Abstract: Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.

Abstract: Implementations provide self-consistent, temporary, secure storage of information. An example system includes short-term memory storing a plurality of key records and a cache storing a plurality of data records. The key records and data records are locatable using participant identifiers. Each key record includes a nonce and each data record includes an encrypted portion. The key records are deleted periodically. The system also includes memory storing instructions that cause the system to receive query parameters that include first participant identifiers and to obtain a first nonce. The first nonce is associated with the first participant identifiers in the short-term memory. The instructions also cause the system to obtain data records associated with the first participant identifiers in the cache, to build an encryption key using the nonce and the first participant identifiers, and to decrypt the encrypted portion of the obtained data records using the encryption key.

Abstract: The present teaching relates to generating an identifier for a person. In one example, an actual name of the person is received. The identity of the person that is associated with the actual name of the person is proved at a pre-determined level of assurance (LOA) required by an identity management system. When the identity of the person has been proved, a peripheral name is solicited from the person. An identifier that includes the actual name and the peripheral name of the person is created. Whether the identifier is unique is determined. The steps of soliciting, creating, and determining are repeated until the identifier is unique. The peripheral name is associated with the person. The identifier is associated with the person.

Abstract: Implementations provide self-consistent, temporary, secure storage of information. An example system includes fast, short-term memory storing a plurality of key records and a cache storing a plurality of data records. The key records and data records are locatable using participant identifiers. Each key record includes a nonce and each data record includes an encrypted portion. The key records are deleted periodically. The system also includes memory storing instructions that cause the system to receive query parameters that include first participant identifiers and to obtain a first nonce. The first nonce is associated with the first participant identifiers in the fast, short-term memory. The instructions also cause the system to obtain data records associated with the first participant identifiers in the cache, to build an encryption key using the nonce and the first participant identifiers, and to decrypt the encrypted portion of the obtained data records using the encryption key.

Abstract: The present teaching relates to generating an identifier for a person. In one example, an actual name of the person is received. The identity of the person that is associated with the actual name of the person is proved at a pre-determined level of assurance (LOA) required by an identity management system. When the identity of the person has been proved, a peripheral name is solicited from the person. An identifier that includes the actual name and the peripheral name of the person is created. Whether the identifier is unique is determined. The steps of soliciting, creating, and determining are repeated until the identifier is unique. The peripheral name is associated with the person. The identifier is associated with the person.

Abstract: Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.

Abstract: Method, system, and programs for interoperable identity and interoperable credentials. In one example, an authentication request is received that originated from an online user in connection with an application having a first LOA. The authentication request includes an identity assertion and a digital identity is searched to identify a GUID associated with the digital identity matching the identity assertion. One or more credentials that are bound to the GUID at the first LOA or a higher LOA are provided. A selection of at least one credential is received. Information of the selected credential that includes a credential verification service capable of verifying the selected credential is received. Verification of the selected credential of the online user based on the GUID is requested. A verification response is received. The online user is authenticated at the first LOA when the verification response indicates that the selected credential is successfully verified.

Abstract: Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.

Abstract: The present teaching relates to generating an identifier for a person. In one example, an actual name of the person is received. The identity of the person that is associated with the actual name of the person is proved at a pre-determined level of assurance (LOA) required by an identity management system. When the identity of the person has been proved, a peripheral name is solicited from the person. An identifier that includes the actual name and the peripheral name of the person is created. Whether the identifier is unique is determined. The steps of soliciting, creating, and determining are repeated until the identifier is unique. The peripheral name is associated with the person. The identifier is associated with the person.

Abstract: The present teaching relates to generating an identifier for a person. In one example, an actual name of the person is received. The identity of the person that is associated with the actual name of the person is proved at a pre-determined level of assurance (LOA) required by an identity management system. When the identity of the person has been proved, a peripheral name is solicited from the person. An identifier that includes the actual name and the peripheral name of the person is created. Whether the identifier is unique is determined. The steps of soliciting, creating, and determining are repeated until the identifier is unique. The peripheral name is associated with the person. The identifier is associated with the person.

Abstract: Method, system, and programs for performing two-factor authentication for a controlled access application via one or more third-party host verification servers. An example method includes receiving a request to a controlled access application after a user has successfully logged into an enterprise system with a first Identifier (ID) factor, the controlled access application requiring additional authentication with a second ID factor, obtaining first information to complete the second ID factor, at least some of the first information being obtained from the user, and generating a first web form using the first information. The method also includes submitting the first web form to a host verification server, receiving an indication of successful verification from the host verification server; and initiating, in response to receiving the indication of successful verification, access to the controlled access application.

