	US 11,954,741 B2
	Integrated hipaa-compliant computer security system for permitting real-time access to individual budget and service plan data, and to monitor services and progress toward outcomes
Justin Mark Brockie, Wolcot, CT (US); Md. Asif Ali, Dacca (BD); A. S. M. Omar Faruq, Rocky Hill, CT (US); James Michael Kelly, Woodbury, CT (US); Sazzad Rafique, Rocky Hill, CT (US); and Richard Allen Robbins, New York, NY (US)
Assigned to Therap Services, LLC, Torrington, CT (US)
Filed by Therap Services, LLC, Waterbury, CT (US)
Filed on Dec. 29, 2021, as Appl. No. 17/565,185.
Application 13/600,402 is a division of application No. 11/604,577, filed on Nov. 27, 2006, granted, now 8,281,370, issued on Oct. 2, 2012.
Application 17/565,185 is a continuation of application No. 16/750,388, filed on Jan. 23, 2020, granted, now 11,449,954.
Application 16/750,388 is a continuation of application No. 15/197,120, filed on Jun. 29, 2016, granted, now 10,586,290, issued on Mar. 10, 2020.
Application 15/197,120 is a continuation in part of application No. 13/675,440, filed on Nov. 13, 2012, abandoned.
Application 13/600,388 is a continuation in part of application No. 13/600,402, filed on Aug. 31, 2012, granted, now 8,613,054, issued on Dec. 17, 2013.
Application 13/675,440 is a continuation in part of application No. 13/600,388, filed on Aug. 31, 2012, granted, now 8,615,790, issued on Dec. 24, 2013.
Claims priority of provisional application 62/186,193, filed on Jun. 29, 2015.
Prior Publication US 2022/0122186 A1, Apr. 21, 2022
This patent is subject to a terminal disclaimer.
Int. Cl. G06Q 40/12 (2023.01); G06Q 30/04 (2012.01); H04L 9/40 (2022.01)

CPC G06Q 40/12 (2013.12) [G06Q 30/04 (2013.01); H04L 63/102 (2013.01); H04L 63/104 (2013.01)]

19 Claims

1. A HIPAA-compliant computer security method of real-time sharing of service, budget, and billing information associated with personal health information of one or more individuals among at least a first organization and a second organization in an integrated manner, and preventing unauthorized access to the billing information, the method comprising:

a. receiving by one or more physical nodes a first request for authorization for a user in the first organization to access service and budget information in the second organization pertaining to personal health information of one or more individuals, wherein the first organization is associated with a first security domain, the second organization is associated with a second security domain, the second organization has an access profile associated with the first security domain, the user is associated with one or more roles and one or more caseloads, the service and budget information for each of the one or more individuals having at least one type, the one or more roles includes access privilege information for one or more users, and the one or more caseloads includes access privilege information for at least one individual or medical services program associated with said individual's personal health information;

b. logging by the one or more physical nodes, in an activity log associated with at least the first organization or the second organization, the user's first request for authorization for the user in the first organization to access service and budget information in the second organization pertaining to the one or more individuals;

c. determining by the one or more physical nodes whether the user in the first organization is authorized to access service and budget information in the second organization pertaining to the one or more individuals, wherein the determination is based on at least the access profile, the one or more caseloads and the one or more roles associated with the user and the type of service and budget information in the second organization pertaining to the one or more individuals and associated with said individual's personal health information;

d. responsive to determining that the user in the first organization is authorized to access service and budget information in the second organization pertaining to the one or more individuals:

i. transferring by the one or more physical nodes the service and budget information in the second organization pertaining to the one or more individuals in compliance with HIPAA, and;

ii. logging by the one or more physical nodes, in the activity log, the transferring of service and budget information in the second organization pertaining to the one or more individuals to the user in the first organization in compliance with HIPAA; and

responsive to determining that the user in the first organization is not authorized to access service and budget information in the second organization pertaining to the one or more individuals, preventing the requested access in compliance with HIPAA; and

e. receiving, by one or more physical nodes, information pertaining to services provided to the one or more individuals by the first organization and billing information generated by the first organization pertaining to the provided services, wherein said information pertaining to services permits the user to monitor said services and the individual's progress toward outcomes.