METHODS AND SYSTEMS FOR SECURE ACQUISITION, INTERPRETATION AND TRANSMISSION OF DATA UNDER HIPAA COMPLIANT PROTOCOL

Methods and systems for acquiring a machine-readable optical code, decoding the optical code into a patient identifier, and receiving from a database a billing record filled with patient data corresponding to the patient identifier. The method includes reading by a mobile device the machine-readable optical code and decoding the optical code into a patient identifier. The method includes transmitting the patient identifier to a database. The method includes receiving from the database at least partially filled billing record with patient data corresponding to the patient identifier and displaying on the mobile device the at least partially filled billing record. The method includes searching the database using the patient identifier, and retrieving the patient data corresponding to the patient identifier. The method includes at least partially filling a billing record with the patient data, and transmitting the at least partially filled billing record to the mobile device.

Skip to: Description  ·  Claims  · Patent History  ·  Patent History
Description
CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit of U.S. Provisional Application Ser. No. 62/062,601, filed by Osorio, et al., on Oct. 10, 2014, entitled “Multi-feature Mobile Software Application that Generate [sic.] a Secure Environment to Capture Data under a HIPAA/Hitech Complaint [sic.] Protocol,” commonly assigned with this application and incorporated herein by reference.

TECHNICAL FIELD

The disclosure relates to methods and systems for secure acquisition, interpretation and transmission of data under HIPAA compliant protocol.

BACKGROUND

The Health Insurance Portability and Accountability Act (HIPAA) requires healthcare providers (e.g., physicians, hospitals), health insurance companies and other businesses associated with the healthcare industry to implement control of access to mobile devices, computer systems and networks that process and store patient health information (PHI). HIPAA requires that mobile devices and computer systems that process and store PHI are protected from intrusion. Also, HIPAA requires any communication containing PHI transmitted electronically over open networks is encrypted to prevent unauthorized interception.

Since healthcare providers and other businesses associated with the healthcare industry typically operate and maintain computer systems, networks, and applications to process and store PHI, they must ensure that PHI is protected from intrusions. Also, healthcare providers and health insurance companies must ensure that electronically transmitted PHI is protected from unauthorized interception. If PHI is stolen by intrusion of computer systems or if PHI is intercepted during transmission, businesses may face legal and financial liabilities.

Recently, increasing use of mobile communication and computing devices have encouraged development of systems that enable communication with healthcare service providers from a mobile device. Some systems allow a person to review medical records and update records from a mobile device. For example, an application may enable entry and upload of personal information from a mobile device to a physician's office prior to a visit. However, existing systems and methods generally do not allow secure acquisition and transmission of PHI. Also, existing systems and methods do not allow convenient and efficient upload of information containing PHI from a mobile device. Accordingly, improved systems and methods are needed.

SUMMARY

Various disclosed embodiments provide methods and systems, executable on a mobile device, for acquiring a machine-readable optical code, decoding the optical code into a patient identifier, and receiving from a database a billing record filled with patient data corresponding to the patient identifier.

According to disclosed embodiments, the method includes reading by a mobile device a machine-readable optical code and decoding the optical code into a patient identifier. The method includes transmitting the patient identifier to a database. The method includes receiving from the database at least partially filled billing record with patient data corresponding to the patient identifier, and displaying on the mobile device the at least partially filled billing record. The patient identifier is an ASCII code that identifies a patient. The machine-readable optical code may be a Quick Response Code or a standard one-dimensional barcode.

The method includes searching the database using the patient identifier, and retrieving the patient data corresponding to the patient identifier. The method includes at least partially filling a billing record with the patient data, and transmitting the at least partially filled billing record to the mobile device.

The method includes allocating a volatile memory space in the mobile device for a session, and storing the patient identifier in the allocated volatile memory space. The method includes transmitting the patient identifier using a secure transmission protocol during the session. The method includes de-allocating the volatile memory space at the termination of the session, wherein the de-allocation of the volatile memory space causes the patient identifier to be erased from the volatile memory space.

The method includes allocating volatile memory space in the mobile device for a session, and storing the received patient data and the at least partially filled billing record in the allocated volatile memory space. The method includes de-allocating the volatile memory space at the termination of the session, wherein the de-allocation of the volatile memory space causes the stored patient data and the at least partially filled billing record to be erased from the volatile memory space.

According to disclosed embodiments, a system includes a mobile communication device configured to communicate over a communication network. The mobile communication device includes at least one processor and a volatile memory space coupled to the processor. The volatile memory space is allocated for a defined session and de-allocated at the termination of the session.

The system includes a barcode reader configured to read a machine-readable optical code and to decode the optical code into a patient identifier. The processor is configured to store the patient identifier, patient data corresponding to the patient identifier, and a billing record at least partially filled with the patient data in the volatile memory space. The de-allocation of the volatile memory space erases stored data in the volatile memory space.

The foregoing has outlined rather broadly the features and technical advantages of the present disclosure so that those skilled in the art may better understand the detailed description that follows. Additional features and advantages of the disclosure will be described hereinafter that form the subject of the claims. Those skilled in the art will appreciate that they may readily use the conception and the specific embodiment disclosed as a basis for modifying or designing other structures for carrying out the same purposes of the present disclosure. Those skilled in the art will also realize that such equivalent constructions do not depart from the spirit and scope of the disclosure in its broadest form.

Before undertaking the DETAILED DESCRIPTION below, it may be advantageous to set forth definitions of certain words or phrases used throughout this patent document: the terms “include” and “comprise,” as well as derivatives thereof, mean inclusion without limitation; the term “or” is inclusive, meaning and/or; the phrases “associated with” and “associated therewith,” as well as derivatives thereof, may mean to include, be included within, interconnect with, contain, be contained within, connect to or with, couple to or with, be communicable with, cooperate with, interleave, juxtapose, be proximate to, be bound to or with, have, have a property of, or the like; and the term “controller” means any device, system or part thereof that controls at least one operation, whether such a device is implemented in hardware, firmware, software or some combination of at least two of the same. It should be noted that the functionality associated with any particular controller may be centralized or distributed, whether locally or remotely. Definitions for certain words and phrases are provided throughout this patent document, and those of ordinary skill in the art will understand that such definitions apply in many, if not most, instances to prior as well as future uses of such defined words and phrases. While some terms may include a wide variety of embodiments, the appended claims may expressly limit these terms to specific embodiments.

BRIEF DESCRIPTION

Reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:

FIG. 1 is a schematic block diagram of a communication system in which embodiments of the disclosure can be implemented;

FIG. 2 illustrates an application executable on the mobile device according to disclosed embodiments;

FIG. 3 illustrates the application with a scan button;

FIG. 4 shows an acquired QR code;

FIG. 5 is a flow diagram of a method according to disclosed embodiments;

FIG. 6 illustrates a partially filled billing record; and

FIG. 7 is a flow diagram of a method according to disclosed embodiments.

 DETAILED DESCRIPTION

FIGS. 1-7, discussed below, and the various embodiments used to describe the principles of the present disclosure are by way of illustration only and should not be construed in any way to limit the scope of the disclosure. Those skilled in the art will recognize that the principles of the disclosure may be implemented in any suitably arranged device or a system. The numerous innovative teachings of the present disclosure will be described with reference to exemplary non-limiting embodiments.

Various disclosed embodiments provide methods and systems, executable on a mobile device, for acquiring a machine-readable code, decoding the code into a patient identifier, and receiving from a database a billing record filled with patient data corresponding to the patient identifier.

According to disclosed embodiments, methods and systems provide secure acquisition of a machine-readable optical code by a mobile device. The mobile device includes a processor coupled to a memory, including a non-volatile memory defined for a session. The machine-readable optical code is decoded into a patient identifier and is stored in the non-volatile memory.

During the defined session, the patient identifier is transmitted to a database using a secure transmission protocol (STP). The database is searched using the patient identifier, and patient data corresponding to the patient identifier is retrieved. A billing record is at least partially filled with the patient data, and the at least partially filled billing record is transmitted to the mobile device. The billing record is displayed on the mobile device.

At the conclusion or termination of the defined session, the volatile memory is de-allocated, thereby erasing the patient data, the billing record or any other patient health information (PHI) from the volatile memory. Thus, after the termination of the session, no PHI is persistently retained by the mobile device.

FIG. 1 is a schematic block diagram of a communication system 100 in which embodiments of the disclosure can be implemented. The system 100 includes a mobile communication device 104 which may take the form of a mobile phone, a laptop computer, a tablet computer or the like. The mobile device 104 is configured to wirelessly communicate with other communication devices via a communication network 122. The network 122 may be a mobile cellular network such as a 3GPP network or other CDMA/GSM network. The network 122 may be linked to another network 126 such as the Internet.

The system 100 includes a web server 130 and an application server 134 connected to the Internet 126. The application server 134 is configured to store one or more applications and provide access to the applications over the Internet. Thus, the mobile device 104 can access the applications over the networks 122 and 126, and run the applications remotely. The web server 130 is configured to generate web pages including any web pages generated by running one or more applications in the application server 134. The mobile device 104 can download web pages from the web server 130 over the networks 122 and 126.

A database 138 is connected to the application server 134. The database 138 is configured to store data such as, for example, patient data. The patient data may include patient health information (PHI) which contains patient medical records.

The application server 134 may include a search engine configured to search the database 138 and retrieve data from the database 138. The search results may be downloaded by the mobile device 104 over the networks 122 and 126. Thus, for example, using the search engine the mobile device 104 can search and download PHI from the database 138 over the networks 122 and 126.

The mobile device 104 includes a processor 108 connected to a memory 112. The processor 108 may be of the type generally used in mobile devices such as those manufactured by Intel Corporation or ARM Holdings.

According to disclosed embodiments, the memory 112 comprises a non-volatile memory 116 and a volatile memory 120. In the non-volatile memory 116, any data stored is persistently retained even after electrical power is removed from the non-volatile memory 116. Thus, any data stored in the non-volatile memory 116 is not erased following removal of electrical power. In contrast, any data stored in the volatile memory 120 is erased, and thus lost, after electrical power is removed from the volatile memory 120. Thus, any data stored in the volatile memory 120 is not persistently retained after removal of electrical power.

According to disclosed embodiments, the volatile memory space may be allocated by marking portions of it as being allocated to an application in a memory allocation table and de-allocated by marking those portions as unallocated at the termination of the session and perhaps also overwriting it. Alternatively, the volatile memory space may be allocated by applying electrical power to the volatile memory 120 and de-allocated by removing electrical power at the termination of the session. Volatile memory space that is temporarily allocated to an application is sometimes called “scratchpad” memory. In the context of certain mobile device operating systems commercially available from Apple Incorporated of Cupertino, Calif. (e.g., OS X®), such temporarily allocated volatile memory is called a “sandbox” and is designed to prevent applications from interfering with one another or the operating system, except as the operating system permits.

The mobile device 104 also includes a barcode reader 114 configured to acquire machine-readable optical code. The barcode reader 114 may be a barcode scanner which illuminates a machine-readable optical code with red light. A sensor in the barcode scanner detects the reflected light and generates an analog signal with varying voltage that represents the intensity of the reflection. A converter changes the analog signal to a digital signal which is fed to a decoder. The decoder converts the code to an ASCII text, which is stored in the memory 112.

According to disclosed embodiments, the barcode reader 114 is configured to read a one-dimensional barcode or a Quick Response (QR) code. A QR code is a matrix or two-dimensional barcode. A QR code includes square dots arranged in a square grid on a white background, which can be read by a barcode reader. The barcode or QR code may be decoded into a patient identifier which identifies a patient by name, date of birth, or other identifying information.

The mobile device 104 also includes a transceiver 140 coupled to an antenna 144. The transceiver 118 includes conventional transmit and receive circuitry configured to transmit and receive signals wirelessly via the antenna 120 over a wireless network such as the network 122.

FIG. 2 illustrates an exemplary application 200 executable on the mobile device 104. The application 200 may reside in the mobile device 104 or may reside remotely such as, for example, in the application server 134. When the application 200 resides in the application server 134, a user may download and access the application over the networks 122 and 126 using the mobile device 104.

The application 200 provides a username 204 field and a password 208 field displayed on the mobile device 104. A user can login by entering a username and a password. Upon successful login a connection is established with a secure server such as the server 130 and the server 134 over the networks 122 and 126. Once the user is logged on, a web page 300 is displayed which has a scan button 304 as shown in FIG. 3. The user can press the scan button 304 to activate the barcode reader 114 of the mobile device 104 to read a machine-readable optical code. As discussed before, the machine-readable optical code may be a standard one-dimensional barcode or a QR code. The code may be decoded into a patient identifier which identifies a patient.

FIG. 4 shows a QR code 404 acquired by the mobile device 104. The QR code 404 may be processed using an error correction method so that the image in the QR code 404 can be interpreted. The data in the QR code 404 is extracted (i.e., decoded) from patterns present in horizontal and vertical components of the image. For example, the QR code 404 may be decoded into a patient identifier which identifies a patient by name, date of birth or other identifying information.

According to disclosed embodiments, a volatile memory space in the volatile memory 120 is allocated by the processor 108 for a defined session and de-allocated at the termination of the session. The session is defined for a predetermined time period. According to disclosed embodiments, the volatile memory space may be allocated by applying electrical power to the volatile memory 120 and de-allocated by removing electrical power at the termination of the session.

According to disclosed embodiments, the acquired machine-readable optical code (e.g., QR code 404) is stored in the allocated volatile memory space. The volatile memory space may be a random access memory (RAM). The stored code is then encrypted and transmitted to a remote server using a secure transmission protocol. For example the code may be encrypted and transmitted to the application server 134 over the networks 122 and 126. In accordance with the secure transmission protocol, at the remote server the encrypted code is authenticated upon reception.

According to disclosed embodiments, after the termination of the session, the volatile memory space is de-allocated which causes the stored code and any other patent health information (PHI) to be erased from the volatile memory space. The volatile memory space is de-allocated by removing electrical power from the volatile memory. Consequently, any PHI and other patient data are not persistently retained in the mobile device 104 after the termination of the session.

Thus, it will be appreciated that the disclosed embodiments provide secure acquisition and transmission of PHI in compliance with HIPAA. Since the patient identifier and all other PHI are erased from the volatile memory after the defined session, and thus not persistently retained by the mobile device 104, the data is protected from intrusion and misappropriation. Also, because the transmitted data is encrypted, they are prevented from unauthorized interception.

FIG. 5 is a flow diagram of a method according to disclosed embodiments. In block 504, a machine readable optical code is read by a mobile device. For example, a QR code may be read by the barcode scanner 114 of the mobile device 104.

In block 508, the optical code is decoded into a patient identifier. For example, the QR code may be decoded into a patient identifier by extracting the data from the patterns in horizontal and vertical components of the image in the QR code. The patient identifier may be an ASCII code that identifies a patient by name, date of birth and/or other identifying information.

In block 512, a volatile memory space is allocated for a defined session. The volatile memory space may be allocated for a predetermined time period by applying electrical power to the volatile memory. In block 516, the patient identifier is stored in the allocated volatile memory space. In block 520, the patient identifier is encrypted and transmitted using a secure transmission protocol. For example, the patient identifier may be transmitted using a secure transmission protocol to the database 138 over the networks 122 and 126.

According to disclosed embodiments, the database 138 is searched using the patient identifier for corresponding patient data. For example, a search engine in the application server 134 may be used to search the database 138 and retrieve patent data corresponding to the patient identifier.

In block 524, a patient billing record is retrieved from the database 138 and the billing record is partially or completely filled with the patient data. Thus, the billing record is at least partially filled the patient data which may include PHI.

According to disclosed embodiments, the database 138 is configured to auto-complete one or more fields in the billing record. Also, the database 138 features selection data entry fields that are updated with user interaction. The database 138 dynamically collects data, which eliminates the need for end user platform releases as new data gather entries are implemented.

In block 528, the partially (or completely) filled billing record is downloaded by the mobile device 104 over the networks 122 and 126, and the billing record is displayed on the mobile device 104. FIG. 6 shows a partially filled billing record 604 displayed on the mobile device 104.

The billing record may be stored in the volatile memory 120. After the termination of the defined session, the volatile memory 120 is un-allocated, thus erasing the billing record, the patient data or any other PHI. Consequently, after the termination of the session, no PHI is retained by the mobile device 104.

FIG. 7 is a flow diagram of a method according to disclosed embodiments. In block 704, the patient identifier is received by the database 138. As discussed before, the mobile device 104 transmits the patient identifier over the networks 122 and 126 to the database 138. In block 708, the database 138 is searched using the patient identifier, and patient data corresponding to the patient identifier is retrieved from the database 138. A search engine in the application server 134 may be utilized to search and retrieve the patient data from the database 138. In block 712, the patient data is downloaded by the mobile device 104 over the networks 122 and 126.

Those skilled in the art will recognize that, for simplicity and clarity, the full structure and operation of all systems suitable for use with the present disclosure is not being depicted or described herein. Instead, only so much of a system as is unique to the present disclosure or necessary for an understanding of the present disclosure is depicted and described. The remainder of the construction and operation of the disclosed systems may conform to any of the various current implementations and practices known in the art.

Of course, those of skill in the art will recognize that, unless specifically indicated or required by the sequence of operations, certain steps in the processes described above may be omitted, performed concurrently or sequentially, or performed in a different order. Further, no component, element, or process should be considered essential to any specific claimed embodiment, and each of the components, elements, or processes can be combined in still other embodiments.

It is important to note that while the disclosure includes a description in the context of a fully functional system, those skilled in the art will appreciate that at least portions of the mechanism of the present disclosure are capable of being distributed in the form of instructions contained within a machine-usable, computer-usable, or computer-readable medium in any of a variety of forms, and that the present disclosure applies equally regardless of the particular type of instruction or signal bearing medium or storage medium utilized to actually carry out the distribution. Examples of machine usable/readable or computer usable/readable mediums include: nonvolatile, hard-coded type mediums such as read only memories (ROMs) or erasable, electrically programmable read only memories (EEPROMs), and user-recordable type mediums such as floppy disks, hard disk drives and compact disk read only memories (CD-ROMs) or digital versatile disks (DVDs).

Those skilled in the art to which this application relates will appreciate that other and further additions, deletions, substitutions and modifications may be made to the described embodiments.

None of the description in the present application should be read as implying that any particular element, step, or function is an essential element which must be included in the claim scope: the scope of patented subject matter is defined only by the allowed claims. Moreover, none of these claims are intended to invoke paragraph six of 35 USC §112 unless the exact words “means for” are followed by a participle.

Claims

1. A method comprising:

reading by a mobile device a machine-readable optical code;
decoding the optical code into a patient identifier;
transmitting the patient identifier to a database;
receiving from the database an at least partially filled billing record with patient data corresponding to the patient identifier; and
displaying on the mobile device the at least partially filled billing record.

2. The method of claim 1, wherein the patient identifier is an ASCII code that identifies a patient.

3. The method of claim 1, further comprising:

searching the database using the patient identifier;
retrieving the patient data corresponding to the patient identifier;
at least partially filling a billing record with the patient data; and
transmitting the at least partially filled billing record to the mobile device.

4. The method of claim 1, wherein the machine-readable optical code is a Quick Response Code.

5. The method of claim 1, wherein the machine-readable optical code is a two-dimensional barcode.

6. The method of claim 1, wherein the machine-readable optical code is a one-dimensional barcode.

7. The method of claim 1, further comprising:

allocating volatile memory space in the mobile device for a session;
storing the patient identifier in the allocated volatile memory space;
transmitting the patient identifier using a secure transmission protocol during the session; and
de-allocating the volatile memory space at the termination of the session, wherein the de-allocation of the volatile memory space causes the patient identifier to be erased from the volatile memory space.

8. The method of claim 1, further comprising:

allocating volatile memory space in the mobile device for a session;
storing the received patient data and the at least partially filled billing record in the allocated volatile memory space;
de-allocating the volatile memory space at the termination of the session, wherein the de-allocation of the volatile memory space causes the stored patient data and the at least partially filled billing record to be erased from the volatile memory space.

9. The method of claim 1, wherein the machine-readable optical code is read by a barcode reader.

10. The method of claim 1, wherein the machine-readable optical code is read by an optical scanner.

11. A system, comprising:

a mobile communication device configured to communicate over a communication network, the mobile communication device comprising:
at least one processor;
a volatile memory space coupled to the processor, the volatile memory space allocated for a defined session and de-allocated at the termination of the session; and
a barcode reader configured to read a machine-readable optical code and to decode the optical code into a patient identifier, wherein the processor is configured to store the patient identifier, patient data corresponding to the patient identifier, and a billing record at least partially filled with the patient data in the volatile memory space, and wherein the de-allocation of the volatile memory space erases stored data in the volatile memory space.

12. The system of claim 11, wherein the patient identifier is an ASCII code that identifies a patient.

13. The system of claim 11, wherein patient identifier is transmitted by the mobile device to a database, and wherein the at least partially filled billing record including the patient data is received by the mobile device from the database.

14. The system of claim 11, wherein the at least partially filled billing record is displayed on the mobile device.

15. The system of claim 11, wherein the database is searched using the patient identifier.

16. The system of claim 11, wherein the machine-readable optical code is a Quick Response Code.

17. The system of claim 11, wherein the machine-readable optical code is a two-dimensional barcode.

18. The system of claim 11, wherein the machine-readable optical code is a one-dimensional barcode.

19. The system of claim 11, wherein the de-allocation of the volatile memory space causes the stored data to not be persistently retained in the mobile device.

20. The system of claim 11, wherein the session is defined for a predetermined time period.

21. A method comprising:

receiving by a database a patient identifier;
searching the database and retrieving patient data corresponding to the patient identifier, wherein the patient data includes patient health information;
at least partially filling a billing record with the patient data; and
transmitting the at least partially filled billing record to a mobile device using a secure transmission protocol.

22. The method of claim 21, wherein the patient identifier is an ASCII code that identifies a patient.

23. The method of claim 21, further comprising transmitting the at least partially filled billing record over the Internet.

Patent History
Publication number: 20160103964
Type: Application
Filed: Oct 9, 2015
Publication Date: Apr 14, 2016
Inventors: Federico Osorio (Dallas, TX), Andres Gutierrez Ovalles (Dallas, TX)
Application Number: 14/879,193
Classifications
International Classification: G06F 19/00 (20060101);