CA2400160A1 - Method and system for distributing health information - Google Patents
Method and system for distributing health information Download PDFInfo
- Publication number
- CA2400160A1 CA2400160A1 CA002400160A CA2400160A CA2400160A1 CA 2400160 A1 CA2400160 A1 CA 2400160A1 CA 002400160 A CA002400160 A CA 002400160A CA 2400160 A CA2400160 A CA 2400160A CA 2400160 A1 CA2400160 A1 CA 2400160A1
- Authority
- CA
- Canada
- Prior art keywords
- coast
- access
- rst
- security
- information
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q10/00—Administration; Management
- G06Q10/10—Office automation; Time management
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H40/00—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
- G16H40/60—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
- G16H40/67—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
Abstract
A method of and system for distributing medical information for an individua l over a communications network is disclosed. The method includes the steps of generating a plurality of security access codes (202), generating a pluralit y of hierarchical categories ranging from a low security category to a high security category (204), categorizing the individual's medical information into privacy levels ranging from a least private level to a most private lev el (206), inputting the individual's categorized medical information into the plurality of hierarchical categories (208), the least private level being input into the low security category and the most private level being input into the high security category and assigning, to each of the categories, on e or more of the access security codes, such that the medical information in each category will be released only if the assigned access security codes ar e received (214).
Description
APPLICATION
UNITED STATES LETTERS PATENT
TO ALL WHOM IT MAY CONCERN:
Be it known that Roy Sehoenberg has invented METHOD AND SYSTEM
FOR DISTRIBUTING HEALTH INFORMATION of which the following description in connection with the accompanying drawings is a specification.
SUBSTITUTE SHEET (RULE 26) RELATED APPLICATIONS
This application claims the benefit of United States Provisional Patent Application No. 60/183,857, f led February 22, 2000.
FIELD OF THE INVENTION
This invention generally relates to a method of and system for distributing medical information over a communications network, and more specifically to a method of and system for assigning increasing levels of security to portions of an individual's medical records and linlcing each of the security levels to access security codes that must be supplied by the requestor of the medical information in order to access the medical records.
BACKGROUND OF THE INVENTION
When a patient is brought into a hospital for emergency care, it is very unlikely that the patient's medical record will be present in the hospital. A
patient's medical record is very important, particularly in an emergency situation, as it typically contains information regarding the patient's blood type, allergies, medical history, etc. Typically, such records are at the location where the patient receives the majority of lus or her medical care. In most cases, this is the location of the patient's primary care physician, thus making quick access to the record by the emergency care provider virtually impossible. Furthermore, even if the patient's medical record is accessible, it is likely that much of the information in the record is scattered between several archives in various locations; is obsolete, redundant or indecipherable to the extent that it does not benefit the patient at the point of care.
Presently, the transfer of patients' medical xecords between care providers is done in a number of different ways. Records can be trmsferred by phone, facsimile and overnight mail, however, these options are relatively slow, expensive and can be unreliable. The use of email for transferring medical records can be relatively simple and quick. However, email is typically too insecure fox transferring the sensitive information contained in a patient's medical xecord, and information can only be exchanged between parties that are aware of each other's email addresses.
SUBSTITUTE SHEET (RULE 26) Smart cards, which contain memory devices in which a patient's medical data is stored, allow the patient to carry his or her medical records, thereby potentially enabling immediate access to the patient's record. However, the cards axe easily lost or misplaced, thus endangering the securing of the record, and smart cards must be compatible with the smart card reader at a particular medical location, which may not always be the case. Furthermore, since the smart card must be physically present at the time the information is needed, remote consultation is impossible. For example, if an ambulance is bringing a patient to the hospital, the information contained in the smart card cannot be accessed by care providers at the hospital until f the patient atTives. A further disadvantage of the above methods is that they generally do not permit only selective access to the patient's information, depending on the situation that has precipitated the need for the patient's medical data. For example, if the patient suffers a broken bone, while information regarding the patient's blood type and allergies might be necessary for the proper treatment of the injury, the patient's cardiological or serological data is not. None of the above methods can prevent unnecessary medical data from being divulged to the medical care provider, thus potentially risking the patient's privacy.
While the intemet could be used to distribute medical records, there is presently no online system that is capable of securely distributing only the information from a patient's medical record that is necessary for the situation that has required access to the record.
Accordingly, it is an object of this invention to provide a method of and system for distributing medical information in which the medical care provider has quiclc access to a patient's medical record, but only to the information within the medical record that is necessary for the proper treatment of the patient at that time.
SUMMARY OF THE INVENTION
The present invention is directed to a method of and system for distributing medical information over a communications network. A patient's medical record is divided into a hierarchy of categories, each category having a level of privacy associated therewith which is greater than the previous Ievel. The lowest Ievel category could include information such as blood type and allergies, while a high-SUBSTITUTE SHEET (RULE 26) level category could include the patient's HIV status. The patient constructs a list of access codes, wherein, the higher the level of the category, the more access codes are required to gain access to the category of the medical record. This enables the patient to control how much access to his or her medical records a particular medical care provider has, by selecting the access codes that are provided to the care provider.
According to the invention, a method for distributing health information includes the steps of generating health data representative of at least one set of health information for an individual, generating access priority data representative of an access priority associated with each of the at least one set of health information, the access priority being based on criteria for release authorization established by the individual, storing at a datastore the health data and associated access priority data and receiving from a requestor, by way of a communications network, a request for at least one of the sets of health information, the request including access data correlated to an access priority. The method fiuther includes the steps of processing the access data to determine whether the access data corresponds to the access priority criteria for the requested health information. When the access data corresponds to the access criteria for the requested health information, the requested health information is transmitted to the requestor by way of the communications network, and, when the access data fails to corxespond to the access criteria, access to the requestor to the health information is denied. The communications network may be the Internet and the transmitted health information rnay be encrypted.
According to another embodiment of the invention, a method of distributing medical information for an individual over a communications network includes the steps of generating a plurality of security access codes, generating a plurality of hierarchical categories, ranging from a low security category to a high security category, categorizing the individual's medical information into privacy levels ranging from a least private level to a most private level, inputting the individual's categorized medical information into the plurality of hierarchical categories, the least private level being input info the low security category and the most private level being input into the high security category and assigning, to each of the categories, one or more of the access security codes, such that the medical SUBSTITUTE SHEET (RULE 26) information in each category will be released only if the assigned access security codes are received. The method further includes the steps of receiving, from a requestor, one or more of the access security codes over the communications network, determining whether the received access security codes match one or more of the assigned access security codes and transmitting, to the requestor over the communications network, the medical information in the categories in which the received security access codes match the assigned security access codes.
A system for distributing medical information for an individual over a communications network according to the present invention includes a server system including a computer processor and associated memory, the server system having database of a plurality or hierarchical categories for the individual, the categories ranging from a low security category to a high security category, each of the categories having medical information of the information contained therein.
The medical information ranges from least private information to most private information, the least private medical information being contained in the low security category and the most private medical information being contained in the high security category. Each of the categories have one or more security access codes assigned thereto. The system further includes a request system including a computer processor and associated memory, the requestor system inputting one or more of the security access codes to the server system over the communications networlc and an access determining device for transmitting, to the requestor system, the medical information in each of the categories in which the input security access codes match the assigned security access codes. The system may further include a setup system, having a computer processor and associated memory, for inputting the medical information to the database. The security access codes may be defined by a user and assigned to the categories by the user through the setup system. More of the security access codes may be required to access the high security categories than the low security categories. The setup system and the requestor system may be the same system. The setup system may be coupleable to said network by a wired or a wireless connection, and may be a personal computer, an interactive television system, a personal digital assistant or a cellular telephone.
SUBSTITUTE SHEET (RULE 26) BRIEF DESCRIPTION OF THE DRAWINGS
The foregoing and other objects of this invention, the various features thereof, as well as the invention itself may be more fully understood from the following description when read together with the accompanying drawings in which:
FIG. 1 is a diagrammatic view of a system for distributing medical information in accordance with the present invention;
FIG. 2 is a flow diagram of a method of distributing medical information in accordance with the present invention;
FIG. 3 is a schematic diagram of an example medical record in accordance with the system of FIG. l;
FIG. 4 is a diagrammatic view of another embodiment of the system of FIG.
1; and FIG. 5 is a diagrammatic view of yet another embodiment of the system of FIG. 1.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention enables a medical care provider to have remote access to a patient's medical record, while also enabling the patient to dictate exactly how much information the medical care provider can access. FIG. 1 shows a diagram of a system 100 for distributing medical information in accordance with a preferred embodiment of the present invention. The system 100 includes setup system 110, server system 120 and request system 130 all connected to a common communications networlc 160. Preferably, the setup system 110, server system and request system 130 can each be a personal computer such as an IBM PC or IBM
PC compatible system or an APPLE~ MacINTOSH~ system or a more advanced computer system such as an Alpha-based computer system available from Compaq Computer Corporation or SPARC~ Station computer system available from SLTN
Microsystems Corporation, although a main frame computer system can also be used. Preferably, the communications channel 160 is a TCP/IP-based network such as the Internet or an intranet, although almost any well known LAN, WAN or VPN
technology can be used.
SUBSTITUTE SHEET (RULE 26) In one preferred embodiment of the invention, the setup system 110 and request system 130 are IBM PC compatible systems operating a Microsoft Windows~ operating system and server system 120 is configured as a web server providing access to information such as web pages in HTML format via the HyperText Transport Protocol (http). The setup system 110 and request system include software to allow viewing of web pages, commonly referred to as a web browser, thus being capable of accessing web pages located on server system 120.
Furthermore, setup system 110, server system 120 and request system 130 include software for encrypting and decrypting data that is transmitted over the communications network 160. Alternatively, setup system 110 and request system 130 can be any wired or wireless device that can be connected to a communications network, such as an interactive television system, such as WEBTV, a personal digital assistant (PDA) or a cellular telephone. In this preferred embodiment, setup system 110 is located at the patient's primary care physician's office and request system 130 is located wherever access to a patient's medical record is required, such as in an emergency room, ambulance or another doctor's office.
FIG. 2 shows a flow diagram of the method of distributing medical information according to the present invention. First, the user of the setup system 110, FIG. 1, who can be the patient or the patient's physician, generates security access codes, step 202, which will provide varying access to the patient's medical records. Such security access codes can include demographic data such as the patient's name, birth date, social security number, address and phone number;
non-demographic data such as a passport number and the patient's native language;
physical attributes such as eye and hair color and scars or other identifying marks;
and user-definable fields such as passwords. The user then generates hierarchical categories into which the patient's medical information will be stored, step 204.
These categories range from a low security category, for information that the patient is less concerned about becoming known by a third party, to a high security category, for information that the patient is more concerned about becoming known by a third party. The patient and/or the patient's physician then determine the level of privacy that is desired for each piece of medical information in the patient's medical record, step 206. The least private level could include information such as SUBSTITUTE SHEET (RULE 26) the patient's blood type and allergies. The most private level could include HIV
data. Intermediate levels of privacy may include serology data, psychiatric data, cardiology data and genetic data. After the levels of privacy for each piece of the patient's medical information is determined, the information is transmitted from the setup system 110, FIG. 1, to the server system 120 over the communications network 160, and is stored in a database 122 of the server system 120, step 208. The patient then assigns one or more of the security access codes to each of the categories in the database 122, step 210. Preferably, security access codes that are easier to ascertain axe assigned to low security categories, while security access codes that are more difficult to ascertain are assigned to high security categories.
This allows the patient to more precisely control who has access to the categories, by enabling the patient to provide the security access codes for each of the categories only to medical personnel who have a "need-to-know" the particular information in each category.
As a further security measure, the patient can define which of the security access codes are necessary to be input by the requestor to identify the requestor as being authorized to access the patient's medical record, step 212. The security access code that will identify an authorized requestor is preferably a code that will not be easily guessed by an unauthorized requestor.
When a patient's medical record is needed, the requestor inputs to the server system 120, FIG. 1, through request system 130 and over network 160, any information that is lcnown about the patient in order to identify the patient:
While prior art systems require specific predetermined data to identify a patient, the present invention is capable of searching its database to identify the patient based on whatever information the requester can pxovide. Such information can include, but is not limited to, actual medical record numbers for a particular hospital, demographic data such as the patient's name, age and sex, information from a smart card that identifies the patient, retinal or iris scans and fingerprints. This flexible identification system enables the present invention to be used in conjunction with existing legacy systems. Since the database 122 may include medical records for a great number of patients, the server system 120 determines whether, based on the identification information input by the requestor, a unique patient match has been SUBSTITUTE SHEET (RULE 26) achieved, step 216. In this embodiment, the identification information input by the requestor could also be the security access codes set up by the patient. If the identification information input by the requestor does not define a unique patient in the database, the server system notifies the requestor that more identification information is needed to establish a unique patient match, step 218. If the identification information provided by the requestor provides a unique patient match, step 216, the server system prompts the requestor to enter security access codes for the patient. The server system then receives one or more of the security access codes input to the server system by the requestor, step 219. The server system 120 determines whether the received security access codes satisfy the requestor identification constraints, step 220. If they do not, the system notifies the requestor that the identification constraints have not been satisfied, step 222. If the identification constraints have been satisfied, the server system determines which of the assigned access codes match the received access codes input by the requestor, step 224, and transmits, to the request system 130 over the network 160, the information from the categories in which the received security access codes match the assigned security access codes, step 226. If more of the security access codes are received from the requestor, step 228, the system returns to step 224 to determine which of the assigned codes match the received codes. If no more codes are received in step 228, the process is terminated.
An example of the above method will now be described with reference to FIG. 3, which is a schematic diagram of a patient's medical record in accordance to the present invention. Shown at 302 are the security access codes generated by the patient in step 202, FIG. 2. In this example, the security access codes are the patient's first and last name, zip code, eye color, street number, birth year and two passwords. Shown at 304 are the medical information categories generated by the patient in step 204. These categories include EI~G data, allergies, blood type, serology, HIV and CD4. Shown at 306 are the security access codes that are assigned to the categories in step 210. As described above, security access codes that are easily ascertained are assigned to low security categories and security access codes that are more difficult to ascertain axe assigned to high security categories. In this example, the patient's birth year is assigned to the blood type and allergies, SUBSTITUTE SHEET (RULE 26) while the patient-defined passwords are assigned to the HIV and CD4 categories. In step 212, the patient's first name and zip code, block 308, are chosen by the patient as the identification constraints that must be input by the requestor to establish that he or she is authorized to access the patient's record. The following table shows the response of the system of the present invention to various combinations of security access codes received from the requestor:
If Reauestor supplies this data System will resuond with A. First Name "More than one patient found, No unique match"
B. First Name, Birth Year, Key 1 "Unique Match, ID constraints not satisfied"
C. First Name, Zip Code, Birth Year EKG data, Allergies, Blood Type D. First Name, Zip Code, Birth Year, Password 1 EKG data, Allergies, Blood Type, Serology, E. First Name, Zip Code, Birth Year, EKG data, Allergies, Blood Type, Password 1, Password 2 Serology, HIV
F. First Name, Zip Code, Birth Year, EKG data, Allergies, Blood Type, Password 1, Password 2, Eye Color Serology, HIV, CD4 In case A, because only the first name of the patient has been received, the system determines that a unique patient match has not been found, step 216, and notifies the requestor that more identification information is needed, step 218. In case B, the first name, birth yeax and password 1 are received, step 214.
Although these codes allow the system to identify the patient, step 2I6, the identification constraints (the first name and zip code) have not been satisfied, step 220.
The system then notifies the requestor that more security access codes are needed to satisfy the identification constraints, step 222. In case C, the first name, zip code and birth year are received, step 214. A unique patient match is found, step 216 and the identification constraints are satisfied, step 220. The system then determines which of the assigned security access codes match the received security access to SUBSTITUTE SHEET (RULE 26) codes, step 224, and transmits the information in the matched categories to the requestor over the communications network, step 226. In case C, because the zip code and birth year are received, referring to block 306, FIG. 3, the EKG
data, allergy information and blood type are transmitted from the database to the requestor. In case D, in addition to the first name zip code and birth year, password 1 is received, step 228. Accordingly, in addition to the information transmitted in case C, the patient's serology information is transmitted to the requestor. In case E, with the receipt of password 2, the patient's HIV data is transmitted and, in case F, the receipt of password 2 and the patient's eye color prompts the transmission of the patient's CD4 data, in addition to all of the information transmitted in the previous cases.
While the invention has been described as including one setup system that accesses the server system, a plurality of setup systems may be coupled to the server system in order to allow patients at different locations to access the server system.
Such a configuration is illustrated in Fig. 4. In this system 300, in addition to the setup system 110, a second server system 140 is coupleable to the server system 120 over communications network 160 for the purpose distributing medical information in the manner described above. It will be understood that the server system can be accessed through any number of setup systems, and that any number of request systems may access the server system in the manner described above.
In another embodiment, shown at 400 in FIG. 5, system 115 can be used both as the setup system, for setting up the patient's medical record on the database 122 of server system 120, as described above, and as the request system for inputting security access codes and receiving medical information from the database 122 of the server system 120, as described above.
Accordingly, the present invention provides a method of and system for distributing medical information over a network in a granular manner, in which the patient determines the level of security associated with each category of his or her medical record. A requestor of the patient's medical information must input the proper security access codes to the system in order to obtain the information contained within the record. The system enables the patient to distribute the security access codes for the hierarchy of security categories to medical personnel on a SUBSTITUTE SHEET (RULE 26) "need-to-know" basis, thus reducing the risk that highly private medical iZZformation be exposed to unauthorized personnel.
Attached as Appendix A is the Javascript and VBscript code used to implement the present invention and a sample database on which the invention can be used.
The invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are therefore to be considered in respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of the equivalency of the claims are therefore intended to be embraced therein.
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" -->
<%
dim a ( ) dim patient id .******************************************************************************
*
****************
' this sub loads the request data table with the entries in the form snb update database with new,_patient() dim time stamp dim num -of items dim counter time stamp = cstr(now()) ' time stamp counter = 0 length = cint(Request.Form("count")) ' number of fields to extract from request form ' create an entry in the patients table and get the new id set cnnl = server.Create0bject("adodb.connection") crml~:Open "filedsn=cardionet.dsn"
set rstl = server.CreateObject("adodb.recordset") rstl.ActiveConnection = cnnl ' rstl.CursorType = adOpenKeyset rstl.LockType = adLockOptimistic rstl.Source = "patients"
rstl.open rstl.AddNew rstl("ref data 1")=Request.Form("1") rstl("ref data 2")=Request.Form("2") rstl("ref data 3")=Request.5erverVariables("remote addr") rstl.Dpdate patient id= rstl.Fields("patient id") ,rstl.Close - ' set rstl = nothing ' add the pid_data for the new patient to the pid data table set rst2 =-server.CreateObject("adodb.recordset") rst2.ActiveConnection = cnnl rst2.CursorType = adOpenKeyset rst2.IockType = adLockOpt3imistic rst2.Source = "pid data"
rst2.Open _ for s = 1 to length ' loop through items if len(cstr(Request.Form(cstr(x))))>0 then ' append only items that have a value enetered counter = counter + 1 redim preserve a(3,counter) redim works only on last dimension, note it is turned around 2,30 a(O,counter) = cstr(x) ' item id a(l,counter) a lease(trim(Request.Form(cstr(x)))) ' item value a(2,counter) ~ (Request.Form("c" ~ cstr(x))="on") ' item is a required for identification rst2.AddNew ' add a record for each entered item rst2("patient id") = cint(patient id) SUBSTITUTE SHEET (RULE 26) rst2("item id") = cint(a(O,counter)) rst2("value") = cstr(a(l,counter)) rst2.update if a(2,counter) then 'add a record in id_pass id this is a required item for identification set rst3 a server.CreateObject("adodb.recordset") rst3.ActiveConnection = cnal rst3.CursorType = adOpenReyset rst3.LockType = adhockOptimistic ~rst3.Source = "id,_pass"
rst3.Open rst3.AddNew rst3("patient id")~int(patient id) rst3("item id")acint(a(O,counter)) rst3.~pdate rst3.Close end if end if next rst2.Close cnnl.Close set rst2anothing set cnnhnothing a(0,0) = cstr(counter) end sub %>
<HTML>
<HEAD>
Q4ETA NAME="GENERATOR" Content="Mi.crosoft Visual Studio 6.0">
<TITLE></TITLE>
</READ>
<body background=backgrnd.gif>
<%
call update_database with_new_patient Response.Write("Patient Added to Database") ' %>
<P> </P>
</BODY>
</HTML>
SUBSTITUTE SHEET (RULE 26) <t--#include file="adovbs.inc" -->
<~
dim a ( ) din gatient id t******************************************************************************
*
****************
this sub loads the request data table with the entries in the form sub update database_with new~atient() .
dim time stamp dim n~ of items dim counter _ time stamp = cstr(now()) ' time stamp counter = 0 length = cint(Request.Form("count")) ' number of fields to extract fraa4 request form create an entry in the patients table and get the new id set cnnl = seswer.CreateObject("adodb.connection") cnnl.Open "filedsn=cardionet.dsn"
set rsti = server.CreateObject("adodb.recordset") rstl.ActiveConnection = cnnl rstl.CursorType = adOpenKeyset rstl.LockType = adLockOptimistic rstl.Source = "patients"
rstl.open rstl.AddNew rstl("ref data 1")=Request.Form("1") rstl("ref data 2")=Request.Form("2") rstl("ref data 3")=Request.ServerVariables("remote addr") rstl.Update patient id= rstl.Fields("patient id") rstl.Close set rstl = nothing add the pid data for the new patient to the pfd data table set rst2 = server.CreateObject("adodb.recordset") rst2.ActiveConnection = cnnl rst2.CursorType = adOpen~Ceyset rst2.hockType = adLockOptimistic rst2.Source = "pid data"
rst2.Open for x = 1 to length ' loop through items if len(cstr(Request.Form(cstr(x))))>0 then ' append only items that have a value endtered counter = counter + 1 redim preserve a(3,counter) redim works only on last dimension, note it is turned around 2,30 a(O,counter) = cstr(u) ' item id a(l,counter) = lease(trim(Request.Form(cstr(x)))) ' item value a(2,counter) _ (Request.Form("c" ~ cstr(x))="on") ' item is a required for identification rst2.AddNew ~ add a record for each entered item rst2("patient id") = cint(patient id) SUBSTITUTE SHEET (RULE 26) rst2("itea id") = cint(a(O,counter)) rst2("valve") = cstr(a(l,counter)) rst2.update if a(2,counter) then 'add a record in id~ass id this is a required item for identification set rst3 = server.CreateObject("adodb.recordset") rst3.ActiveConnection = cnnl rst3.CursorType = adOpenReyset rst3.LockType = adLoexOptimistic rst3.Source = "id_pass"
rst3.Open rst3.AddNeW
rst3("patient id")~int(patient id) rst3("item id")~int(a(O,counterr)) rst3.Update rst3.Close end if end if neat rst2.Close cnnl.Close set rst2anothing set cnni~nothing a(0,0) = cstr(counter) end sub %>
<HTML>
<HEAD>
<META NAME=~GENERATOR" Content=~Microsoft Visual Studio 6.0">
<TITLE>G/TITLE>
</HEAD>
<body background backgrnd.gif>
~<%
call update database with_new~atient Response.Write("Patient'~dded to Database") %>
<P»nbsp; </P>
</BODY>
</ATML>
SUBSTITUTE SHEET (RULE 26) <!--#include file=wadovbs.inc" -->
<$
function item locked(fld name,fld value,pid) set rst chl~server.CreateObject("adodb.recordset") rst chk.ActiveConnection = cnnl rst chk.CursorType = adOpenReyset rst chk.LockType = adLockOptimistic sql=wselect distinct item id from locks where (patient id=w t cint(pid) w and w ~ fld name ~ w=w ~ cint(fld value) sqhsql ~ w) and item id not in ( select distinct item id frcaa request data where user ip='w i near ip i w')w -rst chk.Source ~ sql rst chk.Open .if rst chk.EOF then item_locked = false else item_locked = true end if 'while not(rst chk.EOF) ' Response.Write("<br>w ~ rst chk.Fields(witem id") ~ "<br>") ' rst_chk.MoveNext 'wend rst_chk.Close set rst chk=nothing end function %>
<htmlxheadx/headxbody background=backgrnd.gif>
<strong> Observations : </strong>
<hr>
<table align=center bordera3 bordercoloi=#OOOOcd cellpadding=3 width=100%>
<tr><th>Category</thxth>Parameter</th><th>Observation</thx/tr>
<% .
user ip=Request.ServerVariables("remote addr") ' open the database connection set cnnl = server.CreateObject("adodb.connection") cnnl.Opeif "filedsn=cardionet.dsn"
' extract the patient on which this ip is allowed to work on, from the online table set rst_pid=server.Create0bject("adodb.recordsetw) rst~id.ActiveConnection = cnnl rst_pid.CursorType = adOpenKeyset rst_pid.LockType = adLockOptimistic rst_pid.Source = "select patient id from online where user ip= "' i nser ip ~
w'w rst~id.Open if not rst~id.EOF then pid=cint(rst_pid.Fields("patient id")) SUBSTITUTE SHEET (RULE 26) end if ~ loop through the categories set rst cat = server.Create0bject("adodb.recordset") rst cat.ActiveConnection = cnnl rst cat.CnrsorType = adOpenKeyset rst cat.hocxType = adLockOptimistic rst cat. Source = "categories"
rst_cat.Open while not rst cat.EOF
cat id = cint(rst cat.Fields("category id")) cat name= rst cat.Fields("category name") .
'Response.ilrite(cat id ~ ".") 'Response.Write(cat name ~ ":") if item locked("category id",cat id,pid) then ' IF CATEGORY IS 1.OCP~:D
Response.Write("<tr><td colspan=3 align=left>Category " .cat name ~
" is Loc7ced</td></tr>") else ' loop through the parameters set rst~sar = server.CreateObject("adodb.recordset") rst~ar.ActiveConnection = cnnl rst~ar.CursorType = adOpenKeyset rst~par.hockType a adbockOptimistic - rst~ar.Source = "select * from [parameters] where category ids"
cat_id rst~ar.0pen while not rst~ar.EOF
par id=rst-par.Fields("parameter id") par name=rst~ar.Fields("parameter name") 'Response.Write(par id ~ "-") 'Response.Write(par_name ~ ":") if item_locked("parameter id",par id,pid) then ' IF PARAMETER
IS LOCKED
Response.Write("<tr>ttd colspan=3 align=left>" &
cat name ~ " : " & par name & " Parameter is Locked</td></tr>") else ' loop through the observations set rst obs = server.CreateObject("adodb.recordset") rst_obs.ActiveConnection = cnnl rst obs.CursorType = adOpenKeyset rst obs.LockType = adLockOptimistic rst obs.Source = "select * from observations where parameter id=" 6 par id ~ ° and patient_id=" & pid rst obs.Open while not rst obs.EOF
obs id=rst obs.Fields("observation id").
obs value=rst obs.Fields("value"j if item locked("observation id",obs id,pid) then ' IF OBSERVATION IS LOCKED
Response. Write("<tr><td colspan=3 align=left >" & cat name & " : " ~ par name & " Observation is Locked</td></tr>") else Response. write("<tr><td>" & cat_name ~ "</tdxtd>"
~ par name & "</td><td>" ~ obs value ~ "</tdx/tr>") SUBSTITUTE SHEET (RULE 26) end if CLOSE OBSERVA?ION IF
rst obs.MoveNext wend ' close observation loop rst obs.Close set rst obs~nothing end if ' CLOSE PARAMETER IF
rst_par.MoveNext wend ' close parameter loop rst_par.Close set rst,_par~nothing end if CLOSE CATEGORY IF
rst cat.MoveNeat wend ' close category loop rst cat. Close set rst cat~othing Response.Rrite("</table>t/body></html>") cnal.Close %> ~ .
SUBSTITUTE SHEET (RULE 26) <!--#i.nclude file="adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<%
' get the category iii and the observation id from the reqnest-cat id=Request.QueryString("catid") obx id=Req~est.QueryString("obxid") if cat_id~ull or obx_id~rull or cat_id="" or obx_id="" then Response.Redirect "id input-page.asp", =top" _ end if ' extract the patient on which this 3p is allowed to work on, frog the online table user ip=Request.ServerVariables("remote addr") set rst-pid=server.Createobject("adodb.recordset") sql = "select patient id fr~n online where user ip like '" ~ nser ip s "'"
rst."pid.Open sql,connobj,adOpenKeyset,adLockOptimistic if not rst~pid.EOF then pid=cint(rst~id.Fields("patient id")) rst~id.Close ' else rst-pid.Close~ ' set rst~Oid= nothing Response.Redirect("id input-page.asp") end if ' get the observation text set rst_obxsserver.CreateObject("adodb.recordset") sql~"select obx text from observations where obx id=" & obx_id & " and patient id=" & pid & " and category id=" & cat id rst obx.Open sql,connobj,adOpenKeyset,adLockOptimistic if not rst_obx.EOF then obx_textarst_obx.Fields(0) end if rst_obx.Close set rst obxsnothing Response. Write(" Coding for observation: " & obx text) get the observation codes set rst_obc=server.CreateObject("adodb.recordset") sql="select observation coding.code system id, observation coding. code id, coding systems. coding system id, coding systems.
coding system name from observation coding inner join coding systems on observatibn coding. code system id~coding system id where observation coding.observation id=" ~ obxx id 'Response.Write("<br>" ~ sql ~ "<br>"j ' rst obc.Open sql,connobj,adOpenKeyset,adtockOptimistic while not rst obc.EOF
obc text="<br> code system name : " ~ rst obc.Fields("coding system name") & " ... code :" & rst obc.Fields("code id") & "~<br>"
Response.Write(obc text) , rst_obc.MoveNext wend rst obc.Close set rst obc~nothing SUBSTITUTE SHEET (RULE 26) Response.Ead E>
cATML>
cHEAD>
c~ETA ~GENERATOR~ Contenta~Mf.crosoft V3sua1 Studio 6.0~>
CTITLE></TIT1.E>
C/HEAD>
GBODY>
cP»nbsp; </P>
c/BODY>
c/ATi~L>
SUBSTITUTE SHEET (RULE 26) <HEAD>
Q~IETA http-eqniv=~Expires" content="Tue, 20 Ang 1996 14:25:27 C,MT">
<TITLB></TITLE>
</HEAD>
<frameset roxs="Z00,*">
<frame name="top frame" src~"logo~age.asp" border=0>
<frameset cols=~35%,65%~>
<frame~na~~left frame~ src=~skeleton.asp~ border=1>
<frame -names"right frame" srct"viex_patient.asp~ border=1>
</frameseta </frameset>
</HTML>
SUBSTITUTE SHEET (RULE 26) <t--#include file=*adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<~
' get the category id from the left frame ( skeleton.asp ) cat id=Request.QueryString("id") .cat name=Request.QueryString("cat name") if cat_id=nnll or cat id=*" then -Response.Redirect("id input~age.asp") end if extract the patient on which this ip is alloxed to work on, from the online table user ip=Request.ServerVariables("remote addr") set rst~id=server.Create0bject("adodb.recordset") sql = "select gatient id from online where user ip like '" ~ user ip & "'"
rst,~id.Open sql,connobj,adOpenKeyset,adl'.ockOptimistic if not rst_pid.EOF then pid=cant(rst_pid.Fields("patierit_iii")) rst_pid.Close else rst,_pid.Close set rst~id= nothing Response.Redirect("id_input~age.asp") end if %>
<tiTML>
<HEAD>
<t~TA NAMEa"GENERATOR" Contenta"Microsoft Visual Studio 6.0">
<TIThE></TITLE>
</ttEAD>
<BODY backgroundabackgrnd.gif >
<%
rst~id.Open "select va7~ue from pid data where patient id=" ~ pid ~ " and item id<3",connobj,adOpenDynamic,adbockOptimistic if not rst-pid.EOF then rst-pid.Movelast Response. Write "<center>Patient: <strong>" ~ rst_pid.Fields(0) rst~id.Movefirst ReSponse.Write( " " ~ rst-pid.Fields(0) i "</strong>snbsp snbsp 6nbsp~nbsp ~nbsp   snbsp Category: <strong>" ~ cat name) end if rst-pid.Close set rst_pid~othing Response.Write("<hr width=90% noshade>") %>
SUBSTITUTE SHEET (RULE 26) <form action=process new observation. asp method=post name=new_obx>
<input type=hidden name~id values%apid%»
<input type=hidden nameacat_id valueat%=oat_id%»
<input type=hidden name=cat_name valuex%=cat name%»
<table cellspacing=2 cellpadding=4>
<tr><th width=10% > </th><th width=20%
align=left>Observation:~nbsp </th><td Width=60%><textarea namesobx val width=80 rows=3 cols=40></textarea>G/td><th width=10% >snbsp</th></tr>
<tr><th> </th><th align=left>Time:~nbsp~nbsp</th><tdxinput nam~obx time width=80 value="<%=FoxmatDateTime(now(),0)%>"></td></tr>
<!-- Getting observation system <tr><th»nbsp</th><th align=left>Coding System: snbsp </th><td><SELF.CT
id=selectl name=code system>
<;
set rst2=server.CreateObject("adodb.recordset") sql="select * from coding systems"
rst2.Open sql,connobj,adOpenKeyset,adLockOpt3mistic while not rst2.EOF
Response.Write("<option values" ~ rst2.Fields("coding system id") & ">" ~
rst2.Fields("coding system name") ~ "</option>"~
rst2.MoveNext wend rst2.Close set rst2=nothing %>
</SEhECT></td></tr>
<tr><th> </th><th align=left>Code Value:  </th><td><input name=code value width=40></td></tr>
__>
</table>
<br clear=all><center><input type=submit value="Register New Observation"><br><br></center><hr width=90% noshade>
</form>
<%
'load any existing observations for this patient into the rstl recordset set rstl=server.CreateObject("adodb.recordset") sql="select * from obsei-~ations where patient id=" ~ pid & " and category_id=" &
cat_id rstl.Open sql,connobj,adOpenKeyset,adLockOpt3mistic if rstl.EOF then Response.Write("<li> No Observations recorded in this category") else %>
<form namexdit obx method~ost action=process delete observation.asp>tcenter>
<input type=hididen nameapid value=s%=pid%»
<input type=hidden name=cat id valuex%=cat id%»
<input type=hidden name=cat name value=<%acat name%»
<table borderal widtha90%
<tr><th>Delete</th><th>Existing Observations</th><th>Time</th><th>Coding</th></tr>
<%
while not rstl.EOF .
Response. Write ("<tr><td align=center>tinput type=checkbox name=s"
rstl.Fields("obx id") ~ "></input></td>") ' SUBSTITUTE SHEET (RULE 26) Response.Write ("<td>" ~ rstl.Fields("obx teat") ~-w</td>") Resgonse.Write ("<td>" i rstl.Fields("obz time") ~ "</td>w ) 'Response. write ("<td><center><inpnt type=bntton name"
rstl.Fields("obx id") ~ " value""Edit..."" ></td></centerX/tr>" ~ chr(10)) url="edit codes l.asp?obaid=" ~ cstr(rstl.Fields("obx id")) ~
"&catid=" ~ cat_id <td><center><input type=button name="b<%=rstl.Fields("oba id")%>"
valve="Edit..." languageajavascript onclicka"window. open('<%=url%>')"'>
<%
rstl.MoveNext wend %>
</table>ccenter»br clear=all><input t~sutsoit value="Delete Observations"x/center>
</form>
<% ~ .
end if rstl.Close set rstl~othing %>
</BODY>
</$TMIJ
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" -->
<!--#3.nclude file="setodbc.inc" -->
<~ dim arr() ' (0,0) holds the number of items in the array ' (0,x) holds the item id (l, x) holds the item name (2,x) holds the previous value provided by the ip in previous sessions .******************************************************************************
*
**************
' this function loads the items and their names a blank array named arr() Function get_pid items() dim cnn dit~t rst dim counter set rst = server.CreateObject("adodb.recordset") 'rst.Open sql,"FIbEDSN=cardionet.dsn",adOpenDynamic sql="select * from pid items"
rst.Open sql,connobj,adOpenDynamic rst.MoveEirst counter = 0 while not rst.EOF
counter = counter + 1 redim preserve arr(3,counter+1) arr(O,counter) = trim(cstr(rst.Fields("item id").value)) arr(l,counter) = trim(cstr(rst.Fields("item name").value)) rst.MoveNext wend rst.Movefirst if counter > 0 then ~
ReDim arr(2,counter+1) for x = 1 to counter arr(O,x) a Trim(CStr(rst.Fields("item id").Value)) arr(l,x) = Trim(CStr(rst.Fields("item name").Value)) rst.MoveNext next arr(0, 0) = CStr(counter) get_pid items = true else get,_pid items = false end if rst.close Set rst= Nothing session.Abandon () End Function SUBSTITUTE SHEET (RULE 26) ~******************************************************************************
*
**************
' this sub loads the array with the previous values entered by the same ip user to the arr() array sub load existing values() user ip = trim(cstr(Request.ServerVariables("remote addr"))) set rst 1= server.CreateObject("adodb.recordset") counteracint(arr(0,0)) ' for x = 1 to counter sqla"select itemvalue fros request data where ((user ip like '" ~ user ip "') and (item id=" -& cint(arr(O,x)) ~ "j)"
'Response.Write("<br>" ~ sql) rst l.Open sql,connobj,adOpenKeyset,adLockOptimistic 'Response.Write(rst I.RecordCount ) if not (rst 1.EOF) then arr(2,x)=rst l.fields("item value") 'Response. Write("hello " & arr(2,x)) else arr (2, x) gull end if rst_l.Close next set rst 1=nothing end sub .******************************************************************************
*
***********
' this sub generates the actual HTML. grid with the values if they exist in the arr() array Sub export html() Dim x x=0 items~per_id = arr length = cint(items~er id(0, 0)) Response. Write( "<center><strong><font size=4 color=#OOOOff>CareKey Patient Identification Page</font></strong><hr>") Response.Write("<form action=""process id input.asp"" method~ost>") Response. Write("<input type=hidden name="~"count"" value=""" ~ CStr(length) """></input>") Respo~nse.Write("<table cellpadding=I cellspacing=0 borderal>") Response. Write("<tr bgcolor=#00008b><th>  ID 6nbsp </th><th><font color=#ffff00>Item Name</th><th>Gfont color=#ffff00>Input</th><th> </th><th>6nbsp ID ~nbsp</th><th><font color=#ffff00>Item Name</th><th><font color=#ffff00>Input</th></tr>") For x = I To Int(length / 2) Response.Write("<tr><th>" ~'items~er id(O,x) ~ "</th><td>" &
items_per id(l,x) ~ "</td>") Response.Write("<td><input name=""" i items~er id(O,x) ~ www size=20 value=""" & items~er id(2,x) ~ """></input>t/td ><td bgcolor=#00008b»nbsp</td>") Response.Write("<th>" ~ items per id(O,x + Int(length / 2)) &
"</th><td>" ~ items,_per id(l,x + Int(Iength / 2)) ~ "</td>") SUBSTITUTE SHEET (RULE 26) Response.izrite("<td>tinput name=""" b items-pe~c id(O,x + Int(length /
UNITED STATES LETTERS PATENT
TO ALL WHOM IT MAY CONCERN:
Be it known that Roy Sehoenberg has invented METHOD AND SYSTEM
FOR DISTRIBUTING HEALTH INFORMATION of which the following description in connection with the accompanying drawings is a specification.
SUBSTITUTE SHEET (RULE 26) RELATED APPLICATIONS
This application claims the benefit of United States Provisional Patent Application No. 60/183,857, f led February 22, 2000.
FIELD OF THE INVENTION
This invention generally relates to a method of and system for distributing medical information over a communications network, and more specifically to a method of and system for assigning increasing levels of security to portions of an individual's medical records and linlcing each of the security levels to access security codes that must be supplied by the requestor of the medical information in order to access the medical records.
BACKGROUND OF THE INVENTION
When a patient is brought into a hospital for emergency care, it is very unlikely that the patient's medical record will be present in the hospital. A
patient's medical record is very important, particularly in an emergency situation, as it typically contains information regarding the patient's blood type, allergies, medical history, etc. Typically, such records are at the location where the patient receives the majority of lus or her medical care. In most cases, this is the location of the patient's primary care physician, thus making quick access to the record by the emergency care provider virtually impossible. Furthermore, even if the patient's medical record is accessible, it is likely that much of the information in the record is scattered between several archives in various locations; is obsolete, redundant or indecipherable to the extent that it does not benefit the patient at the point of care.
Presently, the transfer of patients' medical xecords between care providers is done in a number of different ways. Records can be trmsferred by phone, facsimile and overnight mail, however, these options are relatively slow, expensive and can be unreliable. The use of email for transferring medical records can be relatively simple and quick. However, email is typically too insecure fox transferring the sensitive information contained in a patient's medical xecord, and information can only be exchanged between parties that are aware of each other's email addresses.
SUBSTITUTE SHEET (RULE 26) Smart cards, which contain memory devices in which a patient's medical data is stored, allow the patient to carry his or her medical records, thereby potentially enabling immediate access to the patient's record. However, the cards axe easily lost or misplaced, thus endangering the securing of the record, and smart cards must be compatible with the smart card reader at a particular medical location, which may not always be the case. Furthermore, since the smart card must be physically present at the time the information is needed, remote consultation is impossible. For example, if an ambulance is bringing a patient to the hospital, the information contained in the smart card cannot be accessed by care providers at the hospital until f the patient atTives. A further disadvantage of the above methods is that they generally do not permit only selective access to the patient's information, depending on the situation that has precipitated the need for the patient's medical data. For example, if the patient suffers a broken bone, while information regarding the patient's blood type and allergies might be necessary for the proper treatment of the injury, the patient's cardiological or serological data is not. None of the above methods can prevent unnecessary medical data from being divulged to the medical care provider, thus potentially risking the patient's privacy.
While the intemet could be used to distribute medical records, there is presently no online system that is capable of securely distributing only the information from a patient's medical record that is necessary for the situation that has required access to the record.
Accordingly, it is an object of this invention to provide a method of and system for distributing medical information in which the medical care provider has quiclc access to a patient's medical record, but only to the information within the medical record that is necessary for the proper treatment of the patient at that time.
SUMMARY OF THE INVENTION
The present invention is directed to a method of and system for distributing medical information over a communications network. A patient's medical record is divided into a hierarchy of categories, each category having a level of privacy associated therewith which is greater than the previous Ievel. The lowest Ievel category could include information such as blood type and allergies, while a high-SUBSTITUTE SHEET (RULE 26) level category could include the patient's HIV status. The patient constructs a list of access codes, wherein, the higher the level of the category, the more access codes are required to gain access to the category of the medical record. This enables the patient to control how much access to his or her medical records a particular medical care provider has, by selecting the access codes that are provided to the care provider.
According to the invention, a method for distributing health information includes the steps of generating health data representative of at least one set of health information for an individual, generating access priority data representative of an access priority associated with each of the at least one set of health information, the access priority being based on criteria for release authorization established by the individual, storing at a datastore the health data and associated access priority data and receiving from a requestor, by way of a communications network, a request for at least one of the sets of health information, the request including access data correlated to an access priority. The method fiuther includes the steps of processing the access data to determine whether the access data corresponds to the access priority criteria for the requested health information. When the access data corresponds to the access criteria for the requested health information, the requested health information is transmitted to the requestor by way of the communications network, and, when the access data fails to corxespond to the access criteria, access to the requestor to the health information is denied. The communications network may be the Internet and the transmitted health information rnay be encrypted.
According to another embodiment of the invention, a method of distributing medical information for an individual over a communications network includes the steps of generating a plurality of security access codes, generating a plurality of hierarchical categories, ranging from a low security category to a high security category, categorizing the individual's medical information into privacy levels ranging from a least private level to a most private level, inputting the individual's categorized medical information into the plurality of hierarchical categories, the least private level being input info the low security category and the most private level being input into the high security category and assigning, to each of the categories, one or more of the access security codes, such that the medical SUBSTITUTE SHEET (RULE 26) information in each category will be released only if the assigned access security codes are received. The method further includes the steps of receiving, from a requestor, one or more of the access security codes over the communications network, determining whether the received access security codes match one or more of the assigned access security codes and transmitting, to the requestor over the communications network, the medical information in the categories in which the received security access codes match the assigned security access codes.
A system for distributing medical information for an individual over a communications network according to the present invention includes a server system including a computer processor and associated memory, the server system having database of a plurality or hierarchical categories for the individual, the categories ranging from a low security category to a high security category, each of the categories having medical information of the information contained therein.
The medical information ranges from least private information to most private information, the least private medical information being contained in the low security category and the most private medical information being contained in the high security category. Each of the categories have one or more security access codes assigned thereto. The system further includes a request system including a computer processor and associated memory, the requestor system inputting one or more of the security access codes to the server system over the communications networlc and an access determining device for transmitting, to the requestor system, the medical information in each of the categories in which the input security access codes match the assigned security access codes. The system may further include a setup system, having a computer processor and associated memory, for inputting the medical information to the database. The security access codes may be defined by a user and assigned to the categories by the user through the setup system. More of the security access codes may be required to access the high security categories than the low security categories. The setup system and the requestor system may be the same system. The setup system may be coupleable to said network by a wired or a wireless connection, and may be a personal computer, an interactive television system, a personal digital assistant or a cellular telephone.
SUBSTITUTE SHEET (RULE 26) BRIEF DESCRIPTION OF THE DRAWINGS
The foregoing and other objects of this invention, the various features thereof, as well as the invention itself may be more fully understood from the following description when read together with the accompanying drawings in which:
FIG. 1 is a diagrammatic view of a system for distributing medical information in accordance with the present invention;
FIG. 2 is a flow diagram of a method of distributing medical information in accordance with the present invention;
FIG. 3 is a schematic diagram of an example medical record in accordance with the system of FIG. l;
FIG. 4 is a diagrammatic view of another embodiment of the system of FIG.
1; and FIG. 5 is a diagrammatic view of yet another embodiment of the system of FIG. 1.
DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS
The present invention enables a medical care provider to have remote access to a patient's medical record, while also enabling the patient to dictate exactly how much information the medical care provider can access. FIG. 1 shows a diagram of a system 100 for distributing medical information in accordance with a preferred embodiment of the present invention. The system 100 includes setup system 110, server system 120 and request system 130 all connected to a common communications networlc 160. Preferably, the setup system 110, server system and request system 130 can each be a personal computer such as an IBM PC or IBM
PC compatible system or an APPLE~ MacINTOSH~ system or a more advanced computer system such as an Alpha-based computer system available from Compaq Computer Corporation or SPARC~ Station computer system available from SLTN
Microsystems Corporation, although a main frame computer system can also be used. Preferably, the communications channel 160 is a TCP/IP-based network such as the Internet or an intranet, although almost any well known LAN, WAN or VPN
technology can be used.
SUBSTITUTE SHEET (RULE 26) In one preferred embodiment of the invention, the setup system 110 and request system 130 are IBM PC compatible systems operating a Microsoft Windows~ operating system and server system 120 is configured as a web server providing access to information such as web pages in HTML format via the HyperText Transport Protocol (http). The setup system 110 and request system include software to allow viewing of web pages, commonly referred to as a web browser, thus being capable of accessing web pages located on server system 120.
Furthermore, setup system 110, server system 120 and request system 130 include software for encrypting and decrypting data that is transmitted over the communications network 160. Alternatively, setup system 110 and request system 130 can be any wired or wireless device that can be connected to a communications network, such as an interactive television system, such as WEBTV, a personal digital assistant (PDA) or a cellular telephone. In this preferred embodiment, setup system 110 is located at the patient's primary care physician's office and request system 130 is located wherever access to a patient's medical record is required, such as in an emergency room, ambulance or another doctor's office.
FIG. 2 shows a flow diagram of the method of distributing medical information according to the present invention. First, the user of the setup system 110, FIG. 1, who can be the patient or the patient's physician, generates security access codes, step 202, which will provide varying access to the patient's medical records. Such security access codes can include demographic data such as the patient's name, birth date, social security number, address and phone number;
non-demographic data such as a passport number and the patient's native language;
physical attributes such as eye and hair color and scars or other identifying marks;
and user-definable fields such as passwords. The user then generates hierarchical categories into which the patient's medical information will be stored, step 204.
These categories range from a low security category, for information that the patient is less concerned about becoming known by a third party, to a high security category, for information that the patient is more concerned about becoming known by a third party. The patient and/or the patient's physician then determine the level of privacy that is desired for each piece of medical information in the patient's medical record, step 206. The least private level could include information such as SUBSTITUTE SHEET (RULE 26) the patient's blood type and allergies. The most private level could include HIV
data. Intermediate levels of privacy may include serology data, psychiatric data, cardiology data and genetic data. After the levels of privacy for each piece of the patient's medical information is determined, the information is transmitted from the setup system 110, FIG. 1, to the server system 120 over the communications network 160, and is stored in a database 122 of the server system 120, step 208. The patient then assigns one or more of the security access codes to each of the categories in the database 122, step 210. Preferably, security access codes that are easier to ascertain axe assigned to low security categories, while security access codes that are more difficult to ascertain are assigned to high security categories.
This allows the patient to more precisely control who has access to the categories, by enabling the patient to provide the security access codes for each of the categories only to medical personnel who have a "need-to-know" the particular information in each category.
As a further security measure, the patient can define which of the security access codes are necessary to be input by the requestor to identify the requestor as being authorized to access the patient's medical record, step 212. The security access code that will identify an authorized requestor is preferably a code that will not be easily guessed by an unauthorized requestor.
When a patient's medical record is needed, the requestor inputs to the server system 120, FIG. 1, through request system 130 and over network 160, any information that is lcnown about the patient in order to identify the patient:
While prior art systems require specific predetermined data to identify a patient, the present invention is capable of searching its database to identify the patient based on whatever information the requester can pxovide. Such information can include, but is not limited to, actual medical record numbers for a particular hospital, demographic data such as the patient's name, age and sex, information from a smart card that identifies the patient, retinal or iris scans and fingerprints. This flexible identification system enables the present invention to be used in conjunction with existing legacy systems. Since the database 122 may include medical records for a great number of patients, the server system 120 determines whether, based on the identification information input by the requestor, a unique patient match has been SUBSTITUTE SHEET (RULE 26) achieved, step 216. In this embodiment, the identification information input by the requestor could also be the security access codes set up by the patient. If the identification information input by the requestor does not define a unique patient in the database, the server system notifies the requestor that more identification information is needed to establish a unique patient match, step 218. If the identification information provided by the requestor provides a unique patient match, step 216, the server system prompts the requestor to enter security access codes for the patient. The server system then receives one or more of the security access codes input to the server system by the requestor, step 219. The server system 120 determines whether the received security access codes satisfy the requestor identification constraints, step 220. If they do not, the system notifies the requestor that the identification constraints have not been satisfied, step 222. If the identification constraints have been satisfied, the server system determines which of the assigned access codes match the received access codes input by the requestor, step 224, and transmits, to the request system 130 over the network 160, the information from the categories in which the received security access codes match the assigned security access codes, step 226. If more of the security access codes are received from the requestor, step 228, the system returns to step 224 to determine which of the assigned codes match the received codes. If no more codes are received in step 228, the process is terminated.
An example of the above method will now be described with reference to FIG. 3, which is a schematic diagram of a patient's medical record in accordance to the present invention. Shown at 302 are the security access codes generated by the patient in step 202, FIG. 2. In this example, the security access codes are the patient's first and last name, zip code, eye color, street number, birth year and two passwords. Shown at 304 are the medical information categories generated by the patient in step 204. These categories include EI~G data, allergies, blood type, serology, HIV and CD4. Shown at 306 are the security access codes that are assigned to the categories in step 210. As described above, security access codes that are easily ascertained are assigned to low security categories and security access codes that are more difficult to ascertain axe assigned to high security categories. In this example, the patient's birth year is assigned to the blood type and allergies, SUBSTITUTE SHEET (RULE 26) while the patient-defined passwords are assigned to the HIV and CD4 categories. In step 212, the patient's first name and zip code, block 308, are chosen by the patient as the identification constraints that must be input by the requestor to establish that he or she is authorized to access the patient's record. The following table shows the response of the system of the present invention to various combinations of security access codes received from the requestor:
If Reauestor supplies this data System will resuond with A. First Name "More than one patient found, No unique match"
B. First Name, Birth Year, Key 1 "Unique Match, ID constraints not satisfied"
C. First Name, Zip Code, Birth Year EKG data, Allergies, Blood Type D. First Name, Zip Code, Birth Year, Password 1 EKG data, Allergies, Blood Type, Serology, E. First Name, Zip Code, Birth Year, EKG data, Allergies, Blood Type, Password 1, Password 2 Serology, HIV
F. First Name, Zip Code, Birth Year, EKG data, Allergies, Blood Type, Password 1, Password 2, Eye Color Serology, HIV, CD4 In case A, because only the first name of the patient has been received, the system determines that a unique patient match has not been found, step 216, and notifies the requestor that more identification information is needed, step 218. In case B, the first name, birth yeax and password 1 are received, step 214.
Although these codes allow the system to identify the patient, step 2I6, the identification constraints (the first name and zip code) have not been satisfied, step 220.
The system then notifies the requestor that more security access codes are needed to satisfy the identification constraints, step 222. In case C, the first name, zip code and birth year are received, step 214. A unique patient match is found, step 216 and the identification constraints are satisfied, step 220. The system then determines which of the assigned security access codes match the received security access to SUBSTITUTE SHEET (RULE 26) codes, step 224, and transmits the information in the matched categories to the requestor over the communications network, step 226. In case C, because the zip code and birth year are received, referring to block 306, FIG. 3, the EKG
data, allergy information and blood type are transmitted from the database to the requestor. In case D, in addition to the first name zip code and birth year, password 1 is received, step 228. Accordingly, in addition to the information transmitted in case C, the patient's serology information is transmitted to the requestor. In case E, with the receipt of password 2, the patient's HIV data is transmitted and, in case F, the receipt of password 2 and the patient's eye color prompts the transmission of the patient's CD4 data, in addition to all of the information transmitted in the previous cases.
While the invention has been described as including one setup system that accesses the server system, a plurality of setup systems may be coupled to the server system in order to allow patients at different locations to access the server system.
Such a configuration is illustrated in Fig. 4. In this system 300, in addition to the setup system 110, a second server system 140 is coupleable to the server system 120 over communications network 160 for the purpose distributing medical information in the manner described above. It will be understood that the server system can be accessed through any number of setup systems, and that any number of request systems may access the server system in the manner described above.
In another embodiment, shown at 400 in FIG. 5, system 115 can be used both as the setup system, for setting up the patient's medical record on the database 122 of server system 120, as described above, and as the request system for inputting security access codes and receiving medical information from the database 122 of the server system 120, as described above.
Accordingly, the present invention provides a method of and system for distributing medical information over a network in a granular manner, in which the patient determines the level of security associated with each category of his or her medical record. A requestor of the patient's medical information must input the proper security access codes to the system in order to obtain the information contained within the record. The system enables the patient to distribute the security access codes for the hierarchy of security categories to medical personnel on a SUBSTITUTE SHEET (RULE 26) "need-to-know" basis, thus reducing the risk that highly private medical iZZformation be exposed to unauthorized personnel.
Attached as Appendix A is the Javascript and VBscript code used to implement the present invention and a sample database on which the invention can be used.
The invention may be embodied in other specific forms without departing from the spirit or essential characteristics thereof. The present embodiments are therefore to be considered in respects as illustrative and not restrictive, the scope of the invention being indicated by the appended claims rather than by the foregoing description, and all changes which come within the meaning and range of the equivalency of the claims are therefore intended to be embraced therein.
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" -->
<%
dim a ( ) dim patient id .******************************************************************************
*
****************
' this sub loads the request data table with the entries in the form snb update database with new,_patient() dim time stamp dim num -of items dim counter time stamp = cstr(now()) ' time stamp counter = 0 length = cint(Request.Form("count")) ' number of fields to extract from request form ' create an entry in the patients table and get the new id set cnnl = server.Create0bject("adodb.connection") crml~:Open "filedsn=cardionet.dsn"
set rstl = server.CreateObject("adodb.recordset") rstl.ActiveConnection = cnnl ' rstl.CursorType = adOpenKeyset rstl.LockType = adLockOptimistic rstl.Source = "patients"
rstl.open rstl.AddNew rstl("ref data 1")=Request.Form("1") rstl("ref data 2")=Request.Form("2") rstl("ref data 3")=Request.5erverVariables("remote addr") rstl.Dpdate patient id= rstl.Fields("patient id") ,rstl.Close - ' set rstl = nothing ' add the pid_data for the new patient to the pid data table set rst2 =-server.CreateObject("adodb.recordset") rst2.ActiveConnection = cnnl rst2.CursorType = adOpenKeyset rst2.IockType = adLockOpt3imistic rst2.Source = "pid data"
rst2.Open _ for s = 1 to length ' loop through items if len(cstr(Request.Form(cstr(x))))>0 then ' append only items that have a value enetered counter = counter + 1 redim preserve a(3,counter) redim works only on last dimension, note it is turned around 2,30 a(O,counter) = cstr(x) ' item id a(l,counter) a lease(trim(Request.Form(cstr(x)))) ' item value a(2,counter) ~ (Request.Form("c" ~ cstr(x))="on") ' item is a required for identification rst2.AddNew ' add a record for each entered item rst2("patient id") = cint(patient id) SUBSTITUTE SHEET (RULE 26) rst2("item id") = cint(a(O,counter)) rst2("value") = cstr(a(l,counter)) rst2.update if a(2,counter) then 'add a record in id_pass id this is a required item for identification set rst3 a server.CreateObject("adodb.recordset") rst3.ActiveConnection = cnal rst3.CursorType = adOpenReyset rst3.LockType = adhockOptimistic ~rst3.Source = "id,_pass"
rst3.Open rst3.AddNew rst3("patient id")~int(patient id) rst3("item id")acint(a(O,counter)) rst3.~pdate rst3.Close end if end if next rst2.Close cnnl.Close set rst2anothing set cnnhnothing a(0,0) = cstr(counter) end sub %>
<HTML>
<HEAD>
Q4ETA NAME="GENERATOR" Content="Mi.crosoft Visual Studio 6.0">
<TITLE></TITLE>
</READ>
<body background=backgrnd.gif>
<%
call update_database with_new_patient Response.Write("Patient Added to Database") ' %>
<P> </P>
</BODY>
</HTML>
SUBSTITUTE SHEET (RULE 26) <t--#include file="adovbs.inc" -->
<~
dim a ( ) din gatient id t******************************************************************************
*
****************
this sub loads the request data table with the entries in the form sub update database_with new~atient() .
dim time stamp dim n~ of items dim counter _ time stamp = cstr(now()) ' time stamp counter = 0 length = cint(Request.Form("count")) ' number of fields to extract fraa4 request form create an entry in the patients table and get the new id set cnnl = seswer.CreateObject("adodb.connection") cnnl.Open "filedsn=cardionet.dsn"
set rsti = server.CreateObject("adodb.recordset") rstl.ActiveConnection = cnnl rstl.CursorType = adOpenKeyset rstl.LockType = adLockOptimistic rstl.Source = "patients"
rstl.open rstl.AddNew rstl("ref data 1")=Request.Form("1") rstl("ref data 2")=Request.Form("2") rstl("ref data 3")=Request.ServerVariables("remote addr") rstl.Update patient id= rstl.Fields("patient id") rstl.Close set rstl = nothing add the pid data for the new patient to the pfd data table set rst2 = server.CreateObject("adodb.recordset") rst2.ActiveConnection = cnnl rst2.CursorType = adOpen~Ceyset rst2.hockType = adLockOptimistic rst2.Source = "pid data"
rst2.Open for x = 1 to length ' loop through items if len(cstr(Request.Form(cstr(x))))>0 then ' append only items that have a value endtered counter = counter + 1 redim preserve a(3,counter) redim works only on last dimension, note it is turned around 2,30 a(O,counter) = cstr(u) ' item id a(l,counter) = lease(trim(Request.Form(cstr(x)))) ' item value a(2,counter) _ (Request.Form("c" ~ cstr(x))="on") ' item is a required for identification rst2.AddNew ~ add a record for each entered item rst2("patient id") = cint(patient id) SUBSTITUTE SHEET (RULE 26) rst2("itea id") = cint(a(O,counter)) rst2("valve") = cstr(a(l,counter)) rst2.update if a(2,counter) then 'add a record in id~ass id this is a required item for identification set rst3 = server.CreateObject("adodb.recordset") rst3.ActiveConnection = cnnl rst3.CursorType = adOpenReyset rst3.LockType = adLoexOptimistic rst3.Source = "id_pass"
rst3.Open rst3.AddNeW
rst3("patient id")~int(patient id) rst3("item id")~int(a(O,counterr)) rst3.Update rst3.Close end if end if neat rst2.Close cnnl.Close set rst2anothing set cnni~nothing a(0,0) = cstr(counter) end sub %>
<HTML>
<HEAD>
<META NAME=~GENERATOR" Content=~Microsoft Visual Studio 6.0">
<TITLE>G/TITLE>
</HEAD>
<body background backgrnd.gif>
~<%
call update database with_new~atient Response.Write("Patient'~dded to Database") %>
<P»nbsp; </P>
</BODY>
</ATML>
SUBSTITUTE SHEET (RULE 26) <!--#include file=wadovbs.inc" -->
<$
function item locked(fld name,fld value,pid) set rst chl~server.CreateObject("adodb.recordset") rst chk.ActiveConnection = cnnl rst chk.CursorType = adOpenReyset rst chk.LockType = adLockOptimistic sql=wselect distinct item id from locks where (patient id=w t cint(pid) w and w ~ fld name ~ w=w ~ cint(fld value) sqhsql ~ w) and item id not in ( select distinct item id frcaa request data where user ip='w i near ip i w')w -rst chk.Source ~ sql rst chk.Open .if rst chk.EOF then item_locked = false else item_locked = true end if 'while not(rst chk.EOF) ' Response.Write("<br>w ~ rst chk.Fields(witem id") ~ "<br>") ' rst_chk.MoveNext 'wend rst_chk.Close set rst chk=nothing end function %>
<htmlxheadx/headxbody background=backgrnd.gif>
<strong> Observations : </strong>
<hr>
<table align=center bordera3 bordercoloi=#OOOOcd cellpadding=3 width=100%>
<tr><th>Category</thxth>Parameter</th><th>Observation</thx/tr>
<% .
user ip=Request.ServerVariables("remote addr") ' open the database connection set cnnl = server.CreateObject("adodb.connection") cnnl.Opeif "filedsn=cardionet.dsn"
' extract the patient on which this ip is allowed to work on, from the online table set rst_pid=server.Create0bject("adodb.recordsetw) rst~id.ActiveConnection = cnnl rst_pid.CursorType = adOpenKeyset rst_pid.LockType = adLockOptimistic rst_pid.Source = "select patient id from online where user ip= "' i nser ip ~
w'w rst~id.Open if not rst~id.EOF then pid=cint(rst_pid.Fields("patient id")) SUBSTITUTE SHEET (RULE 26) end if ~ loop through the categories set rst cat = server.Create0bject("adodb.recordset") rst cat.ActiveConnection = cnnl rst cat.CnrsorType = adOpenKeyset rst cat.hocxType = adLockOptimistic rst cat. Source = "categories"
rst_cat.Open while not rst cat.EOF
cat id = cint(rst cat.Fields("category id")) cat name= rst cat.Fields("category name") .
'Response.ilrite(cat id ~ ".") 'Response.Write(cat name ~ ":") if item locked("category id",cat id,pid) then ' IF CATEGORY IS 1.OCP~:D
Response.Write("<tr><td colspan=3 align=left>Category " .cat name ~
" is Loc7ced</td></tr>") else ' loop through the parameters set rst~sar = server.CreateObject("adodb.recordset") rst~ar.ActiveConnection = cnnl rst~ar.CursorType = adOpenKeyset rst~par.hockType a adbockOptimistic - rst~ar.Source = "select * from [parameters] where category ids"
cat_id rst~ar.0pen while not rst~ar.EOF
par id=rst-par.Fields("parameter id") par name=rst~ar.Fields("parameter name") 'Response.Write(par id ~ "-") 'Response.Write(par_name ~ ":") if item_locked("parameter id",par id,pid) then ' IF PARAMETER
IS LOCKED
Response.Write("<tr>ttd colspan=3 align=left>" &
cat name ~ " : " & par name & " Parameter is Locked</td></tr>") else ' loop through the observations set rst obs = server.CreateObject("adodb.recordset") rst_obs.ActiveConnection = cnnl rst obs.CursorType = adOpenKeyset rst obs.LockType = adLockOptimistic rst obs.Source = "select * from observations where parameter id=" 6 par id ~ ° and patient_id=" & pid rst obs.Open while not rst obs.EOF
obs id=rst obs.Fields("observation id").
obs value=rst obs.Fields("value"j if item locked("observation id",obs id,pid) then ' IF OBSERVATION IS LOCKED
Response. Write("<tr><td colspan=3 align=left >" & cat name & " : " ~ par name & " Observation is Locked</td></tr>") else Response. write("<tr><td>" & cat_name ~ "</tdxtd>"
~ par name & "</td><td>" ~ obs value ~ "</tdx/tr>") SUBSTITUTE SHEET (RULE 26) end if CLOSE OBSERVA?ION IF
rst obs.MoveNext wend ' close observation loop rst obs.Close set rst obs~nothing end if ' CLOSE PARAMETER IF
rst_par.MoveNext wend ' close parameter loop rst_par.Close set rst,_par~nothing end if CLOSE CATEGORY IF
rst cat.MoveNeat wend ' close category loop rst cat. Close set rst cat~othing Response.Rrite("</table>t/body></html>") cnal.Close %> ~ .
SUBSTITUTE SHEET (RULE 26) <!--#i.nclude file="adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<%
' get the category iii and the observation id from the reqnest-cat id=Request.QueryString("catid") obx id=Req~est.QueryString("obxid") if cat_id~ull or obx_id~rull or cat_id="" or obx_id="" then Response.Redirect "id input-page.asp", =top" _ end if ' extract the patient on which this 3p is allowed to work on, frog the online table user ip=Request.ServerVariables("remote addr") set rst-pid=server.Createobject("adodb.recordset") sql = "select patient id fr~n online where user ip like '" ~ nser ip s "'"
rst."pid.Open sql,connobj,adOpenKeyset,adLockOptimistic if not rst~pid.EOF then pid=cint(rst~id.Fields("patient id")) rst~id.Close ' else rst-pid.Close~ ' set rst~Oid= nothing Response.Redirect("id input-page.asp") end if ' get the observation text set rst_obxsserver.CreateObject("adodb.recordset") sql~"select obx text from observations where obx id=" & obx_id & " and patient id=" & pid & " and category id=" & cat id rst obx.Open sql,connobj,adOpenKeyset,adLockOptimistic if not rst_obx.EOF then obx_textarst_obx.Fields(0) end if rst_obx.Close set rst obxsnothing Response. Write(" Coding for observation: " & obx text) get the observation codes set rst_obc=server.CreateObject("adodb.recordset") sql="select observation coding.code system id, observation coding. code id, coding systems. coding system id, coding systems.
coding system name from observation coding inner join coding systems on observatibn coding. code system id~coding system id where observation coding.observation id=" ~ obxx id 'Response.Write("<br>" ~ sql ~ "<br>"j ' rst obc.Open sql,connobj,adOpenKeyset,adtockOptimistic while not rst obc.EOF
obc text="<br> code system name : " ~ rst obc.Fields("coding system name") & " ... code :" & rst obc.Fields("code id") & "~<br>"
Response.Write(obc text) , rst_obc.MoveNext wend rst obc.Close set rst obc~nothing SUBSTITUTE SHEET (RULE 26) Response.Ead E>
cATML>
cHEAD>
c~ETA ~GENERATOR~ Contenta~Mf.crosoft V3sua1 Studio 6.0~>
CTITLE></TIT1.E>
C/HEAD>
GBODY>
cP»nbsp; </P>
c/BODY>
c/ATi~L>
SUBSTITUTE SHEET (RULE 26) <HEAD>
Q~IETA http-eqniv=~Expires" content="Tue, 20 Ang 1996 14:25:27 C,MT">
<TITLB></TITLE>
</HEAD>
<frameset roxs="Z00,*">
<frame name="top frame" src~"logo~age.asp" border=0>
<frameset cols=~35%,65%~>
<frame~na~~left frame~ src=~skeleton.asp~ border=1>
<frame -names"right frame" srct"viex_patient.asp~ border=1>
</frameseta </frameset>
</HTML>
SUBSTITUTE SHEET (RULE 26) <t--#include file=*adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<~
' get the category id from the left frame ( skeleton.asp ) cat id=Request.QueryString("id") .cat name=Request.QueryString("cat name") if cat_id=nnll or cat id=*" then -Response.Redirect("id input~age.asp") end if extract the patient on which this ip is alloxed to work on, from the online table user ip=Request.ServerVariables("remote addr") set rst~id=server.Create0bject("adodb.recordset") sql = "select gatient id from online where user ip like '" ~ user ip & "'"
rst,~id.Open sql,connobj,adOpenKeyset,adl'.ockOptimistic if not rst_pid.EOF then pid=cant(rst_pid.Fields("patierit_iii")) rst_pid.Close else rst,_pid.Close set rst~id= nothing Response.Redirect("id_input~age.asp") end if %>
<tiTML>
<HEAD>
<t~TA NAMEa"GENERATOR" Contenta"Microsoft Visual Studio 6.0">
<TIThE></TITLE>
</ttEAD>
<BODY backgroundabackgrnd.gif >
<%
rst~id.Open "select va7~ue from pid data where patient id=" ~ pid ~ " and item id<3",connobj,adOpenDynamic,adbockOptimistic if not rst-pid.EOF then rst-pid.Movelast Response. Write "<center>Patient: <strong>" ~ rst_pid.Fields(0) rst~id.Movefirst ReSponse.Write( " " ~ rst-pid.Fields(0) i "</strong>snbsp snbsp 6nbsp~nbsp ~nbsp   snbsp Category: <strong>" ~ cat name) end if rst-pid.Close set rst_pid~othing Response.Write("<hr width=90% noshade>") %>
SUBSTITUTE SHEET (RULE 26) <form action=process new observation. asp method=post name=new_obx>
<input type=hidden name~id values%apid%»
<input type=hidden nameacat_id valueat%=oat_id%»
<input type=hidden name=cat_name valuex%=cat name%»
<table cellspacing=2 cellpadding=4>
<tr><th width=10% > </th><th width=20%
align=left>Observation:~nbsp </th><td Width=60%><textarea namesobx val width=80 rows=3 cols=40></textarea>G/td><th width=10% >snbsp</th></tr>
<tr><th> </th><th align=left>Time:~nbsp~nbsp</th><tdxinput nam~obx time width=80 value="<%=FoxmatDateTime(now(),0)%>"></td></tr>
<!-- Getting observation system <tr><th»nbsp</th><th align=left>Coding System: snbsp </th><td><SELF.CT
id=selectl name=code system>
<;
set rst2=server.CreateObject("adodb.recordset") sql="select * from coding systems"
rst2.Open sql,connobj,adOpenKeyset,adLockOpt3mistic while not rst2.EOF
Response.Write("<option values" ~ rst2.Fields("coding system id") & ">" ~
rst2.Fields("coding system name") ~ "</option>"~
rst2.MoveNext wend rst2.Close set rst2=nothing %>
</SEhECT></td></tr>
<tr><th> </th><th align=left>Code Value:  </th><td><input name=code value width=40></td></tr>
__>
</table>
<br clear=all><center><input type=submit value="Register New Observation"><br><br></center><hr width=90% noshade>
</form>
<%
'load any existing observations for this patient into the rstl recordset set rstl=server.CreateObject("adodb.recordset") sql="select * from obsei-~ations where patient id=" ~ pid & " and category_id=" &
cat_id rstl.Open sql,connobj,adOpenKeyset,adLockOpt3mistic if rstl.EOF then Response.Write("<li> No Observations recorded in this category") else %>
<form namexdit obx method~ost action=process delete observation.asp>tcenter>
<input type=hididen nameapid value=s%=pid%»
<input type=hidden name=cat id valuex%=cat id%»
<input type=hidden name=cat name value=<%acat name%»
<table borderal widtha90%
<tr><th>Delete</th><th>Existing Observations</th><th>Time</th><th>Coding</th></tr>
<%
while not rstl.EOF .
Response. Write ("<tr><td align=center>tinput type=checkbox name=s"
rstl.Fields("obx id") ~ "></input></td>") ' SUBSTITUTE SHEET (RULE 26) Response.Write ("<td>" ~ rstl.Fields("obx teat") ~-w</td>") Resgonse.Write ("<td>" i rstl.Fields("obz time") ~ "</td>w ) 'Response. write ("<td><center><inpnt type=bntton name"
rstl.Fields("obx id") ~ " value""Edit..."" ></td></centerX/tr>" ~ chr(10)) url="edit codes l.asp?obaid=" ~ cstr(rstl.Fields("obx id")) ~
"&catid=" ~ cat_id <td><center><input type=button name="b<%=rstl.Fields("oba id")%>"
valve="Edit..." languageajavascript onclicka"window. open('<%=url%>')"'>
<%
rstl.MoveNext wend %>
</table>ccenter»br clear=all><input t~sutsoit value="Delete Observations"x/center>
</form>
<% ~ .
end if rstl.Close set rstl~othing %>
</BODY>
</$TMIJ
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" -->
<!--#3.nclude file="setodbc.inc" -->
<~ dim arr() ' (0,0) holds the number of items in the array ' (0,x) holds the item id (l, x) holds the item name (2,x) holds the previous value provided by the ip in previous sessions .******************************************************************************
*
**************
' this function loads the items and their names a blank array named arr() Function get_pid items() dim cnn dit~t rst dim counter set rst = server.CreateObject("adodb.recordset") 'rst.Open sql,"FIbEDSN=cardionet.dsn",adOpenDynamic sql="select * from pid items"
rst.Open sql,connobj,adOpenDynamic rst.MoveEirst counter = 0 while not rst.EOF
counter = counter + 1 redim preserve arr(3,counter+1) arr(O,counter) = trim(cstr(rst.Fields("item id").value)) arr(l,counter) = trim(cstr(rst.Fields("item name").value)) rst.MoveNext wend rst.Movefirst if counter > 0 then ~
ReDim arr(2,counter+1) for x = 1 to counter arr(O,x) a Trim(CStr(rst.Fields("item id").Value)) arr(l,x) = Trim(CStr(rst.Fields("item name").Value)) rst.MoveNext next arr(0, 0) = CStr(counter) get_pid items = true else get,_pid items = false end if rst.close Set rst= Nothing session.Abandon () End Function SUBSTITUTE SHEET (RULE 26) ~******************************************************************************
*
**************
' this sub loads the array with the previous values entered by the same ip user to the arr() array sub load existing values() user ip = trim(cstr(Request.ServerVariables("remote addr"))) set rst 1= server.CreateObject("adodb.recordset") counteracint(arr(0,0)) ' for x = 1 to counter sqla"select itemvalue fros request data where ((user ip like '" ~ user ip "') and (item id=" -& cint(arr(O,x)) ~ "j)"
'Response.Write("<br>" ~ sql) rst l.Open sql,connobj,adOpenKeyset,adLockOptimistic 'Response.Write(rst I.RecordCount ) if not (rst 1.EOF) then arr(2,x)=rst l.fields("item value") 'Response. Write("hello " & arr(2,x)) else arr (2, x) gull end if rst_l.Close next set rst 1=nothing end sub .******************************************************************************
*
***********
' this sub generates the actual HTML. grid with the values if they exist in the arr() array Sub export html() Dim x x=0 items~per_id = arr length = cint(items~er id(0, 0)) Response. Write( "<center><strong><font size=4 color=#OOOOff>CareKey Patient Identification Page</font></strong><hr>") Response.Write("<form action=""process id input.asp"" method~ost>") Response. Write("<input type=hidden name="~"count"" value=""" ~ CStr(length) """></input>") Respo~nse.Write("<table cellpadding=I cellspacing=0 borderal>") Response. Write("<tr bgcolor=#00008b><th>  ID 6nbsp </th><th><font color=#ffff00>Item Name</th><th>Gfont color=#ffff00>Input</th><th> </th><th>6nbsp ID ~nbsp</th><th><font color=#ffff00>Item Name</th><th><font color=#ffff00>Input</th></tr>") For x = I To Int(length / 2) Response.Write("<tr><th>" ~'items~er id(O,x) ~ "</th><td>" &
items_per id(l,x) ~ "</td>") Response.Write("<td><input name=""" i items~er id(O,x) ~ www size=20 value=""" & items~er id(2,x) ~ """></input>t/td ><td bgcolor=#00008b»nbsp</td>") Response.Write("<th>" ~ items per id(O,x + Int(length / 2)) &
"</th><td>" ~ items,_per id(l,x + Int(Iength / 2)) ~ "</td>") SUBSTITUTE SHEET (RULE 26) Response.izrite("<td>tinput name=""" b items-pe~c id(O,x + Int(length /
2)) & """ size=20></input>c/td><tr>") Next _ If (x - 1) * 2 < length Then Response.iirite("<tr><th></th><td></td><td></td><td bgcolor=MediumPrquamarine></td><th>" ~ items~er id(O,length) ~ "</thXtd>"
items~er id(I,lenqth) ~ "</td>") Reesponse.i~lrite("<td>tinput name=""" ~ items-per 3d(O,length) i """
size=20></input></td>c/ti>") End If Response.idrite("</table><br><input type=""subaait"" values""Attempt Unique Identification""></form>") End Sub r******************************************************************************
*
*********
' HTHL CODE STARTS HERE
%>
<html xhead>tfont size=3 face=sans-serif>
<META http-equip="Expires" content="Tue, 20 Aug 1996 14:25:2? t~IT">
<TITLE~Carekey Patient Identification Page</TITL~
</HEAD>
<body backgrounc~backgrnd.gif>
<%
if get~id_items () then call load existing values call export html end if connobj.close set connobj=nothing %>
<AR NOSHADE>
</BODY>
</HTML>
SUBSTITUTE SHEET (RULE 26) <lDOCTyPE POBbIC "-//W3C//DTD aTHL 3.2 FINAL//EN">
<HTML>
<HEAD>
<script language="javascript" for="window" event="onload">
</script>
<font size=2 face=serif>
<script language="javascript">
var html text=" ;
var toggle=false;
var depth=1000=
var next sib;
var epos=0;
var vmax=1;
var temp node;
var xmldoc=new ActiveXObject("Microsoft.xHILDOM"j;
xmldoc.load("make dtd.asp");
loaddoc();
function Ioaddoc () t if (xmldoc.readyState~"4")( start ( ) s window. section.inuerHTML=html text;
) -else window.setTimeout("loaddoc()" , 200 );
) function start() ( var root=xmldoc.documentElement;
stratify(vpos,root);
) function stratify(vpos,node) ;
if (vpos<depth)( node name=node.nodeName;
if (node name !_ '#text') node attanode.attributes(0).text else node att=node.nodeName;
node text~node.text:
if (node text !_ " p toggle )( tabera" ;
for (x=O;x<vpos;x++) taberataber+'  ~nbsp 6nbsp6nbsp ';
if (node name~'obx')( local htmlataber+'~nbspsnbsp6nbsp <font ' color="OOOOff">'+node text+'</font>4~r>'+String.fromCharCode(10) html text=html text+local html;
else ( . if (node.hasChildNodes())( local htmlstaber+'<label onclick=document.all("'+node name+'").style:display="none">ac </label>';
SUBSTITUTE SHEET (RULE 26) local html=local html+'<label onclick~ocumeat.all(*'+node name+'w).style.display="block">xt/label>';
. ~ .
else local html=tuber+'~nbsp ~nbsp~nbsps~nbsp';
if (node text !_") local html=local html+'<strongxfont colota"ff0000">'+node att+'</font></strongxbr>>' else local html=local html+'<strongxfont color="808080~>'+node att+'</fontx/strongxbr>>';
local html=local html+'<div id="'+node name+'">'+String.fromCharCode(10);
html text=html text+local html;
if (node.hasChildNodes())[
if (vmax<vpos) vmax=vpos;
stratify(epos+l, node.childNodes(0));
tuber=" ;
for (x=O:x<vpos;x++) taber=taber+' ';
html text=html text+'</div>'+String.fromCharCode(10);
W
) temp node=node.nextSibling:
if (temp node != null b& temp node.nodeName !_ '#comment' ) stratify(vpos,temp -node);
function toggle empty() toggle=-toggle;
html_text=" ;
stratify ( 0, x<nldoc: ~IocumentElement ) window. section.innerHTMI,ahtml text;
function display(flag)( vai" root=xmldoc.documentElement;
.if (flag~l) show(root);
) if (flag~2) ( hide(root):
function hide(node),~
node name~node.nodeName;
if (node name!='obx' && node name!='#text')( SUBSTITUTE SHEET (RULE 26) if (document.all(node name)l~nll) document.all(node name).style.display="none";
) if (node.hasChildNodes())( hide(node.childNodes(0));
temp nodeanode.nextSibling;
if (temp node != null ~~ temp node.nodeName !s '#comment' )( hide(temp -node);
function show(node) ( node_nameanode.nodeName:
if (node name!='obx' ~~ node namel='#text')( if (document.all(node name)!'null)( document.all(node name).style.display="block";
) if (node.hasChildNodes())( show(node.childNodes(0));
) temp node=node.nestSibling;
if (temp node != null &~ temp node.nodeName !_ '#comment' )( show(temp -node):
</script>
</HEAD>
<body background=backgrnd.gif>
<!--<body background=backgrnd.gif> -->
<center>
<input name="showit" value="Show All" type="button°
onclick="display(1)">snbsp <input name="hideit" vale="Hide All" type="button" onclick="display(2)"»nbsp <input names"toggle" value="Toggle Empty" type="button"
onclick="toggle empty()">  <input name="Id Page" value="Back to ID page" type="button"
onclick="window.open('id input_page.asp',' top')">
<input name="frames" value="Data Entry" type="button"
onclick="t~rindow.open('frame set l.asp',' top')">
</center>
tbr><hr noshade width=80%><br>
<div id="section"></div>
</BODY>
</HTNIL>
SUBSTITUTE SHEET (RULE 26) <i--#include file="adovbs.inc" °>
<i--#include file="setodbc.inc" -->
dim a ( ) dim user id *******************************************************************************
*
*************
' this function creates the SQi~ that finds the unique match using the data in the array ' returns negative number is no matches, 0 if many matches, gatient id if unique hatch -Function get_pid id() dim rst dim counter set rst = server.CreateObject("adodb.recordset") part0 = "select distinct patient id from pid data where ((1=1) "
partl = " and ( part2 = " patient id in (select patient id from pid data where item id="
part3 = " and va1ue like part4 = "'))"
parts = ")"
sql a part0 for x = 1 to cint(a(0,0)) sql = sql + partl + part2 + a(O,x) + part3 + a(l,x) + part4 next sqla sql + parts 'Response.Write(sql) rst.Open sql,connobj 'Response.Write(sql) ' if not rst.EOF then rst.MoveFirst counter = 0 while not rst.EOF
counter s counter + 1 ' 'Response.F7ryite( "<br>patient found:" +
cstr(rst.Fields("patient id").value)+ "cbr>") rst.MoveNext wend 'Response.Write("<brxounter:" ~ counter ) if counter =1 then ' patient matched - rst.MoveFirst get~id_id = rst.Fields("patient id").value end if if counter < 1 then ' no patients match getJpid id = -1 end if if counter >1 then ' too many patients match get_pid id = 0 end if set rsta Nothing session.Abandon () End Function SUBSTITUTE SHEET (RULE 26) .******************************************************************************
*
****************
' this sub loads the request data table with the entries in the form sub update database with user request() dim time stamp - - -dfm nva -of_items ditn rstl dim counter user id = trim(cstr(Request.ServerVariables("remote addr"))) ~ ip address time stamp = cstr(now().j ' time stamp counter = 0 length = cint(Request.Form("count")) ' number of fields to extract from request form ' remove old entries for this ip set rstl = server.CreateObject("adodb.recordset") rstl.CursorType= adOpenDynamic sql = "delete from request data where user ip like '~ & usei id & ~'" ' clear database from previous attempts rstl.open sql,connobj set rstl a nothing 'set cnnl = server.CreateObject("adodb.connection") 'cnnl.Open "filedsn~cardionet.dsn"
set rst2 a server.Create0bject("adodb.recordset") rst2.ActiveConnection = connobj rst2.CursorType = adGpenKeyset rst2.LockType = adLockOptimistic rst2.Source = "request data"
rst2.Open for x = 1 to length ' loop through items if len(cstr(Request.Form(cstr(x))))>0 then ' append only items that have a value enetered counter = counter + 1 redim preserve a(2,counter) redim works only on last dimension, note it is turned around 2,30 a(O,counter) = cstr(x) ' item id a(l,counter) = lease(trim(Request.Form(cstr(x)))) ' item value rst2.AddNew ' add a record for each entered item rst2("user ip") = user id rst2("item id") a a(O,counter) rst2("item value") = a(I,counter) .
rst2("time stamp") = time stamp rst2("session id") = cstr(sessfon.SessionID) rst2.update .
end if next rst2.Close 'cnnl.Close set rst2anothing 'set cnnl=nothing a(0,0) = cstr(counter) end sub SUBSTITUTE SHEET (RULE 26) *******************************************************************************
**************
' this funciton checks to see if the items specified by the patient as required to his ' identification are indeed provided. the list of those items are in table id_pass and ' the items provided are 3.n table request data function check id_pass(pid) 'set cnn4 = server.CreateObject("adodb.connection") 'enn4.Open "filedsn=cardionet.dsn".
user ip= trim(cstr(Request.ServerVariables("remote addr"))) set .recset= server.CreateObject("adodb.recordset") recset.ActiveConnection = connobj recset.CursorType = adOpenKeyset recset.hockType = adLockOptimistic ' the following sql returns the item id that were not provided and are necessary for authorization sql0="select item name from pid items where item id in "
sqh=" (select iteia id from id_pass where (patient ids" ~ pid 6 ") "
sql2="and item id not in "
sql3=" (select item id from request data where user ip like '" ~ user ip i w.}}w _ _ _ ' recset.source=sql0 & sqll & sql2 ~ sql3 recset.Open if recset.RecordCount>0 then ' patient security specs are not met check id~ass=0 Response.Write("<hr><br><li><font size=2 color=~OOOOcd><strong> For this patient, access will be authorized upon furnishing the following information: </font>"}
'Response.Write(recset.RecordCount ) while not recset.eof Respoi~se.Write("<br><li>" ~ recset.Fields ("item name")}
recset.movenext wend Response.Write("<br></font>") else check id~ass=1 ' patient security is OK
end if recset.close cnn4.Close set recsetsnothing ' set cnn9=nothing end function .******************************************************************************
*
*******
this sub updates the online table with the access granted for this ip user for this patient SUBSTITUTE SHEET (RULE 26) sub update online (user, patient) set rst5 = server.CreateObject("adodb.recordset") 'set cans = server.CreateObject("adodb.connection") 'cnnS.Open "filedsn=cardionet.dsn"
sql "delete froa online where user ip like '" ~ nser ~ "'"
rstS.Open sql,connobj set rst6 = server.CreateObject("adodb.recordset") rst6.ActiveConnection = connobj rst6.CursorType = adOpenReyset rst6.LockType = adLockOptimistic rst6.Source = "online"
rst6.Open rst6.AddNew rst6("user ip")=user rst6("patient id")patient 'rst6("tine stamp")=now() rst6.Qpdate rst6.Close cnnS.Close set rst6~othing set rst5=nothing set cnn5~nothing end sub *******************************************************************************
*
*******
********************* P R O G R A M S T A R T
***********************************
*******************************************************************************
*
******* .
call update database_with user request p = get~id id ' calling the patient matching function 'Response.Write ("<hr>" 6 cstr(a(0,0)) ~ "  items provided by ip user "
user id ~ "<brxhr>") p intecint(p) if p int>0 then sec'tire--check id_pass(cstr(p)) if secure=1 then update Online user id,p int ' update the online table with the new access provision 'Response. Write("patient identified:" & p int) 'response.redirect("data root.asp") 'Response.Write("You nort have access to patient " ~ p int ) Response.Redirect("view~atient.asp") else '%>
<html>
<head>
</head>
SUBSTITUTE SHEET (RULE 26) body background=backgrnd.gif>
4~r><center><hr noshade Hidth=80%></center>
dar clear=all> -<%
Response. Write("<br>Access requirements not met for the identified patient: " ~ p) end if end if if p int<0 then Response. Write ("<li>snbsp No Matching patients found.
Attempt identification again using validated data only.") if p int=0 then Response.iirite ("<li»nbsp More than one patient found. Try adding or changing patient infozmation.") 'if p int>0 then check id_pass(cstr(p)) %>
tcenter><br>d~r>
<a href="id_input_page.asp">Back to Tdentification Page</a>
<P>inbspi<lP>
</BODY>
</aTML>
SUBSTITUTE SHEET (RULE 26) <!-#include files"adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<%
pid=Request.Form("pid") obx valueaRequest.Form("obs vaI") obx time=Request.Form("obx time") code system=Request.Form("code system") code value=Request.Form("code value") cat id=Request.Form("cat id") cat name=Request.Form("cat name") if obx_value="" then Response. Redirect("get data. asp?id=" & cat id & "scat names" & cat name) end if i:f not(isdate(obx time) ) then obx time~ow ( ) end if 'Response.Write("<br>" & pfd ~ "<br>" ~ obs value & "Q>r>" i obx time ~ "tbr>"
~
code system & "4~r>" & code value & "<br>" -~ cat id 'Response. End set rst=server.GreateObject("adodb.recordset") rst.open "observations",connobj,adOpenKeyset,adLockOptimistic rst.Add~lew rst("patient id")did rst("obx text")~bx value rst("obx time")=obx time rst("category id")=cat id rst.Update obx id= rst.Fields("obx id") rst.Close ' this is part of the old interface where coding was entered as part of the observation 'rst.open "observation coding",connobj,adQpenKeyset,adLockOptimistic 'rst.AddNew rst("observation id")=obx id ' rst("code system id")=code system rst("code id")=code_value 'rst.Update 'rst.Close set rst~nbthing Response. Redirect("get data. asp?id=" & cat id ~ "scat name=" & cat name) %>
SUBSTITUTE SHEET (RULE 26) <!~#include files"adovbs.inc" ~> ' <!~#include file="setodbc.inc" -->
' extract the patient on which this ip is allowed to work on, from the online table user ip=Request.ServerVariables("remote addr") set rst~id=server.CreateObject("adodb.recordset") sql = "select patient id from online where user ip like '" ~ user i~ ~ "'"
rst_pid.Open sql,connobj,adOpenKeyset,adLockOptimistic if not rst-pid.EOF then pidacint(rst_pid.Fields("patient id")) rst~id. Close set rst-pid= nothing ' else rst-pid.Close set rst~id= nothing Response.Redirect("id input~age.asp") end if . ' .******************************************************************************
*
****
check if either a category or an observation is locked for this patient function item locked(fld name,fld value) ' fld name should be either "observation id" or "category id"
' fld value should contain the id of the item required weather an observation or a category set rst chk=server.Create0bject("adodb.recordset") .
sql="select distinct item id from locks where (patient id=" & cint(pid) &
" and " & fld name & "_" & cint(fld value]
sqla sql ~ ") and item id not in ( select distinct item id from request data where user ip 1ike '" &fuser ip & "')" -rst chk.Open sql,connobj,adOpenKeyset,adLockOptimistic if rst chk.EOF then item_locked = false else item_locked = true end if ' rst_chk.Close set rst chk=nothing end function 'if item locked("category id",19)then ' Response.Write("locked") ' else ' Response,Write("not locked") 'end if .******************************************************************************
*
****
SUBSTITUTE SHEET (RULE 26) snb stratify dtd(item id, name, level) ' generate the DTD from the table categories set rst=server.CreateObject("adodb.recordset") sqI="select * from categories where category,~arent id=" ~ item id rst.Open sql,connobj,adOpenDynamic,adLockOptimistic tabber=""
for x =1 to level tabber3tabber & " "
next if rst.EOF then Response.Write(chr(10) &~tabber s "<lELEMENT id" ~ item id ~ "
(obx*)>") -Response.Write(chr(10) ~ tabber ~~"<!ATTbIST id" & item id ~ " name CDATA """ ii name i~ www>w) - .
else Response.Write(chr(10) i tabber t "<lELEMENT id" & item_id & "
(Obx*,") while not rst.EOF
local id=rst.Fields("category id") Response.Write( "id" i local id ~ "*") rst.MoveNext if not rst.EOF then Response.Write(", ") end if wend Response.Write(" )>") Response.Write(chr(10) & tabber & "<!ATTLIST id" ~ item_id & " name CDATA """ ~ name & """>") rst.MoveFirst level=level+1 while not rst.eof Response.Write(" ,stratify level " & level & ":" ~
rst.Fields("category id*)) cat id=rst.Fields("category id") cat name=rst.Fields("category name") call stratify dtd(cat id,cat_name,level) ~ recursion origin rst.MoveNext wend levelalevel-1 end if rst.Close set rst~othing end sub .*******ir*********************************************************************
**
***********
sub stratify xml(item id, name, level) ' produce the actual XML data tabbera""
for x =1 to level tabber=tabber ~ " "
next check if this category is locked, in which case write.the category name as empty and exit this branch if item locked("category id",item id) then SUBSTITUTE SHEET (RULE 26) Response.Write(chr(10) ~ tabber & "<id" ~ item id ~ " names""w name E =?.oCked" & www/]w) exit sub end if set rst=server.CreateObject("adodb.recordset") set data=server.CreateObject("adodb.recordset") sql="select * from categories where category~parent id " ~ item id rst.Open -sql,connobj,adOpenDynamic,adLockOptimistic ~ check for data of this node sql="select * from observations where category ids" & item id ~ " and patient id=" & pid ~ " order by obx time" -data.Opea sql,connobj,adOpenDynamic,adLockOptimistic if rst.EOF then ' if the parent node has no children...'check for data....
if data.EOF then ' if no data, close the node Response.Write(chr(10) & tabber ~ "<id" & item id & w n~~www ~ n~ ~ www/>w) -elSe Response.Write(chr(10) & tabber ~ "<id" & item id ~ " name="""
& name & www>w) .-while not data.EOF ' if it has data, but no children, load it and then close the node ' obs id=cint(data.Fields("obx id")) obs txtadata.Fields("obx text") if item locked("observation id",obs id) then obs_txt="Observation Locked"
end if Response.Write(chr(10) & tabber ~ " " ~ "<obx obx id=""" s data.Fields("obg id") & """>") Response.Write(obs txt ~ "</obx>") data.MoveNext wend Response.Write(chr(10) & tabber & "</id" ~ item id 6 ">") end if else ' if the parent node has children... check for data....
Response.Write(Chr(10) & tabber ~ "<id" & item id & " name="""
name & ""w>w) 'print out all the obis of the root element if they exist while not data.EOF ' if it has data, print it.
obs id cint(data.Fields("obx id")) obs txtadata.Fields("oba_text") if item locked("observation id",obs id) then obs_txt=" Observation Locked end if Response.Write(chr(10) i tabber G " " & "<obx Obx id=""" & data.Fields("Ob7L id") ~ www>w) Response.Write(obs txt ~ "</obx>") data.MoveNext wend data. close level=level+1 SUBSTITUTE SHEET (RULE 26) ' and then drill down to the child nodes while not rst.eof cat id=rst.Fields("category id") cat name=rst.Fields("category name") call stratify xml(cat id, cat name, level) 'recursion origin rst.MoveNeat - -- - - -wend Response.Write(chr(10) & tabber ~ "</id" ~ item id ~ ">") level=level-Z ' end if rst.Close set rst=nothing set data~othing end sub ---_----- INIT XML PAGE WITH INTERNAL DTD --- --------__-----------Response.Write("<?xml version=""1.0""?>" ~ chr(10)) -Response. Write("<lDOCTYPE idI [" E chr(10)) Response. write("<ISLEt~NT obx (#PCD~ATA)>" ie chr(10)) Response. Write("<lATTbIST obx" i chr(10)) Response. Write(" obx id CDATA #REQDIRED" 6 chr(10)) Response.Write(» code sys id CDATA ""ICD9""" & chr(10)) -Response. Write(" -code id CDATA.""134.18""" ~ chr(10)) Response.Write(">") Response.Write(chr(10) & chr(10)) BALL THE PROCEDORE THAT CREATES THE DTD ACCORDING TO THE DATABASE -call stratify dtd (1,"xmlnet",0) Response.Write(chr(10) & ")>" ~ chr(10)) CALL THE PROCEDDRE THAT GENERATES THE ACTOAb XtiL DATA DOCDMENT ---Response.Write(chr(10) & chr(10)) call stratify xml(l,"riolnet",0) %>
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" ->
<!--#include file="setodbc.inc" -->
<3 pid=Request.Form("pid") obz value=Request.Form("obx val") obx time=Request.Form("obx time") code system Request.Foxm("code system") code valueaRequest.Form("code value") cat i~Request.Form("cat id") cat name=Request.Form("cat name") if obx value="" then Response. Redirect("get data. asp?id=" i cat id ~ "&cat name=" ~ cat name) end if tf not(isdate(obx time) ) then obx_time=now() end if 'Response.Write("<br>" ~ pid & "fir>" ~ obx value ~ "<br>" & obx time i "<br>"
~
code system & "<br>" ~ code value ~ "<br>' ~ cat id 'Response. End set rst=server.CreateObject("adodb.recordset") rst.open "observations",connobj,adOpenKeyset,adF.ockOptimistic rst.AddNew rst("patient id")did rst("obs text")aobx value rst("obx time")~obx time rst("category id")xat id rst.Update obx_id= rst.Fields("obx id") rst.Close ' this is part of the old interface where coding was entered as part of the observation .
'rst.ogen "observation coding",connobj,adOpenKeyset,adLockOptimistic 'rst.AddNew ' rst("observation id")~bx id ' rst("code system_id")=code system rst("code id")~ode_value 'rst.Opdate 'rst.Close set rst=nothing Response. Redirect("get data. asp?id " ~ cat id & "scat name=" & cat name) %>
SUBSTITUTE SHEET (RULE 26) ~T~
<HEAD>
<META "CareKey System Demo" Content="Center for Clinical Coa~uting, Harvard Ntedical School">
<TITLE>CareKey Democ/TITLE>
</HEAD>
<BODY background backgrnd.gif>
<font size=5 color=#00008b><strong><Center>
<a href="id input_page.asp" >
<ing name="imgl" src="bidmc-banner.gif" border=0 Width=903 >
</a>
</BODY>
</HTMW
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" -->
<!--#include files"setodbc.inc" -_>
sub stratify dtd(item id, name,Ievel) ' generate the DTD from the table categories set rst=server.CreateObject("adodb.recordset") sqla"select * from categories where category~arent id=" ~ item id rst.Open.sql,connobj,adOpenDynamic,adLockOptimistic tabber=""
for x =1 to level tabberatabber ~ " w next if rst.EOF then Response.Write(chr(10) & tabber i w<lEbEMENT id" ~ item id ~ w (obx*)>") Response.Write(chr(10) ~ tabber ~ "<lATTLIST id" 6 item id ) Response.Write(chr(10) & tabber ~ " name CDATA ""w i name ~ wwww) Response.Write(chr(10) & tabber ~ " cat id CDATA "ww ~ item id:~_., www>w) else (obx*, ") www>w) Response.Write(chr(10)) Response.Write(chr(10) & tabber & "<!ELEMENT idw & item id & w while not rst.EOF
local id=rst.Fields("category id") Response.Write( "id" & local id & "*") rst.MoveNext if not rst.EOF then Response.Write(", ") end if wend Response.Write(" )>") Response.Write(chr(10) & tabber ~ "<!ATTLIST id" ~ item id ) Response.Write(chr(10) ~ tabber & " name CDATA """ & name & """") Response.Write(chr(10) & tabber ~ " cat id CDATA """ ~ item id ~
Response.Wri$e(chr(10)) 'Response.Write(chr(10) ~ tabber ~ "<!ATTLIST id" & item id & w name CDATA ""~ d~ name 6r ""w>w) rst.MoveEirst level=level+1 while not rst.eof ' Response.Write(" ,stratify level " & level ~ ":" 6 rst.Fields("category id")) cat id=rst.Fields("category id") . cat_name=rst.Fields("category name") call stratify dtd(cat id, cat name, level) ' recursion origin rst.MoveNext wend level=level-1 SUBSTITUTE SHEET (RULE 26) end if rst.Close set rst=nothing end sub r******************************************************************************
*
***********
sub stratify xml(item id, name, level) ' produce the actual XML data tabber=""
for x =1 to level tabber=tabber ~ " "
next set rst=server.CreateObject("adodb.recordset") set data=server.CreateObject("adodb.recordset") sql="select * from categories where category-pareat id=" ~ item id rst.Open sql,connobj,adOpenDynamic,adLockOptimistic if rst.EOF then ' if the parent node has no children...
Response.Write(chr(10) & tabber & "<id" ~ item id & "
name=""" & name & ""w/>w) else ' if the parent node has children... check for data....
Response.Write(chr(10) i tabber ~ "<id" ~ item id & " name=""" &
name & ""w>w) 'print out all the obis of the root element if they exist level=Level+1 and then drill down to the child nodes while not rst.eof cat id=rst.fields("category id") cat name=rst.Fields("category name") call stratify xml(cat id,cat_name,level) 'recursion origin rst.MoveNext wend Response.Write(chr(10) ~ tabber & "</id" ~ item id ~ ">") level=level-1 end if rst.Close set rst=nothing set data=nothing end sub ____-___ INIT XML PAGE WITH INTERNAL DTD ---____~_~__~___-__~____ Response: Write("<?xml version=""1.0""?>" ~ chr(10)) Response. Write("<!DOCTYPE idl [" & chr(10)) Response. write("<!ELEMENT obx (#PCDATA)>" ~ chr(10)) Response.Write(chr(10) & chr(10)) ---------- CALL THE PROCEDURE THAT CREATES THE DTD ACCORDING TO THE DATABASE -call stratify dtd (1,"xmlnet",0) Response.Write(chr(10) ~ ")>" ~ chr(10)) -°-------- CALL THE PROCEDURE THAT GENERATES THE ACTUAL XML DATA
DOCUMENT ---SUBSTITUTE SHEET (RULE 26) Response.idrite(chr(10) ~ chr(10)) call stratify ~1(l,"~nlnet"~0) 3>
SUBSTITUTE SHEET (RULE 26) <!--#inclnde file="adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<%
dim arr ( ) counter~0 -pid--Request.Form("pid") cat id Reqnest.Form("cat id") cat name=Request.Form("cat name") set rstl=server.CreateObject("adodb.recordset") sql="select obx id from observations where patient ic~* i pid ~ " and category id=' ~ cat id rstl.Open sql,connobj,adOpenDynamic,adLockOptimistic while not rstl.EOF
obxid~stl.Fields("obx id") cname="c" & obxid checkid=Request.Form(cname) if checkid<>"" then counter=counter+1 redim preserve arr(connter+1) arr(counter)=obxid 'Response.Write(obxid & "<br>") rstl.Delete adAffectCurrent rstl.MovePrevious end if rstl.MoveNext wend 'Response.Write("tbr>" & pid ~ "<br>" & cat id ) rstl.Close sqla""
sql="delete from observation coding where observation id in ("
for x 3 1 to counter sql=sql ~ arr(x) 6 ","
next sql=sql & "0)"
'Response.Write(sqI) rstl.open sql,connobj,adOpenDynamic,adLockOptimistic ' recordset closes automatically after deletion set rstl=nothing Response. Redirect("get data. asp?id=" ~ cat id & "scat name=" ~ cat name) %>
SUBSTITUTE SHEET (RULE 26) <!DOCTYPE HTML PDBLIC "-//W3C//DTD HTML 3.2 FINAh//EN">
<ATlffJ
<font size=2 face=serif>
<script languages"javascript">
var html text=~': ' var toggl~false;
var depth=1000;
var next sib;
var epos=Ot var vmax=1;
var tear node; _ var cat idt var ~anldoc~eyt ActiveXObject("Microsoft.7~DOM");
xmldoc.load("prepare skeleton.asp");
loaddoc():
function loaddoc () if (xmldoc.readyState~"4")( start ( ) ;
Window. section.innerHTMI~html text;
) , _ else window.setTimeout("loaddoc()" , 1000 );
) function start() ( var root~ldoc.documentElement;
stratify(vpos,root);
) function stratify(vpos,node) if (epos<depth)( node_name=node.nodeName;
if (node name !_ '#text') node att~ode.attributes(0).text else node attanode.nodeName;
node text=node. text;
tabex~" ;
for (~0; x<vpos; x++) tuber=taber+'~nbsp ~nbsp ~nbsp snbsp';
if (node.hasGhildNodes())( local html=tuber+'<label onclickadocmnent.all("'+node name+'").style.display="none">x </label>~;
local htmlalocal html+'<label onclickadocument.all("'+node name+~").style.display="block"»snbsp</label>';
W
else local html=tuber+'~nbsp6nbsp   ';
cat id=node.attributes(1). text;
SUBSTITUTE SHEET (RULE 26) local html=local html+'<strong><font color="#OOOOff">'+node att+'~nbsp~nbsp<a target="right frame"
href="get data.asp?id='+cat id+'~cat name='+node att+'">~</a></font>c/strong><br >.
local html=local html+'<div id="'+node_name+'~>'+String.fromChaxCode(10);
html text=html text+local html;
if (node.hasChildNodes())~
if (vmax<vpos) vmax=vpos;
stratify(epos+l, node.childNodes(0));
tuber=" _ for (x=O;x<vpos;x++) taber=taber+' ';
) html test=html text+'</div>'+String.fromCharCode(10);
temp node=node.nextSibling;
if (temp node != null && temp node.nodeName !_ '#comment' stratify(vpos,temp node):
function display(flag)i var root=xmldoc.documentElement;
if (flag~l) show(root);
) if (flag=2) ( hide(root);
function hide(node) ;
node name=node.nodeName;
document.all(node name).style.display="none~:
if (node.hasChildNodes())( hide(node.childNodes(0));
) ~
temp node~ode.nextSibling;
if (temp node != null &~ temp node.nodeName !_ '#comment' ) hide(temp -node);
function ~how(node) node namesnode.nodeName;
- document.all(node name).style.display=~block~;
if (node.hasChildNodes())( show(node.childNodes(0));
) temp node=node.nextSibling;
if (temp node != null ~~ temp node.nodeName !_ '#comment' ) show(temp node);
</script>
</HEAD>
SUBSTITUTE SHEET (RULE 26) body backgronac~backgrnd.gif>
<center>
<input name="shoxit" values"Show All" types"button" onclick="display(1)"»nbsp <input name="hideit" values"Hide AlI" type="button" oncliclca"display(2)"»nbsp <input name="view" value="View" type="button" language~avascript onclicl~"window.open('view patient.asp','right frame')">
</center>
items~er id(I,lenqth) ~ "</td>") Reesponse.i~lrite("<td>tinput name=""" ~ items-per 3d(O,length) i """
size=20></input></td>c/ti>") End If Response.idrite("</table><br><input type=""subaait"" values""Attempt Unique Identification""></form>") End Sub r******************************************************************************
*
*********
' HTHL CODE STARTS HERE
%>
<html xhead>tfont size=3 face=sans-serif>
<META http-equip="Expires" content="Tue, 20 Aug 1996 14:25:2? t~IT">
<TITLE~Carekey Patient Identification Page</TITL~
</HEAD>
<body backgrounc~backgrnd.gif>
<%
if get~id_items () then call load existing values call export html end if connobj.close set connobj=nothing %>
<AR NOSHADE>
</BODY>
</HTML>
SUBSTITUTE SHEET (RULE 26) <lDOCTyPE POBbIC "-//W3C//DTD aTHL 3.2 FINAL//EN">
<HTML>
<HEAD>
<script language="javascript" for="window" event="onload">
</script>
<font size=2 face=serif>
<script language="javascript">
var html text=" ;
var toggle=false;
var depth=1000=
var next sib;
var epos=0;
var vmax=1;
var temp node;
var xmldoc=new ActiveXObject("Microsoft.xHILDOM"j;
xmldoc.load("make dtd.asp");
loaddoc();
function Ioaddoc () t if (xmldoc.readyState~"4")( start ( ) s window. section.inuerHTML=html text;
) -else window.setTimeout("loaddoc()" , 200 );
) function start() ( var root=xmldoc.documentElement;
stratify(vpos,root);
) function stratify(vpos,node) ;
if (vpos<depth)( node name=node.nodeName;
if (node name !_ '#text') node attanode.attributes(0).text else node att=node.nodeName;
node text~node.text:
if (node text !_ " p toggle )( tabera" ;
for (x=O;x<vpos;x++) taberataber+'  ~nbsp 6nbsp6nbsp ';
if (node name~'obx')( local htmlataber+'~nbspsnbsp6nbsp <font ' color="OOOOff">'+node text+'</font>4~r>'+String.fromCharCode(10) html text=html text+local html;
else ( . if (node.hasChildNodes())( local htmlstaber+'<label onclick=document.all("'+node name+'").style:display="none">ac </label>';
SUBSTITUTE SHEET (RULE 26) local html=local html+'<label onclick~ocumeat.all(*'+node name+'w).style.display="block">xt/label>';
. ~ .
else local html=tuber+'~nbsp ~nbsp~nbsps~nbsp';
if (node text !_") local html=local html+'<strongxfont colota"ff0000">'+node att+'</font></strongxbr>>' else local html=local html+'<strongxfont color="808080~>'+node att+'</fontx/strongxbr>>';
local html=local html+'<div id="'+node name+'">'+String.fromCharCode(10);
html text=html text+local html;
if (node.hasChildNodes())[
if (vmax<vpos) vmax=vpos;
stratify(epos+l, node.childNodes(0));
tuber=" ;
for (x=O:x<vpos;x++) taber=taber+' ';
html text=html text+'</div>'+String.fromCharCode(10);
W
) temp node=node.nextSibling:
if (temp node != null b& temp node.nodeName !_ '#comment' ) stratify(vpos,temp -node);
function toggle empty() toggle=-toggle;
html_text=" ;
stratify ( 0, x<nldoc: ~IocumentElement ) window. section.innerHTMI,ahtml text;
function display(flag)( vai" root=xmldoc.documentElement;
.if (flag~l) show(root);
) if (flag~2) ( hide(root):
function hide(node),~
node name~node.nodeName;
if (node name!='obx' && node name!='#text')( SUBSTITUTE SHEET (RULE 26) if (document.all(node name)l~nll) document.all(node name).style.display="none";
) if (node.hasChildNodes())( hide(node.childNodes(0));
temp nodeanode.nextSibling;
if (temp node != null ~~ temp node.nodeName !s '#comment' )( hide(temp -node);
function show(node) ( node_nameanode.nodeName:
if (node name!='obx' ~~ node namel='#text')( if (document.all(node name)!'null)( document.all(node name).style.display="block";
) if (node.hasChildNodes())( show(node.childNodes(0));
) temp node=node.nestSibling;
if (temp node != null &~ temp node.nodeName !_ '#comment' )( show(temp -node):
</script>
</HEAD>
<body background=backgrnd.gif>
<!--<body background=backgrnd.gif> -->
<center>
<input name="showit" value="Show All" type="button°
onclick="display(1)">snbsp <input name="hideit" vale="Hide All" type="button" onclick="display(2)"»nbsp <input names"toggle" value="Toggle Empty" type="button"
onclick="toggle empty()">  <input name="Id Page" value="Back to ID page" type="button"
onclick="window.open('id input_page.asp',' top')">
<input name="frames" value="Data Entry" type="button"
onclick="t~rindow.open('frame set l.asp',' top')">
</center>
tbr><hr noshade width=80%><br>
<div id="section"></div>
</BODY>
</HTNIL>
SUBSTITUTE SHEET (RULE 26) <i--#include file="adovbs.inc" °>
<i--#include file="setodbc.inc" -->
dim a ( ) dim user id *******************************************************************************
*
*************
' this function creates the SQi~ that finds the unique match using the data in the array ' returns negative number is no matches, 0 if many matches, gatient id if unique hatch -Function get_pid id() dim rst dim counter set rst = server.CreateObject("adodb.recordset") part0 = "select distinct patient id from pid data where ((1=1) "
partl = " and ( part2 = " patient id in (select patient id from pid data where item id="
part3 = " and va1ue like part4 = "'))"
parts = ")"
sql a part0 for x = 1 to cint(a(0,0)) sql = sql + partl + part2 + a(O,x) + part3 + a(l,x) + part4 next sqla sql + parts 'Response.Write(sql) rst.Open sql,connobj 'Response.Write(sql) ' if not rst.EOF then rst.MoveFirst counter = 0 while not rst.EOF
counter s counter + 1 ' 'Response.F7ryite( "<br>patient found:" +
cstr(rst.Fields("patient id").value)+ "cbr>") rst.MoveNext wend 'Response.Write("<brxounter:" ~ counter ) if counter =1 then ' patient matched - rst.MoveFirst get~id_id = rst.Fields("patient id").value end if if counter < 1 then ' no patients match getJpid id = -1 end if if counter >1 then ' too many patients match get_pid id = 0 end if set rsta Nothing session.Abandon () End Function SUBSTITUTE SHEET (RULE 26) .******************************************************************************
*
****************
' this sub loads the request data table with the entries in the form sub update database with user request() dim time stamp - - -dfm nva -of_items ditn rstl dim counter user id = trim(cstr(Request.ServerVariables("remote addr"))) ~ ip address time stamp = cstr(now().j ' time stamp counter = 0 length = cint(Request.Form("count")) ' number of fields to extract from request form ' remove old entries for this ip set rstl = server.CreateObject("adodb.recordset") rstl.CursorType= adOpenDynamic sql = "delete from request data where user ip like '~ & usei id & ~'" ' clear database from previous attempts rstl.open sql,connobj set rstl a nothing 'set cnnl = server.CreateObject("adodb.connection") 'cnnl.Open "filedsn~cardionet.dsn"
set rst2 a server.Create0bject("adodb.recordset") rst2.ActiveConnection = connobj rst2.CursorType = adGpenKeyset rst2.LockType = adLockOptimistic rst2.Source = "request data"
rst2.Open for x = 1 to length ' loop through items if len(cstr(Request.Form(cstr(x))))>0 then ' append only items that have a value enetered counter = counter + 1 redim preserve a(2,counter) redim works only on last dimension, note it is turned around 2,30 a(O,counter) = cstr(x) ' item id a(l,counter) = lease(trim(Request.Form(cstr(x)))) ' item value rst2.AddNew ' add a record for each entered item rst2("user ip") = user id rst2("item id") a a(O,counter) rst2("item value") = a(I,counter) .
rst2("time stamp") = time stamp rst2("session id") = cstr(sessfon.SessionID) rst2.update .
end if next rst2.Close 'cnnl.Close set rst2anothing 'set cnnl=nothing a(0,0) = cstr(counter) end sub SUBSTITUTE SHEET (RULE 26) *******************************************************************************
**************
' this funciton checks to see if the items specified by the patient as required to his ' identification are indeed provided. the list of those items are in table id_pass and ' the items provided are 3.n table request data function check id_pass(pid) 'set cnn4 = server.CreateObject("adodb.connection") 'enn4.Open "filedsn=cardionet.dsn".
user ip= trim(cstr(Request.ServerVariables("remote addr"))) set .recset= server.CreateObject("adodb.recordset") recset.ActiveConnection = connobj recset.CursorType = adOpenKeyset recset.hockType = adLockOptimistic ' the following sql returns the item id that were not provided and are necessary for authorization sql0="select item name from pid items where item id in "
sqh=" (select iteia id from id_pass where (patient ids" ~ pid 6 ") "
sql2="and item id not in "
sql3=" (select item id from request data where user ip like '" ~ user ip i w.}}w _ _ _ ' recset.source=sql0 & sqll & sql2 ~ sql3 recset.Open if recset.RecordCount>0 then ' patient security specs are not met check id~ass=0 Response.Write("<hr><br><li><font size=2 color=~OOOOcd><strong> For this patient, access will be authorized upon furnishing the following information: </font>"}
'Response.Write(recset.RecordCount ) while not recset.eof Respoi~se.Write("<br><li>" ~ recset.Fields ("item name")}
recset.movenext wend Response.Write("<br></font>") else check id~ass=1 ' patient security is OK
end if recset.close cnn4.Close set recsetsnothing ' set cnn9=nothing end function .******************************************************************************
*
*******
this sub updates the online table with the access granted for this ip user for this patient SUBSTITUTE SHEET (RULE 26) sub update online (user, patient) set rst5 = server.CreateObject("adodb.recordset") 'set cans = server.CreateObject("adodb.connection") 'cnnS.Open "filedsn=cardionet.dsn"
sql "delete froa online where user ip like '" ~ nser ~ "'"
rstS.Open sql,connobj set rst6 = server.CreateObject("adodb.recordset") rst6.ActiveConnection = connobj rst6.CursorType = adOpenReyset rst6.LockType = adLockOptimistic rst6.Source = "online"
rst6.Open rst6.AddNew rst6("user ip")=user rst6("patient id")patient 'rst6("tine stamp")=now() rst6.Qpdate rst6.Close cnnS.Close set rst6~othing set rst5=nothing set cnn5~nothing end sub *******************************************************************************
*
*******
********************* P R O G R A M S T A R T
***********************************
*******************************************************************************
*
******* .
call update database_with user request p = get~id id ' calling the patient matching function 'Response.Write ("<hr>" 6 cstr(a(0,0)) ~ "  items provided by ip user "
user id ~ "<brxhr>") p intecint(p) if p int>0 then sec'tire--check id_pass(cstr(p)) if secure=1 then update Online user id,p int ' update the online table with the new access provision 'Response. Write("patient identified:" & p int) 'response.redirect("data root.asp") 'Response.Write("You nort have access to patient " ~ p int ) Response.Redirect("view~atient.asp") else '%>
<html>
<head>
</head>
SUBSTITUTE SHEET (RULE 26) body background=backgrnd.gif>
4~r><center><hr noshade Hidth=80%></center>
dar clear=all> -<%
Response. Write("<br>Access requirements not met for the identified patient: " ~ p) end if end if if p int<0 then Response. Write ("<li>snbsp No Matching patients found.
Attempt identification again using validated data only.") if p int=0 then Response.iirite ("<li»nbsp More than one patient found. Try adding or changing patient infozmation.") 'if p int>0 then check id_pass(cstr(p)) %>
tcenter><br>d~r>
<a href="id_input_page.asp">Back to Tdentification Page</a>
<P>inbspi<lP>
</BODY>
</aTML>
SUBSTITUTE SHEET (RULE 26) <!-#include files"adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<%
pid=Request.Form("pid") obx valueaRequest.Form("obs vaI") obx time=Request.Form("obx time") code system=Request.Form("code system") code value=Request.Form("code value") cat id=Request.Form("cat id") cat name=Request.Form("cat name") if obx_value="" then Response. Redirect("get data. asp?id=" & cat id & "scat names" & cat name) end if i:f not(isdate(obx time) ) then obx time~ow ( ) end if 'Response.Write("<br>" & pfd ~ "<br>" ~ obs value & "Q>r>" i obx time ~ "tbr>"
~
code system & "4~r>" & code value & "<br>" -~ cat id 'Response. End set rst=server.GreateObject("adodb.recordset") rst.open "observations",connobj,adOpenKeyset,adLockOptimistic rst.Add~lew rst("patient id")did rst("obx text")~bx value rst("obx time")=obx time rst("category id")=cat id rst.Update obx id= rst.Fields("obx id") rst.Close ' this is part of the old interface where coding was entered as part of the observation 'rst.open "observation coding",connobj,adQpenKeyset,adLockOptimistic 'rst.AddNew rst("observation id")=obx id ' rst("code system id")=code system rst("code id")=code_value 'rst.Update 'rst.Close set rst~nbthing Response. Redirect("get data. asp?id=" & cat id ~ "scat name=" & cat name) %>
SUBSTITUTE SHEET (RULE 26) <!~#include files"adovbs.inc" ~> ' <!~#include file="setodbc.inc" -->
' extract the patient on which this ip is allowed to work on, from the online table user ip=Request.ServerVariables("remote addr") set rst~id=server.CreateObject("adodb.recordset") sql = "select patient id from online where user ip like '" ~ user i~ ~ "'"
rst_pid.Open sql,connobj,adOpenKeyset,adLockOptimistic if not rst-pid.EOF then pidacint(rst_pid.Fields("patient id")) rst~id. Close set rst-pid= nothing ' else rst-pid.Close set rst~id= nothing Response.Redirect("id input~age.asp") end if . ' .******************************************************************************
*
****
check if either a category or an observation is locked for this patient function item locked(fld name,fld value) ' fld name should be either "observation id" or "category id"
' fld value should contain the id of the item required weather an observation or a category set rst chk=server.Create0bject("adodb.recordset") .
sql="select distinct item id from locks where (patient id=" & cint(pid) &
" and " & fld name & "_" & cint(fld value]
sqla sql ~ ") and item id not in ( select distinct item id from request data where user ip 1ike '" &fuser ip & "')" -rst chk.Open sql,connobj,adOpenKeyset,adLockOptimistic if rst chk.EOF then item_locked = false else item_locked = true end if ' rst_chk.Close set rst chk=nothing end function 'if item locked("category id",19)then ' Response.Write("locked") ' else ' Response,Write("not locked") 'end if .******************************************************************************
*
****
SUBSTITUTE SHEET (RULE 26) snb stratify dtd(item id, name, level) ' generate the DTD from the table categories set rst=server.CreateObject("adodb.recordset") sqI="select * from categories where category,~arent id=" ~ item id rst.Open sql,connobj,adOpenDynamic,adLockOptimistic tabber=""
for x =1 to level tabber3tabber & " "
next if rst.EOF then Response.Write(chr(10) &~tabber s "<lELEMENT id" ~ item id ~ "
(obx*)>") -Response.Write(chr(10) ~ tabber ~~"<!ATTbIST id" & item id ~ " name CDATA """ ii name i~ www>w) - .
else Response.Write(chr(10) i tabber t "<lELEMENT id" & item_id & "
(Obx*,") while not rst.EOF
local id=rst.Fields("category id") Response.Write( "id" i local id ~ "*") rst.MoveNext if not rst.EOF then Response.Write(", ") end if wend Response.Write(" )>") Response.Write(chr(10) & tabber & "<!ATTLIST id" ~ item_id & " name CDATA """ ~ name & """>") rst.MoveFirst level=level+1 while not rst.eof Response.Write(" ,stratify level " & level & ":" ~
rst.Fields("category id*)) cat id=rst.Fields("category id") cat name=rst.Fields("category name") call stratify dtd(cat id,cat_name,level) ~ recursion origin rst.MoveNext wend levelalevel-1 end if rst.Close set rst~othing end sub .*******ir*********************************************************************
**
***********
sub stratify xml(item id, name, level) ' produce the actual XML data tabbera""
for x =1 to level tabber=tabber ~ " "
next check if this category is locked, in which case write.the category name as empty and exit this branch if item locked("category id",item id) then SUBSTITUTE SHEET (RULE 26) Response.Write(chr(10) ~ tabber & "<id" ~ item id ~ " names""w name E =?.oCked" & www/]w) exit sub end if set rst=server.CreateObject("adodb.recordset") set data=server.CreateObject("adodb.recordset") sql="select * from categories where category~parent id " ~ item id rst.Open -sql,connobj,adOpenDynamic,adLockOptimistic ~ check for data of this node sql="select * from observations where category ids" & item id ~ " and patient id=" & pid ~ " order by obx time" -data.Opea sql,connobj,adOpenDynamic,adLockOptimistic if rst.EOF then ' if the parent node has no children...'check for data....
if data.EOF then ' if no data, close the node Response.Write(chr(10) & tabber ~ "<id" & item id & w n~~www ~ n~ ~ www/>w) -elSe Response.Write(chr(10) & tabber ~ "<id" & item id ~ " name="""
& name & www>w) .-while not data.EOF ' if it has data, but no children, load it and then close the node ' obs id=cint(data.Fields("obx id")) obs txtadata.Fields("obx text") if item locked("observation id",obs id) then obs_txt="Observation Locked"
end if Response.Write(chr(10) & tabber ~ " " ~ "<obx obx id=""" s data.Fields("obg id") & """>") Response.Write(obs txt ~ "</obx>") data.MoveNext wend Response.Write(chr(10) & tabber & "</id" ~ item id 6 ">") end if else ' if the parent node has children... check for data....
Response.Write(Chr(10) & tabber ~ "<id" & item id & " name="""
name & ""w>w) 'print out all the obis of the root element if they exist while not data.EOF ' if it has data, print it.
obs id cint(data.Fields("obx id")) obs txtadata.Fields("oba_text") if item locked("observation id",obs id) then obs_txt=" Observation Locked end if Response.Write(chr(10) i tabber G " " & "<obx Obx id=""" & data.Fields("Ob7L id") ~ www>w) Response.Write(obs txt ~ "</obx>") data.MoveNext wend data. close level=level+1 SUBSTITUTE SHEET (RULE 26) ' and then drill down to the child nodes while not rst.eof cat id=rst.Fields("category id") cat name=rst.Fields("category name") call stratify xml(cat id, cat name, level) 'recursion origin rst.MoveNeat - -- - - -wend Response.Write(chr(10) & tabber ~ "</id" ~ item id ~ ">") level=level-Z ' end if rst.Close set rst=nothing set data~othing end sub ---_----- INIT XML PAGE WITH INTERNAL DTD --- --------__-----------Response.Write("<?xml version=""1.0""?>" ~ chr(10)) -Response. Write("<lDOCTYPE idI [" E chr(10)) Response. write("<ISLEt~NT obx (#PCD~ATA)>" ie chr(10)) Response. Write("<lATTbIST obx" i chr(10)) Response. Write(" obx id CDATA #REQDIRED" 6 chr(10)) Response.Write(» code sys id CDATA ""ICD9""" & chr(10)) -Response. Write(" -code id CDATA.""134.18""" ~ chr(10)) Response.Write(">") Response.Write(chr(10) & chr(10)) BALL THE PROCEDORE THAT CREATES THE DTD ACCORDING TO THE DATABASE -call stratify dtd (1,"xmlnet",0) Response.Write(chr(10) & ")>" ~ chr(10)) CALL THE PROCEDDRE THAT GENERATES THE ACTOAb XtiL DATA DOCDMENT ---Response.Write(chr(10) & chr(10)) call stratify xml(l,"riolnet",0) %>
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" ->
<!--#include file="setodbc.inc" -->
<3 pid=Request.Form("pid") obz value=Request.Form("obx val") obx time=Request.Form("obx time") code system Request.Foxm("code system") code valueaRequest.Form("code value") cat i~Request.Form("cat id") cat name=Request.Form("cat name") if obx value="" then Response. Redirect("get data. asp?id=" i cat id ~ "&cat name=" ~ cat name) end if tf not(isdate(obx time) ) then obx_time=now() end if 'Response.Write("<br>" ~ pid & "fir>" ~ obx value ~ "<br>" & obx time i "<br>"
~
code system & "<br>" ~ code value ~ "<br>' ~ cat id 'Response. End set rst=server.CreateObject("adodb.recordset") rst.open "observations",connobj,adOpenKeyset,adF.ockOptimistic rst.AddNew rst("patient id")did rst("obs text")aobx value rst("obx time")~obx time rst("category id")xat id rst.Update obx_id= rst.Fields("obx id") rst.Close ' this is part of the old interface where coding was entered as part of the observation .
'rst.ogen "observation coding",connobj,adOpenKeyset,adLockOptimistic 'rst.AddNew ' rst("observation id")~bx id ' rst("code system_id")=code system rst("code id")~ode_value 'rst.Opdate 'rst.Close set rst=nothing Response. Redirect("get data. asp?id " ~ cat id & "scat name=" & cat name) %>
SUBSTITUTE SHEET (RULE 26) ~T~
<HEAD>
<META "CareKey System Demo" Content="Center for Clinical Coa~uting, Harvard Ntedical School">
<TITLE>CareKey Democ/TITLE>
</HEAD>
<BODY background backgrnd.gif>
<font size=5 color=#00008b><strong><Center>
<a href="id input_page.asp" >
<ing name="imgl" src="bidmc-banner.gif" border=0 Width=903 >
</a>
</BODY>
</HTMW
SUBSTITUTE SHEET (RULE 26) <!--#include file="adovbs.inc" -->
<!--#include files"setodbc.inc" -_>
sub stratify dtd(item id, name,Ievel) ' generate the DTD from the table categories set rst=server.CreateObject("adodb.recordset") sqla"select * from categories where category~arent id=" ~ item id rst.Open.sql,connobj,adOpenDynamic,adLockOptimistic tabber=""
for x =1 to level tabberatabber ~ " w next if rst.EOF then Response.Write(chr(10) & tabber i w<lEbEMENT id" ~ item id ~ w (obx*)>") Response.Write(chr(10) ~ tabber ~ "<lATTLIST id" 6 item id ) Response.Write(chr(10) & tabber ~ " name CDATA ""w i name ~ wwww) Response.Write(chr(10) & tabber ~ " cat id CDATA "ww ~ item id:~_., www>w) else (obx*, ") www>w) Response.Write(chr(10)) Response.Write(chr(10) & tabber & "<!ELEMENT idw & item id & w while not rst.EOF
local id=rst.Fields("category id") Response.Write( "id" & local id & "*") rst.MoveNext if not rst.EOF then Response.Write(", ") end if wend Response.Write(" )>") Response.Write(chr(10) & tabber ~ "<!ATTLIST id" ~ item id ) Response.Write(chr(10) ~ tabber & " name CDATA """ & name & """") Response.Write(chr(10) & tabber ~ " cat id CDATA """ ~ item id ~
Response.Wri$e(chr(10)) 'Response.Write(chr(10) ~ tabber ~ "<!ATTLIST id" & item id & w name CDATA ""~ d~ name 6r ""w>w) rst.MoveEirst level=level+1 while not rst.eof ' Response.Write(" ,stratify level " & level ~ ":" 6 rst.Fields("category id")) cat id=rst.Fields("category id") . cat_name=rst.Fields("category name") call stratify dtd(cat id, cat name, level) ' recursion origin rst.MoveNext wend level=level-1 SUBSTITUTE SHEET (RULE 26) end if rst.Close set rst=nothing end sub r******************************************************************************
*
***********
sub stratify xml(item id, name, level) ' produce the actual XML data tabber=""
for x =1 to level tabber=tabber ~ " "
next set rst=server.CreateObject("adodb.recordset") set data=server.CreateObject("adodb.recordset") sql="select * from categories where category-pareat id=" ~ item id rst.Open sql,connobj,adOpenDynamic,adLockOptimistic if rst.EOF then ' if the parent node has no children...
Response.Write(chr(10) & tabber & "<id" ~ item id & "
name=""" & name & ""w/>w) else ' if the parent node has children... check for data....
Response.Write(chr(10) i tabber ~ "<id" ~ item id & " name=""" &
name & ""w>w) 'print out all the obis of the root element if they exist level=Level+1 and then drill down to the child nodes while not rst.eof cat id=rst.fields("category id") cat name=rst.Fields("category name") call stratify xml(cat id,cat_name,level) 'recursion origin rst.MoveNext wend Response.Write(chr(10) ~ tabber & "</id" ~ item id ~ ">") level=level-1 end if rst.Close set rst=nothing set data=nothing end sub ____-___ INIT XML PAGE WITH INTERNAL DTD ---____~_~__~___-__~____ Response: Write("<?xml version=""1.0""?>" ~ chr(10)) Response. Write("<!DOCTYPE idl [" & chr(10)) Response. write("<!ELEMENT obx (#PCDATA)>" ~ chr(10)) Response.Write(chr(10) & chr(10)) ---------- CALL THE PROCEDURE THAT CREATES THE DTD ACCORDING TO THE DATABASE -call stratify dtd (1,"xmlnet",0) Response.Write(chr(10) ~ ")>" ~ chr(10)) -°-------- CALL THE PROCEDURE THAT GENERATES THE ACTUAL XML DATA
DOCUMENT ---SUBSTITUTE SHEET (RULE 26) Response.idrite(chr(10) ~ chr(10)) call stratify ~1(l,"~nlnet"~0) 3>
SUBSTITUTE SHEET (RULE 26) <!--#inclnde file="adovbs.inc" -->
<!--#include file="setodbc.inc" -->
<%
dim arr ( ) counter~0 -pid--Request.Form("pid") cat id Reqnest.Form("cat id") cat name=Request.Form("cat name") set rstl=server.CreateObject("adodb.recordset") sql="select obx id from observations where patient ic~* i pid ~ " and category id=' ~ cat id rstl.Open sql,connobj,adOpenDynamic,adLockOptimistic while not rstl.EOF
obxid~stl.Fields("obx id") cname="c" & obxid checkid=Request.Form(cname) if checkid<>"" then counter=counter+1 redim preserve arr(connter+1) arr(counter)=obxid 'Response.Write(obxid & "<br>") rstl.Delete adAffectCurrent rstl.MovePrevious end if rstl.MoveNext wend 'Response.Write("tbr>" & pid ~ "<br>" & cat id ) rstl.Close sqla""
sql="delete from observation coding where observation id in ("
for x 3 1 to counter sql=sql ~ arr(x) 6 ","
next sql=sql & "0)"
'Response.Write(sqI) rstl.open sql,connobj,adOpenDynamic,adLockOptimistic ' recordset closes automatically after deletion set rstl=nothing Response. Redirect("get data. asp?id=" ~ cat id & "scat name=" ~ cat name) %>
SUBSTITUTE SHEET (RULE 26) <!DOCTYPE HTML PDBLIC "-//W3C//DTD HTML 3.2 FINAh//EN">
<ATlffJ
<font size=2 face=serif>
<script languages"javascript">
var html text=~': ' var toggl~false;
var depth=1000;
var next sib;
var epos=Ot var vmax=1;
var tear node; _ var cat idt var ~anldoc~eyt ActiveXObject("Microsoft.7~DOM");
xmldoc.load("prepare skeleton.asp");
loaddoc():
function loaddoc () if (xmldoc.readyState~"4")( start ( ) ;
Window. section.innerHTMI~html text;
) , _ else window.setTimeout("loaddoc()" , 1000 );
) function start() ( var root~ldoc.documentElement;
stratify(vpos,root);
) function stratify(vpos,node) if (epos<depth)( node_name=node.nodeName;
if (node name !_ '#text') node att~ode.attributes(0).text else node attanode.nodeName;
node text=node. text;
tabex~" ;
for (~0; x<vpos; x++) tuber=taber+'~nbsp ~nbsp ~nbsp snbsp';
if (node.hasGhildNodes())( local html=tuber+'<label onclickadocmnent.all("'+node name+'").style.display="none">x </label>~;
local htmlalocal html+'<label onclickadocument.all("'+node name+~").style.display="block"»snbsp</label>';
W
else local html=tuber+'~nbsp6nbsp   ';
cat id=node.attributes(1). text;
SUBSTITUTE SHEET (RULE 26) local html=local html+'<strong><font color="#OOOOff">'+node att+'~nbsp~nbsp<a target="right frame"
href="get data.asp?id='+cat id+'~cat name='+node att+'">~</a></font>c/strong><br >.
local html=local html+'<div id="'+node_name+'~>'+String.fromChaxCode(10);
html text=html text+local html;
if (node.hasChildNodes())~
if (vmax<vpos) vmax=vpos;
stratify(epos+l, node.childNodes(0));
tuber=" _ for (x=O;x<vpos;x++) taber=taber+' ';
) html test=html text+'</div>'+String.fromCharCode(10);
temp node=node.nextSibling;
if (temp node != null && temp node.nodeName !_ '#comment' stratify(vpos,temp node):
function display(flag)i var root=xmldoc.documentElement;
if (flag~l) show(root);
) if (flag=2) ( hide(root);
function hide(node) ;
node name=node.nodeName;
document.all(node name).style.display="none~:
if (node.hasChildNodes())( hide(node.childNodes(0));
) ~
temp node~ode.nextSibling;
if (temp node != null &~ temp node.nodeName !_ '#comment' ) hide(temp -node);
function ~how(node) node namesnode.nodeName;
- document.all(node name).style.display=~block~;
if (node.hasChildNodes())( show(node.childNodes(0));
) temp node=node.nextSibling;
if (temp node != null ~~ temp node.nodeName !_ '#comment' ) show(temp node);
</script>
</HEAD>
SUBSTITUTE SHEET (RULE 26) body backgronac~backgrnd.gif>
<center>
<input name="shoxit" values"Show All" types"button" onclick="display(1)"»nbsp <input name="hideit" values"Hide AlI" type="button" oncliclca"display(2)"»nbsp <input name="view" value="View" type="button" language~avascript onclicl~"window.open('view patient.asp','right frame')">
</center>
4~r><hr noshade width=80~><br>
<div idi"section"></div>
</BODY>
</HTZSL>
SUBSTITUTE SHEET (RULE 26) <%
r--_---..-----_~_-------.---- ~~- ---' MiCrOSOft ADO
~ (c) 1996-1998 Microsoft Corporation. All Rights Reserved.
' ADO constants include file for VBScript r '---- CursorTypeEnum Values ----Coast adOpenForwardOnly = 0 Coast adOpenKeyset = 1 Coast adOpenDynamic = 2 Coast adOpenStatic = 3 '---- CursorOptionEnum Values - -Const adHoldRecords = &HOOOOOI00 Coast adMovePrevious = sH00000200 Coast adAddNeW = &H01000400 Coast adDelete = ~H01000800 Coast adUpdate = &H01008000 Coast adBooka~ark = ~H00002000 Coast adApproxPosition = &H00004000 Coast adUpdateBatch = &H00010000 Const~adResync = ~H00020000 Coast adNotify = &H00040000 Coast adFfnd = &H00080000 '---- LockTypeEnum Values ----Coast adLockReadOnly = 1 Coast adLockPessimistic = 2 Const~adLockOptimistic = 3 Coast adLockBatchOptimistic = 4 '---- ExecuteOptionEnum Values ----Coast adRunAsync = &H000 0010 Coast adAsyncExecute = ~~00000010 Coast adAsyncFetch = &H00000020 Coast adAsyncFetchNonBlocking = ~H00000090 Coast adExecuteNoRecords = &H00000080 '---- CormectOptionEnum Values ----Coast adAsyncConnect = sH00000010 '---- ObjectStateEnum Values ----Coast adStateClosed = &H00000000 Coast adStateOpen = &H00000001 Coast adStateConnecting ; &H00000002 Coast adStateExecuting = &H00000004 Coast adStateFetching = ~H00000008 '---- CursorLocationEnum Values ----Coast adUseServer = 2 Coast adUseClient = 3 SUBSTITUTE SHEET (RULE 26) '---- DataTypeEnum Values ---Coast adEmpty a 0 Coast adTinyInt = 16 Coast adSmallInt = 2 Coast adInteger = 3 Coast adBigInt = 20 Coast adUnsignedTinyInt = 17 Coast adUnsignedSmallInt = 18 Coast adOnsignedInt = 19 Coast adUnsignedBigInt = 21 Coast adSingle = 4 Coast adDouble = 5 Coast adCurrency = 6 Coast adDecimal = 14 Coast adNumeric = 131 Coast adBoolean = 11 Coast adError = 10 Coast adOserDefined = 132 Coast adVariant = 12 Coast adIDispatch = 9 Coast adIOn)mown = 13 Coast ad6UID = 72 Coast adDate = 7.
Coast adDBDate = 133 Coast adDBT3me = 134 Coast adDBTimeStamp = 135 Coast adBSTR a 8 Coast adChar = 129 Coast adVarChar = 200 Coast adLongVarChar = 201 Coast adWChar = 130 Coast adVarWChar = 202 Coast adhongVarWChar a 203 Coast adBinary = 1,28 Coast adVarBinary = 204 Coast adLongVarBinary ~ 205 Coast adChapter = 136 Coast adFileTime = 64 '~~
Coast adDBFileTime = 137 Coast adPropVariant = 138 Coast adVarfiumeric = 139 '---- FieldAttributeEnum Values ----Coast adFldMayDefer = ~N00000002 Coast adFldOpdatable = &H00000004 Coast adFldUnknownOpdatable a iH00000008 Coast adFldFixed = ~H00000010 Coast adFldIsNullable = &H00000020 Coast adFldMayBeNul1 = ~H00000040 Coast adFldLong = &H00000080 Coast adFldRowID = ~H00000100 Coast adFldRowVersion = &H00000200 Coast adFldCacheDeferred = ~H00001000 Coast adFldKeyColumn = bA00008000 '---- EditModeEnum Values ----SUBSTITUTE SHEET (RULE 26) Coast adEditNone = ~H0000 Coast adEditInProgress = &H0001 Coast adEditAdd = ~H0002 Coast adEditDelete = &H0004 '---- RecordStatusEnum Valves ----Coast adRecOK = &H0000000 Coast adRecNew = &H0000001 Coast adRecModified a ~H0000002 Coast adRecDeleted = sH0000004 Coast adRecUnmodified = ~A0000008 Coast adRecInvalid ' &H0000010 Coast adRecMultipleChanges = ~H0000040 Coast adRecPendingChanges = &H0000080 Coast adRecCanceled a 8H0000100 Coast adRecCantRelease = &H0000400 ~onst adRecConcurrencyViolation = ~H0000800 Coast adRecIntegrityViolatioa = &H0001000 Coast adRecMaxChangesExceeded = ~8Q002000 Coast adRecObjectOpen = &H0004000 Coast adRecOutOfMemory = ~H0008000 Coast adRecPermissionDenied = bH0010000 Coast adRecSchemaViolation = &H0020000 Coast adRecDBDeleted = &H0040000 '---- GetRoWSOptionEnum Values ----Coast adGetRowsRest = -1 '---- PositionEnum Values ~ --Coast adPosUnknown = -1 Coast adPosBOF a -2 Coast adPosEOF = -3 '---- enum Values ----Coast adBoolanarkCurrent = 0 Coast adBoolonarkFirst = 1 Coast adBookmarkLast a 2 '---- MarshalOptionsErnuh~Values ----Coast adMarshalAll = 0 Coast adMarshalModifiedOnly = 1 '---- AffectEnum Values ----Coast adAffectCurrent = 1 Coast adAffect6roup = 2 Coast adAffectAll a 3 Coast adAffectAllChapters = 4 '---- ResyncEnum Values ----Coast adResyncUnderlyingValues = 1 Coast adResyncAllValues = 2 '---- CompareEnum Values ----Coast adCompareLessThan = 0 Coast adCompareEqual = 1 Coast adCompareGreaterThan = 2 Coast adCompareNotEqual = 3 SUBSTITUTE SHEET (RULE 26) Coast adCompareNotComparable = ~1 '---- FilterGroupEnum Values ----Coast adFilterNone = 0 Coast adFilterPendingRecords = 1 Coast adFilterAffectedRecords = 2 Coast adFilterFetchedRecords = 3 Coast adFilterPredicate = 4 Coast adFilterConflictingRecords = 5 '---- SearchDirectionEnum Values ----Coast adSearchForward = 1 Coast adSearchBackward = -1 '---- PersistFormatEnnm Values ----Coast adPersistADT6 = 0 Coast adPersistXNIh = 1 Coast adPersistHTML = 2 '---- StringFormatEnum Values ----Coast adString~ = 0 Coast adStringHTML = 1 Coast adClipString = 2 '---- ADCPROP DPDATECRITERIA_~ENOM Values ----Coast adCriteriaKey = 0 Coast adCriteiiaAllCols = I
Coast adCriteriaUpdCols = 2 Coast adCriteriaTimeStamp a 3 '---- ADCPROP ASYNCTHREADPRIORITY_ENUM Values ----Coast adPriorityhowest = 1 Coast adPriorityBelowNormal.= 2 Coast adPriorityNormal = 3 Coast adPriorityAboveNormal = 4 Coast adPriorityHighest ~ 5 '-'-- ConnectPromptEnum Values -----Coast adPromptAlways = 1~
Coast adPromptComplete = 2 Coast adPromptCompleteRequired = 3 Coast adPromptNever = 4 '---- ConnectModeEnum Values ----Coast adMCdeOnknown = 0 Coast adModeRead = 1 Coast adModeWrite = 2 Coast adModeReadWrite = 3 Coast adModeShareDenyRead a 4 Coast adModeShareDenyWrite = 8 Coast adModeShareExclusive = &Hc Coast adModeShareDenyNone = &H10 '---- IsolationLevelEnum Values ----Coast adXactUnspecified a &Hffffffff Coast adXactChaos = ~H00000010 Coast adXactReadDncommitted = bA00000100 SUBSTITUTE SHEET (RULE 26) Coast adXactBrowse = 6H00000100 Coast adXactCursorStability ~ bH00001000 Coast adXactReadCommitted = ~H00001000 Coast adXactRepeatableRead = 6H00010000 Coast adXactSerializable = ~H00100000 Coast adXactlsolated = &H00100000 '---- XactAttributeEnum Values ----Coast adXactCommitRetaining = ~H00020000 Coast adXactAbortRetainfng = &H00040000 '---- PropertyAttributesEnu~a Values ----Coast adPropNotSupported = ~H0000 Coast adPropRequired = &H0001 Coast adPropOptional~= &H0002 Coast adPropRead = ~H0200 Coast adPropWrite = ~H0400 '---- ErrorValueEnum Values ----Coast adErrInvalidArgument = 6Hbb9 Coast adErrNoCurrentRecord = 6Hbcd Coast adErrIilegalOperation = &8c93 Coast adErrIaTransaction = ~Hcae Coast adFsrFeatureNotAvailable = ~Hcb3 Coast adErrItemNotFound = &Hccl Coast adErrObjectInCollectioa = ~Hd2?
Coast adErrObjectNotSet = ~RdSc Coast adErrDataConversion = sHdSd Coast adErrObjectClosed = &He78 Coast adErrObjectOpen = &He79 Coast adErrProviderNotFound = &He7a Coast adErrBoundToCommand = ~He7b Coast adErrInvalidParamlnfo = ~He7c Coast adErrInvalidConnection = &He7d Coast adErrNotReentrant = bHe7e Coast adErrStillExecuting = ~He7f Coast adErrOperationCancelled = &He80 Coast adErrStillConnecting = ~He81 Coast adErrNotExecuting' &He83 Coast adErrUnsafeOperatioa = ~He89 '---- ParameterAttributesEnum Values ---Coast adParamSigned = &H0010 Coast adParamNullable = ~H0040 Coast adParamLong = &H0080 '---- ParameterDirectionEnum Values ----Coast adParamDnknown = ~H0000 Coast adParamInput = &H0001 Coast adParamOutput = &H0002 Coast adParau~InputOutput = &A0003 Coast adParamReturnValue = &H0004 '---- CommandTypeEnum Values ----Coast adQndUnImorm = ~H0008 Coast adCmdText = &H0001 Coast adCmdTable = ~H0002 SUBSTITUTE SHEET (RULE 26) Coast adCmdStoredProc = 6H0004 Coast adCmdFile = &H0100 Coast adCmdTableDirect = ~H0200 '---- EventStatusEnuai Values ----Coast adStatusOK = ~H0000001 Coast adStatusErrorsOccurred = ~H0000002 Coast adStatusCantDeny = ~H0000003 Coast adStatusCancel = ~H0000004 Coast adStatust)nwantedEvent = bH0000005 '---- EventReasonFnum Values ----Coast adRsnAddNew = 1 Coast adRsnDelete = 2 Coast adRsnOpdate = 3 Coast adRsnUndoUpdate = 4 Coast adRsnUndoAddNew = 5 Coast adRsnOndoDelete = 6 Coast adRsnRequery = 7 Coast adRsnResynch = 8 Coast adRsnClose = 9 Coast adRsnMove = 10 Coast adRsnFirstChange = 11 Coast adRsnMoveFirst = 12 Coast adRsnMoveNext = 13 Coast adRsnMovePrevious = 14 Coast adRsnMovehast = 15 '---- SchemaEnum Values ----Coast adSchemaProviderSpecific ~ -1 Coast adSchemaAsserts = 0 Coast adSchemaCatalogs a 1 Coast adSchemaCharacterSets = 2 Coast adSchemaCollations = 3 Coast adSchemaGolumns = 4 Coast adSchemaCheckConstraints = 5 Coast adSchemaConstraintColumnUsage = 6 Coast adSchemaConstraintTableUsage = 7 Coast adSchemaKeyColumnU age = 8 Coast adSchemaReferentia~Contraints = 9 Coast adSchemaTableConstraints = 10 Coast adSchemaColumnsDomainDsage = 11 Coast adSchemaIndexes = 12 Coast adSchemaColumnPrivileges = 13 Coast adSChemaTablePrivileges = 14 Coast adSchemaUsageprivileges = 15 Coast adSchemaProcedures = 16 Coast adSchemaSchemata = 1? .
Coast adSchemaSQLLanguages = 18 Coast adSchemaStatistics = 19 Coast adSchemaTables = 20 Coast adSchemaTranslations = 2I~
Coast adSchemaProviderTypes a 22 Coast adSchemaViews = 23 Coast adSchemaViewColumnUsage = 24 Coast adSchemaViewTableOsage = 25 Coast adSchemaprocedureParameters = 26 SUBSTITUTE SHEET (RULE 26) Coast adSchemaForeignKeys = 27 Coast adSchemaPrimaryKeys = 28 Coast adScheaeaProcedureCol~ns = 29 Coast adSchemaDBInfoReywords = 30 Coast adSchemaDBInfobiterals = 31 Const'adSchemaCobes = 32 Coast adSchemaDimensions = 33 Coast adSchemaHierarchfes = 3~
Coast adSchewaLevels = 35 Coast adSchemaMeasures = 36 Coast adSchemaProperties = 37 Coast adSch~naMembers = 38 '---- SeehEnwn Values --»
Coast adSeekFirstEQ = X81 Coast adSeektastEQ = iH2 Gonst adSeekGS = iH!
Coast adSeekGT = iH8 Coast adSeekLE = ~H10 Coast adSeelrLT = ~H20 8>
SUBSTITUTE SHEET (RULE 26)
<div idi"section"></div>
</BODY>
</HTZSL>
SUBSTITUTE SHEET (RULE 26) <%
r--_---..-----_~_-------.---- ~~- ---' MiCrOSOft ADO
~ (c) 1996-1998 Microsoft Corporation. All Rights Reserved.
' ADO constants include file for VBScript r '---- CursorTypeEnum Values ----Coast adOpenForwardOnly = 0 Coast adOpenKeyset = 1 Coast adOpenDynamic = 2 Coast adOpenStatic = 3 '---- CursorOptionEnum Values - -Const adHoldRecords = &HOOOOOI00 Coast adMovePrevious = sH00000200 Coast adAddNeW = &H01000400 Coast adDelete = ~H01000800 Coast adUpdate = &H01008000 Coast adBooka~ark = ~H00002000 Coast adApproxPosition = &H00004000 Coast adUpdateBatch = &H00010000 Const~adResync = ~H00020000 Coast adNotify = &H00040000 Coast adFfnd = &H00080000 '---- LockTypeEnum Values ----Coast adLockReadOnly = 1 Coast adLockPessimistic = 2 Const~adLockOptimistic = 3 Coast adLockBatchOptimistic = 4 '---- ExecuteOptionEnum Values ----Coast adRunAsync = &H000 0010 Coast adAsyncExecute = ~~00000010 Coast adAsyncFetch = &H00000020 Coast adAsyncFetchNonBlocking = ~H00000090 Coast adExecuteNoRecords = &H00000080 '---- CormectOptionEnum Values ----Coast adAsyncConnect = sH00000010 '---- ObjectStateEnum Values ----Coast adStateClosed = &H00000000 Coast adStateOpen = &H00000001 Coast adStateConnecting ; &H00000002 Coast adStateExecuting = &H00000004 Coast adStateFetching = ~H00000008 '---- CursorLocationEnum Values ----Coast adUseServer = 2 Coast adUseClient = 3 SUBSTITUTE SHEET (RULE 26) '---- DataTypeEnum Values ---Coast adEmpty a 0 Coast adTinyInt = 16 Coast adSmallInt = 2 Coast adInteger = 3 Coast adBigInt = 20 Coast adUnsignedTinyInt = 17 Coast adUnsignedSmallInt = 18 Coast adOnsignedInt = 19 Coast adUnsignedBigInt = 21 Coast adSingle = 4 Coast adDouble = 5 Coast adCurrency = 6 Coast adDecimal = 14 Coast adNumeric = 131 Coast adBoolean = 11 Coast adError = 10 Coast adOserDefined = 132 Coast adVariant = 12 Coast adIDispatch = 9 Coast adIOn)mown = 13 Coast ad6UID = 72 Coast adDate = 7.
Coast adDBDate = 133 Coast adDBT3me = 134 Coast adDBTimeStamp = 135 Coast adBSTR a 8 Coast adChar = 129 Coast adVarChar = 200 Coast adLongVarChar = 201 Coast adWChar = 130 Coast adVarWChar = 202 Coast adhongVarWChar a 203 Coast adBinary = 1,28 Coast adVarBinary = 204 Coast adLongVarBinary ~ 205 Coast adChapter = 136 Coast adFileTime = 64 '~~
Coast adDBFileTime = 137 Coast adPropVariant = 138 Coast adVarfiumeric = 139 '---- FieldAttributeEnum Values ----Coast adFldMayDefer = ~N00000002 Coast adFldOpdatable = &H00000004 Coast adFldUnknownOpdatable a iH00000008 Coast adFldFixed = ~H00000010 Coast adFldIsNullable = &H00000020 Coast adFldMayBeNul1 = ~H00000040 Coast adFldLong = &H00000080 Coast adFldRowID = ~H00000100 Coast adFldRowVersion = &H00000200 Coast adFldCacheDeferred = ~H00001000 Coast adFldKeyColumn = bA00008000 '---- EditModeEnum Values ----SUBSTITUTE SHEET (RULE 26) Coast adEditNone = ~H0000 Coast adEditInProgress = &H0001 Coast adEditAdd = ~H0002 Coast adEditDelete = &H0004 '---- RecordStatusEnum Valves ----Coast adRecOK = &H0000000 Coast adRecNew = &H0000001 Coast adRecModified a ~H0000002 Coast adRecDeleted = sH0000004 Coast adRecUnmodified = ~A0000008 Coast adRecInvalid ' &H0000010 Coast adRecMultipleChanges = ~H0000040 Coast adRecPendingChanges = &H0000080 Coast adRecCanceled a 8H0000100 Coast adRecCantRelease = &H0000400 ~onst adRecConcurrencyViolation = ~H0000800 Coast adRecIntegrityViolatioa = &H0001000 Coast adRecMaxChangesExceeded = ~8Q002000 Coast adRecObjectOpen = &H0004000 Coast adRecOutOfMemory = ~H0008000 Coast adRecPermissionDenied = bH0010000 Coast adRecSchemaViolation = &H0020000 Coast adRecDBDeleted = &H0040000 '---- GetRoWSOptionEnum Values ----Coast adGetRowsRest = -1 '---- PositionEnum Values ~ --Coast adPosUnknown = -1 Coast adPosBOF a -2 Coast adPosEOF = -3 '---- enum Values ----Coast adBoolanarkCurrent = 0 Coast adBoolonarkFirst = 1 Coast adBookmarkLast a 2 '---- MarshalOptionsErnuh~Values ----Coast adMarshalAll = 0 Coast adMarshalModifiedOnly = 1 '---- AffectEnum Values ----Coast adAffectCurrent = 1 Coast adAffect6roup = 2 Coast adAffectAll a 3 Coast adAffectAllChapters = 4 '---- ResyncEnum Values ----Coast adResyncUnderlyingValues = 1 Coast adResyncAllValues = 2 '---- CompareEnum Values ----Coast adCompareLessThan = 0 Coast adCompareEqual = 1 Coast adCompareGreaterThan = 2 Coast adCompareNotEqual = 3 SUBSTITUTE SHEET (RULE 26) Coast adCompareNotComparable = ~1 '---- FilterGroupEnum Values ----Coast adFilterNone = 0 Coast adFilterPendingRecords = 1 Coast adFilterAffectedRecords = 2 Coast adFilterFetchedRecords = 3 Coast adFilterPredicate = 4 Coast adFilterConflictingRecords = 5 '---- SearchDirectionEnum Values ----Coast adSearchForward = 1 Coast adSearchBackward = -1 '---- PersistFormatEnnm Values ----Coast adPersistADT6 = 0 Coast adPersistXNIh = 1 Coast adPersistHTML = 2 '---- StringFormatEnum Values ----Coast adString~ = 0 Coast adStringHTML = 1 Coast adClipString = 2 '---- ADCPROP DPDATECRITERIA_~ENOM Values ----Coast adCriteriaKey = 0 Coast adCriteiiaAllCols = I
Coast adCriteriaUpdCols = 2 Coast adCriteriaTimeStamp a 3 '---- ADCPROP ASYNCTHREADPRIORITY_ENUM Values ----Coast adPriorityhowest = 1 Coast adPriorityBelowNormal.= 2 Coast adPriorityNormal = 3 Coast adPriorityAboveNormal = 4 Coast adPriorityHighest ~ 5 '-'-- ConnectPromptEnum Values -----Coast adPromptAlways = 1~
Coast adPromptComplete = 2 Coast adPromptCompleteRequired = 3 Coast adPromptNever = 4 '---- ConnectModeEnum Values ----Coast adMCdeOnknown = 0 Coast adModeRead = 1 Coast adModeWrite = 2 Coast adModeReadWrite = 3 Coast adModeShareDenyRead a 4 Coast adModeShareDenyWrite = 8 Coast adModeShareExclusive = &Hc Coast adModeShareDenyNone = &H10 '---- IsolationLevelEnum Values ----Coast adXactUnspecified a &Hffffffff Coast adXactChaos = ~H00000010 Coast adXactReadDncommitted = bA00000100 SUBSTITUTE SHEET (RULE 26) Coast adXactBrowse = 6H00000100 Coast adXactCursorStability ~ bH00001000 Coast adXactReadCommitted = ~H00001000 Coast adXactRepeatableRead = 6H00010000 Coast adXactSerializable = ~H00100000 Coast adXactlsolated = &H00100000 '---- XactAttributeEnum Values ----Coast adXactCommitRetaining = ~H00020000 Coast adXactAbortRetainfng = &H00040000 '---- PropertyAttributesEnu~a Values ----Coast adPropNotSupported = ~H0000 Coast adPropRequired = &H0001 Coast adPropOptional~= &H0002 Coast adPropRead = ~H0200 Coast adPropWrite = ~H0400 '---- ErrorValueEnum Values ----Coast adErrInvalidArgument = 6Hbb9 Coast adErrNoCurrentRecord = 6Hbcd Coast adErrIilegalOperation = &8c93 Coast adErrIaTransaction = ~Hcae Coast adFsrFeatureNotAvailable = ~Hcb3 Coast adErrItemNotFound = &Hccl Coast adErrObjectInCollectioa = ~Hd2?
Coast adErrObjectNotSet = ~RdSc Coast adErrDataConversion = sHdSd Coast adErrObjectClosed = &He78 Coast adErrObjectOpen = &He79 Coast adErrProviderNotFound = &He7a Coast adErrBoundToCommand = ~He7b Coast adErrInvalidParamlnfo = ~He7c Coast adErrInvalidConnection = &He7d Coast adErrNotReentrant = bHe7e Coast adErrStillExecuting = ~He7f Coast adErrOperationCancelled = &He80 Coast adErrStillConnecting = ~He81 Coast adErrNotExecuting' &He83 Coast adErrUnsafeOperatioa = ~He89 '---- ParameterAttributesEnum Values ---Coast adParamSigned = &H0010 Coast adParamNullable = ~H0040 Coast adParamLong = &H0080 '---- ParameterDirectionEnum Values ----Coast adParamDnknown = ~H0000 Coast adParamInput = &H0001 Coast adParamOutput = &H0002 Coast adParau~InputOutput = &A0003 Coast adParamReturnValue = &H0004 '---- CommandTypeEnum Values ----Coast adQndUnImorm = ~H0008 Coast adCmdText = &H0001 Coast adCmdTable = ~H0002 SUBSTITUTE SHEET (RULE 26) Coast adCmdStoredProc = 6H0004 Coast adCmdFile = &H0100 Coast adCmdTableDirect = ~H0200 '---- EventStatusEnuai Values ----Coast adStatusOK = ~H0000001 Coast adStatusErrorsOccurred = ~H0000002 Coast adStatusCantDeny = ~H0000003 Coast adStatusCancel = ~H0000004 Coast adStatust)nwantedEvent = bH0000005 '---- EventReasonFnum Values ----Coast adRsnAddNew = 1 Coast adRsnDelete = 2 Coast adRsnOpdate = 3 Coast adRsnUndoUpdate = 4 Coast adRsnUndoAddNew = 5 Coast adRsnOndoDelete = 6 Coast adRsnRequery = 7 Coast adRsnResynch = 8 Coast adRsnClose = 9 Coast adRsnMove = 10 Coast adRsnFirstChange = 11 Coast adRsnMoveFirst = 12 Coast adRsnMoveNext = 13 Coast adRsnMovePrevious = 14 Coast adRsnMovehast = 15 '---- SchemaEnum Values ----Coast adSchemaProviderSpecific ~ -1 Coast adSchemaAsserts = 0 Coast adSchemaCatalogs a 1 Coast adSchemaCharacterSets = 2 Coast adSchemaCollations = 3 Coast adSchemaGolumns = 4 Coast adSchemaCheckConstraints = 5 Coast adSchemaConstraintColumnUsage = 6 Coast adSchemaConstraintTableUsage = 7 Coast adSchemaKeyColumnU age = 8 Coast adSchemaReferentia~Contraints = 9 Coast adSchemaTableConstraints = 10 Coast adSchemaColumnsDomainDsage = 11 Coast adSchemaIndexes = 12 Coast adSchemaColumnPrivileges = 13 Coast adSChemaTablePrivileges = 14 Coast adSchemaUsageprivileges = 15 Coast adSchemaProcedures = 16 Coast adSchemaSchemata = 1? .
Coast adSchemaSQLLanguages = 18 Coast adSchemaStatistics = 19 Coast adSchemaTables = 20 Coast adSchemaTranslations = 2I~
Coast adSchemaProviderTypes a 22 Coast adSchemaViews = 23 Coast adSchemaViewColumnUsage = 24 Coast adSchemaViewTableOsage = 25 Coast adSchemaprocedureParameters = 26 SUBSTITUTE SHEET (RULE 26) Coast adSchemaForeignKeys = 27 Coast adSchemaPrimaryKeys = 28 Coast adScheaeaProcedureCol~ns = 29 Coast adSchemaDBInfoReywords = 30 Coast adSchemaDBInfobiterals = 31 Const'adSchemaCobes = 32 Coast adSchemaDimensions = 33 Coast adSchemaHierarchfes = 3~
Coast adSchewaLevels = 35 Coast adSchemaMeasures = 36 Coast adSchemaProperties = 37 Coast adSch~naMembers = 38 '---- SeehEnwn Values --»
Coast adSeekFirstEQ = X81 Coast adSeektastEQ = iH2 Gonst adSeekGS = iH!
Coast adSeekGT = iH8 Coast adSeekLE = ~H10 Coast adSeelrLT = ~H20 8>
SUBSTITUTE SHEET (RULE 26)
Claims (25)
1. A method of distributing health information, comprising the steps of:
A. generating health data representative of at least one set of health information for an individual;
B. generating access priority data representative of an access priority associated with each of said at least one set of health information, said access priority being based on criteria for release authorization established by said individual;
C. storing at a datastore said health data and associated access priority data;
D. receiving from a requestor, by way of a communications network, a request for at least one of said sets of health information, said request including access data correlated to an access priority;
E. processing said access data to determine whether said access data corresponds to said access priority criteria for said requested health information; and i. when said access data corresponds to said access criteria for said requested health information, transmitting said requested health information to said requestor by way of said communications network, and ii. when said access data fails to correspond to said access criteria, denying access to said requestor to said health information.
A. generating health data representative of at least one set of health information for an individual;
B. generating access priority data representative of an access priority associated with each of said at least one set of health information, said access priority being based on criteria for release authorization established by said individual;
C. storing at a datastore said health data and associated access priority data;
D. receiving from a requestor, by way of a communications network, a request for at least one of said sets of health information, said request including access data correlated to an access priority;
E. processing said access data to determine whether said access data corresponds to said access priority criteria for said requested health information; and i. when said access data corresponds to said access criteria for said requested health information, transmitting said requested health information to said requestor by way of said communications network, and ii. when said access data fails to correspond to said access criteria, denying access to said requestor to said health information.
2. The method according to claim 1, wherein said communications network is the Internet.
3. The method according to claim 1, wherein said transmitted health information is encrypted.
4. The method of distributing medical according to claim 2 further comprising the step of designating certain of said access priority data as identification constraints which must be received in step D before access to said medical information is granted.
5. A method of distributing medical information for an individual over a communications network comprising the steps of:
A. generating a plurality of security access codes;
B. generating a plurality of hierarchical categories, ranging from a low security category to a high security category;
C. categorizing the individual's medical information into privacy levels ranging from a least private level to a most private level;
D. inputting the individual's categorized medical information into said plurality of hierarchical categories, said least private level being input into said low security category and said most private level being input into said high security category;
E. assigning, to each of said categories, one or more of said access security codes, such that said medical information in each category will be released only if the assigned access security codes are received;
F. receiving, from a requestor, one or more of said access security codes over said communications network;
G. determining whether said received access security codes match one or more of said assigned access security codes; and H. transmitting, to said requestor over said communications network, said medical information in said categories in which said received security access codes match said assigned security access codes.
A. generating a plurality of security access codes;
B. generating a plurality of hierarchical categories, ranging from a low security category to a high security category;
C. categorizing the individual's medical information into privacy levels ranging from a least private level to a most private level;
D. inputting the individual's categorized medical information into said plurality of hierarchical categories, said least private level being input into said low security category and said most private level being input into said high security category;
E. assigning, to each of said categories, one or more of said access security codes, such that said medical information in each category will be released only if the assigned access security codes are received;
F. receiving, from a requestor, one or more of said access security codes over said communications network;
G. determining whether said received access security codes match one or more of said assigned access security codes; and H. transmitting, to said requestor over said communications network, said medical information in said categories in which said received security access codes match said assigned security access codes.
6. The method of distributing medical information for an individual over a network according to claim 5, wherein said communications network is the internet,
7. The method of distributing medical information for an individual over a network according to claim 6, wherein said released medical information is encrypted.
8. The method of distributing medical information for an individual over a network according to claim 6 further comprising the step of designating certain of said security access codes as identification constraints which must be received in step F before access to said medical information is granted.
9. The method of distributing medical information for an individual over a network according to claim 6 wherein, prior to step F, identification information is received from the requestor, said identification information being for identifying the individual.
10. The method of distributing medical information for an individual over a network according to claim 9 wherein said identification information is selected from the group consisting of the individual's medical record numbers, demographic data, information from a smart card that identifies the patient, retinal scans, iris scans and fingerprints.
11. The method of distributing medical information for an individual over a network according to claim 9 wherein said identification information is any information about the individual which is available to said requester.
12. A system for distributing medical information for an individual over a communications network comprising:
a server system including a computer processor and associated memory, said server system having database of a plurality of hierarchical categories for the individual, said categories ranging from a low security category to a high security category, each of said categories having medical information of said individual contained therein, said medical information ranging from least private information to most private information, said least private medical information being contained in said low security category and said most private medical information being contained in said high security category, each of said categories having one or more security access codes assigned thereto;
a request system including a computer processor and associated memory, said requestor system inputting one or more of said security access codes to said server system over said communications network; and an access determining device for transmitting, to said requestor system, the medical information in each of said categories in which said input security access codes match said assigned security access codes.
a server system including a computer processor and associated memory, said server system having database of a plurality of hierarchical categories for the individual, said categories ranging from a low security category to a high security category, each of said categories having medical information of said individual contained therein, said medical information ranging from least private information to most private information, said least private medical information being contained in said low security category and said most private medical information being contained in said high security category, each of said categories having one or more security access codes assigned thereto;
a request system including a computer processor and associated memory, said requestor system inputting one or more of said security access codes to said server system over said communications network; and an access determining device for transmitting, to said requestor system, the medical information in each of said categories in which said input security access codes match said assigned security access codes.
13. The system according to claim 12 wherein said communications network is the internet.
14. The system according to claim 13, further including a setup system, including a computer processor and associated memory, for inputting said medical information to said database.
15. The system according to claim 14 wherein said security access codes are defined by a user and are assigned to said categories by said user through said setup system.
16. The system according to claim 13 wherein more of said security access codes are required to access said high security categories than said low security categories.
17. The system according to claim 13 wherein said setup system and said requestor system are the same system.
18. The system of claim 13 wherein said request system is coupleable to said network by a wired connection.
19. The system of claim 18 wherein said request system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
20. The system of claim 13 wherein said request system is coupleable to said network by a wireless connection.
21. The system of claim 20 wherein said request system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
22. The system of claim 14 wherein said setup system is coupleable to said network by a wired connection.
23. The system of claim 22 wherein said setup system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
24. The system of claim 14 wherein said setup system is coupleable to said network by a wireless connection.
25. The system of claim 24 wherein said setup system is selected from the group consisting of a personal computer, an interactive television system, a personal digital assistant and a cellular telephone.
Applications Claiming Priority (5)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| US18385700P | 2000-02-22 | 2000-02-22 | |
| US60/183,857 | 2000-02-22 | ||
| US09/557,724 US6463417B1 (en) | 2000-02-22 | 2000-04-25 | Method and system for distributing health information |
| US09/557,724 | 2000-04-25 | ||
| PCT/US2001/006001 WO2001063538A1 (en) | 2000-02-22 | 2001-02-22 | Method and system for distributing health information |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CA2400160A1 true CA2400160A1 (en) | 2001-08-30 |
| CA2400160C CA2400160C (en) | 2013-12-17 |
Family
ID=26879579
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CA2400160A Expired - Lifetime CA2400160C (en) | 2000-02-22 | 2001-02-22 | Method and system for distributing health information |
Country Status (7)
| Country | Link |
|---|---|
| US (1) | US6463417B1 (en) |
| EP (1) | EP1269378A4 (en) |
| JP (1) | JP2003524269A (en) |
| AU (2) | AU4723101A (en) |
| CA (1) | CA2400160C (en) |
| HK (1) | HK1049896A1 (en) |
| WO (1) | WO2001063538A1 (en) |
Families Citing this family (182)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US7028049B1 (en) | 1996-02-17 | 2006-04-11 | Allcare Health Management System, Inc. | Standing order database search system and method for internet and internet application |
| DE19824787C2 (en) * | 1998-06-03 | 2000-05-04 | Paul Pere | Procedure for secure access to data in a network |
| US7349557B2 (en) | 1998-06-19 | 2008-03-25 | Solidus Networks, Inc. | Electronic transaction verification system |
| WO2001006397A2 (en) * | 1999-07-15 | 2001-01-25 | Himmelstein Richard B | Communication device for efficiently accessing internet resources |
| US9607041B2 (en) * | 1999-07-15 | 2017-03-28 | Gula Consulting Limited Liability Company | System and method for efficiently accessing internet resources |
| US6604115B1 (en) * | 1999-11-05 | 2003-08-05 | Ge Marquette Medical Systems, Inc. | Method and apparatus for storing data |
| AU1617101A (en) | 1999-11-15 | 2001-05-30 | Walgreens Co. | Apparatus and method for accessing pharmacy information and ordering prescriptions |
| EP1384189A2 (en) * | 2000-02-14 | 2004-01-28 | Baxter International Inc. | Method and system for providing user specific information via a communications network |
| US6941271B1 (en) * | 2000-02-15 | 2005-09-06 | James W. Soong | Method for accessing component fields of a patient record by applying access rules determined by the patient |
| US8577697B2 (en) * | 2000-02-28 | 2013-11-05 | Gregory A. Demopulos | Use of internet site as a registry for results of medical tests |
| JP2001297153A (en) * | 2000-04-14 | 2001-10-26 | Nec Corp | Sharing method and database terminal for personal medical information |
| US20020049614A1 (en) * | 2000-05-23 | 2002-04-25 | Rice Marion R. | Image signatures with unique watermark ID |
| US8073711B1 (en) * | 2000-06-07 | 2011-12-06 | Healthport Technologies, LLC | Method and system for obtaining health-related records and documents using an online location |
| JP2004502215A (en) * | 2000-06-20 | 2004-01-22 | エスディージーアイ・ホールディングス・インコーポレーテッド | Electronic patient health management system and method |
| DE60111223T2 (en) * | 2000-06-23 | 2006-04-27 | Medtronic, Inc., Minneapolis | PORTABLE EXPANSION DEVICE FOR DATA TRANSMISSION IN A COMMUNICATION SYSTEM OF A MEDICAL DEVICE |
| US8924236B2 (en) * | 2000-07-20 | 2014-12-30 | Marfly 1, LP | Record system |
| US20030050803A1 (en) * | 2000-07-20 | 2003-03-13 | Marchosky J. Alexander | Record system |
| WO2002008941A1 (en) * | 2000-07-20 | 2002-01-31 | Marchosky J Alexander | Patient-controlled automated medical record, diagnosis, and treatment system and method |
| US20050027570A1 (en) * | 2000-08-11 | 2005-02-03 | Maier Frith Ann | Digital image collection and library system |
| US7155422B2 (en) * | 2000-08-18 | 2006-12-26 | Thomas Mazzone | Medical information system, method and article of manufacture |
| US7561287B1 (en) * | 2000-09-16 | 2009-07-14 | Mmf Systems, Inc. | System and method for automatically routing and storing coded information and displaying an interaction device |
| JP2002092186A (en) * | 2000-09-18 | 2002-03-29 | Nidek Co Ltd | Method and system of sharing medical information |
| US7475020B2 (en) * | 2000-10-11 | 2009-01-06 | Malik M. Hasan | Method and system for generating personal/individual health records |
| US7428494B2 (en) * | 2000-10-11 | 2008-09-23 | Malik M. Hasan | Method and system for generating personal/individual health records |
| JP2004518187A (en) * | 2000-10-11 | 2004-06-17 | ヘルストリオ,インコーポレイテッド | Health management data communication system |
| US7509264B2 (en) * | 2000-10-11 | 2009-03-24 | Malik M. Hasan | Method and system for generating personal/individual health records |
| US7440904B2 (en) * | 2000-10-11 | 2008-10-21 | Malik M. Hanson | Method and system for generating personal/individual health records |
| US7533030B2 (en) * | 2000-10-11 | 2009-05-12 | Malik M. Hasan | Method and system for generating personal/individual health records |
| US8677505B2 (en) * | 2000-11-13 | 2014-03-18 | Digital Doors, Inc. | Security system with extraction, reconstruction and secure recovery and storage of data |
| US9311499B2 (en) * | 2000-11-13 | 2016-04-12 | Ron M. Redlich | Data security system and with territorial, geographic and triggering event protocol |
| PT1227042E (en) * | 2001-01-30 | 2004-08-31 | Seda Spa | CARTON CONTAINER FOR BEVERAGES AND PROCESS FOR THE SAME |
| FI20010267A0 (en) * | 2001-02-13 | 2001-02-13 | Stonesoft Oy | Synchronization of security gateway status information |
| US7827043B2 (en) * | 2001-02-15 | 2010-11-02 | Tahan A Christian | Method using a global server for providing patient medical histories to assist in the delivery of emergency medical services |
| EP1384193A2 (en) * | 2001-03-14 | 2004-01-28 | Baxter International Inc. | Internet based therapy management system |
| US7962962B2 (en) * | 2001-06-19 | 2011-06-14 | International Business Machines Corporation | Using an object model to improve handling of personally identifiable information |
| US20030055824A1 (en) * | 2001-09-19 | 2003-03-20 | Andrea Califano | Distributed personalized genetic safe |
| US20030061144A1 (en) * | 2001-09-27 | 2003-03-27 | Brickell Ernie F. | Controlled access to identification and status information |
| US20030083903A1 (en) * | 2001-10-30 | 2003-05-01 | Myers Gene E. | Method and apparatus for contemporaneous billing and documenting with rendered services |
| US20050101841A9 (en) * | 2001-12-04 | 2005-05-12 | Kimberly-Clark Worldwide, Inc. | Healthcare networks with biosensors |
| WO2003061270A1 (en) * | 2001-12-24 | 2003-07-24 | Mmf Systems, Inc. | System for digital users to manage received analog information |
| US20030130867A1 (en) * | 2002-01-04 | 2003-07-10 | Rohan Coelho | Consent system for accessing health information |
| US20030130875A1 (en) * | 2002-01-04 | 2003-07-10 | Hawash Maher M. | Real-time prescription renewal transaction across a network |
| US20030130868A1 (en) * | 2002-01-04 | 2003-07-10 | Rohan Coelho | Real-time prescription transaction with adjudication across a network |
| US20040030579A1 (en) * | 2002-01-21 | 2004-02-12 | Maria Gil | Method, system and computer program product for providing medical information |
| US20050209884A1 (en) * | 2002-01-21 | 2005-09-22 | Professional Records, Inc. | Method, system and computer program product for providing medical information |
| US8321236B2 (en) * | 2002-02-01 | 2012-11-27 | Walgreen Co. | Method and apparatus for prescription processing |
| US20030217050A1 (en) * | 2002-04-23 | 2003-11-20 | Manetta Amy M. | Patient monitoring user interface and navigation system and method |
| DE10219098A1 (en) * | 2002-04-29 | 2003-11-13 | Siemens Ag | Patient medical data access management system comprises a centralized or decentralized data record, e.g. a CD-RW disk, with biometric or password controlled access and an expert system for preventing examination duplication |
| FR2839171B1 (en) * | 2002-04-30 | 2004-12-17 | Patient On Line | INFORMATION MANAGEMENT SYSTEM |
| US7865371B2 (en) * | 2002-05-10 | 2011-01-04 | Shen Michael Y | Management of information flow and workflow in medical imaging services |
| US20030233258A1 (en) * | 2002-06-18 | 2003-12-18 | Cottrell Matthew D. | Methods and systems for tracking and accounting for the disclosure of record information |
| FR2841073B1 (en) * | 2002-06-18 | 2007-03-30 | Patient On Line | INFORMATION MANAGEMENT SYSTEM FOR EMERGENCY SITUATION |
| US10009577B2 (en) | 2002-08-29 | 2018-06-26 | Comcast Cable Communications, Llc | Communication systems |
| US7185282B1 (en) | 2002-08-29 | 2007-02-27 | Telehealth Broadband, Llc | Interface device for an integrated television-based broadband home health system |
| US7835926B1 (en) | 2002-08-29 | 2010-11-16 | Telehealth Broadband Llc | Method for conducting a home health session using an integrated television-based broadband home health system |
| US7958144B2 (en) | 2002-08-30 | 2011-06-07 | Boss Logic, Llc | System and method for secure reciprocal exchange of data |
| AU2003282505A1 (en) * | 2002-10-08 | 2004-05-04 | Omnicare, Inc. | System for storing and reporting pharmacy data |
| US20040128169A1 (en) * | 2002-10-18 | 2004-07-01 | Lusen William D. | Multiple organization data access monitoring and management system |
| US6766943B2 (en) * | 2002-11-25 | 2004-07-27 | Diebold Self-Service Systems, Division Of Diebold, Incorporated | Automated banking machine housing with improved service access |
| US20040111622A1 (en) * | 2002-12-10 | 2004-06-10 | Roy Schoenberg | Method of and system for controlling access to personal information records |
| US20040172289A1 (en) * | 2003-02-28 | 2004-09-02 | Dejan Kozic | Method and system for remotely verifying a prescription |
| US20050027569A1 (en) * | 2003-07-31 | 2005-02-03 | Sohrab Gollogly | Systems and methods for documentation of encounters and communications regarding same |
| US20050159984A1 (en) * | 2003-09-11 | 2005-07-21 | Hirofumi Hirano | Medical data management system |
| US7865373B2 (en) * | 2003-10-15 | 2011-01-04 | Medical Web Technologies, Inc. | Method and apparatus for sharing healthcare data |
| US20050108059A1 (en) * | 2003-10-31 | 2005-05-19 | Tay Howard P. | Portable health data system |
| US7478049B2 (en) * | 2003-12-03 | 2009-01-13 | Carekey, Inc. | Text generation and searching method and system |
| US20050125254A1 (en) * | 2003-12-03 | 2005-06-09 | Roy Schoenberg | Key maintenance method and system |
| US7774377B2 (en) * | 2003-12-03 | 2010-08-10 | The Trizetto Group, Inc. | Range definition method and system |
| US8457981B2 (en) * | 2003-12-03 | 2013-06-04 | The Trizetto Group, Inc. | Bridged patient / provider centric method and system |
| DE10361800A1 (en) * | 2003-12-30 | 2005-08-04 | Siemens Ag | Method and device for controlling access to sensitive data stored in a first device |
| US20050197859A1 (en) * | 2004-01-16 | 2005-09-08 | Wilson James C. | Portable electronic data storage and retreival system for group data |
| US8185411B2 (en) * | 2004-02-17 | 2012-05-22 | International Business Machines Corporation | Method, system, and apparatus for patient controlled access of medical records |
| US20050197177A1 (en) * | 2004-03-08 | 2005-09-08 | Louisville Primary Care | A system and method for selective collection of confidential information |
| US10360649B2 (en) * | 2004-04-15 | 2019-07-23 | Cognizant Trizetto Software Group, Inc. | Automated data entry method and system |
| US8155977B2 (en) * | 2004-04-15 | 2012-04-10 | The Trizetto Group, Inc. | Rule management method and system |
| US7039628B2 (en) * | 2004-04-21 | 2006-05-02 | Logan Jr Carmen | Portable health care history information system |
| AU2005266922A1 (en) * | 2004-07-23 | 2006-02-02 | Privit, Inc. | Privacy compliant consent and data access management system and method |
| US7310651B2 (en) * | 2004-08-18 | 2007-12-18 | Ashok Dave | Medical media file management system and method |
| US7801642B2 (en) | 2004-08-18 | 2010-09-21 | Walgreen Co. | System and method for checking the accuracy of a prescription fill |
| US7810145B2 (en) * | 2004-10-29 | 2010-10-05 | Ddcnet, Llc | Distributed data consolidation network |
| US20060117021A1 (en) * | 2004-11-29 | 2006-06-01 | Epic Systems Corporation | Shared account information method and apparatus |
| US8027658B2 (en) * | 2004-12-10 | 2011-09-27 | At&T Intellectual Property I, L.P. | Enhanced emergency service provider |
| US7321860B2 (en) * | 2004-12-27 | 2008-01-22 | International Business Machines Corporation | Service offering for the delivery of information to the right receivers at the right time |
| WO2006084362A1 (en) * | 2005-02-11 | 2006-08-17 | Hipaat Inc. | System and method for privacy managemen |
| WO2006102718A1 (en) * | 2005-03-31 | 2006-10-05 | Ecp Board | A healthcare administration system |
| AU2006228992A1 (en) * | 2005-03-31 | 2006-10-05 | Ecpboard | A healthcare administration system |
| US7660413B2 (en) * | 2005-04-08 | 2010-02-09 | Shahram Partovi | Secure digital couriering system and method |
| BRPI0601188B1 (en) | 2005-04-15 | 2018-06-26 | Seda S.P.A. | ISOLATED CONTAINER; METHOD OF MANUFACTURING THE SAME AND APPARATUS FOR MANUFACTURING |
| US7661146B2 (en) | 2005-07-01 | 2010-02-09 | Privamed, Inc. | Method and system for providing a secure multi-user portable database |
| WO2007021973A2 (en) * | 2005-08-12 | 2007-02-22 | Sudhir Sitaram Krishna | Method and system of personal healthcare management |
| DE202005014177U1 (en) | 2005-09-08 | 2005-11-17 | Seda S.P.A., Arzano | Double-walled beaker comprises an inner wall formed by an inner beaker which is made of a fluid-tight plastic material, and is releasably inserted into an outer beaker forming the outer wall |
| US8121855B2 (en) | 2005-09-12 | 2012-02-21 | Mymedicalrecords.Com, Inc. | Method and system for providing online medical records |
| US8725537B2 (en) * | 2005-09-12 | 2014-05-13 | Mymedicalrecords, Inc. | Method and system for providing online records |
| US8117045B2 (en) * | 2005-09-12 | 2012-02-14 | Mymedicalrecords.Com, Inc. | Method and system for providing online medical records |
| US7822626B2 (en) * | 2005-09-16 | 2010-10-26 | Zynx Health Incorporated | Structured data authoring and editing system |
| US8504381B2 (en) * | 2005-09-16 | 2013-08-06 | Zynx Health Incorporated | Structured data authoring and editing system |
| US7945453B2 (en) * | 2005-09-16 | 2011-05-17 | Zynx Health Incorporated | Structured data authoring and editing system |
| US8315887B2 (en) * | 2005-10-18 | 2012-11-20 | Walgreen Co. | System for separating and distributing pharmacy order processing for specialty medication |
| US8311891B2 (en) * | 2005-10-18 | 2012-11-13 | Walgreen Co. | System for separating and distributing pharmacy order processing for medication payments |
| US7734478B2 (en) | 2005-10-18 | 2010-06-08 | Walgreen Co. | Method and apparatus for inter-pharmacy workload balancing using resource function assignments |
| US20070088569A1 (en) * | 2005-10-18 | 2007-04-19 | Walgreen Co. | System for separating and distributing pharmacy order processing for prescription verification |
| US7765108B2 (en) | 2005-10-18 | 2010-07-27 | Walgreen Co. | Method and apparatus for inter-pharmacy workload balancing |
| US8666780B2 (en) | 2005-10-18 | 2014-03-04 | Walgreen Co. | System for separating and distributing pharmacy order processing |
| US20070088590A1 (en) * | 2005-10-18 | 2007-04-19 | Walgreen Co. | System for separating and distributing pharmacy order processing for out of stock medication |
| US8175891B2 (en) * | 2005-10-18 | 2012-05-08 | Walgreen Co. | System for separating and distributing pharmacy order processing for compound medication |
| DK1785370T3 (en) | 2005-11-11 | 2008-07-07 | Seda Spa | Isolated beaker |
| EP1785265A1 (en) | 2005-11-14 | 2007-05-16 | SEDA S.p.A. | Device for producing a stacking projection on a container wall and container with same |
| NO325438B1 (en) * | 2005-12-22 | 2008-05-05 | World Medical Ct Holding Sa | Procedure for securely transmitting medical data to a mobile device / terminal |
| US9406097B1 (en) | 2006-01-17 | 2016-08-02 | Transition Innovation, LLC | Health care information system |
| WO2007089514A1 (en) * | 2006-01-26 | 2007-08-09 | Medicalert Foundation United States, Inc. | Network health record and repository systems and methods |
| US20090055222A1 (en) * | 2006-03-29 | 2009-02-26 | Mymedicalrecords.Com, Inc. | Method and system for providing online medical records with emergency password feature |
| US20070233519A1 (en) * | 2006-03-29 | 2007-10-04 | Mymedicalrecords.Com, Inc. | Method and system for providing online medical records with emergency password feature |
| US20070276702A1 (en) * | 2006-05-25 | 2007-11-29 | Sandeep Dani | System and Method for Collaboration and Communication in Health Management |
| DE102006025763A1 (en) * | 2006-05-31 | 2007-12-06 | Siemens Ag | A method for identifying a patient for later access to an electronic patient record of the patient by means of a communication device of a requesting person |
| US20080010094A1 (en) * | 2006-06-21 | 2008-01-10 | Mark Carlson | Distribution of health information for providing health related services |
| US20080059235A1 (en) * | 2006-08-14 | 2008-03-06 | Critical Medical Information, Llc | Medical Information Storage and Access Device, and Method of Using the Same |
| US20090113312A1 (en) * | 2006-09-08 | 2009-04-30 | American Well Systems | Connecting Providers of Legal Services |
| US7848937B2 (en) * | 2006-09-08 | 2010-12-07 | American Well Corporation | Connecting consumers with service providers |
| US20090138317A1 (en) * | 2006-09-08 | 2009-05-28 | Roy Schoenberg | Connecting Providers of Financial Services |
| US7590550B2 (en) | 2006-09-08 | 2009-09-15 | American Well Inc. | Connecting consumers with service providers |
| US11475983B2 (en) * | 2006-11-27 | 2022-10-18 | Therap Services, Llc | HIPAA-compliant computer security method and system for recording visual personal health information in an electronic format relating to at least two individuals, at least one of whom is an individual under care, from a video camera, and preventing unauthorized access of a user to the information |
| DE202006018406U1 (en) | 2006-12-05 | 2008-04-10 | Seda S.P.A. | packaging |
| US20080306773A1 (en) * | 2006-12-11 | 2008-12-11 | Ehealth Global Technologies, | System and method for obtaining medical records |
| US20080140446A1 (en) * | 2006-12-11 | 2008-06-12 | Ehealth Global Technologies | System and method for managing medical records |
| US20080200156A1 (en) * | 2007-02-16 | 2008-08-21 | Mary Anne Hicks | Methods and apparatus to provide medical information using a communication system |
| US8327456B2 (en) * | 2007-04-13 | 2012-12-04 | Microsoft Corporation | Multiple entity authorization model |
| US7860286B2 (en) * | 2007-04-24 | 2010-12-28 | Microsoft Corporation | Medical image acquisition error detection |
| US20080306772A1 (en) * | 2007-05-11 | 2008-12-11 | Personal Infonet, Inc. | System and Method for Providing a Personal Internet of Objects and Information |
| US9578152B2 (en) | 2007-06-15 | 2017-02-21 | American Well Corporation | Telephonic-based engagements |
| CN102693357B (en) * | 2007-07-03 | 2016-06-15 | 艾高特有限责任公司 | Record access and management |
| US9619616B2 (en) | 2007-07-03 | 2017-04-11 | Eingot Llc | Records access and management |
| US10231077B2 (en) | 2007-07-03 | 2019-03-12 | Eingot Llc | Records access and management |
| US8775198B2 (en) * | 2007-07-25 | 2014-07-08 | Walgreen Co. | System and method for performing a remote verification of a pharmacy fill utilizing an image to image comparison |
| US20090043612A1 (en) * | 2007-08-07 | 2009-02-12 | Szela Jr Erwin G | Electronic Health Management System |
| US20090070146A1 (en) * | 2007-09-10 | 2009-03-12 | Sultan Haider | Method for managing the release of data |
| US7653558B2 (en) * | 2007-10-01 | 2010-01-26 | American Well Inc. | Consolidation of consumer interactions within a medical brokerage system |
| US7933783B2 (en) * | 2007-10-01 | 2011-04-26 | American Well Corporation | Medical listener |
| US7945456B2 (en) * | 2007-10-01 | 2011-05-17 | American Well Corporation | Documenting remote engagements |
| US8504382B2 (en) * | 2007-10-02 | 2013-08-06 | American Well Corporation | Identifying trusted providers |
| US7895061B2 (en) * | 2007-10-02 | 2011-02-22 | American Well Corporation | Auctioning provider prices |
| US7937275B2 (en) * | 2007-10-02 | 2011-05-03 | American Well Corporation | Identifying clinical trial candidates |
| US7840418B2 (en) * | 2007-10-02 | 2010-11-23 | American Well Corporation | Tracking the availability of service providers across multiple platforms |
| US8521553B2 (en) * | 2007-10-02 | 2013-08-27 | American Well Corporation | Identification of health risks and suggested treatment actions |
| US20090089147A1 (en) * | 2007-10-02 | 2009-04-02 | American Well Inc. | Provider supply & consumer demand management |
| US7818183B2 (en) * | 2007-10-22 | 2010-10-19 | American Well Corporation | Connecting consumers with service providers |
| US20090150252A1 (en) * | 2007-12-10 | 2009-06-11 | American Well Inc. | Connecting Service Providers And Consumers Of Services Independent Of Geographical Location |
| CA2632793A1 (en) * | 2008-04-01 | 2009-10-01 | Allone Health Group, Inc. | Information server and mobile delivery system and method |
| US7912737B2 (en) * | 2008-04-07 | 2011-03-22 | American Well Corporation | Continuity of medical care |
| US7890345B2 (en) | 2008-04-18 | 2011-02-15 | American Well Corporation | Establishment of a telephone based engagement |
| US20090313076A1 (en) * | 2008-06-17 | 2009-12-17 | Roy Schoenberg | Arranging remote engagements |
| US20100023528A1 (en) * | 2008-07-15 | 2010-01-28 | WELLalarm LLC | Emergency medical information service and health records system |
| US8145501B1 (en) | 2008-10-09 | 2012-03-27 | Walgreen Co. | System and method for performing pharmacy product filling using non-registered pharmacists |
| US8549589B2 (en) | 2008-11-10 | 2013-10-01 | Jeff STOLLMAN | Methods and apparatus for transacting with multiple domains based on a credential |
| US8464313B2 (en) * | 2008-11-10 | 2013-06-11 | Jeff STOLLMAN | Methods and apparatus related to transmission of confidential information to a relying entity |
| US7941325B2 (en) * | 2008-11-14 | 2011-05-10 | Walgreen Co. | System and method of using a non-retail central filling facility to process pharmacy product prescriptions in a pharmacy retail network |
| US8010383B2 (en) * | 2009-01-22 | 2011-08-30 | International Business Machines Corporation | Filtering medical information |
| US8485442B2 (en) | 2009-07-02 | 2013-07-16 | Biometric Payment Solutions | Electronic transaction verification system with biometric authentication |
| US20110106593A1 (en) * | 2009-10-30 | 2011-05-05 | Roy Schoenberg | Coupon Codes |
| CA2690784A1 (en) * | 2010-01-22 | 2011-07-22 | Spqkumar Inc. | Network and method for data input, storage and retrieval |
| US20110224998A1 (en) * | 2010-03-10 | 2011-09-15 | Roy Schoenberg | Online Care For Provider Practices |
| US20110288874A1 (en) * | 2010-05-18 | 2011-11-24 | Midamerican Healthcare Inc. | System and Method for Providing Authentication of Medical Data Through Biometric Identifier |
| EP2523139A1 (en) | 2011-05-10 | 2012-11-14 | Nagravision S.A. | Method for handling privacy data |
| US9767254B2 (en) | 2012-01-09 | 2017-09-19 | Mymedicalrecords, Inc. | Prepaid card for services related to personal health records |
| US10223508B2 (en) * | 2012-03-30 | 2019-03-05 | Sony Corporation | Consumer rights locker |
| JP5970919B2 (en) * | 2012-03-30 | 2016-08-17 | 富士通株式会社 | Registration control program for clinical trial information, registration control method for clinical trial information, and registration control server for clinical trial information |
| US10803976B2 (en) * | 2012-06-22 | 2020-10-13 | Oracle International Corporation | Collaboration networking tool |
| US20140025809A1 (en) | 2012-07-19 | 2014-01-23 | Cepheid | Remote monitoring of medical devices |
| US20140081659A1 (en) | 2012-09-17 | 2014-03-20 | Depuy Orthopaedics, Inc. | Systems and methods for surgical and interventional planning, support, post-operative follow-up, and functional recovery tracking |
| US9678636B2 (en) | 2013-01-17 | 2017-06-13 | American Well Corporation | Modalities for brokered engagements |
| US10902081B1 (en) | 2013-05-06 | 2021-01-26 | Veeva Systems Inc. | System and method for controlling electronic communications |
| US10140382B2 (en) | 2013-05-06 | 2018-11-27 | Veeva Systems Inc. | System and method for controlling electronic communications |
| US9553896B2 (en) * | 2013-05-06 | 2017-01-24 | Veeva Systems Inc. | System and method for controlling electronic communications |
| US20140343962A1 (en) * | 2013-05-14 | 2014-11-20 | Xerox Corporation | Computer-based system and method for presenting and controlling access to medical information |
| US9996670B2 (en) | 2013-05-14 | 2018-06-12 | Zynx Health Incorporated | Clinical content analytics engine |
| JP6550223B2 (en) * | 2013-09-13 | 2019-07-24 | 東日本メディコム株式会社 | Electronic medicine notebook linkage system, device, electronic medicine notebook linkage method and program |
| US20150379212A1 (en) * | 2013-12-10 | 2015-12-31 | Jaan Health, Inc. | System and methods for enhanced management of patient care and communication |
| US10510439B2 (en) | 2014-06-09 | 2019-12-17 | Upmc | System and method for processing healthcare information |
| CN112422291B (en) | 2014-08-12 | 2022-01-28 | 艾高特有限责任公司 | Social network engine based on zero-knowledge environment |
| KR20170091395A (en) * | 2016-02-01 | 2017-08-09 | 삼성전자주식회사 | Electronic device for processing and providing data and operating method thereof |
| US10601960B2 (en) | 2018-02-14 | 2020-03-24 | Eingot Llc | Zero-knowledge environment based networking engine |
| US11010394B2 (en) * | 2019-02-15 | 2021-05-18 | Drfirst.Com, Inc. | Efficient access of chainable records |
| CN114388142B (en) * | 2022-03-23 | 2022-06-21 | 成都瑞华康源科技有限公司 | Value domain code mapping rapid processing method |
Family Cites Families (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US4816653A (en) | 1986-05-16 | 1989-03-28 | American Telephone And Telegraph Company | Security file system for a portable data carrier |
| US5550734A (en) | 1993-12-23 | 1996-08-27 | The Pharmacy Fund, Inc. | Computerized healthcare accounts receivable purchasing collections securitization and management system |
| CA2125300C (en) * | 1994-05-11 | 1999-10-12 | Douglas J. Ballantyne | Method and apparatus for the electronic distribution of medical information and patient services |
| US5805719A (en) | 1994-11-28 | 1998-09-08 | Smarttouch | Tokenless identification of individuals |
| US6076166A (en) * | 1997-01-17 | 2000-06-13 | Philips Electronics North America Corporation | Personalizing hospital intranet web sites |
| US6131090A (en) * | 1997-03-04 | 2000-10-10 | Pitney Bowes Inc. | Method and system for providing controlled access to information stored on a portable recording medium |
| US6278999B1 (en) * | 1998-06-12 | 2001-08-21 | Terry R. Knapp | Information management system for personal health digitizers |
| AU7780600A (en) * | 1999-10-01 | 2001-05-10 | Glaxo Group Limited | Patient data monitoring system |
-
2000
- 2000-04-25 US US09/557,724 patent/US6463417B1/en not_active Expired - Lifetime
-
2001
- 2001-02-22 WO PCT/US2001/006001 patent/WO2001063538A1/en active Application Filing
- 2001-02-22 JP JP2001562428A patent/JP2003524269A/en not_active Withdrawn
- 2001-02-22 AU AU4723101A patent/AU4723101A/en active Pending
- 2001-02-22 CA CA2400160A patent/CA2400160C/en not_active Expired - Lifetime
- 2001-02-22 AU AU2001247231A patent/AU2001247231B2/en not_active Expired
- 2001-02-22 EP EP01920146A patent/EP1269378A4/en not_active Withdrawn
-
2003
- 2003-03-17 HK HK03101961.0A patent/HK1049896A1/en unknown
Also Published As
| Publication number | Publication date |
|---|---|
| EP1269378A1 (en) | 2003-01-02 |
| AU4723101A (en) | 2001-09-03 |
| EP1269378A4 (en) | 2007-05-02 |
| WO2001063538A1 (en) | 2001-08-30 |
| HK1049896A1 (en) | 2003-05-30 |
| US6463417B1 (en) | 2002-10-08 |
| CA2400160C (en) | 2013-12-17 |
| AU2001247231B2 (en) | 2007-01-04 |
| JP2003524269A (en) | 2003-08-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CA2400160A1 (en) | Method and system for distributing health information | |
| AU2001247231A1 (en) | Method and system for distributing health information | |
| US20040111622A1 (en) | Method of and system for controlling access to personal information records | |
| US20030200226A1 (en) | System and method for interacting with legacy healthcare database systems | |
| EP1459251B1 (en) | Portable storage device for storing and accessing personal data | |
| JP4897844B2 (en) | Personalization of hospital intranet website | |
| US7668738B2 (en) | Insurance claim filing system and method | |
| AU2004219211B2 (en) | Verified personal information database | |
| US20080021739A1 (en) | Internet browser based electronic medical record database management system and method | |
| US7627534B2 (en) | System and method for storing information for a wireless device | |
| US20040199765A1 (en) | System and method for providing personal control of access to confidential records over a public network | |
| US20030233361A1 (en) | Resumption of user authentication and restoration of interrupted virtual sessions in a stateless network | |
| US20100328320A1 (en) | Medical information management in a patient information hub system | |
| US20030126189A1 (en) | Human relationships registering system, method and device for registering human relationships, program for registering human relationships, and medium storing human relationships registering program and readable by computer | |
| Duncan et al. | Secure remote access to a clinical data repository using a wireless personal digital assistant (PDA). | |
| US20110112970A1 (en) | System and method for securely managing and storing individually identifiable information in web-based and alliance-based networks using a token mechanism | |
| WO2004053652A2 (en) | System for integrating health information and records | |
| WO1998015910A1 (en) | Global electronic medical record | |
| WO2004034216A3 (en) | System for storing and reporting pharmacy data | |
| Halamka et al. | A WWW implementation of national recommendations for protecting electronic health information | |
| US20060026039A1 (en) | Method and system for provision of secure medical information to remote locations | |
| WO2003025703A2 (en) | Methods of providing medical information and related systems and computer program products | |
| Flanagan et al. | Clinical communication among health providers and systems using Web tools. | |
| JP2002024386A (en) | Information communication system | |
| KR20020012078A (en) | Method of handling on-line prescription sheet |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| EEER | Examination request | ||
| MKEX | Expiry |
Effective date: 20210222 |