Method and system for sharing electronic medical and health records
US-2020168306-A1 · May 28, 2020 · US
System and method for authenticating access to private health information
US12493676B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12493676-B2 |
| Application number | US-202318201426-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 24, 2023 |
| Priority date | Sep 1, 2020 |
| Publication date | Dec 9, 2025 |
| Grant date | Dec 9, 2025 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A method for authenticating access to private health information (PHI) includes receiving a converted version of a spoken initiation of a retrieval of PHI. The method also includes requesting out-of-band authentication information from a user. The out-of-band authentication information that is requested contains different information than the spoken initiation of the retrieval of the PHI. The method also includes determining whether the out-of-band authentication information received from the user satisfies an authentication criterium associated with the user, obtaining the PHI requested by the user via the spoken initiation provided to the first device responsive to the out-of-band authentication information, and presenting the PHI requested by the user via the first device.
First claim
Opening claim text (preview).
What is claimed is: 1 . A method comprising: responsive to a voice-controlled device receiving a spoken initiation of a retrieval of private health information (PHI) and one or more user limitations on presentation of the PHI, receiving a converted version of the spoken initiation at a user-controlled device that is different, separate, and spaced apart from the voice-controlled device, the one or more user limitations include one or more of a user-defined category of the PHI that is permitted to be presented via the voice-controlled device, a user-identified provider identification that restricts the PHI that is presented via the voice-controlled device to the PHI provided by a provider associated with the user-identified provider identification, or a user-identified type of benefit claim that restricts the PHI that is permitted to be presented via the voice-controlled device to the user-identified type of benefit claim; requesting out-of-band authentication information from a user via the user-controlled device responsive to receiving the converted version of the spoken initiation, the out-of-band authentication information that is requested containing different information than the spoken initiation of the retrieval of the PHI; determining, with the user-controlled device, whether the out-of-band authentication information received from the user at the user-controlled device satisfies an authentication criterium associated with the user; obtaining, with the user-controlled device, the PHI requested by the user via the spoken initiation provided to the voice-controlled device responsive to the out-of-band authentication information satisfying the authentication criterium; and audibly presenting at least part of the PHI that is requested by the user subject to the one or more user limitations, the at least part of the PHI audibly presented by one or more speakers of the voice-controlled device, wherein the spoken initiation is received, the out-of-band authentication information is requested, the out-of-band authentication information is determined to satisfy the authentication criterium, the PHI is obtained, and the at least part of the PHI is audibly presented without the voice-controlled device and the user-controlled device being conductively coupled with each other by any conductive pathways. 2 . The method of claim 1 , wherein the one or more user limitations also include one or more of a user-configurable time period over which the PHI is permitted to be presented via the voice-controlled device or a user-defined date range that restricts the PHI that is presented via the voice-controlled device to the PHI that was obtained over the user-defined date range. 3 . The method of claim 1 , wherein the spoken initiation is received and the PHI is audibly presented by a speaker connected to the Internet and included in the voice-controlled device. 4 . The method of claim 1 , further comprising: identifying a patient represented by the PHI based on information contained within the converted version of the spoken initiation at the user-controlled device; and determining the authentication criterium based on the patient represented by the PHI. 5 . The method of claim 1 , wherein the out-of-band authentication information that is requested via the user-controlled device includes one or more of a fingerprint scan of the user, a retinal scan of the user, or a vocal sample from the user. 6 . The method of claim 1 , wherein the out-of-band authentication information that is requested via the user-controlled device includes one or more of a personal identification number, a numerical string, a text string, or an alpha-numeric string that is provided on a pharmaceutical container. 7 . The method of claim 1 , wherein the spoken initiation is received, the out-of-band authentication information is requested, the out-of-band authentication information is determined to satisfy the authentication criterium, the PHI is obtained, and the at least part of the PHI is audibly presented without the voice controlled device and the user-controlled device being conductively coupled together; and further comprising: identifying a patient represented by the PHI based on information contained within the converted version of the spoken initiation at the user-controlled device; determining the authentication criterium based on the patient represented by the PHI; and audibly broadcasting, from the voice controlled device, the at least part of the PHI associated with the patient and based on identification of the individual producing the spoken initiation request at the voice controlled device. 8 . The method of claim 1 , further comprising: identifying a patient represented by the PHI based on information contained within the converted version of the spoken initiation at the user-controlled device; determining the authentication criterium based on the patient represented by the PHI; and audibly broadcasting, from the voice controlled device, the at least part of the PHI associated with the patient and based on identification of the individual producing the spoken initiation request at the voice controlled device. 9 . A method comprising: responsive to an Internet-connected speaker receiving a spoken initiation of a retrieval of private health information (PHI) and one or more user limitations on presentation of the PHI, receiving a converted version of the spoken initiation at a mobile phone that is different, separate, and spaced apart from the speaker, the one or more user limitations include one or more of a user-defined category of the PHI that is permitted to be presented via the speaker, a user-identified provider identification that restricts the PHI that is presented via the speaker to the PHI provided by a provider associated with the user-identified provider identification, or a user-identified type of benefit claim that restricts the PHI that is permitted to be presented via the speaker to the user-identified type of benefit claim; requesting out-of-band authentication information from a user via the mobile phone responsive to receiving the converted version of the spoken initiation, the out-of-band authentication information that is requested containing different information than the spoken initiation of the retrieval of the PHI; determining, with the mobile phone, whether the out-of-band authentication information received from the user at the mobile phone satisfies an authentication criterium associated with the user; obtaining, with the mobile phone, the PHI requested by the user via the spoken initiation provided to the speaker responsive to the out-of-band authentication information satisfying the authentication criterium; and audibly presenting at least part of the PHI that is requested by the user using the speaker subject to the one or more user limitations, wherein the spoken initiation is received, the out-of-band authentication information is requested, the out-of-band authentication information is determined to satisfy the authentication criterium, the PHI is obtained, and the at least part of the PHI is audibly presented without the speaker and the mobile phone being conductively coupled with each other by any conductive pathways. 10 . The method of claim 9 , wherein the one or more user limitations also include one or more of a user-configurable time period over which the PHI is permitted to be presented via the speaker or a user-defined date range that restricts the PHI that is presented via the speaker to the PHI that was obtained over the user-defined date range. 11 . The method of claim 9 , further comprising: identifying a patient represented by the PHI based
Assignees
Inventors
Classifications
Protecting personal data, e.g. for financial or medical purposes · CPC title
ICT specially adapted for facilitating communication between medical practitioners or patients, e.g. for collaborative diagnosis, therapy or health monitoring · CPC title
for patient-specific data, e.g. for electronic patient records · CPC title
when the policy decisions are valid for a limited amount of time · CPC title
using different networks or channels, e.g. using out of band channels (cryptographic mechanisms or cryptographic arrangements for key distribution involving distinctive intermediate devices or communication paths H04L9/0827; cryptographic mechanisms or cryptographic arrangements for authentication using a plurality of channels H04L9/3215) · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12493676B2 cover?
- A method for authenticating access to private health information (PHI) includes receiving a converted version of a spoken initiation of a retrieval of PHI. The method also includes requesting out-of-band authentication information from a user. The out-of-band authentication information that is requested contains different information than the spoken initiation of the retrieval of the PHI. The m…
- Who is the assignee on this patent?
- Cigna Intellectual Property Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/32. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Dec 09 2025 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).