45 results about "Protected health information" patented technology

Systems and methods are provided for protecting individual privacy (e.g., patient privacy) when individual data records (e.g., patient data records) are shared between various entities (e.g., healthcare entities). In one aspect, systems and methods are provided which implement secured key encryption for de-identifying patient data to ensure patient privacy, while allowing only the owners of the patient data and/or legally empowered entities to re-identify subject patients associated with de-identified patient data records, when needed.

A system and method that permits a user to utilize a means of capturing and managing one or more voice files containing speech utterances (“Voice Utterances”) and/or the corresponding transcript (“Transcript”) containing protected health information (PHI) on a mobile device.

The present invention relates to systems and methods for constructing a regional medical data exchange infrastructure that can provide the aggregation and presentation of personal health data that previously exists in different health care organizations in a segmented fashion. More particularly, the present invention relates to systems and methods for establishing a regional medical data exchange infrastructure, identifying patients across multiple different organizations, creating patient medical data pointers and routing tables, and generating comprehensive medical data sets for an enrolled population. One feature of this present invention permits the regional medical data exchange infrastructure to be built without any protected health information (PHI) being stored in any centralized databases. Another feature of the present invention permits the continuous operation of the regional medical data exchange infrastructure even when the centralized facility experiences downtime. Exemplary embodiments of the present invention permit both local and global logging and tracking of data flows and user activities to satisfy HIPAA compliances. Alternative embodiments of the present invention permit the preservation of the data ownership for the participating organizations.

A method of maintaining data confidentiality. The method of one embodiment comprises receiving patient data at a medical system. Whether the patient data includes protected health information is determined. If the patient data includes protected health information; the patient data is stored in a secure location. The patient data is annotated for protection if the patient data includes protected health information. Access to the patient data is prevented.

A microprocessor-based emergency response communication system used to call and communicate with the 9-1-1 operator and also allows emergency responder's immediate access to a user's Critical Health Information Profile stored in the device at the point and location of crisis. The device is used to create individual Critical Health Information Profiles which is Health Level-7 compliant enabling it to seamlessly communicate with major hospital networks worldwide. This functional capability provides a system that can retrieve and transmit user-stored personal and health information by emergency responders at the point of care. The emergency responder can access the customer's Critical Health Information Profile database, review the data for pertinent information and then transmit that data to a designated receiving hospital or medical center. The device provides an electronic means of dialing and communicating directly with the 9-1-1 operator. A wireless remote transmitter unit can be activated from the wireless transmitter or the base unit to dial and connect with the 9-1-1 operator, broadcast a canned message with or without a personal-recorded message, and personally communicate with the 9-1-1 operator through a two-way speakerphone system. The device contains software enabling the user and medical personnel the ability to input, store, retrieve and analyze the user's vital sign data and other pertinent health information.

The present invention relates to a health information management system based on two-dimension code recognition. The health information management system based on the two-dimension code recognition comprises a health information base operated on a network server and used for storing the personal health information containing the personal first aid information of a user, and also comprises a two-dimension code generating module carried by the user, connected with the health information base and used for generating a link pointing to the personal health information of the user in the health information base according to the identity of the user, and an information obtaining module carried by other people, connected with the health information base and the two-dimension code generating module separately and used for the other people to obtain the personal first aid information of the user to thereby be convenient for the pre-hospital first aid of the user when the user has an attack in the open air. Compared with the prior art, and by the two-dimension code generating module of the present invention, other people, especially the passerby can use the information obtaining module to scan a two-dimension code generated by a two-dimension code generator to obtain the personal health information of the user from the health information base, thereby realizing the situation that even the passerby without the medical knowledge can provide the accurate pre-hospital first aid for the user.

A patient anonymizing system includes a plurality of hashing appliances and data sources. Each appliance receives medical records containing at least confidential protected health information (PHI). A salt value is appended to each confidential PHI, and a hash is generated, which replaces the confidential PHI to generate an anonymized record. A master patient index server aggregates the anonymized records. A vector and cluster matching engine determines if the anonymized record matches a unique patient identifier corresponding to a second anonymized record. A comparison vector is generated by comparing hash values of the confidential PHI with hash values in the second anonymized record, and is crossed with a confidence vector having weights based on match conditions. This produces a match confidence level, which is compared to a threshold. If the threshold is met, the anonymized record is mapped to the unique patient identifier associated with the second record.

A data processing system may include a local computing device to receive medical data including a patient's protected health information (PHI) and at least one medical image associated with the patient; an anonymizing device to separate the PHI with the medical image; an image processing unit to analyze the medical image; and a processed results managing (PRM) unit configured to recognize and link analyzed results of the medical image to the corresponding patient's PHI, and combine the analyzed results and the patient's PHI to generate an analysis report. The present invention is advantageous because it allows medical images to be analyzed off-site while minimizing the risk of compromising the patient's PHI. Furthermore, the anonymized medical analysis can be used to guide and improve medical treatment especially during a medical procedure.

The invention provides, in some aspects, a system for implementing a rule derived basis to display anonymized image sets. In various embodiments of the invention, users with the appropriate permission can launch a function inside a system in order to anonymize and export the currently loaded study or studies, or one or more studies identified by a search criteria. The data from the studies that were identified is then anonymized on the system using predefined rules. In an embodiment of the present invention, the data from selected studies is anonymized on a server, and only then transmitted to another network device thus minimizing the risk that protected health information can be inadvertently disclosed. In an alternative embodiment of the present invention, the data from selected studies is anonymized on a server, and only the anonymized data is stored to the hard disk or other media of a user viewing the study.

The present invention teaches a method wherein medical imaging studies are transformed from Identifiable Imaging Studies into Cleared Imaging Studies that can be legally and securely shared, either by automated removal of protected health information (PHI) or by verification that the studies belong to a Patient or Patient's Legal Representative and that a valid effective waiver, such as a HIPAA Waiver, is on file. Cleared Imaging Studies are shared by cloud-based storage and transmission to one or more Third Parties using one or more network-enabled devices. Methods are also provided for one or more users of network-enabled devices to view medical imaging studies simultaneously, with caching of imaging studies in local devices and separation of additional data streams used for collaborative image viewing to ensure that medical images are not degraded.

A technique for detecting abuse of protected health information stored in a medical information system is presented. A record of each user's access to the protected health information is created and stored. The record of the access is configured to provide a basis for determining whether a user's access to the protected health information was for a legitimate reason or was a possible abuse of a patient's protected health information. A data mining program is used to search the records of access to the protected health information and identify possible abuses of patients protected health information. When a possible abuse of a patient's protected health information is identified as a result of the data mining, an alert is sent to notify a responsible authority of a possible abuse of a patient's protected health information.

A method includes de-identifying a data table containing protected health information by determining, based on a mappings file, that a first column of the data table is associated with a first data type, accessing each value of the first column, and, for each respective accessed value, automatically generating a de-identified value by applying one or more computer logic instructions associated with de-identification of the first data type to the respective accessed value to result in a respective de-identified value, and saving the respective de-identified value back to the data table in place of the respective accessed value; and utilizing the de-identified data table to test a computer software application.

An apparatus is provided for auditing protected health information of one or more patients. The apparatus includes at least one memory and at least one processor configured to detect a query to access information stored in a database including patient-related information. The processor is further configured to save the query in an event file. The processor is further configured to capture query-related information associated with the query and save the query-related information in the event file. The processor is further configured to determine that the query involves protected health information. The processor is further configured to transmit, in response to determining that the query involves protected health information, the query-related information to be used in a reporting table. Corresponding computer program products and methods are also provided.

A protected health information (PHI) service is provided which de-identifies medical study data (e.g., digital imaging and communications in medicine (DICOM) study data) and allows medical providers to control PHI data, and uploads the de-identified data to a remote service system. The PHI service, or an associated service, hosted within an organization performing scans, maintains a database of personally identifiable information, and enables the user to access PHI without having to establish a connection to a virtual private network or WiFi network of the medical service provider. The system also increases the speed, efficiency and flexibility of the technology of medical imaging and analysis over computer networks by correlating unique identifiers in the PHI Service in order to accept DICOM study data over time, and track and retrieve what PHI data has changed regardless of the chronological order in which it was received.

In an example implementation, the method includes automatically determining whether a computer system is located on-premises of a health service provider or on a multi-tenant cloud. The method includes communicatively coupling with health service provider data sources via a local network and extracting health service provider data from them. The health service provider data may include protected health information (PHI) and non-PHI data. The method includes storing the PHI data and the non-PHI data in an on-premises operational data store that is located on-premises of the health service provider. The method includes obtaining data analytics based on the PHI data and the non-PHI data stored in the on-premises operational data store. The method also includes communicatively coupling with a multi-tenant cloud via a global network and synchronizing the non-PHI data in the on-premises operational data store with the multi-tenant cloud via the global network.

A method for implementing device level security is disclosed. The method involves detecting a device that has a security profile. The security profile has an incomplete parameter (or field) (e.g., make, model, device serial number, FDA class, protected health information, or operating system of the device). The method also includes receiving feedback from a first user to supply a data value for the incomplete parameter. The data value from the first user is validated by a second user (but can require multiple validations). The validated data value is used to identify on the device, potential attack vectors and associated vulnerabilities. The method also includes implementing a security measure based on the identified potential attack vectors and associated vulnerabilities and updating the security profile of the device accordingly.