1. Field of the Invention
The present invention relates to healthcare database systems and methods, and, more particularly, to systems and methods for housing healthcare information, improving patient compliance, and providing secure, role-based access to healthcare databases and protected health information.
2. Description of Related Art
Healthcare information databases are known in the art for keeping an insurance plan member's health-related activity and demographic data. Typically such data are housed by the insurance company so as to be accessible only by an authorized user, such as an employee of the insurance company. If the member leaves that insurance company, his or her records are generally not transferrable to the next insurance company.
Additionally, if the “plan member” comprises a family, at some point the definition of that family is likely to change, through, for example, a child's reaching maturity, death, or divorce. With such a change, a part of the family's data may need to be transferred to another plan.
Another problem relates to uninsured patients, for whom no database entries may exist. Caring for such patients, especially those with chronic conditions such as diabetes, asthma, heart disease, obesity, depression, and substance abuse, consume a large portion of a hospital's budget, as well as other governmental funds, such as those of a county Public Health department, Medicare, and Medicaid. Costs associated with these and other chronic diseases consume 60-70% of the healthcare dollar.
Often uninsured patients use hospital emergency rooms as their source of primary care, leading to often unnecessary and/or preventible emergency room visits. No system is currently in place to assist such patients in managing their diseases; thus the current system is reactive, not proactive.
Further, since no database entries may exist for such uninsured patients, their personal health data are likely not to be available for review by qualified caregivers for whom such knowledge could significantly improve the care provided.
Access to records has also been problematic, with privacy issues being paramount. One may desire access to one's own records to view or update their personal health record electronically with medical data, and need to prove identification, such as voice recognition, personal identification number, a token, or a biometric, for example. In other situations, such as in emergencies, medical personnel may need access to some or all of a member's data when obtaining conscious permission of the member is not possible.
The Health Information Protection and Administration Act of 1996 (HIPAA) was enacted to streamline the exchange of information in the healthcare industry and to reduce general administrative tasks while maintaining patient privacy. The three major tenets of this Act include (1) standard X.12 EDI transactions be created and maintained for the healthcare accounting part of the industry; (2) security to protect and electronically share all patient medical history information; and (3) unique identifiers be created and used for all patients, providers, payees, and employees in the healthcare industry for the purpose of providing authorization and accessing personal health data. Providers must have an electronic tracking mechanism in place to document disclosure of individually identified health information, and individuals must give written authorization and/or consent if data are to be shared. As the definition of a “health record” has become increasingly complex, no longer limited to a single physical folder in a doctor's or hospital's filing system, a system is required for coordinating healthcare efforts among many facilities and platforms, and for providing patient access.
Additional problems in the healthcare industry are fraud and waste that can occur if a patient visits more than one facility for the same complaint.
Therefore, there is a need for a secure infrastructure and patient-centric system that provides electronic healthcare data that are encrypted, can be authenticated, possess a digital signature, and include access and role-based control on a secure basis.
The system and methods of the present invention integrate secure network management features into an enterprise-wide business application to reduce medical costs while granting individuals access to their health information and to health planning tools to provide improved health and healthcare. The invention reduces duplication, waste, fraud, and abuse in Public Health, and provides tools and technology for secure information sharing among disparate systems to improve the quality and cost-effectiveness of care through information technology and, in some cases, outreach. The system includes a standards-based common communication platform with secure links to an integrated, virtual private network, for hosting a web-based personal health journal for patients. Personal health data can be updated remotely, and clinical information can be shared with authorized healthcare providers and case/care managers based upon consent and authorization. The system complies with HIPAA, having privacy and security provisions built in.
At the heart of the system is a personal health journal, which is populated by the individual and caregivers, and includes pertinent patient data including protected health data. The personal health journal is not necessarily intended to be comprehensive, but rather to comprise a “snapshot” of the patient's current medical condition for assisting in delivering immediate care when needed.
Also provided are user-friendly technology and disease-specific educational information that is accessible by the patient. The patient is encouraged to actively participate in managing his/her own health with assistance from care managers and, in one embodiment, “buddies,” coupled with incentives provided in one or more of a plurality of methods.
A particular benefit of the system is that security is at the device level, that is, the patient and care givers treating the patient operate with the use of an electronic certificate that is carried with the person, and does not reside on a network at the system level.
