WO2007005530A3 - Method and system for providing a secure multi-user portable database - Google Patents

Method and system for providing a secure multi-user portable database Download PDF

Info

Publication number
WO2007005530A3
WO2007005530A3 PCT/US2006/025389 US2006025389W WO2007005530A3 WO 2007005530 A3 WO2007005530 A3 WO 2007005530A3 US 2006025389 W US2006025389 W US 2006025389W WO 2007005530 A3 WO2007005530 A3 WO 2007005530A3
Authority
WO
WIPO (PCT)
Prior art keywords
access
patient
secure
encrypted data
providing
Prior art date
Application number
PCT/US2006/025389
Other languages
French (fr)
Other versions
WO2007005530A2 (en
Inventor
Mansour Aaron Karimzadeh
Mark Douglas Schaeffer
F Avraham Dilmanian
Farshad Namdar
Original Assignee
Privamed Inc
Mansour Aaron Karimzadeh
Mark Douglas Schaeffer
F Avraham Dilmanian
Farshad Namdar
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Privamed Inc, Mansour Aaron Karimzadeh, Mark Douglas Schaeffer, F Avraham Dilmanian, Farshad Namdar filed Critical Privamed Inc
Publication of WO2007005530A2 publication Critical patent/WO2007005530A2/en
Publication of WO2007005530A3 publication Critical patent/WO2007005530A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3271Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using challenge-response
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6227Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database where protection concerns the structure of data, e.g. records, types, queries
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3226Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
    • H04L9/3231Biological data, e.g. fingerprint, voice or retina
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3297Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving time stamps, e.g. generation of time stamps
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2141Access rights, e.g. capability lists, access control lists, access tables, access matrices
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2153Using hardware token as a secondary aspect
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q40/00Finance; Insurance; Tax strategies; Processing of corporate or income taxes
    • G06Q40/08Insurance
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • G16H10/65ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records stored on portable record carriers, e.g. on smartcards, RFID tags or CD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/88Medical equipments

Abstract

A system and method for providing, managing, and accessing a multi-user secure portable database using secure memory cards is provided. The database has a secure portion for storing security keys and a non-secure portion for encrypted data files. Access to the encrypted data files is controlled by assigning access rights through an access control matrix to each encrypted data file according to a hierarchical structure of users. A user requesting access is identified in the hierarchy, associated with a key for allowing the requested access, and the requested access allowed to a file in accordance with the rights allocated through the access control matrix. A patient can selectively grant access to encrypted medical records on his card to a physician. Authentication of the owner/patient is preferably required. Other records required by emergency medical personnel are readable from the same card without requiring permission from the patient.
PCT/US2006/025389 2005-07-01 2006-06-29 Method and system for providing a secure multi-user portable database WO2007005530A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US11/173,133 US7661146B2 (en) 2005-07-01 2005-07-01 Method and system for providing a secure multi-user portable database
US11/173,133 2005-07-01

Publications (2)

Publication Number Publication Date
WO2007005530A2 WO2007005530A2 (en) 2007-01-11
WO2007005530A3 true WO2007005530A3 (en) 2007-06-21

Family

ID=37591472

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2006/025389 WO2007005530A2 (en) 2005-07-01 2006-06-29 Method and system for providing a secure multi-user portable database

Country Status (2)

Country Link
US (1) US7661146B2 (en)
WO (1) WO2007005530A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9003538B2 (en) 2007-12-07 2015-04-07 Roche Diagnostics Operations, Inc. Method and system for associating database content for security enhancement

