专利快速检索-快速检索全球专利，免费商用专利数据库-IPRDB

1. 发明申请

WO2004046896A2 A METHOD AND SYSTEM FOR ACCESS CONTROL 审中-公开
标题翻译：一种访问控制的方法和系统
公开(公告)号：WO2004046896A2
公开(公告)日：2004-06-03
申请号：PCT/CA2003/001775
申请日：2003-11-18
申请人： HIPAAT INC. , CALLAHAN, Terrance , MEYER, Steven
发明人： CALLAHAN, Terrance , MEYER, Steven
IPC分类号： G06F1/00
CPC分类号： H04L63/08 , H04L63/083 , H04L63/0853 , H04L63/0861 , H04L63/10 , H04L63/102
摘要： In one aspect of the invention, embodiments of the invention can superimposed upon the existing framework of network which includes a number of nodes interconnected by the underlying communications network. In one embodiment, an access control node is interposed between each node and the remainder of the network. The access control node is adapted to transmit information about the node and the user attempting to access the node to a server used for maintaining security and audit information. This information may take the form of node identification data (thus identifying the node) and user identification data (to ensure that the user is associated with an active account and the user has entered the correct password thus authenticating the user). If the node is not recognised by the server, then no access to protected information (e.g., PHI) is allowed. If, however, the node is recognised, then access to PHI requires that the user also be authenticated. Assuming both conditions exist, aspects of the invention will determine (based on a repository of information about users) the data each user is entitled to access and the functionality of the node that is to be made available to the user. Aspects of the invention may place limitations on the functionality offered by the node to which the user should be granted access. That is, although a user may be attempting to access data from a node which has a set of functions (e.g., printing, storing data to a removable media, displaying video signals, etc.), aspects of the invention enable only a subset of these functions to be made available depending on the rights which have been granted to a user.
摘要翻译：在本发明的一个方面中，本发明的实施例可以叠加在包括由底层通信网络互连的多个节点的现有网络框架上。在一个实施例中，访问控制节点插入在每个节点和网络的其余部分之间。访问控制节点适于将关于节点和试图访问节点的用户的信息传输到用于维护安全和审计信息的服务器。该信息可以采取节点标识数据（从而标识节点）和用户标识数据（以确保用户与活动账户相关联并且用户已输入正确的密码，从而认证用户）的形式。如果该节点没有被服务器识别，则不允许访问受保护的信息（例如，PHI）。但是，如果节点被识别，则对PHI的访问要求用户也被认证。假定存在两种条件，本发明的各方面将（基于关于用户的信息的存储库）确定每个用户有权访问的数据以及要提供给用户的节点的功能。本发明的各方面可以限制由用户应该被授权访问的节点所提供的功能。也就是说，虽然用户可能试图从具有一组功能的节点（例如，打印，将数据存储到可移动媒体，显示视频信号等）访问数据，但本发明的方面仅允许这些功能取决于授予用户的权利。

2. 发明申请

WO2006084362A1 SYSTEM AND METHOD FOR PRIVACY MANAGEMEN 审中-公开
标题翻译：隐私管理系统和方法
公开(公告)号：WO2006084362A1
公开(公告)日：2006-08-17
申请号：PCT/CA2006/000179
申请日：2006-02-09
申请人： HIPAAT INC. , MEYER, Steven, P. , CALLAHAN, Terrance
发明人： MEYER, Steven, P. , CALLAHAN, Terrance
IPC分类号： G06F21/00 , A61G99/00 , H04L9/32 , G06Q50/00 , G06F17/30
CPC分类号： G06Q20/3674 , G06F19/00 , G06F21/6245 , G06Q10/10 , G16H10/60
摘要： There is disclosed a system and method for managing the privacy of a patient's PHI within a medical/healthcare domain (e.g. within a healthcare institution or organization). More generally, listing of a caregiver or assistant in a patient's circle-of- care is managed by a circle-of-care manager that tracks the names and any aliases for any caregivers/assistants, as well as the name and any aliases of the patient, throughout the medical/healthcare domain. Using a set of hierarchical rules determining access restrictions, the circle-of-care list is updated by the circle-of-care manager to reflect any changes in membership. Within the circle-of-care list, multi-level permissions and restrictions may be assigned to each caregiver/assistant, depending on the level of access required. Permissions and / or restrictions may be time-limited to expire automatically.
摘要翻译：公开了一种用于管理医疗/保健领域（例如，医疗保健机构或组织内）的患者PHI的隐私的系统和方法。更一般来说，护理人员或助理在病人护理中的列表由一个护理管理经理管理，该管理者跟踪任何护理人员/助理的姓名和任何别名，以及任何护理者/助理的名称和任何别名患者，整个医疗/保健领域。使用一组确定访问限制的分层规则，护理圈管理器更新圈子列表，以反映成员资格的任何更改。根据所需的访问级别，在每个护理人员/助理的圈子内，可以分配多级权限和限制。权限和/或限制可能会被限时自动过期。

