Data is power. Entities capture data about other entities. A question naturally arises as to the ownership of that data. Does the entity that captures the data own the data? Does the entity that the data is about own the data? So long as the captured data was held behind “closed” doors (i.e. on a local computer or littled intra-firm network of computers) of the capturing entity and used in isolation behind those doors the question was of limited and isolated importance. So long as a minimal set of data was captured the question had minimal importance. So long as the use of the captured data was not extensive the importance of the question was not extensive. This has all changed. Information technology has increased connectedness to captured data. This increased connectedness has moved the data from behind closed doors out into the world. This increased connectedness has allowed the aggregation of minimal individual sets of data into massive, dynamic collections of data. This increased connectedness has provided access so that more and more use is made of the data When data is used it is to someone's benefit and frequently to someone else's detriment. The question of ownership is now crucial.
Generally, ownership implies an ability to control or regulate certain uses of an object. This implies that an operational definition of ownership must consider the object, the use, and the entity or entities that have control over that use of that object. The below described embodiments of the invention relate to a system and method to regulate the uses of objects by entities.
There is a growing concern over confidentiality of healthcare data. This growth is fueled by recent or impending increases in connectivity related to healthcare data. These increases are leading to healthcare data no longer being held behind the closed doors of the providers, aggregation of healthcare data across multiple sources, and potential access to the healthcare data by more and more entities. The concern over confidentiality is in great part a concern that the eventual use of the data by someone for their own benefit will be to the detriment of the patient. That detriment may be discrimination reducing employment, insurance, and financial opportunities. That detriment may something as “simple” as social embarrassment. The prevailing attitude is that with few exceptions the healthcare data of a patient should not be used to their detriment. The method of this patent is not limited in application to healthcare data but the problems of healthcare data generally serve well as examples to illustrate the execution of this method as it might be embodied and will be used as such in this patent.
Conventionally, entities protect objects by providing an access code, a key, a password, or the like, to those entities to which the owning entity would like to grant access. If an owning entity desires to grant access to the object(s) to another entity, the owning entity provides that entity an access code. Likewise, if an entity that holds an access code requires that a third party be granted access, the owning entity must issue an additional access code to the third party.
Commonly, however, when an entity that holds an access code requires that a third party be granted access, the entity holding the access code often divulges its access code to the third party so it may gain access. This weakens the access regulatory power of the system and fails to provide an accurate access log of entities accessing the object.
For example, if a doctor requires that his nurse have access to a patient's medical file, either the patient must grant the nurse access or, more commonly, the doctor provides the nurse with the doctor's access code with which the nurse utilizes to gain access to the patient's medical file. The act of the doctor disclosing his access code is an expression of trust between the doctor and the nurse but there is no documentation of or control over this relationship of trust. Thus, when the nurse uses the doctor's access code to access the records, an individual for whom there is no documented authorization, i.e. the nurse, has accessed the records, there is no documentation that the nurse has gained access, and there may be erroneous documentation that the doctor accessed the records. While this example illustrates a problem in the area of healthcare records, the same is true for any regulated-access object.