Families Citing this family (108)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9977831B1 (en) 1999-08-16 2018-05-22 Dise Technologies, Llc Targeting users' interests with a dynamic index and search engine server
US9195756B1 (en) * 1999-08-16 2015-11-24 Dise Technologies, Llc Building a master topical index of information
US8504554B2 (en) * 1999-08-16 2013-08-06 Raichur Revocable Trust, Arvind A. and Becky D. Raichur Dynamic index and search engine server
US8127142B2 (en) * 2005-09-09 2012-02-28 University Of South Florida Method of authenticating a user on a network
US8725537B2 (en) * 2005-09-12 2014-05-13 Mymedicalrecords, Inc. Method and system for providing online records
US8121855B2 (en) 2005-09-12 2012-02-21 Mymedicalrecords.Com, Inc. Method and system for providing online medical records
US20080046285A1 (en) * 2006-08-18 2008-02-21 Greischar Patrick J Method and system for real-time emergency resource management
US8428961B2 (en) * 2005-09-14 2013-04-23 Emsystem, Llc Method and system for data aggregation for real-time emergency resource management
US20070174093A1 (en) * 2005-09-14 2007-07-26 Dave Colwell Method and system for secure and protected electronic patient tracking
JP4975035B2 (en) * 2005-09-16 2012-07-11 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Role-based access control with encryption
US20070067190A1 (en) * 2005-09-21 2007-03-22 Yasnoff William A Method And Apparatus to Provide for the Provision of Medically-Related Information
US7788484B2 (en) * 2005-11-30 2010-08-31 Microsoft Corporation Using hierarchical identity based cryptography for authenticating outbound mail
US20070294114A1 (en) * 2005-12-14 2007-12-20 Healthunity Corporation Record sharing privacy system and method
WO2007120754A2 (en) * 2006-04-11 2007-10-25 Medox Exchange, Inc. Relationship-based authorization
US7859539B2 (en) 2006-05-27 2010-12-28 Christopher Vance Beckman Organizational viewing techniques
US7999415B2 (en) 2007-05-29 2011-08-16 Christopher Vance Beckman Electronic leakage reduction techniques
US20080086680A1 (en) * 2006-05-27 2008-04-10 Beckman Christopher V Techniques of document annotation according to subsequent citation
US8914865B2 (en) * 2006-05-27 2014-12-16 Loughton Technology, L.L.C. Data storage and access facilitating techniques
US8095967B2 (en) * 2006-07-27 2012-01-10 White Sky, Inc. Secure web site authentication using web site characteristics, secure user credentials and private browser
BRPI0717323A2 (en) 2006-09-26 2014-12-23 Ralph Korpman SYSTEM AND APPARATUS FOR INDIVIDUAL HEALTH RECORD
US11170879B1 (en) 2006-09-26 2021-11-09 Centrifyhealth, Llc Individual health record system and apparatus
US8579853B2 (en) * 2006-10-31 2013-11-12 Abbott Diabetes Care Inc. Infusion devices and methods
US8909924B2 (en) * 2006-11-30 2014-12-09 Dapict, Inc. Digital asset management system
US8813243B2 (en) * 2007-02-02 2014-08-19 Red Hat, Inc. Reducing a size of a security-related data object stored on a token
US20100217988A1 (en) 2007-04-12 2010-08-26 Avow Systems, Inc. Electronic document management and delivery
US9769177B2 (en) * 2007-06-12 2017-09-19 Syracuse University Role-based access control to computing resources in an inter-organizational community
US20080312952A1 (en) * 2007-06-12 2008-12-18 Gulfo Joseph V Regulating Use Of A Device To Perform A Procedure On A Subject
US8281405B1 (en) 2007-06-13 2012-10-02 Mcafee, Inc. System, method, and computer program product for securing data on a server based on a heuristic analysis
US8468579B2 (en) * 2007-06-15 2013-06-18 Microsoft Corporation Transformation of sequential access control lists utilizing certificates
TW200907736A (en) * 2007-08-01 2009-02-16 Univ Taipei Medical Electronic medical record system, method for storing medical record data in the system, and portable electronic device loading the system
CA2615645A1 (en) * 2007-08-17 2009-02-17 Telecompute Integrated Systems Inc. A portable database system for independent operation on computing device
CA2610149A1 (en) * 2007-08-17 2009-02-17 Telecompute Integrated Systems Inc. A portable database system for independent operation on computer device
CN100536565C (en) * 2007-08-24 2009-09-02 北京市朝阳区信息网络中心 User classification management system of image information management system
US8356170B2 (en) * 2007-10-12 2013-01-15 Panasonic Corporation Management-apparatus card, measuring apparatus, health care system, and method for communicating vital sign data
JP4989431B2 (en) * 2007-11-30 2012-08-01 株式会社富士通ビー・エス・シー Security management program, security management method, and portable terminal device