Abstract: Method, system, and programs for interoperable identity and interoperable credentials. In one example, an authentication request is received. The authentication request originated from an online user in connection with an application having a first LOA. The authentication request includes the online user's input. A digital identity is searched based on the online user's input. A GUID associated with the digital identity is obtained when the digital identity is found. One or more credentials that are bound to the GUID at the first LOA or a higher LOA are provided. A selection of at least one credential is received. Information of the selected credential that includes a credential verification service capable of verifying the selected credential is received. Verification of the selected credential of the online user based on the GUID is requested. A verification response is received.

Abstract: The present teaching relates to generating an identifier for a person. In one example, an actual name of the person is received. The identity of the person that is associated with the actual name of the person is proved at a pre-determined level of assurance (LOA) required by an identity management system. When the identity of the person has been proved, a peripheral name is solicited from the person. An identifier that includes the actual name and the peripheral name of the person is created. Whether the identifier is unique is determined. The steps of soliciting, creating, and determining are repeated until the identifier is unique. The peripheral name is associated with the person. The identifier is associated with the person.

Abstract: The present teaching relates to identity management. In one example, a trusted connector is instantiated in the enterprise system behind a security. The trusted connector is configured to communicate with the private resource via a communication protocol. Upon being triggered by the external system, a secure communication channel is established between the external system and the trusted connector. A request is received from the external source at the trusted connector through the secure communication channel. The request is interpreted for communicating with the private resource. The interpreted request is sent to the private resource. A response is received from the private resource. The response from the private resource is interpreted for communicating with the external system. The interpreted response is sent to the external system through the secure communication channel.

Abstract: The present teaching relates to a Healthcare Event Response and Communication Center. In one example, a healthcare message is received. The healthcare message is processed to automatically identify one or more healthcare events. For each identified healthcare event, one or more responsive entities that are configured to be responsive to the healthcare event are identified. Each responsive entity is associated with one or more healthcare workflows that are configured to receive the healthcare event. Each identified healthcare event is provided in real-time to each of the one or more responsive healthcare workflows with respect to each responsive entity.

Abstract: A system and method for increasing patient adherence to following medication treatment regimens. An adherence data processing and communication system generates and displays medication adherence data based on historical medication information. The system is linked to other systems involved with electronic ordering and filling of prescriptions, such as electronic prescription and pharmacy systems all connected by suitable wired and/or wireless communication protocols including the Internet. In one embodiment, the adherence data is displayed in the form of an interactive report card which provides a user with adherence metrics in both summary and more detailed formats for prescription medications taken by the patient. A related method executed by the data processing and communication system is disclosed.

Abstract: A system and method for increasing patient adherence to following medication treatment regimens. An adherence data processing and communication system generates and displays medication adherence data based on historical medication information. The system is linked to other systems involved with electronic ordering and filling of prescriptions, such as electronic prescription and pharmacy systems all connected by suitable wired and/or wireless communication protocols including the Internet. In one embodiment, the adherence data is displayed in the form of an interactive report card which provides a user with adherence metrics in both summary and more detailed formats for prescription medications taken by the patient. A related method executed by the data processing and communication system is disclosed.

Abstract: A system and method for increasing patient adherence to following medication treatment regimens. An adherence data processing and communication system generates and displays medication adherence data based on historical medication information. The system is linked to other systems involved with electronic ordering and filling of prescriptions, such as electronic prescription and pharmacy systems all connected by suitable wired and/or wireless communication protocols including the Internet. In one embodiment, the adherence data is displayed in the form of an interactive report card which provides a user with adherence metrics in both summary and more detailed formats for prescription medications taken by the patient. A related method executed by the data processing and communication system is disclosed.

Abstract: The present invention relates generally to a method of supplementing an electronic prescription issued by a health care provider, the method comprising: a) receiving, on a computer apparatus, electronic prescription data generated by a health care provider for a patient for a prescribed substance; b) the computer apparatus determining, from a plurality of available supplemental programs stored on one or more databases, supplemental programs for which the patient is eligible based on the electronic prescription data; c) presenting to the health care provider, in a display device, a list of the eligible supplemental programs, each of the eligible supplemental programs being selectable and de-selectable by the health care provider in the display device; and d) the computer apparatus activating each supplemental program from the plurality of available supplemental programs that have been selected and confirmed by the health care provider in the display device.

Abstract: The present invention relates generally to a method of determining effectiveness of supplemental programs on patient adherence that includes: a) a computer apparatus assigning to each of a plurality of cohorts a different permutation of supplemental programs available for one or more prescribed substances, wherein each of the plurality of cohorts is a sub-set of a plurality of health care providers; b) receiving, on the computer apparatus, data relating to an electronic prescription of the one or more prescribed substances generated by a health care provider of the plurality of health care providers; and c) the computer, apparatus activating the supplemental programs associated with the cohort to which the health care provider belongs.