Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
1999-11-03
2002-09-10
Homere, Jean R. (Department: 2177)
Data processing: database and file management or data structures
Database design
Data structure types
C705S002000, C713S152000, C707S793000
Reexamination Certificate
active
06449621
ABSTRACT:
TECHNICAL FIELD OF THE INVENTION
This invention is related in general to the field of computers and computer databases, and more particularly, to a privacy data escrow system and method.
BACKGROUND OF THE INVENTION
In today's computer age, nearly every human action leads to the generation, collection and storage of some data. For example, a shopper's grocery or merchandise purchasing habits are collected at the checkout line and stored in databases for future marketing or customer relation purposes. In some instances, sensitive personal data collection leads to privacy issues. For example, financial data are collected whenever a customer applies for credit or a loan, and medical records are maintained for patients for insurance claim purposes. In the latter example, special concerns exist for employees whose employers maintain health care records of its employees. The challenge for employers is to maintain the confidentiality and privacy of employee health medical and claims data, while permitting access to the data for research, analysis, and, in some cases, targeted patient intervention.
SUMMARY OF THE INVENTION
It has been recognized that it is desirable to provide a privacy data escrow system and method to maintain the confidentiality of sensitive personal data such as patient medical records.
In one aspect of the invention, a privacy data escrow system includes at least one data provider having a plurality of privacy data records of a plurality of persons. Each privacy data record is associated with a unique person identifier of a person, and each of the at least one data provider having a unique data provider identifier associated therewith. An escrow agent is in communication with the at least one data provider and is operable to receive and store, from the at least one data provider, the plurality of person identifiers, and a plurality of unique scrambled person identifiers and data provider identifiers associated with each person identifier. A database is in communication with the at least one data provider and is operable to receive and store, from the at least one data provider, the plurality of privacy data records, the plurality of scrambled person identifiers associated with the privacy data records, and the data provider identifiers. The database is further operable to receive and store, from the escrow agent, a unique universal anonymous identifier to replace each scrambled person identifier whereby each privacy data record stored in database is identifiable by a universal anonymous identifier.
In another aspect of the invention, a privacy data escrow system includes at least one data provider having a plurality of privacy data records of a plurality of persons, each privacy data record being associated with a unique person identifier of a person, each of the at least one data provider having a unique data provider identifier associated therewith, the at least one data provider being operable to scramble the person identifiers and generate unique scrambled person identifiers therefrom. An escrow agent is in communication with the at least one data provider and is operable to receive and store, from the at least one data provider, the plurality of person identifiers, the associated scrambled person identifiers, and the associated data provider identifier, the escrow agent being operable to generate a unique universal anonymous identifier for each scrambled person identifier. A database in communications with the at least one data provider and is operable to receive and store, from the at least one data provider, the plurality of privacy data records, the plurality of scrambled person identifiers associated with the privacy data records, and the data provider identifier. The database is further operable to receive and store, from the escrow agent, a unique universal anonymous identifier to replace each scrambled person identifier whereby each privacy data record stored in database is identifiable by a universal anonymous identifier.
In yet another aspect of the invention, a method of maintaining the confidentiality of privacy data includes the steps of associating a unique person identifier with each privacy data record, scrambling the unique person identifier and generating a scrambled person identifier, transmitting the privacy data record and the scrambled person identifier to a database for storage, and transmitting the person identifier with its associated scrambled person identifier to an escrow agency for confidential safekeeping. The escrow agency then generates a universal anonymous identifier for each person identifier and scrambled person identifier, and transmits the universal anonymous identifier and its associated scrambled person identifier to the database.
REFERENCES:
patent: 5325294 (1994-06-01), Keene
patent: 5499293 (1996-03-01), Behram et al.
patent: 5579393 (1996-11-01), Conner et al.
patent: 5606610 (1997-02-01), Johansson
patent: 5832488 (1998-11-01), Eberhardt
patent: 5956400 (1999-09-01), Chaum et al.
patent: 6023721 (2000-02-01), Cummings
patent: 6148342 (2000-11-01), Ho
patent: 6205472 (2001-03-01), Gilmour
patent: 6253203 (2001-06-01), O'Flaherty et al.
patent: 6275824 (2001-08-01), O'Flaherty et al.
patent: 2002/0029156 (2002-03-01), O'Dowd
patent: 0 884 670 (1998-02-01), None
patent: 0 950 972 (1999-10-01), None
patent: 1099996 (2001-05-01), None
patent: WO 95/15628 (1995-06-01), None
patent: WO 99 38080 (1998-01-01), None
JHMI-Infonet, “JHBMC-IRB Guidelines: Data Safety Monitoring Evaluation”, Nov. 1997, downloaded from infonet.welch.jhu.edu/research/jhbmc-irb/guide-C-6.html, on Nov. 2, 2001.*
Department of Health and Human Services, National Institutes of Health, “Privacy Act of 1974; New System of Records”, Apr. 4, 1997, downloaded from www.nimh.nih.gov/grants/privacyact1997.pdf on Nov. 2, 2001.*
U.S. Congress, Office of Technology Assessment, “Protecting Privacy in Computerized Information, OTA-TCT-576” (Washington, DC:U.S. Government Printing Office, Sep. 1993.*
Federal Register of Tuesday, Jun. 18, 1991, “Part II: Federal Policy for the Protection of Human Subjects; Notices and Rules”, vol. 56, No. 117, pp. 28002-28032.*
Federal Register of Monday Jun. 19, 1989, “Privacy Act of 1974; Final Guidance Interpreting the Provisions of Public Law 100-503, the Computer Matching Privacy Protection Act of 1988”, vol. 54, No. 116, pp. 25818-25829.*
National Research Council, “For The Record: Protecting Electronic Health Information”, Washington, DC:National Academy Press, 1997, pp. 1-18 and 82-135, R864,F67 1997.*
National Research Council, “Cryptography's Role in Securing the Information Society”, Washington, DC:National Academy Press, 1996, pp. 457-461 TK5102.94.C78 1996.*
Coleman, M.P., Muir, C.S. and Menegoz, F. “Confidentiality in the Cancer Registry”, British Journal of Cancer, vol. 66, No. 6, Dec. 1992, pp. 1138-1149.*
Bharucha-Reid, R.P., Schork, M.A. and Schwartz, S.A. “Data Linkage and Subject Anonymity for HIV Testing”, AIDS Public Policy Journal, vol. 5, No. 4, Winter 1990, pp. 189-190.*
Abi Berger, Private Company Wins Right To Icelandic Gene Database (BMJ 1999; 318:11 (Jan. 2)) (visited Aug. 16, 1999 @3:05 p.m.) <http://www/bmj.com/cgi/content/short/318/7175/11>.
John Schwartz, Iceland Sells Its People's Genetic Code To Biotech Firm (The Washington Post, Posted at 08:45 a.m. PST; Tuesday, Jan. 12, 1999) (visited Aug. 16, 1999 @3:10 p.m.) <http://www.seattletimes.com
ews
ations-world/html98/altgene_011299.html>.
No names or personal IDs enter DeCODE genetics (visited Aug. 16, 1999 @ 3:15 p.m.) <http://www.decode.is/ppt/protection/sld003.htm>.
Baker & Botts L.L.P.
Ford Global Technologies Inc.
Homere Jean R.
Wassum Luke S
LandOfFree
Privacy data escrow system and method does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Privacy data escrow system and method, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Privacy data escrow system and method will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2846837