Patient identification systems and methods

11106,818

15/256157

September 02, 2016

Systems and methods for managing patient information across various electronic medical record (EMR) systems, according to some examples can involve providing a patient information management system having a cloud-based application server including a database, a client application interface and a mobile security token. A one-time verification code can be sent from the cloud-based application server to the client computing device and read using the mobile security token. The mobile security token can be matched to a patient demographic record in the database to authenticate the patient using the linked mobile security token.

LifeMed ID, Incorporated (Citrus Heights, CA, US)

LifeMed ID, Incorporated (Citrus Heights, CA, US)

1. A patient information management system for matching a patient with their health records, comprising: a cloud-based application server, comprising a database having patient demographic records stored thereon, the patient demographic records being linked to one or more electronic medical records (EMRs) on a healthcare entity's electronic medical record system (EMR system), the cloud-based application server configured to retrieve, over a network, EMRs from one or more EMR systems to a corresponding patient demographic record stored in the database; a client application interface provided on a healthcare entity computing device, the client application interface being configured to communicate with the cloud-based application server, the healthcare entity computing device being physically located at a client healthcare entity such that EMR systems, other than the EMR systems of the client healthcare entity, being inaccessible by healthcare entity computing device; and a mobile security token generated by the cloud-based application server and provided on a patient computing device separate and distinct from the healthcare entity computing device, the mobile security token being configured to communicate with the cloud-based application server, wherein the mobile security token is unique for each patient in the one or more EMRs, whereby, the cloud-based application server is configured to: link the patient computing device to the mobile security token in the patient demographic record, in response to receiving a request for patient authentication for a particular patient from the healthcare entity computing device, generate a one-time verification code for the particular patient, wherein the one-time verification code comprises a dynamic code that changes for each request at the healthcare entity computing device, send the one-time verification code generated by the cloud-based application server to the healthcare entity computing device, receive an indication of the one-time verification code and an indication of the mobile security token from the patient computing device, and in response to receiving the indication of the one-time verification code and the indication of the mobile security token from the patient computing device, determine that the one-time verification code matches the generated one-time verification code and that the mobile security token matches an expected mobile security token stored in the patient demographic record, and thereby authenticate the particular patient.

2. The patient information management system of claim 1 , wherein, when the patient is authenticated, the cloud-based application service is further configured to: access the patient's EMR stored on a healthcare entity's EMR system, and release the EMR to at least one of the client application interface or the patient computing device.

3. The patient information management system of claim 1 , wherein the cloud-based application server is further configured to require two authenticators to authenticate a patient.

4. The patient information management system of claim 3 , wherein at least one of the two authenticators is the mobile security token.

5. The patient information management system of claim 1 , wherein the healthcare entity computing device includes a Point-of-Sale (POS) device configured to accept payment from the patient for the healthcare services.

6. The patient information management system of claim 5 , wherein the patient computing device is a smartphone configured to read the one-time verification code generated by the cloud-based application server to the healthcare entity computing device.

7. The patient information management system of claim 5 , wherein the mobile security token corresponds to a unique identifier for each patient.

8. A method of accessing a patient's information from multiple electronic medical record (EMR) systems, comprising: providing a patient information management system, comprising: a cloud-based application server, comprising a database having patient demographic records stored thereon, the cloud-based application server being connected to one or more electronic medical record systems (EMR systems) over a network, each EMR system being inaccessible by other EMR systems, a client application interface provided on a healthcare entity computing device physically located at a healthcare entity, and a mobile security token generated by the cloud-based application server and provided on a patient computing device separate and distinct from the healthcare entity computing device, wherein the mobile security token is unique for each patient in the one or more EMRs; in response to receiving a request for patient authentication for a particular patient from the healthcare entity computing device, generating, by the cloud-based application server, a one-time verification code for the particular patient, wherein the one-time verification code comprises a dynamic code that changes for each request at the healthcare entity computing device; sending, from the cloud-based application server, the one-time verification code generated by the cloud-based application server to the healthcare entity computing device; using the patient computing device to read the one-time verification code sent to the healthcare entity computing device; receiving, by the cloud-based application server and from the patient computing device, an indication of the one-time verification code and an indication of the mobile security token; determining that the one-time verification code matches the generated one-time verification code and that the mobile security token matches an expected mobile security token stored in the patient demographic record; and authenticating the patient using the linked mobile security token prior to accessing and/or releasing the patient's EMR from an EMR system.

