1. Field of the Invention
The present invention is directed to computer-related and/or assisted systems, methods, and computer program devices for facilitating efficient and effective use of patient and/or individual related information. More particularly, the present invention relates to techniques for facilitating efficient and effective use of patient and/or individual related information such as medical and/or health related information in compliance with Health Insurance Portability and Accountability Act (HIPAA) of 1996.
2. Description of the Related Art
Some prior attempts have been made in unrelated fields in the healthcare industry to protect patient related information for various reasons. The prior art has not addressed what can be shared or disclosed based on HIPAA regulations.
The Knapp patent, U.S. Pat. No. 6,278,999, incorporated herein by reference, discloses an information management system for personal health digitizers (see FIG. 1) wherein a centralized database 100 collects and stores monitoring data from a large number of individuals and processing elements 101-108 perform statistical analysis of the collected data on a per consumer, population segment, or query-specific basis. The database is architected in a hierarchical manner to limit users' access to only that prepartitioned segment of the collected data that the particular class of user is authorized to analyze. Data is gathered from remotely located sources T1-Tn, comprised of individual consumers using Personal Health Digitizers to take readings on themselves or family members and downloading the data to the information management system IMS via a personal computer modem and Internet browser T1-Tn communicating with an interactive website WS and its data router DR. Alternatively, data can be communicated to the information management system IMS via consumer terminal equipment T1-Tn and the Pubic Telephone Switched Network PTSN.
Data from Personal Health Digitizers communicated to the information management system IMS can be accessed by those consumers who communicate the data via terminal equipment T1-Tn, by health care providers at their terminal equipment and servers S1-Sm, by institutions via their terminal equipment and servers I1-Ij, by medical practitioners, and others whom the consumer designates. These users, broken down into classes, can access the information management system IMS and its analysis functions only to the extent authorized by the consumer. Access control via the communication network PTSN is enforced by the use of database filters 103-106 architected to provide customized access to selected classes of users. The granularity of the data made available to the various classes of users is further selected and limited to prevent the users from deriving information about the consumer population that they are not entitled to receive. Data processing algorithms 108 operate on the raw physiological data collected from individual consumers and produce additional data that aids in identifying potential physiological problems. Interpretive processing systems 107, either standard software database processes or neuromorphic systems, such as expert systems or neural networks, use pattern recognition operations to analyze the collected data for correlations with regard to cohort-based sets of criteria identified.
The Petculescu patent, U.S. Pat. No. 6,405,207, incorporated herein by reference, discloses a multidimensional, multilevel database system (see FIG. 2) wherein query syntax is used to operate a database engine 204 that extracts and aggregates in a report 206 only the data from those items that are specified in the query. A database client 201 provides facilities for multiple users to specify the data to be provided from the database 205. The query 202 then passes to query processor 203, where it is converted into sequenced operations performed by an execution engine 204 to obtain the specified data. The execution engine 204 then aggregates data into a report which the database client 201 displays. The query processor 203, execution engine 204, and database 205 are typically components residing in one or more central computers accessed by query software operating from individual personal computers that serve as database clients 201.
The Zubelida patent, U.S. Pat. No. 6,397,224, incorporated herein by reference, discloses a system (see FIG. 3) for anonymously linking multiple data records 352 by double-encoding and assigning an anonymization code to data elements that can be used to identify an associated individual. Data records 352 are stored within an input database 354, either conventional or computerized. Each record includes a plurality of identifying elements 356 including, for example, name birth date, address, ZIP code, telephone number, healthcare identifier, and the like. Identifying elements 356 of the data records 352 are encoded by two or more modules 358 that can be combined or integrated into a single software application or device. The identity reference encoding modules 358 operate in multiple steps. First, identifying elements 356 of a data record are broken into subsets 362. The identifying elements are then translated into encoded identity references 360 by applying a cryptographic hash function or other hashing scheme, such as symmetric or public key cryptographic algorithms. This process can be repeated one or more times if the system 350 contains one or more additional identity reference encoding modules 358, with the goal of reducing the probability of an unintended collision where two subsets 362 share the same encoded identity reference 360.
The system 350 also includes an anonymization code database 368 that stores anonymization code 366 assignments (for example, serial numbers) associated with encoded identity references 360 and in turn a particular individual, group, or population. An anonymization code lookup module 364 utilizes a database query module 370 to retrieve the anonymization code 366 for each of the encoded identity references 360. If no code is associated with a particular reference, an anonymization code assignment module 372 uses an anonymization code generation module 374 to assign a new, unique anonymization code 366 to each of the encoded identity references 360 that describe an individual, group or population. A database update module 376 is used to ensure that the assigned anonymization code 366 corresponds to the multiple encoded identity references 360 associated with an individual, group, or population. Finally, an anonymization code insertion module 380 inserts the assigned anonymization code 366 into the anonymized data record 382. The inclusion of an identifying element removal module 378 is optional.
However, to the knowledge of the inventors, no attempts have been made to aggregate information about population, drug usage, health and/or medical related information in a manner that can be legitimately used. In addition, no attempts appear to have been made to aggregate health and/or medical related information in compliance with HIPAA regulations and/or in a manner that can be used to assist healthcare providers, health management companies, in research, healthcare and/or marketing, for example, in a small geographic area.