US20090150438A1 (en) * 2007-12-07 2009-06-11 Roche Diagnostics Operations, Inc. Export file format with manifest for enhanced data transfer
FR2924837B1 (en) * 2007-12-07 2010-01-29 Thales Sa SECURE DATA SHARING MEDIUM
FR2958821A1 (en) * 2007-12-11 2011-10-14 Mediscs METHOD FOR AUTHENTICATING A USER
JP4526574B2 (en) * 2008-03-31 2010-08-18 富士通株式会社 Cryptographic data management system and cryptographic data management method
US8868929B2 (en) * 2008-04-08 2014-10-21 Microelectronica Espanola S.A.U. Method of mass storage memory management for large capacity universal integrated circuit cards
US8645423B2 (en) * 2008-05-02 2014-02-04 Oracle International Corporation Method of partitioning a database
US20100325156A1 (en) * 2008-05-28 2010-12-23 Bhagyarekha Plainfield Systems and methods for secure data entry and storage
US20090320096A1 (en) * 2008-06-24 2009-12-24 Microsoft Corporation Managing access to a health-record
US20090320092A1 (en) * 2008-06-24 2009-12-24 Microsoft Corporation User interface for managing access to a health-record
US8625799B2 (en) * 2008-07-18 2014-01-07 Absolute Software Corporation Privacy management for tracked devices
EP2169564A1 (en) * 2008-09-29 2010-03-31 Software AG Database system, access application and method for controlling access to contents of an external database
US8661056B1 (en) * 2008-11-03 2014-02-25 Salesforce.Com, Inc. System, method and computer program product for publicly providing web content of a tenant using a multi-tenant on-demand database service
US20100332260A1 (en) * 2008-11-05 2010-12-30 Kassas George I Personal record system with centralized data storage and distributed record generation and access
US20100145807A1 (en) * 2008-12-05 2010-06-10 Kobres Erick C Device for management of personal data
US8909660B2 (en) * 2009-04-03 2014-12-09 Epic Systems Corporation System and method for secured health record account registration
IT1394439B1 (en) 2009-05-26 2012-06-15 Lentini CONTROL METHOD FOR THE MANAGEMENT AND DIFFUSION OF CONTROLLED DIGITAL CONFIDENTIAL INFORMATION CONTAINED IN PORTABLE ELECTRONIC SUPPORTS.
US8381987B2 (en) * 2009-07-30 2013-02-26 Mela Sciences, Inc. Insertable storage card containing a portable memory card having a connection interface
US8452063B2 (en) 2009-11-03 2013-05-28 Mela Sciences, Inc. Showing skin lesion information
US8433116B2 (en) * 2009-11-03 2013-04-30 Mela Sciences, Inc. Showing skin lesion information
US8935248B2 (en) * 2010-05-17 2015-01-13 United States Postal Service Localized data affinity system and hybrid method
WO2012024115A1 (en) * 2010-08-16 2012-02-23 Secure Exchange Solutions, Inc. Method and system using two or more storage devices for authenticating multiple users for a single transaction
US20120066223A1 (en) * 2010-09-13 2012-03-15 Openpeak Inc. Method and computing device for creating distinct user spaces
US8650658B2 (en) 2010-10-25 2014-02-11 Openpeak Inc. Creating distinct user spaces through user identifiers
US8627508B2 (en) 2011-06-17 2014-01-07 Microsoft Corporation Cloud key directory for federating data exchanges
US8891772B2 (en) 2011-06-17 2014-11-18 Microsoft Corporation Cloud key escrow system
JP6199297B2 (en) 2011-10-17 2017-09-20 インタートラスト テクノロジーズ コーポレイション Systems and methods for protecting and managing genomes and other information
KR20130093706A (en) * 2011-12-23 2013-08-23 한국전자통신연구원 Apparatus for transmitting vehicle information
WO2013095151A1 (en) 2011-12-23 2013-06-27 Malterud Hans System and method for alerting and tracking with improved confidentiality
WO2013106306A2 (en) 2012-01-09 2013-07-18 Mymedicalrecords, Inc. Prepaid card for services related to personal health records
US20130191139A1 (en) * 2012-01-23 2013-07-25 James F. Chen Systems and methods for electronically prescribing controlled substances
US9137235B2 (en) * 2012-03-23 2015-09-15 Cloudpath Networks, Inc. System and method for providing a certificate based on list membeship
US10255455B2 (en) 2012-11-26 2019-04-09 Fisher & Paykel Healthcare Limited Method and system for accessing centralised patient data
US20140189880A1 (en) * 2012-12-31 2014-07-03 Gemalto Sa System and method for administrating access control rules on a secure element
US20140297329A1 (en) 2013-03-26 2014-10-02 Eric Rock Medication reconciliation system and method
US9619849B2 (en) 2013-03-26 2017-04-11 Eric Lee Rock Healthcare delivery system and method
US9582641B2 (en) * 2013-03-26 2017-02-28 Eric Rock Distributed healthcare database system and method
US10296722B2 (en) 2013-03-26 2019-05-21 Vivify Health, Inc. Virtual rehabilitation system and method
