Method and system for associating database content for security enhancement

摘要

A system and method for associating database content for security enhancement is provided, the method being applicable to a system comprising a computer configured to process a data management application and to store data in databases. According to one embodiment of the method according to the invention, the application uses an encryption key to encrypt data. The application stores the encrypted data in two or more databases. The databases may comprise a system database for storing encrypted user access data and one or more results databases for storing patient data. Databases may be stored locally, remotely, or both locally and remotely.

主权项

1. A method for associating database content comprising the steps of:
providing a computing system including a storage media; installing an application in the storage media adapted to access and manipulate medical records of a patient; providing a first encryption key stored in a computer readable media, the first encryption key accessible by the application; encrypting user access data including a user identification and password with the first encryption key and storing the encrypted user access data in a system database that comprises,
encrypting a plurality of user data, each of the plurality of user data associated with a unique command,providing a second encryption key stored in a computer readable media, the second encryption key also accessible by the application,encrypting a second plurality of medical records with the second encryption key and storing the encrypted second plurality of medical records in a results database, andencrypting a second user access data, the second user access data associated with a second command, wherein the application responds to input of the second command associated with the second user access data by accessing the second encryption key and the second encryption key decrypting the second user access data, wherein the application identifies the second command as being associated with an authorized user based on the decrypted second user access data and provides the authorized user access to utilize the application for accessing the second plurality of medical records; encrypting a plurality of medical records with the first encryption key and storing the encrypted medical records in a results database embedded in the storage media of the computing device and the second plurality of medical records encrypted with the second encryption key is stored in a results database embedded in a remote storage media; and inputting a command requesting rights to utilize the application for accessing the medical records, wherein the application responds to the step of inputting by accessing the first encryption key and decrypting the user access data, wherein the application identifies the command as being associated with an authorized user based on the decrypted user access data and provides the authorized user access to utilize the application for accessing the plurality of medical records encrypted with the first encryption key.