会员体验
专利管家(专利管理)
工作空间(专利管理)
风险监控(情报监控)
数据分析(专利分析)
侵权分析(诉讼无效)
联系我们
交流群
官方交流:
QQ群: 891211   
微信请扫码    >>>
现在联系顾问~
热词
    • 1. 发明申请
    • SYSTEM AND METHOD FOR PRIVACY MANAGEMEN
    • 隐私管理系统和方法
    • WO2006084362A1
    • 2006-08-17
    • PCT/CA2006/000179
    • 2006-02-09
    • HIPAAT INC.MEYER, Steven, P.CALLAHAN, Terrance
    • MEYER, Steven, P.CALLAHAN, Terrance
    • G06F21/00A61G99/00H04L9/32G06Q50/00G06F17/30
    • G06Q20/3674G06F19/00G06F21/6245G06Q10/10G16H10/60
    • There is disclosed a system and method for managing the privacy of a patient's PHI within a medical/healthcare domain (e.g. within a healthcare institution or organization). More generally, listing of a caregiver or assistant in a patient's circle-of- care is managed by a circle-of-care manager that tracks the names and any aliases for any caregivers/assistants, as well as the name and any aliases of the patient, throughout the medical/healthcare domain. Using a set of hierarchical rules determining access restrictions, the circle-of-care list is updated by the circle-of-care manager to reflect any changes in membership. Within the circle-of-care list, multi-level permissions and restrictions may be assigned to each caregiver/assistant, depending on the level of access required. Permissions and / or restrictions may be time-limited to expire automatically.
    • 公开了一种用于管理医疗/保健领域(例如,医疗保健机构或组织内)的患者PHI的隐私的系统和方法。 更一般来说,护理人员或助理在病人护理中的列表由一个护理管理经理管理,该管理者跟踪任何护理人员/助理的姓名和任何别名,以及任何护理者/助理的名称和任何别名 患者,整个医疗/保健领域。 使用一组确定访问限制的分层规则,护理圈管理器更新圈子列表,以反映成员资格的任何更改。 根据所需的访问级别,在每个护理人员/助理的圈子内,可以分配多级权限和限制。 权限和/或限制可能会被限时自动过期。
    • 2. 发明申请
    • A METHOD AND SYSTEM FOR ACCESS CONTROL
    • 一种访问控制的方法和系统
    • WO2004046896A2
    • 2004-06-03
    • PCT/CA2003/001775
    • 2003-11-18
    • HIPAAT INC.CALLAHAN, TerranceMEYER, Steven
    • CALLAHAN, TerranceMEYER, Steven
    • G06F1/00
    • H04L63/08H04L63/083H04L63/0853H04L63/0861H04L63/10H04L63/102
    • In one aspect of the invention, embodiments of the invention can superimposed upon the existing framework of network which includes a number of nodes interconnected by the underlying communications network. In one embodiment, an access control node is interposed between each node and the remainder of the network. The access control node is adapted to transmit information about the node and the user attempting to access the node to a server used for maintaining security and audit information. This information may take the form of node identification data (thus identifying the node) and user identification data (to ensure that the user is associated with an active account and the user has entered the correct password thus authenticating the user). If the node is not recognised by the server, then no access to protected information (e.g., PHI) is allowed. If, however, the node is recognised, then access to PHI requires that the user also be authenticated. Assuming both conditions exist, aspects of the invention will determine (based on a repository of information about users) the data each user is entitled to access and the functionality of the node that is to be made available to the user. Aspects of the invention may place limitations on the functionality offered by the node to which the user should be granted access. That is, although a user may be attempting to access data from a node which has a set of functions (e.g., printing, storing data to a removable media, displaying video signals, etc.), aspects of the invention enable only a subset of these functions to be made available depending on the rights which have been granted to a user.