US10817965B2 (en) 2013-03-26 2020-10-27 Vivify Health, Inc. Dynamic video scripting system and method
RU2546585C2 (en) * 2013-08-07 2015-04-10 Закрытое акционерное общество "Лаборатория Касперского" System and method of providing application access rights to computer files
US9553855B2 (en) * 2014-02-14 2017-01-24 Red Hat, Inc. Storing a key to an encrypted file in kernel memory
JP6245045B2 (en) * 2014-04-08 2017-12-13 コニカミノルタ株式会社 Medical imaging system for diagnosis
US20160063187A1 (en) * 2014-08-29 2016-03-03 Atigeo Corporation Automated system for handling files containing protected health information
US10021087B2 (en) * 2014-09-15 2018-07-10 Mansour Aaron Karimzadeh Method and system for providing a secure communication channel to portable privatized data
US9613226B2 (en) 2014-10-01 2017-04-04 VYRTY Corporation Secure access to individual information
US10089439B2 (en) * 2014-10-28 2018-10-02 Stryker Sustainability Solutions, Inc. Medical device with cryptosystem and method of implementing the same
US20180101434A1 (en) * 2014-12-31 2018-04-12 International Business Machines Corporation Listing types in a distributed storage system
CN106302312B (en) 2015-05-13 2019-09-17 阿里巴巴集团控股有限公司 Obtain the method and device of electronic document
CN106326763B (en) 2015-06-15 2020-01-14 阿里巴巴集团控股有限公司 Method and device for acquiring electronic file
JP5893791B1 (en) * 2015-07-28 2016-03-23 株式会社医療情報技術研究所 Multi-facility integrated document management system
KR20170032715A (en) * 2015-09-15 2017-03-23 삼성전자주식회사 Method for Managing Application and Electronic Device supporting the same
JP2017058800A (en) * 2015-09-15 2017-03-23 富士ゼロックス株式会社 Apparatus and program for information processing
US10068074B2 (en) 2016-03-25 2018-09-04 Credly, Inc. Generation, management, and tracking of digital credentials
US10033536B2 (en) 2016-03-25 2018-07-24 Credly, Inc. Generation, management, and tracking of digital credentials
US10348695B1 (en) * 2016-05-26 2019-07-09 VYRTY Corporation Secure access to individual information
DE102016011534A1 (en) 2016-09-23 2018-03-29 Albert Coenen Technical procedure for the privacy-compliant use of smart cards in networks
DE102017202183A1 (en) 2017-02-10 2018-08-16 Bundesdruckerei Gmbh Access management system for exporting data records
US10394468B2 (en) * 2017-02-23 2019-08-27 International Business Machines Corporation Handling data slice revisions in a dispersed storage network
JP6910617B2 (en) * 2017-08-30 2021-07-28 メディカルアイ株式会社 Management methods, management devices and programs for disclosure of electronic medical records
US20190087831A1 (en) 2017-09-15 2019-03-21 Pearson Education, Inc. Generating digital credentials based on sensor feedback data
EP3695415A4 (en) * 2017-10-11 2021-06-16 Pear Therapeutics, Inc. Systems and methods for ensuring data security in the treatment of diseases and disorders using digital therapeutics
US10803104B2 (en) 2017-11-01 2020-10-13 Pearson Education, Inc. Digital credential field mapping
WO2019157062A1 (en) * 2018-02-07 2019-08-15 Medicapture, Inc. System and method for decentralized data storage
US11343330B2 (en) 2018-04-18 2022-05-24 VYRTY Corporation Secure access to individual information
US11777913B2 (en) * 2018-12-04 2023-10-03 Journey.ai Generating reports from information within a zero-knowledge data management network
US11669514B2 (en) 2019-04-03 2023-06-06 Unitedhealth Group Incorporated Managing data objects for graph-based data structures
US11483147B2 (en) * 2020-01-23 2022-10-25 Bank Of America Corporation Intelligent encryption based on user and data properties
US11593026B2 (en) 2020-03-06 2023-02-28 International Business Machines Corporation Zone storage optimization using predictive protocol patterns
JP2021149226A (en) * 2020-03-17 2021-09-27 コニカミノルタ株式会社 Medical information management apparatus, medical information management system, control program, and medical information management method
US11349644B1 (en) 2020-04-29 2022-05-31 Wells Fargo Bank, N.A. Database exclusion (DBX) for multi party access (MPA) to sensitive personal information (SPI)
US11361112B2 (en) 2020-07-07 2022-06-14 Mastercard International Incorporated Managing secure document exchanges
US11387987B2 (en) * 2020-08-13 2022-07-12 Ginger.io, Inc. Method and system for digital health data encryption
US11720704B1 (en) 2020-09-01 2023-08-08 Cigna Intellectual Property, Inc. System and method for authenticating access to private health information
US11514186B2 (en) * 2021-04-14 2022-11-29 Sap Se Integrated database user privilege management

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6131090A (en) * 1997-03-04 2000-10-10 Pitney Bowes Inc. Method and system for providing controlled access to information stored on a portable recording medium
US6523009B1 (en) * 1999-11-06 2003-02-18 Bobbi L. Wilkins Individualized patient electronic medical records system
US6725200B1 (en) * 1994-09-13 2004-04-20 Irmgard Rost Personal data archive system
US20050197859A1 (en) * 2004-01-16 2005-09-08 Wilson James C. Portable electronic data storage and retreival system for group data
US7168092B2 (en) * 2000-08-31 2007-01-23 Sun Microsystems, Inc. Configuring processing units

Family Cites Families (62)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5291399A (en) * 1990-07-27 1994-03-01 Executone Information Systems, Inc. Method and apparatus for accessing a portable personal database as for a hospital environment
US5495533A (en) * 1994-04-29 1996-02-27 International Business Machines Corporation Personal key archive
US6460036B1 (en) * 1994-11-29 2002-10-01 Pinpoint Incorporated System and method for providing customized electronic newspapers and target advertisements
US5899998A (en) * 1995-08-31 1999-05-04 Medcard Systems, Inc. Method and system for maintaining and updating computerized medical records
JP3688822B2 (en) * 1996-09-03 2005-08-31 株式会社東芝 Electronic medical record system
KR100629413B1 (en) * 1997-03-21 2006-09-27 까날 + (쏘시에떼 아노님) Smartcard for use with a receiver of encrypted broadcast signal, and receiver
US6212635B1 (en) * 1997-07-18 2001-04-03 David C. Reardon Network security system allowing access and modification to a security subsystem after initial installation when a master token is in place
US6148342A (en) * 1998-01-27 2000-11-14 Ho; Andrew P. Secure database management system for confidential records using separately encrypted identifier and access request
FR2781067B1 (en) * 1998-07-10 2000-09-22 Gemplus Card Int CHIP CARD ORGANIZATION SYSTEMS FOR USE AS A SERVER IN AN INTERNET-TYPE NETWORK
US6678826B1 (en) * 1998-09-09 2004-01-13 Communications Devices, Inc. Management system for distributed out-of-band security databases
US6898636B1 (en) * 1999-02-04 2005-05-24 Intralinks, Inc. Methods and systems for interchanging documents between a sender computer, a server and a receiver computer
US6745247B1 (en) * 1999-03-19 2004-06-01 Citicorp Development Center, Inc. Method and system for deploying smart card applications over data networks
US6920567B1 (en) * 1999-04-07 2005-07-19 Viatech Technologies Inc. System and embedded license control mechanism for the creation and distribution of digital content files and enforcement of licensed use of the digital content files
US6289450B1 (en) * 1999-05-28 2001-09-11 Authentica, Inc. Information security architecture for encrypting documents for remote access while maintaining access control
US6602298B1 (en) * 1999-06-04 2003-08-05 Hewlett-Packard Development Company, L.P. Methods of storing and retrieving communications, information, and documents
US7343351B1 (en) * 1999-08-31 2008-03-11 American Express Travel Related Services Company, Inc. Methods and apparatus for conducting electronic transactions
US20050108096A1 (en) * 1999-09-28 2005-05-19 Chameleon Network Inc. Portable electronic authorization system and method
AU7621300A (en) * 1999-09-28 2001-04-30 Chameleon Network Inc. Portable electronic authorization system and associated method
US7340439B2 (en) * 1999-09-28 2008-03-04 Chameleon Network Inc. Portable electronic authorization system and method
US20030033534A1 (en) * 1999-11-29 2003-02-13 Rand Ricky C System and method for dual key card dual database access control and identification
US6751651B2 (en) * 1999-11-30 2004-06-15 David A. Crockett Web-site consistency administration among inconsistent software-object libraries of remote distributed health-care providers
US7331058B1 (en) * 1999-12-16 2008-02-12 International Business Machines Corporation Distributed data structures for authorization and access control for computing resources
IL150728A0 (en) * 2000-01-14 2003-02-12 Catavault Method and system for secure registration, storage, management and linkage of personal authentication credentials data over a network
US6463417B1 (en) 2000-02-22 2002-10-08 Carekey.Com, Inc. Method and system for distributing health information
AU7182701A (en) * 2000-07-06 2002-01-21 David Paul Felsher Information record infrastructure, system and method
US7356460B1 (en) * 2000-07-27 2008-04-08 Healthedge, Inc. Claim processing
US6947556B1 (en) * 2000-08-21 2005-09-20 International Business Machines Corporation Secure data storage and retrieval with key management and user authentication
