| CPC G16H 10/60 (2018.01) [H04L 63/08 (2013.01)] | 6 Claims |
|
1. A method for securely provisioning access to an electronic health record system implemented using a computer server to a mobile device, the method comprising the steps of:
a) reading, at the mobile device, a computer-readable authentication code, the computer-readable authentication code comprising a unique client token generated by the electronic health record system;
b) transmitting, from the mobile device to the electronic health record system, a request for provisioning the mobile device to the electronic health record system, the request including the unique client token comprising device identification information uniquely identifying the physical mobile device that read the computer-readable authentication code;
c) receiving a provisioning notification, from the electronic health record system at the mobile device, the provisioning notification including a unique server token generated in response to and based on the received device identification information so as to be specific to the physical mobile device, the unique server token identifying a patient record in the electronic health record system;
d) transmitting, from the mobile device to the electronic health record, a request for patient information stored in the electronic health record system, the request including the unique client token and the unique server token; and
e) receiving at the mobile device the patient information requested based on a verification of prior provisioning, the unique client token and the unique server token.
|