9. The method of claim 8 , further comprising, querying the database to access at least one field of a patient demographic record, after the patient is validated.

10. The method of claim 9 , further comprising, using the at least one field of the patient demographic record to access the patient's EMR corresponding to the patient demographic record linked to the mobile security token.

11. The method of claim 10 , wherein the at least one field is a medical record number (MRN).

12. The method of claim 9 , wherein, at the one-time verification code sent from the cloud-based application server to the healthcare entity computing device is used to generate a QR code, the QR code comprising encoded data, the encoded data comprising physical location of the healthcare entity computing device and/or time of patient visit.

13. The method of claim 12 , further comprising, reading the QR code displayed on the healthcare entity computing device using the mobile security token.

14. The method of claim 13 , further comprising, sending a different QR code to the healthcare entity computing device each time the patient is to be authenticated.

15. The method of claim 12 , further comprising, automatically stop accepting the QR code sent to the healthcare entity computing device as a valid one-time verification code after a predetermined interval of time.

16. The method of claim 12 , further comprising, performing a second factor authentication to authenticate the patient, wherein the second factor authentication includes entering a patient-selected encryption key on to the healthcare entity computing device.

17. The method of claim 12 , further comprising, establishing a first communication pathway between the patient computing device and the cloud-based application server.

18. The method of claim 17 , further comprising establishing a second communication pathway between the client application interface and the cloud-based application server.

19. The method of claim 18 , whereby, the first and second communication pathways are independent of each other.

20. The method of claim 18 , wherein the one-time verification code is sent from the cloud-based application server to the client application interface over the second communication pathway.

21. The method of claim 20 , wherein the one or more authenticators are read by the patient computing device and confirmation thereof is sent to the cloud-based application server using the first communication pathway.

22. A method of linking a patient's demographic data stored on a cloud-based application server to an Electronic Medical Record (EMR) system of a client healthcare entity, comprising: capturing patient demographic data; providing a mobile security token, generated by the cloud-based application server, on a patient computing device, wherein the mobile security token is unique for each patient in the EMR; in response to receiving a request for patient authentication for a particular patient from a healthcare entity computing device separate and distinct from the patient computing device, generating, from a cloud-based application server, a one-time verification code for the particular patient, wherein the one-time verification code comprises a dynamic code that changes for each request at the healthcare entity computing device; sending the one-time verification code generated by the cloud-based application server to the healthcare entity computing device located at the client healthcare entity, the healthcare entity computing device being in communication with the cloud-based application server; generating a location and/or time of visit encoded QR code based on the one-time verification code; displaying the QR code using the healthcare entity computing device; using the patient computing device to read the single-use QR code and to send the one-time verification code and the mobile security token to the cloud-based server, thereby confirming that the patient is physically present at the same location as the healthcare entity computing device; performing, using the cloud-based application server, an automated matching exercise to determine if another record exists in the cloud-based application server or another EMR system in communication therewith, that matches patient data captured; and linking the mobile security token to the patient computing device and a patient record created and stored in the cloud-based application server.

23. The method of claim 22 , further comprising, receiving, at the cloud-based application server, a patient-selected encryption key, and linking the patient record with the patient-selected encryption key.

24. The method of claim 23 , wherein the patient-selected encryption key is received by the cloud-based application server from at least one of the healthcare entity computing device and the patient computing device.

25. The method of claim 23 , wherein the patient-selected encryption key is received during a patient's initial visit to the client healthcare entity.