US7146644B2 (en) * 2000-11-13 2006-12-05 Digital Doors, Inc. Data security system and method responsive to electronic attacks
US7546334B2 (en) * 2000-11-13 2009-06-09 Digital Doors, Inc. Data security system and method with adaptive filter
US7140044B2 (en) * 2000-11-13 2006-11-21 Digital Doors, Inc. Data security system and method for separation of user communities
US7103915B2 (en) * 2000-11-13 2006-09-05 Digital Doors, Inc. Data security system and method
US7322047B2 (en) * 2000-11-13 2008-01-22 Digital Doors, Inc. Data security system and method associated with data mining
US6978376B2 (en) * 2000-12-15 2005-12-20 Authentica, Inc. Information security architecture for encrypting documents for remote access while maintaining access control
US20020077861A1 (en) * 2000-12-20 2002-06-20 Hogan James K. Compact disk based medical information system
KR100392331B1 (en) * 2001-02-02 2003-07-22 서오텔레콤(주) System for managing medical insurance using information communication network and method therefore
US6862614B2 (en) * 2001-02-20 2005-03-01 Gemplus Adaptation of service applications to heterogeneous execution context by means of smart cards
US7171411B1 (en) * 2001-02-28 2007-01-30 Oracle International Corporation Method and system for implementing shared schemas for users in a distributed computing system
US7440962B1 (en) * 2001-02-28 2008-10-21 Oracle International Corporation Method and system for management of access information
JP3803088B2 (en) * 2001-04-18 2006-08-02 株式会社パンプキンハウス Cryptographic system and control method thereof
US7003670B2 (en) * 2001-06-08 2006-02-21 Musicrypt, Inc. Biometric rights management system
US20030055824A1 (en) * 2001-09-19 2003-03-20 Andrea Califano Distributed personalized genetic safe
US20030065626A1 (en) * 2001-09-28 2003-04-03 Allen Karl H. User verification for conducting health-related transactions
CN100555157C (en) * 2001-10-01 2009-10-28 雅斯拓股份有限公司 The method of the database in smart card and the visit smart card
US20030093298A1 (en) * 2001-10-12 2003-05-15 Javier Hernandez System and method for providing secure remote access to patient files by authenticating personnel with biometric data
AU2002343178A1 (en) * 2001-12-06 2003-06-17 Schlumberger Systemes Method to query an embebbed database
US20030130867A1 (en) * 2002-01-04 2003-07-10 Rohan Coelho Consent system for accessing health information
US7647320B2 (en) * 2002-01-18 2010-01-12 Peoplechart Corporation Patient directed system and method for managing medical information
US6845908B2 (en) * 2002-03-18 2005-01-25 Hitachi Semiconductor (America) Inc. Storage card with integral file system, access control and cryptographic support
US6931530B2 (en) * 2002-07-22 2005-08-16 Vormetric, Inc. Secure network file access controller implementing access control and auditing
US20040125402A1 (en) * 2002-09-13 2004-07-01 Yoichi Kanai Document printing program, document protecting program, document protecting system, document printing apparatus for printing out a document based on security policy
US7266702B2 (en) * 2002-10-21 2007-09-04 Solid Information Technology Oy Method and system for managing security material and services in a distributed database system
US20040103000A1 (en) * 2002-11-26 2004-05-27 Fori Owurowa Portable system and method for health information storage, retrieval, and management
US20040111622A1 (en) * 2002-12-10 2004-06-10 Roy Schoenberg Method of and system for controlling access to personal information records
US7452278B2 (en) * 2003-05-09 2008-11-18 Microsoft Corporation Web access to secure data
AU2003902422A0 (en) * 2003-05-19 2003-06-05 Intellirad Solutions Pty. Ltd Access security system
AU2003902423A0 (en) * 2003-05-19 2003-06-05 Intellirad Solutions Pty. Ltd Apparatus and method
US8782020B2 (en) * 2003-11-18 2014-07-15 Oracle International Corporation Method of and system for committing a transaction to database
US7747872B2 (en) * 2004-03-25 2010-06-29 Franklin Electronic Publishers, Inc. Secure portable electronic reference device
US7715905B2 (en) * 2004-05-25 2010-05-11 United Therapeutics Corporation Cooperative processing with mobile monitoring device and computer system
US7458102B2 (en) * 2004-08-17 2008-11-25 Emc Corporation Information security architecture for remote access control using non-bidirectional protocols
US7430664B2 (en) * 2005-02-02 2008-09-30 Innomedia Pte, Ltd System and method for securely providing a configuration file over and open network
US20070005396A1 (en) * 2005-06-29 2007-01-04 Lee Keat J Method and device for maintaining and providing access to electronic clinical records