3. 发明申请

WO2013003949A1 METHODS FOR REMOTELY ACCESSING ELECTRONIC MEDICAL RECORDS WITHOUT HAVING PRIOR AUTHORIZATION 审中-公开
标题翻译：远程访问电子医疗记录的方法，无需先前的授权
公开(公告)号：WO2013003949A1
公开(公告)日：2013-01-10
申请号：PCT/CA2012/000648
申请日：2012-07-05
申请人： HIPAAT INC. , CALLAHAN, Terrance , BIALACH, Roman , YEUNG, Chun Man
发明人： CALLAHAN, Terrance , BIALACH, Roman , YEUNG, Chun Man
IPC分类号： G06Q50/24 , H04L12/16 , H04L12/46
CPC分类号： G06F19/322 , G06F19/00 , G06Q10/103 , G06Q50/24 , G16H10/60
摘要： Methods are provided for allowing patients, health care practitioners and other service providers to have remote access to electronic medical records of a patient stored on a first computer network by the remote user requesting access to the electronic medical record from a second computer network and providing a first and second piece of patient derived information to the second computer network; the second computer network transferring the first and second piece of patient derived information to a third computer network; the third computer network authorizing the remote user through the first and second piece of patient derived information and dependent on a patient specific authorization protocol; the third computer network confirming a patient specific consent protocol; and the third computer network disclosing the electronic medical record to the remote user dependent upon an authorization and a confirmation received from the third computer network.
摘要翻译：提供了允许患者，保健从业者和其他服务提供者远程访问存储在第一计算机网络上的患者的电子病历的方法，所述远程用户请求从第二计算机网络访问电子病历，并提供第一和第二片患者得到的信息到第二计算机网络; 所述第二计算机网络将所述第一和第二病人得到的信息传送到第三计算机网络; 第三计算机网络通过第一和第二片患者得出的信息并依赖于患者特定的授权协议授权远程用户; 确定患者具体同意协议的第三台计算机网络; 以及第三计算机网络，其依赖于从第三计算机网络接收的授权和确认向远程用户公开电子医疗记录。

4. 发明申请

WO2004046896A3 A METHOD AND SYSTEM FOR ACCESS CONTROL 审中-公开
标题翻译：用于访问控制的方法和系统
公开(公告)号：WO2004046896A3
公开(公告)日：2004-11-04
申请号：PCT/CA0301775
申请日：2003-11-18
申请人： HIPAAT INC , CALLAHAN TERRANCE , MEYER STEVEN
发明人： CALLAHAN TERRANCE , MEYER STEVEN
IPC分类号： H04L29/06
CPC分类号： H04L63/08 , H04L63/083 , H04L63/0853 , H04L63/0861 , H04L63/10 , H04L63/102
摘要： In one aspect of the invention, embodiments of the invention can superimposed upon the existing framework of network which includes a number of nodes interconnected by the underlying communications network. In one embodiment, an access control node is interposed between each node and the remainder of the network. The access control node is adapted to transmit information about the node and the user attempting to access the node to a server used for maintaining security and audit information. This information may take the form of node identification data (thus identifying the node) and user identification data (to ensure that the user is associated with an active account and the user has entered the correct password thus authenticating the user). If the node is not recognised by the server, then no access to protected information (e.g., PHI) is allowed. If, however, the node is recognised, then access to PHI requires that the user also be authenticated. Assuming both conditions exist, aspects of the invention will determine (based on a repository of information about users) the data each user is entitled to access and the functionality of the node that is to be made available to the user. Aspects of the invention may place limitations on the functionality offered by the node to which the user should be granted access. That is, although a user may be attempting to access data from a node which has a set of functions (e.g., printing, storing data to a removable media, displaying video signals, etc.), aspects of the invention enable only a subset of these functions to be made available depending on the rights which have been granted to a user.
摘要翻译：在本发明的一个方面，本发明的实施例可以叠加在现有的网络框架上，该网络框架包括由底层通信网络互连的多个节点。在一个实施例中，访问控制节点插入在每个节点和网络的其余部分之间。访问控制节点适于将关于节点和尝试访问该节点的用户的信息传送到用于维护安全性和审计信息的服务器。该信息可以采取节点识别数据（从而识别节点）和用户标识数据的形式（以确保用户与活动帐户相关联，并且用户已经输入了正确的密码，从而认证用户）。如果节点不被服务器识别，则不允许访问受保护的信息（例如，PHI）。但是，如果节点被识别，则访问PHI要求用户也被认证。假设存在这两个条件，本发明的各方面将确定（基于关于用户的信息的存储库）每个用户有权访问的数据以及要向用户可用的节点的功能。本发明的方面可以限制由用户应该被授权访问的节点提供的功能。也就是说，虽然用户可能尝试从具有一组功能（例如，打印，将数据存储到可移动媒体，显示视频信号等）的节点访问数据，但是本发明的各方面仅能够实现这些功能将根据授予用户的权限而提供。

你已经成功收藏专利！

检索式保存成功!

IPRDB

热门服务

关于我们

友情链接

联系方式