The system and method are designed to increase compliance and reduce healthcare costs, to improve patient care and safety, reduce clinical and clerical errors, and to provide authorized caregivers with timely access to a patient's clinical information in order to increase compliance and reduce duplication of services.
In addition, a funding model is presented whereby the system functions as a self-sustaining organization to benefit the healthcare industry and public health.
The features that characterize the invention, both as to organization and method of operation, together with further objects and advantages thereof, will be better understood from the following description used in conjunction with the accompanying drawing. It is to be expressly understood that the drawing is for the purpose of illustration and description and is not intended as a definition of the limits of the invention. These and other objects attained, and advantages offered, by the present invention will become more fully apparent as the description that now follows is read in conjunction with the accompanying drawing.
A description of the preferred embodiments of the present invention will now be presented with reference to
The system 10, as schematically illustrated in
A patient 40 initially meets with an intake counselor 44 to enroll in the program and to provide biometric identifier(s) for subsequent access approval and to initially populate a personal health journal (PHJ) 41. Once enrolled, a patient can access his/her PHJ 41 by providing, for example, biometric data B, such as fingerprint, token, voice print, or eye print, such as via a portable electronic memory device, for example, a “smart card,” “smart token,” or USB dongle, via Firewall A to access the HUB in order to update his/her account and/or retrieve data from the PHJ 41.
Included in the PHJ 41 (see, for example, an exemplary screen showing tabs in
A care manager 50, which here is intended to include a licensed care giver such as a doctor, nurse, technician, etc., can only communicate electronically with a patient 40 if proper identification is made, such as biometric identification. Once approved for access, limited patient information is available, based upon the consent and/or authorization of the patient, and data on the patient 40 may be updated. The patient 40 controls which data can be viewed, and can change their personal health data. However, they are not permitted to change any data that have been entered by the care manager 50.
The patient also has access to a call center 48 for assisting in compliance, reminders for physician visits, and disease-specific education.
A licensed caregiver (such as a doctor, nurse, pharmacist, or laboratory technician) at sites 30-32, a pharmacy 47, or testing facility 45 can only review and document or update a patient file if registered within the system 10 and in possession of a security certificate (e.g., PKI) issued through a “trusted authority” C. In a preferred embodiment, all digital certificates are issued to the end user by a certification authority and the registering authority. These certificates are “roaming certificates,” meaning that a certificate holder does not have to be in a predetermined location in order to access data. The certificates are also nonrepudiatable. Upon receiving a certificate, a private digital key D is issued that will provide identification with unique roles within the medical environment and permit access to the HUB for the purpose of updating, signing, and documenting a patient's record.
Another feature of the system 10 is the creation of an electronically accessible and visible audit trail, providing data on the identity of anyone who has accessed a patient's record, what action, if any, was performed, and the date of access for preventing, for example, duplication of services and potential adverse drug interactions.
An individual electronic ID is assigned to the patient 40 for portability and security and to a specific location having specific functions. Such locations may include, but are not intended to be limited to, a hospital 30,31, a clinic 32, a physician's office, laboratory, home care center, pharmacy, prison, ambulance, or not-for-profit center.
The secure firewall A provides private and authenticated access into the HUB and, based upon one's unique role, allows information to be shared.
Medical facilities having processors such as a first 30 and a second 31 hospital and a county clinic or laboratory 32 are adapted for data flow with the central site 20, such as over the Internet 24.
A patient 40, for example, an uninsured patient, can, at any of the medical facilities 30-32 establish an electronic personal healthcare journal 41 with appropriate documentation and authentication. The journal 41 is accessible only by the patient unless privileges are granted to another party, and is housed in the central site's database 21. In addition to entering data on the patient's current health and past health history, such information as organ donor status may also be included. A guardian may also be granted permission to create a journal 41 for the person in his/her care, such as a parent for a child.
The patient 40 also has access to informational presentations housed in the central site's library 22. Such presentations may include educational information and information on disease management, for example, although these are not intended as limitations.
A care manager 50 assigned to assist the patient 40 can meet with the patient 40 and access limited information at the central site's database 21, to which the care manager 50 will have been given privileges, either partial or limited, for and by the patient 40.
