Autopopulation of RK360 Cloud Records from Apple Health Record Providers

Patients can use their RK360 Mobile Apps to find Apple Health Record Providers (whose electronic health record systems (EHRs) export data from EHR-tethered patient portals to patients’ iPhones and from whom patients have received healthcare services) and to automate continuous import of their clinical records (e.g., allergy lists, problem lists, lab results) from Provider portals into their RK360 Cloud Records. The RK360 Platform, following patients’ orders, removes Apple-imported data from patients’ iPhones (where data are at risk if devices are lost or stolen) and stores it in patients’ encrypted RK360 Cloud Records together with post-encounter provider-uploaded data such as care plans and x-rays. Patients are no longer burdened with manually populating personal health records, while providers are no longer burdened with searching patient-sourced records for trustworthy, relevant data.

Just-in-Time Information Sharing

When meeting unfamiliar providers at point of care, patients use their RK360 Mobile Apps to give providers the information they request by means providers prefer including fax, email and encrypted web portal links. With a few touches of their Apps, patients send requested contents of their RK360 Cloud Records to current providers, exactly as supplied by previous providers, such as allergy and meds lists, lab results, care plans, and x-rays, together with copies of their identification and health insurance cards and their HIPAA Patient Authorizations for PHI Disclosure. Just-in-time information sharing gives providers the trustworthy, personalized knowledge about patients needed to avoid generic care plans.

Round-Trip Data Transactions

Once patients send contents of their RK360 Cloud Records to providers, the RK360 Platform asks those providers, on behalf of patients, for results of recent healthcare encounters such as care plans and x-rays. The Platform’s request to providers includes time-sensitive encrypted web links for upload of encounter results to patients’ RK360 Records along with copies of patients’ identification and health insurance cards and HIPAA Patient Requests for Access to their Health Information. Repeated round-trip data transactions make patients’ RK360 Records increasingly more valuable as the basis for patient-provider shared decision making.

The “I Share Data with Patients” Provider Directory

From their RK360 Mobile Apps, patients can geolocate nearby providers in the RK360 Provider Directory, which lists all U.S. healthcare providers in the National Provider Identifier (NPI) Registry. All providers in the Directory, by default, have a free Basic Listing, which includes a fax number (if one is in the NPI Registry), but no email address (because none are in the NPI Registry). Preferred Providers commit to exchanging pre-visit and post-visit data with patients consistent with the U.S. Health Insurance Portability and Accountability Act of 1996 (HIPAA), the California Consumer Privacy Act of 2018 (CCPA), the EU General Data Protection Regulation of 2018 (GDPR), and the 21st Century Cures Act. Preferred Providers’ Banner Listings proclaim, "I Share Data with Patients," include provider-designated email and fax addresses. Consumers can use their RK360 Mobile Apps to initiate Round-Trip Transactions (including transmissions of pre-visit files and follow-up requests for post-visit file upload) with Basic Providers via fax or with Preferred Providers via email

Data ownership, control, security and “Delete My Data”

Patients, under the business rules for the RK360 Platform, own and, via their RK360 Mobile Apps, exclusively control user access to the contents of their RK360 Cloud Records. Contents of RK360 Records, which are imported from or uploaded by providers, cannot be altered or removed, either by patients or by patient-authorized users. Access to and activity in RK360 Records is automatically audited, with the log available for viewing, but not change, from RK360 Apps. The RK360 Platform employs best security practices including two-factor authentication, encryption of Record contents in storage and transit between the RK360 Platform and Apps, and monitoring of intrusion attempts on the server. As soon as detected, the RK360 Platform notifies patients about thwarted attempts by unrecognized users to access patients’ RK360 Records. When notified, or at any time, patients can activate the “Delete My Data” function in their RK360 Apps to delete all contents of their RK360 Records from production servers. Relieved of worries about data integrity and security, patients and providers can focus on what is most important to them--getting and giving cost-effective, quality-outcome healthcare.