The present invention relates to the art of Internet security and the authentication of otherwise unknown persons. It finds particular application in conjunction with Internet based fulfillment of prescription drug orders and/or access to confidential pharmaceutical or medical records. Consequently, it will be described with particular reference thereto. However, it is to be appreciated that the present invention is also amenable to other like applications.
The Internet is an electronic communications network useful for transferring data or information. Due to its speed and convenience, many individuals and businesses find it advantageous to communicate, exchange data and/or conduct transactions over the Internet. It is desired, e.g., in the medical and pharmaceutical fields, to have a patient's medical or pharmaceutical records readily accessible to doctors and/or pharmacies over the Internet. In this manner, physicians and/or pharmacists may make informed treatment/prescription decisions based on the particular circumstance of the patient (e.g., the patient health, medical history, other drugs being taken or already prescribed, drug allergies, etc.). Additionally, patients may desire to have prescriptions conveniently filled over the Internet. The foregoing propositions, however, present certain difficulties which heretofore have not been sufficiently addressed.
Patient's typically wish to regulate access to sensitive or confidential information, such as medical and pharmaceutical record. Moreover, it advantageous to ensure that prescription drugs are not abused. That is to say, prescription drug fulfillment should be carefully administered so that only the patient for whom the drugs are intended actually receive the drugs, and that they only receive those drugs that are properly prescribed. Consequently, it is advantageous to have a suitable degree of security which prevents unauthorized access to a patient's confidential medical and pharmaceutical records, which prevents unauthorized individual from writing prescriptions, which prevents unauthorized individuals from receiving prescription drugs not meant for them, which prevents pharmacies from filling prescriptions improperly written or order, etc. The Internet is, however, an unsecure network vulnerable to potential mischief and/or fraud, e.g., via an individual's misrepresentation of their true identity. As Internet transactions are not carried out face-to-face, traditional authentication protocols (e.g., visual inspection of the individual, inspect of the individuals signature, direct review of the individuals credentials, etc.) tend to be ineffective or not applicable. Accordingly, there is desired, for use in connection with the Internet or other like communications networks, a processing system and/or technique that provides an appropriate level of security which guards against fraudulent or otherwise unauthorized prescription drug fulfillment transactions and/or unauthorized access to confidential medical and/or pharmaceutical records.
Complicating matters further is that fact that often a patient's medical and/or pharmaceutical records are maintained by multiple medical care givers or pharmaceutical prescription fillers. Previously developed security measures in this respect tend to be limited. For example, many record holders (e.g., medical or pharmaceutical facilities) have separate disparate security measures and/or authentication protocols. This is inconvenient and unduly repetitive for those which desire access to confidential records from a plurality of distinct record holders. A multitude of disparate protocols and security measures results in the users having to maintain numerous distinct passwords, IDs, electronic keys and/or other security software or devices, often, a different one for each record holder. Moreover, some record holders may use four character passwords which are capitalization sensitive while others may use eight character passwords which are capitalization independent. There is no standard authentication protocol among the various record holders having a presence on the Internet. This makes keeping track of the various protocols and remembering the various security passwords and IDs even more difficult for users. Additionally, the various record holders are each separately authenticating users' identities. This is unduly repetitive and inefficient, especially considering that the record holders' core competency is not likely to include identity authentication.
Commonly, the prescription drug fulfillment process or access to medical/pharmaceutical records involves a three party transaction. For example, typical prescription drug processing involves a doctor writing a prescription, a patient ordering the prescription and a pharmacy filling the prescription. As opposed to a “linear” two party transaction which is relatively simple (e.g., a commercial purchase/sale transaction), it can be problematic to coordinated transactions among three parties while maintaining appropriate security safeguards. Furthermore, in traditional prescription drug processing, the doctor often calls in a prescription to a particular pharmacy in order to expedite processing. This in turn locked the patient into using that pharmacy to fill the prescription, which may be undesired by patient for what ever reason (e.g., the patient may want to shop around for the best price before deciding which pharmacy to use). Even if the patient originally tells the doctor what pharmacy to use at the time the prescription is being written, the patient may later change their mind when the prescription is being ordered. Traditional prescription processing is unable to suitably accommodate a patient's desire to freely select a pharmacy after the prescription has been written, at best, filling of the prescription would be delayed or the process further complicated. For example, the doctor may have to be contacted by the patient, and may have to call in changes to both the original pharmacy where the prescription was called in and to the new pharmacy where the patient wishes to have the prescription filled.
The present invention contemplates a new and improved communications network processing system and technique for prescription drug fulfillment and/or regulating access to confidential medical/pharmaceutical records that overcomes the above-referenced problems and others.