    • 在本发明的一个方面中,本发明的实施例可以叠加在包括由底层通信网络互连的多个节点的现有网络框架上。 在一个实施例中,访问控制节点插入在每个节点和网络的其余部分之间。 访问控制节点适于将关于节点和试图访问节点的用户的信息传输到用于维护安全和审计信息的服务器。 该信息可以采取节点标识数据(从而标识节点)和用户标识数据(以确保用户与活动账户相关联并且用户已输入正确的密码,从而认证用户)的形式。 如果该节点没有被服务器识别,则不允许访问受保护的信息(例如,PHI)。 但是,如果节点被识别,则对PHI的访问要求用户也被认证。 假定存在两种条件,本发明的各方面将(基于关于用户的信息的存储库)确定每个用户有权访问的数据以及要提供给用户的节点的功能。 本发明的各方面可以限制由用户应该被授权访问的节点所提供的功能。 也就是说,虽然用户可能试图从具有一组功能的节点(例如,打印,将数据存储到可移动媒体,显示视频信号等)访问数据,但本发明的方面仅允许 这些功能取决于授予用户的权利。
    • 3. 发明申请
    • METHODS FOR REMOTELY ACCESSING ELECTRONIC MEDICAL RECORDS WITHOUT HAVING PRIOR AUTHORIZATION
    • 远程访问电子医疗记录的方法,无需先前的授权
    • WO2013003949A1
    • 2013-01-10
    • PCT/CA2012/000648
    • 2012-07-05
    • HIPAAT INC.CALLAHAN, TerranceBIALACH, RomanYEUNG, Chun Man
    • CALLAHAN, TerranceBIALACH, RomanYEUNG, Chun Man
    • G06Q50/24H04L12/16H04L12/46
    • G06F19/322G06F19/00G06Q10/103G06Q50/24G16H10/60
    • Methods are provided for allowing patients, health care practitioners and other service providers to have remote access to electronic medical records of a patient stored on a first computer network by the remote user requesting access to the electronic medical record from a second computer network and providing a first and second piece of patient derived information to the second computer network; the second computer network transferring the first and second piece of patient derived information to a third computer network; the third computer network authorizing the remote user through the first and second piece of patient derived information and dependent on a patient specific authorization protocol; the third computer network confirming a patient specific consent protocol; and the third computer network disclosing the electronic medical record to the remote user dependent upon an authorization and a confirmation received from the third computer network.
    • 提供了允许患者,保健从业者和其他服务提供者远程访问存储在第一计算机网络上的患者的电子病历的方法,所述远程用户请求从第二计算机网络访问电子病历,并提供 第一和第二片患者得到的信息到第二计算机网络; 所述第二计算机网络将所述第一和第二病人得到的信息传送到第三计算机网络; 第三计算机网络通过第一和第二片患者得出的信息并依赖于患者特定的授权协议授权远程用户; 确定患者具体同意协议的第三台计算机网络; 以及第三计算机网络,其依赖于从第三计算机网络接收的授权和确认向远程用户公开电子医疗记录。
    • 5. 发明公开
    • A METHOD AND SYSTEM FOR ACCESS CONTROL
    • 装置和方法进行访问控制
    • EP1563665A2
    • 2005-08-17
    • EP03776687.0
    • 2003-11-18
    • Hipaat Inc.
    • CALLAHAN, TerranceMEYER, Steven
    • H04L29/06
    • H04L63/08H04L63/083H04L63/0853H04L63/0861H04L63/10H04L63/102
    • In one aspect of the invention, embodiments of the invention can superimposed upon the existing framework of network which includes a number of nodes interconnected by the underlying communications network. In one embodiment, an access control node is interposed between each node and the remainder of the network. The access control node is adapted to transmit information about the node and the user attempting to access the node to a server used for maintaining security and audit information. This information may take the form of node identification data (thus identifying the node) and user identification data (to ensure that the user is associated with an active account and the user has entered the correct password thus authenticating the user). If the node is not recognised by the server, then no access to protected information (e.g., PHI) is allowed. If, however, the node is recognised, then access to PHI requires that the user also be authenticated. Assuming both conditions exist, aspects of the invention will determine (based on a repository of information about users) the data each user is entitled to access and the functionality of the node that is to be made available to the user. Aspects of the invention may place limitations on the functionality offered by the node to which the user should be granted access. That is, although a user may be attempting to access data from a node which has a set of functions (e.g., printing, storing data to a removable media, displaying video signals, etc.), aspects of the invention enable only a subset of these functions to be made available depending on the rights which have been granted to a user.