a computer application
EP0766165A2 (fr) * 1995-08-31 1997-04-02 Fujitsu Limited Système de notification de licenses
US5857028A (en) * 1996-01-11 1999-01-05 Frieling; Edward Computer access control by finger anatomy and comprehension testing
US5996076A (en) * 1997-02-19 1999-11-30 Verifone, Inc. System, method and article of manufacture for secure digital certification of electronic commerce
WO2000017837A1 (fr) * 1998-09-18 2000-03-30 Vtl Link Procedes et dispositif d"authentification d"un consentement eclaire

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2004038604A1 (fr) * 2002-10-25 2004-05-06 Vivantti Pty Ltd Nouveau procede de stockage de donnees
WO2006000060A1 (fr) * 2004-06-29 2006-01-05 Mca Medicorp (International) Pty Ltd Procede et produit logiciel servant a etablir un consentement en toute connaissance de cause
US20150113430A1 (en) * 2010-02-23 2015-04-23 Farmacia Electronica, Inc. Method and system for consumer-specific communication based on cultural normalization techniques

Also Published As

Publication number Publication date
WO2001086479A3 (fr) 2003-06-05
AU2001255778A1 (en) 2001-11-20

Similar Documents

Publication Publication Date Title
Seol et al. Privacy-preserving attribute-based access control model for XML-based electronic health record system
CN107835182B (zh) 基于区块链的电子处方系统及处理方法
CN107896213B (zh) 电子处方数据存储方法
US9419951B1 (en) System and method for secure three-party communications
TW510997B (en) Privacy and security method and system for a world-wide-web site
US20060004588A1 (en) Method and system for obtaining, maintaining and distributing data
CN110008746A (zh) 基于区块链的医疗记录存储、共享和安全理赔模型及方法
CN111261250B (zh) 一种基于区块链技术的医疗数据共享方法、装置、电子设备及存储介质
WO2019241170A1 (fr) Système et procédé de gestion d'accès à des informations de santé d'un utilisateur stockées sur un réseau de soins de santé
US20060229911A1 (en) Personal control of healthcare information and related systems, methods, and devices
US20060085347A1 (en) Method and apparatus for managing personal medical information in a secure manner
KR101925322B1 (ko) 전자인증, 전자서명 및 위변조방지를 포함하는 암호화 기반 의료자문 서비스 제공 방법
Halamka et al. A WWW implementation of national recommendations for protecting electronic health information
Andriole Security of electronic medical information and patient privacy: what you need to know
EP1226524A2 (fr) Systeme base sur un consentement informe dynamique de donnees assurant la confidentialite des donnees et la securite dans les systemes de base de donnees et dans les communications sur reseau.
KR20130045902A (ko) 익명화 건강 관리 및 기록 시스템
US10348695B1 (en) Secure access to individual information
KR20010083533A (ko) 컴퓨터 네트워크를 이용한 원외 전자 처방 전달/관리시스템 및 그를 이용한 처방 전달/관리 방법
CN114065261A (zh) 基于区块链的分布式可信数据分享平台、方法及系统
US10929509B2 (en) Accessing an interoperable medical code
US20100235924A1 (en) Secure Personal Medical Process
Neuhaus et al. Survey on healthcare IT systems: standards, regulations and security
KR20210135397A (ko) 의료자문 서비스 제공 시스템
JP2000331101A (ja) 医療関連情報管理システム及びその方法
KR100945819B1 (ko) 휴대 단말기를 이용한 개인건강기록 서비스 방법 및 그에따른 시스템

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A2

Designated state(s): AU BR CA CN JP KR MX

AL Designated countries for regional patents

Kind code of ref document: A2

Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP