The present invention relates to electronic medical records/information access and more specifically to a system wherein access of medical records/information associated with a first person can be obtained by a second person or may be granted to the second person in a streamlined fashion.
Recently systems have been developed that provide electronically networked personal medical information portals or accounts for clients (i.e. patients) of medical facilities (e.g., clinic, hospital, etc.). For instance, by accessing a personal medical account, a client can access personal medical information; obtain information regarding healthy lifestyles; receive communications from physicians regarding recent examinations or test results; provide information to physicians regarding ailments and other medical conditions and access schedules for physicians and the like at medical facilities for the purpose of scheduling appointments.
One concern when providing medical information via electronic networks has been maintaining the confidentiality of sensitive client information. To facilitate confidentiality, facilities that support systems of the above type typically adopt strict rules regarding creation of personal medical accounts and access to personal medical accounts. With respect to creating a personal medical account, some facilities create personal medical accounts for all clients as an added service. Thus, when a client has a first appointment with a physician at a medical facility and client specific information is initially gathered, the client's account is automatically set up and is essentially immediately useable by the client.
In other cases clients are required to apply for an account and, in this regard, to provide client specific information. For instance, application information may include the client's social security number, mother's maiden name, address information, phone number, date of birth, etc. To provide the application information, a client may be required to manually fill out a paper request form and submit the form to the facility that supports the account system. In the alternative, some systems include on-line web (e.g., internet) based systems where clients provide information required to set up their personal medical information accounts.
After a client applies for a medical information account, an account may be immediately created automatically if sufficient identifying information has been provided. K alternatively, the request information may be sent to a system administrator who sets up a new account for the requesting client. In some cases, where the client has either failed to provide all of the required information or has provided incorrect information, the client may need to be contacted to obtain the additional required information. As part of the setup process, each client is provided with a personal user name and password.
To access a personal medical account, a client accesses a log on page that provides log on instructions as well as fields for entering the client's user name and password. When a recognized user name and password combination are entered by a client, in at least some cases, information is provided in an intuitive browser format with hyperlinks between browser pages and different information types. For instance, one hyperlink may be to historical patient medical records while another may be to recent test results or a specific type of test result. As another instance, other hyperlinks may be to a scheduling program for a particular physician or medical facility, to notices from physicians regarding test results or analysis of other personal information or to pages including preventive health information.
Thus, by enforcing specific account creation rules and requiring user name and password entry to access accounts, sensitive information is maintained confidential.
In at least some cases, specific clients for which accounts are provided may either not be in a position to use the account information themselves or may want another client to have access to at least some of their account information for consultation or other purposes. For instance, a two year old child cannot use a typical personal computer and therefore, while an account may be assigned to a two year old child, the account will go unused by that child. As another instance, a fifteen year old child that is dealing with cancer may want a parent to have access to the child's account so that the parent can track progress in fighting the disease, to communicate with attending physicians, to schedule appointments for the child, etc. In yet another instance, care givers of elderly patients who are very ill or are incapacitated may wish to gain access to the patient's account to aid the patient in providing care or tracking medical treatment of the patient.
Similarly, there may be instances where someone other than a client associated with an account may want access to at least some account information. For instance, where a parent is the guarantor of payment for medical services, a parent may want and have authority to obtain medical services cost information for a fifteen year old child. Similarly, a parent of a fifteen year old child may want to obtain access to the child's account for reviewing the child's medical information as well as for scheduling medical service appointments. In some cases, due to legal and private medical information concerns, the access given to a parent may be need to be limited to only a subset of medical information.
Currently, for a person other than the client associated with an account (i.e., the account owner) to gain access to the account, the client either has to provide the client's user name and password to the person that wants access or a formal request for access has to be submitted to the facility supporting the account system. Usually, clients are discouraged from providing their user names and passwords to other people as such unfettered access makes it impossible to track when the other person accesses account information and which information is accessed. Where a person requests access to a different client's account, the request is typically reviewed by a system administrator that may or may not authorize access depending on the relationship between the client and the requesting person. For instance, where the requesting person is a parent of a two year old child that “owns” an account, the request may be granted. However, where the requesting person is unrelated to the client associated with an account the request would typically be denied. Where a client requests that another person should have access to the client's account the request is typically granted.
Where a request by a second person or client to access a first client's account is granted, if the second client does not have her own medical information account or has no relationship with the entity that provides accounts, an account is provided and the second client is provided an access code for accessing the first client's account via the second client's account. Here, when the second client accesses the second client's account, an option is provided to access the first client's account information via entry of the assigned access code. Hereinafter, access by one client into another client's account will be referred to as “proxy access” unless indicated otherwise.
While medical information account systems of the above kind have proven to be valued by clients and supporting facilities alike, such account systems have several shortcomings. First, the process required to facilitate proxy access is particularly burdensome on both access requesters and facility staff charged with regulating access. To create the accounts, significant administrative overhead is placed on the organization providing the accounts to manage and create the accounts. Also, in many families there is one person that generally manages family business including scheduling medical service appointments for all family members. For instance, in many families one parent is primarily responsible for taking children to medical services appointments and therefore those appointments have to fit into the parent's schedule. Here, the parent usually makes medical services appointments for children and, in many cases, for another parent or other family members (e.g., a live in grandmother or grandfather, etc.). The parent may also be responsible for reviewing lab results for children, managing medical records and managing other aspects of care for family members. Hereinafter, a person that manages appointments and medical information generally for a family will be referred to as a “family manager” or “manager”.
Because most families have one family manager, in most cases, where personal medical accounts are employed, the manager requests access to accounts associated with all family members. The requirement to request access to all family member accounts one at a time is tedious and time consuming. In many cases the burden of requesting access to all family member accounts is too great and family managers simply forego the option instead relying on more traditional ways of scheduling appointments and receiving test results such as using the telephone, hard copy reports, etc., which defeats the purpose of the account system as a whole.
Moreover, where a family manager takes the time required to request access to all family member accounts, each request has to be analyzed by a facility administrator to ensure that the manager has proper authority to access and then the administrator has to take steps to facilitate access and assign an access code for each of the managed accounts. These administrative tasks are tedious and time consuming.
Second, where access to multiple accounts is granted to a manager, the manager has to keep track of multiple access codes. For instance, where a wife manages for her husband as well as five children and the wife's mother, the wife has to keep track of seven different access codes in addition to her own user name and password. Tracking codes is burdensome. In an attempt to address this problem, some systems have been developed that allows a client with proxy access to switch between accounts once logged in without entering another user's name, password or access code. However, this solution to the problem still only allows the client to access one account at a time.
Third, where a manager manages appointments for multiple other people, it is difficult to get a complete picture of all the schedules and requirements for all of the other people that the manager manages for. For instance, where a wife manages accounts for herself, her husband, mother and five kids, the wife is required to access eight different accounts (including the wife's portal) to get a full glimpse of all the schedules and related information for the people for whom she manages. Similarly, to schedule appointments for a sub-set of the people for whom she manages, the manager has to access the account for each person for which an appointment is to be scheduled.
Here, one goal when scheduling multiple appointments may be to schedule appointments temporally proximate for multiple persons thereby minimizing the number of trips to medical facilities. Where a manager has to flip among accounts to identify suitable appointment times for multiple persons, the manager may be confused and make unintended appointments or appointments that are not optimally timed relative to each other. At the very least flipping among accounts to schedule appointments is tedious.
Fourth, in at least some cases, while a client may want another person to be able to access certain information on the client's personal medical account, the client may want at least a sub-set of account information to remain completely confidential. For instance, while a child may be comfortable with a parent accessing most account information, the child may not want her parents to be able to access the results of certain tests (e.g., AIDS, sexually transmitted diseases, etc.) or even the fact that certain test types have been performed or other portions of the child's medical records. Known systems do not provide easy ways for account users to mark specific information as completely confidential or require some type of administrative intervention to accomplish such special treatment of information.
Fifth, currently there is no known way for the client to automatically restrict the duration of proxy access once granted. For instance, in at least some cases a teenager associated with an account may want to grant access to a parent for a period of two months and thereafter may want to restrict access for various reasons.
Sixth, when a proxy accesses another person's account, it would be advantageous if the client associated with the account and/or the entity providing the account could track when access occurred, the information accessed by the proxy, and any actions taken or activity performed by the proxy, etc.
Thus, it would be advantageous to have a system wherein a client could speedily and simply grant proxy access to another person generally, to only a subset of account information and/or over a period of specified duration. In addition, it would be advantageous if persons that are associated with client's in special ways (e.g., managers of families, etc.) could either automatically be granted access to client account information or could obtain access to the accounts in a simplified and speedy fashion. Further, it would be advantageous if a person accessing multiple accounts could be provided with a unified, simultaneous view of those accounts.
It has been recognized that where client medical information is stored electronically and is accessible remotely via an electronic interface (e.g., a computer) via user names and passwords, it is advantageous to have a system wherein a first client associated with a first account can grant access to a second person so that the second person can also access the information without requiring an administrative intermediary. Similarly, it has been recognized that it is advantageous in at least some cases if a person can request access to a client's information and can be granted access automatically if certain criteria are met such as, for instance, a parent-child relationship, a spousal relationship, etc.
Based on the above realizations, the present invention has been designed to enable client account access and authorization to access in an automated fashion that maintains client information confidentiality while still allowing information sharing. To this end, an exemplary embodiment of the invention includes a method for use with a computer network system including a server, a database and a plurality of interfaces wherein client medical information is stored in separate client accounts for each of a plurality of clients including at least a first client, the interface for accessing client account information, the method for authorizing a second client to access at least a portion of the first client's account information via one of the interfaces, the method comprising the steps of, via one of the interfaces, accessing the first client's account and via the first client's account, authorizing the second client to obtain at least a specific subset of the first client's account information and storing an indication in the database indicating that the second client is authorized to access the specific subset of the first client's account information. Thus, a first client can give authorization to a second client to access the first client's account without requiring action by a system administrator.
In at least some cases the method further includes the step of, after storing and when the second client accesses the second client's account, allowing the second client to access the specific subset of the first client's account information via one of the interfaces. In some cases the step of allowing the second client to access the specific subset includes providing an indication to the second client via the second client's account that the second client can access at least a portion of the first client's account information. In some cases the indication to the second client includes a hyperlink to the specific subset.
In some embodiments a unique access code is associated with each of the client accounts and the step of authorizing the second client to access the specific subset of the first client's account information includes providing an access code associated with the second client's account via the first client's account. Here, the step of accessing the first client's account may include providing the first client's account access code. Here, the method may further include the step of, after storing, accessing the second client's account via one of the interfaces. In some cases the step of accessing the second client's account includes providing the second client's account access code.
In some cases the step of allowing the second client to access the specific subset includes providing tools via one of the interfaces that allow other than the first client to request access to at least a subset of the first client's account information. Here, the step of allowing the second client to access the specific subset of the first client's account information via one of the interfaces may include receiving a request via one of the interfaces from a requesting client other than the first client for the specific subset including information useable to identify the requesting client, determining if the requesting client is authorized to obtain the specific subset and, if the authorizing client is authorized to obtain the specific subset, providing the subset.
In some embodiments the method further includes the steps of, after allowing access to the second client, monitoring the second client's access to the specific subset and, when the second client accesses the specific subset, storing information associated with the access. Here, the step of storing information associated with the access may include storing the time of access and an indication of the information accessed. The method may further include the steps of, after allowing access to the second client, monitoring the second client's access to the specific subset and, when the second client accesses the specific subset, providing a notice to the first client via the first client's account that the subset of information has been accessed. Here, the notice may identify the second client.
The step of allowing the second client to access the specific subset may include providing a notice to the second client that the second client may access at least a portion of the first client's account information via one of the interfaces. The step of providing a notice may include one of transmitting an e-mail, providing a voice mail and transmitting a page.
In at least some embodiments the specific subset is a first subset and wherein the step of authorizing the second client to obtain at least the specific subset of the first client's account information includes identifying at least a second subset of the client's account information that is different than the first subset wherein the second client is unable to access the second subset.
In some embodiments the step of authorizing the second client to obtain at least a specific subset of the first client's account information includes specifying a period during which the second client is to be able to access the specific subset and the step of storing including storing the specified period. Here, the method may further include the step of allowing the second client to access the specific subset during the specified period via one of the interfaces.
The step of allowing access may include allowing access to scheduling tools that allow the first client to schedule appointments for the second client.
In some cases the method further includes the step of storing at least one rule useable to identify at least one first relationship between clients, the step of authorizing the second client to obtain at least a specific subset of the first client's account information including receiving an authorization indication, applying the at least one rule to determine if the at least a first relationship exists between the first and second clients, where the first relationship exists between the first and second clients, allowing access to the specific subset via one of the interfaces and, where the first and second client relationship is different than the first relationship, prohibiting access to the specific subset to the second client.
Some embodiments of the invention also include a method for use with a computer network system including a server, a database and a plurality of interfaces wherein client medical information is stored in separate client accounts for each of a plurality of clients, the interfaces for accessing client account information, the method for facilitating client access to other client information, the method comprising the steps of storing at least one rule useable to identify at least a first relationship between clients, accessing a first client's account via one of the interfaces, via the first client's account, indicating a desire to access at least a specific subset of a second client's account information, applying the at least one rule to determine if the at least a first relationship exists between the first and second clients and, where the first relationship exists between the first and second clients, allowing access to the specific subset of the second client's account information via the first interface. Thus, in at least some cases, a first client can request access to a second client's account information and may be granted access if a specific relationship pre-exists.
In some cases the at least one rule that is stored specifies at least one of a parental relationship, a guardian relationship, a guarantor relationship and a common address for the first and second clients. In some cases the method further includes the step of, after the first client's account is accessed, providing an interface tool for identifying the second client. In some cases the method further includes storing client information associated with each client that has a client account and wherein the step of applying the at least one rule includes accessing the client information for at least one of the first and second clients and analyzing the information to determine if the at least a first relationship exists between the first and second clients. In some cases the method further includes the steps of, after allowing access to the first client, monitoring the first client's access to the specific subset and, when the first client accesses the specific subset, storing information associated with the access. Here, the step of storing information associated with the access may include storing the time of access and an indication of the information accessed.
In some embodiments the method further includes the steps of, after allowing access to the first client, monitoring the first client's access to the specific subset and, when the first client accesses the specific subset, providing a notice to the second client via the second client's account that the subset of information has been accessed. Here, the notice may identify the first client.
In some embodiments, when other than the first relationship exists between the first and second clients, the method further includes the step of providing a notice to the second client that another client attempted to access at least a subset of the second client's account information. Here, the method may further include the step of, when the notice is provided to the second client, allowing the second client to authorize the access sought by the first client.
In some embodiments, when other than the first relationship exists between the first and second clients, the method further includes the step of providing a notice to a system administrator indicating that an unauthorized attempted access occurred.
In some embodiments the method further includes the steps of storing at least a second rule useable to identify at least a second relationship between clients, after the step of indicating a desire to access at least a specific subset of a second client's account information, applying the at least a second rule to determine if the at least a second relationship exists between the first and second clients and, where the second relationship exists between the first and second clients, performing a secondary function. Here, the secondary function may include providing a notice to a system administrator that access to the subset of the second client's account information has been requested.
The invention also, in some cases, include a method for use with a computer network system including a server, a database and a plurality of interfaces wherein client medical information is stored in separate client accounts for each of a plurality of clients, the interfaces for accessing client account information, the method for facilitating client access to other client information, the method comprising the steps of storing at least one rule useable to identify at least a first relationship between clients, applying the at least one rule to at least a subset of the client information to identify if at least first and second clients have the at least a first relationship and where the first relationship exists between the first and second clients, allowing the first client to access at least a first subset of the second client's account information. Thus, where specific relationships exist between clients, in at least some cases, the invention contemplates allowing the related clients to gain access to each others information. In some cases the access may be two way while in other cases the access may be only one way (e.g., a parent may be able to access a child's medical records but the child may not be able to access the parents records).
Here, the step of allowing access may include providing information via the first interface indicating authority to access the first client's account information. Here, the step of providing information indicating authority may include providing hyperlink text that is selectable via the interface to access the first subset.
In some cases the method further includes the steps of performing an access obtaining process to grant the first client access to at least a second subset of the second client's account information and, when the first client accesses information corresponding to the second client, simultaneously presenting the first and second subsets of information in an additive fashion. Here, the access obtaining process may include one of the second client granting the first client authority to access the second subset and the first client requesting authority to access the second subset.
Some embodiments include a method for use with a computer network system including a server, a database and a plurality of interfaces wherein client medical information is stored in separate client accounts for each of a plurality of clients, the interfaces for accessing client account information, the method for facilitating client access to other client information, the method comprising the steps of accessing a first client's account via one of the interfaces, via the first client's account, indicating a desire to access at least a specific subset of a second client's account information and providing a notice to the second client that another client has attempted to access at least a subset of the second client's account information. Thus, where one client attempts to access another clients information, in at least some cases a notice is sent to the other client indicating that access was attempted.
In some cases the method further includes the step of, when the notice is provided to the second client, allowing the second client to authorize the access sought by the first client.
Some embodiments include a method for use with a computer network system including a server, a database and a plurality of interfaces wherein client medical information is stored in separate client accounts for each of a plurality of clients including at least a first client, the interface for accessing client account information, the method for authorizing at least another client to access at least a portion of the first client's account information via the interface, the method comprising the steps of via one of the interfaces, accessing the first client's account and, via the first client's account, identifying at least a first subset of the first client's account information that may be accessed by at least a second client.
In some cases the step of identifying includes identifying at least a second subset of the first client's account information that the at least a second client may not access. In some cases the first client's account information includes at least two subsets of information and wherein the step of identifying at least a first subset includes presenting the at least two subsets for selection and receiving a selection of at least one of the presented subsets. In some cases the method further includes the step of, after identifying, allowing the at least a second client to access the first subset of information via one of the interfaces. In some cases the method further includes the step of specifying a time period during which the first subset of information can be accessed.
In some embodiments the invention includes a method for use with a computer network system including a server, a database and at least one interface wherein client medical information is stored in separate client accounts for each of a plurality of clients including at least a first client, the interface for accessing client account information, the method for presenting client account information for multiple clients in an organized fashion, the method comprising the steps of via one of the interfaces, accessing a first client's account and presenting information from a plurality of client accounts via the first client's account.
In some cases the client account information includes appointment schedules for at least a subset of the clients associated with the plurality of clients, the step of presenting including providing a schedule that includes appointments for at least two clients. In some cases the step of providing a schedule includes providing a calendar that indicates appointments for at least two clients.
In some cases the step of presenting includes providing an interface input that allows the first client to switch between information associated with each of the plurality of client accounts. In some cases interface input includes a window including a separately selectable hyperlink element for each of the plurality of client accounts wherein, when one of the hyperlink elements is selected, the method includes presenting information related to the client associated with the selected element. In some cases the method further includes the step of providing a scheduling input via the first client's account that allows the first client to attempt to schedule appointments for each of at least first and second clients at the same time.
These and other objects, advantages and aspects of the invention will become apparent from the following description. In the description, reference is made to the accompanying drawings which form a part hereof, and in which there is shown a preferred embodiment of the invention. Such embodiment does not necessarily represent the full scope of the invention and reference is made therefore, to the claims herein for interpreting the scope of the invention.
One or more specific embodiments of the present invention will be described below. It should be appreciated that in the development of any such actual implementation, as in any engineering or design project, numerous implementation-specific decisions must be made to achieve the developers' specific goals, such as compliance with system-related and business related constraints, which may vary from one implementation to another. Moreover, it should be appreciated that such a development effort might be complex and time consuming, but would nevertheless be a routine undertaking of design, fabrication, and manufacture for those of ordinary skill having the benefit of this disclosure.
Referring now to the drawings wherein like reference numerals correspond to similar elements throughout the several views and, more specifically, referring to
Referring still to
To facilitate access to medical information/schedules, as indicated above, each of computers 18 and 20 is linked to server 12 via network 16. While each of computers 18 and 20 may have a different hardware configuration, each facilitates similar functions and, therefore, in the interest of simplifying this explanation, only computer 20 will be described in any detail here. Computer 20 includes an input device 23, 25, etc. that enables a system user to provide information to and to interact with, the programs run by server 12. In addition, computer 20 includes an output device 21 for receiving information from server 12. In the context of the exemplary computer 20 illustrated, the input devices include a keyboard 23 and a mouse 25 and the output device is a display screen 21. Nevertheless, it should be appreciated that the input and output devices illustrated are only exemplary and other input and output devices are contemplated such as, for instance, a track ball type input device, voice recognition software and hardware, a touch sensitive display screen for providing input, an audible output device, etc.
Referring still to
While various patient record formats are contemplated, in at least some cases it is contemplated that the patient records may actually be stored as small record sections or subfiles that, when a record is to be presented to a system user, are cobbled together to form the record type to be accessed. For example, where two medical tests have been performed for Mary Jenkins, the test information may be stored as four separate records including first and second records indicating the fact that the tests occurred, the dates and times of the tests as well as the physician's that performed the tests and third and fourth records indicating the results of the first and second test, respectively. In this case, server 12 may be programmed to cobble together the four subfiles in any combination or to format the four subfiles in various ways. For instance, the first subfile indicating that the first test was performed may be formatted as a record along with other information identifying Mary Jenkins without the results of the first test or any information regarding the second test. As another instance, information indicating that the second test occurred and that the results of the second test may be cobbled together as a record without any information regarding the first test. As still one other instance, information indicating that each of the first and second tests occurred and the results of those tests may be cobbled together as a record for presentation to a system user. Records may be stored in other ways as one skilled in the industry will appreciate and indeed the inventive concepts herein will be advantageous when used with many different types/formats or records.
Hereinafter, unless indicated otherwise, it will be assumed that St. Mary's Hospital has the capacity to provide a unique client medical information account for each patient that receives medical services at the hospital. Here, the accounts are supported by server 12 running software stored in programs database 15 where the software provides browser type pages to clients that access accounts. In at lease some cases the browser pages provide a full pallet of medical information options tailored for specific clients including access to medical literature, access to facility resources (e.g., physician, labs, equipment, etc.) schedules and appointment scheduling tools, to personal medical history information, to tools for entering personal medical information for clinician review and tools for entering confidential medical information for personal tracking purposes, to test results, to electronic messaging resources to send and receive messages to and from hospital employees, to send data from personal test equipment, to enter various symptoms, etc.
Referring yet again to
In addition to allowing a specific patient to access the patient's account, in at least some cases it is contemplated that a patient may want to grant a third person (e.g., someone other than the patient or an employee of St. Mary's Hospital in the present example) access the patient's account. For example, in the context of the exemplary family described above, Pete Jenkins may want his wife Mary to be able to schedule appointments for him for routine yearly physicals or other medical procedures. Similarly, each of Mary and Pete's kids, Suzie, Tom and Sarah may also want their mother, Mary, to have the ability to schedule appointments. As another instance, an elderly parent may want his or her children to be able to access the parents' account to examine the results of test procedures so that the children can help the parent make good decisions regarding medical care. Hereinafter, unless indicated otherwise, a person that has the authority to access another person's medical information will be referred to as a “proxy” and when the person accesses the other person's account the access will be referred to as “proxy access”.
Referring still to
Referring still to
Referring still to
Referring once again to
Referring yet again to
Here, referring once again to
In at least some embodiments of the present invention it is contemplated that any or at least a subset of the patients that have client accounts supported by system 10 of
Referring now to
Referring also to
At block 94 in
Continuing, at block 98, server 12 enables the specified client (i.e. Pete in the present example) to access Mary's account. Referring once again to
In addition to specifying proxy access information in database 30, in at least some embodiments, server 12 transmits a notice to Pete Jenkins indicating that proxy access to Mary Jenkins medical information account has been granted and how to access that account. In
Referring to
Referring again to
While the example above and described with respect to
In at least some cases it is contemplated that, while a client may wish to grant a third party access to at least some medical scheduling information, the client may wish to restrict access or prohibit access to other information. For instance, while Mary Jenkins may want her husband Pete to be able to access all of her medical records information, Mary may not want Pete to have the ability to schedule appointments for her. Similarly, while Suzie Jenkins may want her mother Mary to be able to schedule appointments for her, Suzie may not want her mother to be able to access the results of medical tests. As still one other example, while Mary Jenkins may want her husband Pete to be able to either schedule appointments for her or to see general types of medical records, Mary Jenkins may not want her husband to be able to see the results of two tests she had performed including tests AA and BB.
According to another aspect of the present invention, in addition to enabling a system user to grant proxy access to a third party, the user may also be able to either identify specific categories of information such as, for instance, scheduling information, test results, etc., that should not be provided to a proxy or, to identify specific events or test results that should to be provided to the proxy, all unspecified information remaining completely confidential. In this regard, an exemplary sub-process 102 that may be substituted for a portion of the process illustrated in
Referring once again to
As indicated above, instead of allowing a client to select information that should remain confidential, in at least some embodiments it is contemplated that server 12 instead request that the client identify information that should be shared with a proxy. This version of the system is advantageous as it requires the client to think more critically about the type of information being shared with a proxy. Furthermore, this version allows a client/patient/person to easily grant access to a very limited subset of their data. In at least some cases the client may be forced to individually identify each separate item to be shared while in other cases the client may only be required to identify general groups of information types (e.g., symptoms, tests performed, test results, etc.). In either of these two cases, a list akin to the list illustrated in
Here it should be noted that where medical information is stored in small record sections or subfiles as described above and where records are formed by cobbling together the subfiles when specific record types are requested, ability to restrict access to specific information types is greatly enhanced. Similarly, in a system using a relational database structure and universal patient record, the ability to grant or restrict access to specific subsets of information is greatly improved and simplified. For instance, where a complete record of a specific type includes twenty fields, it is conceivable that a client could restrict access to any subset of the field information in the manner described above instead of simply restricting access to information in all twenty fields. For example, where two of the fields specify a physician that performed a test and results of the test, those two fields may be restricted while the other eighteen fields are left unrestricted. Thus, the file and information formats are particularly important in at least some inventive embodiments for facilitating meaningful restrictive access options.
In at least some embodiments it is contemplated that a first facility client that has a special relationship with a second facility client may want to obtain access to the second client's medical records or scheduling information independent of whether or not the second client formally grants proxy access to the first client. For instance, Mary Jenkins may, under the law and pursuant to rules enforced by St. Mary's Hospital, be authorized to access medical records and scheduling information for her son Tom if Tom is a minor (e.g., where Tom is less than 16 years old in at least some jurisdictions). Further, Mary's access may be limited by medical privacy laws of the jurisdiction in which St. Mary's Hospital is located (e.g., full access may be granted for a ten year old buy only partial access may granted for sixteen year old). As another instance, St. Mary's Hospital may have a general rule that anyone that lives at the same residence and that has the same last name as a first account owner may be able to access the first account owner's account. In these cases it is contemplated that server 12 may be programmed to grant proxy access to a first client that has a special relationship with a second client if the first client requests access and independent of whether the second client grants access.
For the next example, referring again to
Referring still to
Referring once again to block 130, where at least one of the proxy grant rules has been satisfied, control passes to block 132 where server 12 enables proxy access to Sarah Jenkins' medical information account. To enable proxy access, consistent with the example and referring again to
Referring still to
Referring now to
While the embodiments described above have many advantages over known prior art systems, it has been recognized that there are cases wherein one person is often responsible for medical activities associated with a group of people. For example, in many cases, a parent will be responsible for medial activities for each of her children as well as for another parent. Where a parent is responsible for medical activities for children and another parent, while proxy access enables the patent to review medical information for each one of the children and the other parent as well as to schedule appointments for each of the children and the other parent, using separate client accounts for each one of the children, the parent and the other parent is tedious.
For instance, in the exemplary case above, if Mary Jenkins has to schedule doctor's appointments for each of her children as well as for her husband and herself within a two week period and would prefer to schedule all of those appointments so that they occur on the same day and generally simultaneously or at least consecutively, Mary would have to access five different client accounts to schedule the appointments. In addition to the fact that flipping between accounts and accurately remembering and entering access codes would be tedious, coordinating times and physicians for all five appointments would be cumbersome. For instance, after Mary schedules appointments for Sarah and Tom at 9:00 a.m. and 9:30 a.m. as well as for Pete at 10:00 a.m. on a particular Thursday morning, when Mary accesses Sarah's account to schedule an appointment with a specific physician, Mary may realize that the specific physician's schedule is completely full on the Thursday morning. In this case, Mary would have to attempt to reschedule all of the five appointments at some other time to make appointments on the same day. This iterative process of scheduling and rescheduling would be cumbersome, difficult and subject to errors.
To deal with the problems associated with attempting to schedule appointments for multiple persons using multiple accounts, according to at least some embodiments of the present invention, it is contemplated that any proxy may be designated as a “manager”. Here, a manager designation may be used by server 12 automatically identify a subset of clients for which another client should be granted proxy access and then may automatically grant that proxy access and, in effect, push that proxy access off to the managing client. For instance, in the present example, where Mary Jenkins is designated as the manager for her family, server 12 may automatically identify each member of her family (e.g., by matching last names and residential addresses) and then may provide a list of members of Mary's family whenever Mary logs on to her medical information account where each entry in the list is hyperlinked to the specific member's client account. In this example, to flip from one family member's account information to another, instead of having to go through the proxy access requesting screens and having to enter the separate account access codes, Mary could simply select one of the family members accounts from the list presented.
Referring once again to
Referring now to
Referring now to
Next, at block 166, server 12 identifies a family manager in the database (see again
Referring once again to decision block 172, where Mary's rule related information matches the next client's information, control passes to block 174. In the current example, Mary's rule related information would match Pete's rule related information (i.e., the last names and residential address information is identical) and therefore control passes to block 174. At block 174, server 12 adds the next client to the proxy list for the manager. In the present example, Pete Jenkins is added to the proxy list for Mary Jenkins along with a corresponding access code 42MAX765 (see again
Referring once again to
Window 232 includes instructions for entering and submitting scheduling criteria as well as separate smaller scheduling windows 236, 238 and 240, a “MORE APPOINTMENTS” icon 270, a “CANCEL” icon 272 and an “ENTER” icon 274. Each of the smaller scheduling windows 236, 238 and 240 is similar and therefore only window 240 is described here in any detail. Window 240 includes a plurality of different fields including a client name field 234, a type of appointment field 252, a preferred physician field 230, a preferred dates field 248 and a preferred times field 250. Each of fields 234, 252, 230, 248 and 250 is suitable for entering text to specify information about a specific appointment to be scheduled. To help the manager schedule appointments, drop-down window arrows are provided, one identified by numeral 242 which, when selected, opens up a smaller window with possible information to be used to populate an associated field. For instance, when arrow icon 242 is selected, a small window opens including a list of the clients managed by Mary Jenkins in the present example from which one of the persons on the list can be selected to fill in information in field 234.
After information is filled in one of the smaller appointment windows, the manager can fill in a second, a third, and so on, small appointment window. Where additional appointments need to be made, the manager can select icon 270 to be provided with additional small scheduling windows like window 240. To cancel scheduling activity, the manager can select CANCEL icon 272. After appointment information has been specified via one or a plurality of windows 236, 238 and 240, ENTER icon 274 can be selected to submit the appointment specifications to server 12.
When server 12 receives appointment information corresponding to two or more clients, server 12 searches schedule information stored in database 14 for St. Mary's Hospital, identifies a subset of appointment times that meet the criteria specified, and the provides one or more options to the manager with the most optimal option indicated first followed by the next most optimal option, and so on.
In at least some embodiments it is contemplated that where a first client accesses a second client's account information, the second client may want system 10 to provide a notice to that second client indicating when the access occurred, which information was reviewed, if any action (e.g., scheduling) occurred, etc. In this regard, an exemplary window 211 is illustrated in
In at least some cases, it is contemplated that where a first client accesses a second client's account, the second client may want to subsequently review information regarding the access or, in the alternative, employees at the facility associated with system 10 may want to audit proxy access. To facilitate proxy access auditing, tracking database 280 is provided (see again
Proxy User column 284 lists a proxy user for each time proxy access is obtained for each client account in column 282. For example, Mary Jenkins is listed twice in column 284 for Suzie Jenkins' account in column 282 indicating that Mary Jenkins proxy accessed Suzie Jenkins' account twice. Mary Jenkins is listed once in column 284 for Tom Jenkins indicating that Mary Jenkins accessed Tom Jenkins' account once. Proxy Grant Date column 286 indicates the date on which proxy access was granted to the proxy user in column 284. For example, for Mary Jenkins, the proxy grant date for Suzie Jenkins is Jun. 1, 2005.
Proxy Access Date column 288 lists the date and time on which the proxy user in column 284 associated therewith accessed the client account in column 282. For instance, Mary Jenkins in column 284 accessed Suzie Jenkins' account in column 282 on Jun. 1, 2005 at 4:33 p.m. and accessed that same account on Jul. 12, 2005 at 1:22 a.m.
Information Accessed/Action Taken column 290 lists information accessed and actions taken for each one of the proxy access dates in column 288. For example, when Mary Jenkins accessed Suzie Jenkins' account on Jun. 1, 2005 at 4:33 p.m., column 290 indicates that Mary Jenkins accessed the hospital schedule and scheduled a physical with Dr. Thomas at 10:00 a.m. on Sep. 20, 2005. Similarly, on Jul. 12, 2005, at 1:22 a.m., Mary Jenkins accessed Suzie's account and checked Suzie's blood pressure results and examined Suzie's scheduled appointments. Many other entries in column 290 are contemplated.
With proxy access information stored in database 280 each time proxy access occurs, server 12 can allow St. Mary's Hospital employees or account owners to audit proxy access easily. For instance, referring again to
To help an account owner determine who has proxy access and restrictions thereon, in at least some cases server 12 may be able to provide a list of proxies and to indicate restrictions imposed on each. For example,
In at least some cases account owners may, in addition to wanting to be able to restrict information accessible to certain proxies, want to be able to restrict the duration of time of accessibility for one or all proxies. For instance, where Sarah Jenkins knows that she will be having a series of similar test procedures performed over the next several months, Sarah may want her mother Mary to be able to access her account only over the next two months and then to be prohibited from accessing thereafter. Here, in at least some embodiments, when Sarah is granting proxy access to Mary, a time restriction window may be provided to facilitate specification of a time restriction. For instance, after information to remain confidential has been selected via a window akin to window 97 in
While the invention may be susceptible to various modifications and alternative forms, specific embodiments have been shown by way of example in the drawings and have been described above. However, it should be understood that the invention is not intended to be limited to the particular forms disclosed. For example, after a first client obtains proxy access to a second client's account, in at least some cases, where the first client retains authority to access the second client's account, the first client may always be provided with a proxy access window like window 226 in
In addition, while the manager functionality has been described above in the context of the family where a mother acts as the family manager, the manager concept and related responsibilities may be applied to anyone within a family or, in some cases, to a person that is not formally or legally part of a family such as, for instance, a friend, legal guardian, a lawyer, a personal physician, etc., or anyone else that may access another's information and that would benefit from a streamlined access process.
Moreover, while the inventive concepts have generally been described above in context of systems that assign access codes to specific proxies in order to allow the proxies to access other client's information, in at least some cases it is contemplated that access codes would not be assigned and instead, whenever a proxy enters the proxy's own account, the proxy could, through the proxy's own account, access another client's account information without having to enter an access code. For instance, where the exemplary Peter Jenkins above is the legal guardian for an elderly family friend, Mr. Jenkins may obtain proxy access authority in any manner after which, when accessing his own account, Mr. Jenkins would be provided the capability to access the family friend's account information without requiring an access code. In some cases, for instance, Mr. Jenkins may simply enter the family friend's name into a field to specify the friend's account information. In other cases, the friend's name may be provided as hyperlinked text for quickly accessing the friend's account information. In this case, when Mr. Jenkins obtains authority access the friend's account information, a notice like the notice illustrated in
Furthermore, in at least some embodiments when a first person obtains authority to access a subset of a second person's information as a proxy, the system may provide notice to the second person and allow the second person to either block access or to grant the right to access additional information even though the first person only initially sought the right to access the information subset. On-screen icons and tools and associated software for providing this functionality should be obvious to one of ordinary skill in the art in light of the teachings above.
In addition, in at least some embodiments a first person may want to grant authority to a second person to enter or submit information on behalf of the first person or a first person may want to seek authority to submit information on behalf of a second client. In these cases, methods are contemplated that are similar to the methods described above wherein client accounts are used to seek or grant authority to access information. Exemplary type of activities associated with submitting information on behalf of another person include but are not limited to allowing the second client to schedule appointments for the other person, order medications for the other person, enter patient related data on behalf of the other person, submit historical information related to the other person, fill out forms for the other person and submit medical questions to physicians on behalf of the other person.
Thus, the invention is to cover all modifications, equivalents, and alternatives falling within the spirit and scope of the invention as defined by the following appended claims. To apprise the public of the scope of this invention, the following claims are made:
This patent is related to provisional patent application No. 60/631,308 that is titled “Shared Account Information Method and Apparatus” and that was filed on Nov. 29, 2004.
Number | Date | Country | |
---|---|---|---|
60631308 | Nov 2004 | US |