7725331 May 2010 Schurenberg et al.
8095386 January 2012 Lassetter et al.
8973091 March 2015 Ting et al.
9092643 July 2015 Keoh
9129046 September 2015 Bess et al.
9280684 March 2016 Kragh
9378380 June 2016 Reid
9721118 August 2017 Heidenreich
9792658 October 2017 Vijendra
2002/0029157 March 2002 Marchosky
2003/0037054 February 2003 Dutta et al.
2004/0122707 June 2004 Sabol et al.
2005/0125258 June 2005 Yellin et al.
2006/0174104 August 2006 Crichton
2006/0229911 October 2006 Gropper et al.
2006/0293925 December 2006 Flom
2007/0016450 January 2007 Bhora et al.
2007/0260492 November 2007 Feied et al.
2008/0071577 March 2008 Highley
2008/0126133 May 2008 Park
2008/0140446 June 2008 Rosenfeld et al.
2009/0024416 January 2009 Mclaughlin et al.
2009/0240681 September 2009 Saddiqi et al.
2009/0265776 October 2009 Baentsch et al.
2010/0115591 May 2010 Kane-Esrig
2010/0169263 July 2010 Korpman
2010/0219241 September 2010 Corwin et al.
2011/0071852 March 2011 Sirleaf
2012/0089518 April 2012 Blonchek
2012/0284056 November 2012 Hofstetter
2013/0054271 February 2013 Langford et al.
2013/0124855 May 2013 Varadarajan
2013/0218594 August 2013 Skocic
2014/0039929 February 2014 Vdovjak et al.
2014/0164022 June 2014 Reed
2014/0245396 August 2014 Oberheide
2015/0073827 March 2015 Crapo et al.
2015/0074409 March 2015 Reid
2015/0149208 May 2015 Lynch et al.
2015/0278462 October 2015 Smoley et al.
2016/0110523 April 2016 Francois
2421217 February 2012
9815910 April 1998
WO-2012104771 August 2012
2014206795 December 2014
WO-2014206795 December 2014
WO-2015036935 March 2015
2015043744 April 2015

Ramesh et al., “Implementing One Time Password Based Security Mechanism for Securing Personal Health Records in Cloud,” 2014 International Conference on Control, Instrumentation, Communication and Computational Technologies (ICCICCT) (Year: 2014). cited by examiner
International Search Report and Written Opinion for International Application No. PCT/US2016/051791, dated Nov. 9, 2016, 12 pages. cited by applicant
Abukhousa et al., “e-Health Cloud: Opportunities and Challenges,” Future Internet, vol. 4, 2012, pp. 621-645. cited by applicant
Fletcher et al., “Development of Mobile-Based Hand Vein Biometrics for Global Health Patient Identification,” Global Humanitarian Technology Conference (GHTC), 2014 IEEE. 7 pages. cited by applicant
LifeMed ID SecureReg ID End User Training Manual, believed to be publicly available more than one year prior to the filing date of the instant application, 25 pages. cited by applicant
LifeMed ID SecureReg Product Features, believed to be publicly available more than one year prior to the filing date of the instant application, 2 pages. cited by applicant
“Positive patient identification: Why patient identifiers matter,” Imprivata, Retrieved online from https://web.archive.org/web/20160811143129/https://www.imprivata.com/patient-identification, Aug. 11, 2016, 11 pages. cited by applicant
Rightpatient, Retrieved online from https://web.archive.org/web/20160718083138/http://www.rightpatient.com/rightpatient-biometric-patient-safety-system/, Jul. 18, 2016, 3 pages. cited by applicant
Schoenberg et al., “Internet based repository of medical records that retains patient confidentiality,” British Medical Journal, vol. 321, Nov. 11, 2000, pp. 1199-1203. cited by applicant
Wu et al., “Secure Sharing of Electronic Health Records in Clouds,” 2012 8th International Conference on Collaborative Computing: Networking, Applications and Worksharing (ColaborateCom), IEEE, 2012, 8 pages. cited by applicant

edspgr.11106818