OFID
Medical Record Access Key
for Kaiser Permanente
Mission:
Kaiser Permanente seeks to satisfy the desire of its HMO patients to have easy access to their medical records under secure conditions, whether or not they personally own a computer.
Solution:
A low-cost, durable, secure key that will allow any KP patient (or their doctors) to access their medical records from any remote computer which is connected to the Internet and has an IR docking port. Patients will be able to access the records without the use of a logon, password, or additional linking process to a secure site. Since most people already carry credit, ATM, and other cards, a card is a logical choice of format for this key. OFI Devices is ready to provide KP with a turnkey, single-chip, wireless Internet card that will meet all of its stated requirements. The company can realistically design and produce the chip and 20 million cards in one year from the date of a purchase order agreement. These cards will have an effective life of up to 15 years.
How the KP OFID Medical Record Card Will Work
KP will send a OFID card access key, docking station, and port attachment to each of its HMO patients. The card will come with clearly written instructions on how to install the docking station and how to use the card. (Eventually, all computers will have on-board IR docking stations so external docking stations will not be required.) As with credit cards, there should be an initialization process before the card is used for the first time to insure that the person who has it is the patient to whom it was sent. Since many patients will not have computers, this initialization process should not be computer-dependent. Credit card companies have long used an over-the-phone initialization process with which most people are familiar. The card would thereby come with a removable label that has an 800 number that they are instructed to call to activate their card. A recording welcomes them to the activation center and instructs them to enter (or state) personal data, such as their zip code and/or the last four digits of their Social Security code to initialize their card.
KP could take positive PR advantage of this phone process to have a recorded message from the president of KP played to the patient while they are "waiting" for their data to be verified and the card activated. The president could welcome the patient and highlight the fact that, in providing the cards, KP is responding to the desire of its members. Once the card is initialized, the patient can go to the KP web site through any computer connected to the Internet. On the home page of the site there will be a button titled "Medical Records." When the patient clicks on this live button, they will get a window that asks them if they wish to have access to their medical records. When the patient clicks the "Yes" option, a OFID card-enabling plug-in will be automatically and invisibly be installed on that computer. This will only have to be done once on any particular computer. From that point on, when a patient wishes to access their records through that computer, they will only need to go to the KP web site, click the button on their card, and their medical records will immediately come up. (The computer will need to have an active IR port or installed docking station.).
The cards will be pre-loaded with a master record of the patient and a secure access code. This access code will be initialized when the card is first activated over the phone. The pre-loaded code will only be valid the first time they access their medical records. Each time the patient accesses their records, the secure code will automatically be replaced by a new code i.e. each secure code is only used once. This is an enhanced security feature of the OFID card access keys.