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6725200B1 (en) * 1994-09-13 2004-04-20 Irmgard Rost Personal data archive system
US6131090A (en) * 1997-03-04 2000-10-10 Pitney Bowes Inc. Method and system for providing controlled access to information stored on a portable recording medium
US6523009B1 (en) * 1999-11-06 2003-02-18 Bobbi L. Wilkins Individualized patient electronic medical records system
US7168092B2 (en) * 2000-08-31 2007-01-23 Sun Microsystems, Inc. Configuring processing units
US20050197859A1 (en) * 2004-01-16 2005-09-08 Wilson James C. Portable electronic data storage and retreival system for group data

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9003538B2 (en) 2007-12-07 2015-04-07 Roche Diagnostics Operations, Inc. Method and system for associating database content for security enhancement

Also Published As

Publication number Publication date
US7661146B2 (en) 2010-02-09
US20070006322A1 (en) 2007-01-04
WO2007005530A2 (en) 2007-01-11

Similar Documents

Publication Publication Date Title
WO2007005530A3 (en) Method and system for providing a secure multi-user portable database
Schaar Privacy by design
US6041412A (en) Apparatus and method for providing access to secured data or area
US20060288210A1 (en) System of personal data spaces and a method of governing access to personal data spaces
RU2602790C2 (en) Secure access to personal health records in emergency situations
Tejero et al. Advances and current state of the security and privacy in electronic health records: survey from a social perspective
CA2514413C (en) Managing access to physical assets
JP2005505863A (en) Data processing system for patient data
CN107968788A (en) A kind of method and apparatus for working document safety management
Nortey et al. Privacy module for distributed electronic health records (EHRs) using the blockchain
Riedl et al. A secure architecture for the pseudonymization of medical data
Jafari et al. A rights management approach to protection of privacy in a cloud of electronic health records
Alabdulatif et al. Protection of electronic health records (EHRs) in cloud
Tiwari et al. Role-based access control through on-demand classification of electronic health record
Steria A blockchain-based healthcare platform for secure personalised data sharing
Hung Towards a Privacy Access Control Model for e-Healthcare Services.
JP2003091456A (en) Personal electronic health file system protected by data destruction or illegal reading preventing countermeasures
US20100235924A1 (en) Secure Personal Medical Process
Neubauer et al. Improving patients privacy with pseudonymization
Hamsanandhini et al. Health record maintenance using cloud computing and multi authority attribute based encryption
Lhotska et al. Security recommendations for implementation in distributed healthcare systems
Sheppard et al. A digital rights management model for healthcare
DE10307996B4 (en) Method for encrypting and decrypting data by different users
CN112882652A (en) Network sharing storage system and method
JP4153709B2 (en) Access control method

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 06785855

Country of ref document: EP

Kind code of ref document: A2