262 results about "Consent Type" patented technology

Consent management between a client and a network server. In response to a request for consent, a central server determines if requested user information is included in a user profile associated with a user and if the user has granted consent to share the requested user information. A user interface is provided to the user via a browser of the client to collect the requested user information that is not included in the user profile and the consent to share the requested user information from the user. After receiving the user information provided by the user via the user interface, the service provided by the network server is allowed access to the received user information, and the central server updates the user profile. Other aspects of the invention are directed to computer-readable media for use with profile and consent accrual.

Method and apparatus for a system to harden digital consents. The system uses an evaluation of geographic locations, transaction times, and device identities to control the upload of consent data. Evaluations occur using numerous techniques including MAC address evaluation, IP address evaluation, meta-data evaluation, and physical location of restricted equipment such as ATMs and kiosks. Reliability of consent data entered into the system may be enhanced by strictly evaluating geographic locations, transaction times, and / or device identities.

Systems and methods for managing data in compliance with privacy, security and / or retention standards in business industries. A dynamic and customizable archival and retrieval system allows for information and documentation to be placed and made available in the system. The document type and identifying information for that document type are described. Definitions are established for the documents being managed, the data identifying the documents, and the retention policies for the documents. The documents are associated with the identifying data for a particular set of records. A single point of entry is provided for external and / or internal requests, and / or a single point of exit is provided for transmissions of information, wherein the transmissions to requestors include information that is individually approved. Moreover, digital authorizations and consents for retrieval from external data sources may be utilized.

A method is presented for processing data for a privacy policy concerning management of personally identifiable information. A proxy intercepts a first message from a server to a client and determines that the first message initiates collection of personally identifiable information from a user of the client. The proxy then sends a second message to the client that requests consent from the user to the privacy policy. If the user provides consent within a third message that is received by the proxy from the client, then the proxy sends the intercepted first message to the client. If the user does not provide consent, then the proxy sends a fourth message to the server that fails the collection of personally identifiable information from the client by the server. The proxy may also obtain user preferences for options concerning management of the personally identifiable information by a data processing system.

In a network computing environment, a user-centric system and method for controlling access to user-specific information maintained in association with a web-services service. When a web-services client desires access to the user-specific information, the client sends a request. The request identifies the reasons / intentions for accessing the desired information. The request is compared to the user's existing access permissions. If there is no existing access permission, the request is compared to the user's default preferences. If the default preferences permit the requested access, an access rule is created dynamically and the client's request is filled, without interrupting the user. If the default preferences do not permit the request to be filled, a consent user interface may be invoked. The consent user interface presents one or more consent options to a party with authority to grant consent, thereby permitting the user to control whether the client's access will be filled.

An internet and / or intranet based database search system and method for conducting searches of highly confidential records such as individual patient medical records and to automate the process of securing required approvals to make such records available to a properly authorized and authenticated requesting party. The system's central premise is that the patient has a fundamental right to the confidentiality of their personal medical records and should control that right through specific, informed consent each time that a party requests to receive them. It reinforces the widely held conception of privacy in general as well as of the sanctity of the doctor / patient relationship by granting the doctor the right, subject to the patient's express permission, to initiate a search request. At the same time, it provides an expedited and cost-efficient means for transfer of such records as demanded by many healthcare reform proposals and gives the repositories where these records are held the right to stipulate the specific terms and conditions that must be fulfilled before they will release documents entrusted to their care, thereby substantially reducing the risk of litigation alleging breaches of patient confidentiality. And it carries out all of these legitimate interests in a way that is fast, simple to use and easy to audit. The system optionally includes a billing mechanism to pay for any added cost associated with providing this additional protection; and in its preferred embodiment, is applicable to both digital as well as non-digital records.