In addition, a relative, associate, or motivational partner (“buddy”) 42 of the patient 40 may also be given access, which may be limited, to the PHJ with explicit permission from the patient 40. Such access may also be limited to particular data fields as desired and designated by the patient 40. Such data fields may include, at a relatively low level, an appointment reminder for a doctor visit. A volunteer “buddy” may be assigned, for example, by a not-for-profit or faith-based organization to provide support via telephone calls, emails, and personal visits. This volunteer serves to encourage patients to self-manage their disease to as great an extent as possible, and to educate the patient 40 in areas such as nutrition, exercise, testing (such as blood glucose, blood pressure, and weight monitoring), and follow-up physical examinations and testing.
Another particular benefit of the present invention is the portability of healthcare data between facilities and, if present, insurance companies, as physical records are no longer required to be transferred. Rather, the access permissions are changed to reflect the patient's current relationship(s). Thus the same credentials can be used for all systems and over all platforms without interface problems, so that, for example, Medicare and Medicaid and individual insurance companies can be participants.
The embodiments of the methods of the present invention are directed to a method for accessing healthcare data, a method for increasing patient compliance in disease management, a method for reducing healthcare costs for all patients, and a method for reducing duplication of services, which particularly impacts the care of uninsured patients. Here the phrase “disease management” is intended to encompass any ongoing condition that has or may have an impact on the patient's health. For example, obesity is intended to be subsumed under this method. In the case of a patient 40 with a chronic disease, for example, diabetes, careful daily monitoring and medication compliance are extremely important.
These methods include the steps of, at some point during a treatment cycle, setting up a personal health journal 41 for the patient 40 (
One aspect of the invention includes a method 100 for improving compliance in disease management (
Other types of incentives can also be contemplated, including, but not intended to be limited to, food coupons, prescription coupons and testing supplies, transportation tokens, movie passes, phone cards, and limited memberships to an exercise facility.
In another aspect 120 of the present invention (
A method 140 for achieving a substantial cost savings in treating patients, including uninsured patients, is also addressed by the present invention. In this embodiment (
The present invention also addresses the problem of potentially harmful drug interactions (
The facility 30 then receives permission from the patient 40 for secure access to a portion of an electronic healthcare record 41 including patient prescription data (block 163) and electronically enters a secure healthcare management system 10 that comprises the database 21 housing prescription data on the patient 40 (block 164).
The facility 30 and the patient 40 must provide electronic certification to the system 10 of a registry of the facility 30 with the system 10 and of the received permission (block 165). If the identified pharmaceutical and the patient prescription data meet predetermined criteria (block 166), the identified pharmaceutical is prescribed to the patient 40 (block 167). Otherwise, the identified pharmaceutical is not prescribed (block 168).
Two exemplary embodiments of this method 160 may be contemplated (block 169). In one embodiment, following the electronic certification providing step (block 165), the patient prescription data is accessed (block 170) and a determination at the healthcare facility 30 is made of an advisability of prescribing the identified pharmaceutical (block 171) based upon any other currently prescribed pharmaceutical(s).
In an alternate embodiment, the healthcare management system 10 includes software for making a determination of a potential for an adverse interaction between the identified pharmaceutical and any currently prescribed pharmaceutical in the patient prescription data (block 172).
A method 60 of funding such a system 10 illustrated in
At the center of
Services provided by the foundation 20 include providing assistance to other entities, such as, but not intended to be limited to, not-for-profit entities, who care for the uninsured with chronic diseases and/or disabilities. Also provided are accountability, that is, fiduciary distribution of funds 67, a replicable model for other communities to adopt and research, a community-based Advisory Board, and measurable outcomes 69. A double-blinded database of outcomes 69 can be used to formulate effective case-management techniques, guidelines for success in serving the uninsured, patient satisfaction surveys, fewer emergency room visits, increased patient compliance, nonprofit efficiency, and community reporting. Research may also be utilized by universities to further improve the knowledge base for caregiving.
The foundation 20 also functions to coordinate the volunteer “buddies” with the patients 40 and to assist in patient enrollment functions.
In the foregoing description, certain terms have been used for brevity, clarity, and understanding, but no unnecessary limitations are to be implied therefrom beyond the requirements of the prior art, because such words are used for description purposes herein and are intended to be broadly construed. Moreover, the embodiments of the system and methods illustrated and described herein are by way of example, and the scope of the invention is not limited to the exact details disclosed herein.
This application claims priority to provisional application Ser. No. 60/468,838, filed May 8, 2003, entitled “Health Information Database Creation and Access System and Method.”
Number | Date | Country | |
---|---|---|---|
60468838 | May 2003 | US |