Securely distributing medical prescriptions
First Claim
1. A method comprising:
- connecting with a portable memory device that stores (i) a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate associated with the issuer, wherein the digital prescription file is encrypted using a first public key, without the issuer knowing an identity of a medical treatment machine, and wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer;
receiving, from the portable memory device, by the medical treatment machine, the digital prescription file and the certificate;
decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical treatment machine;
identifying the issuer of the digital prescription file using the decrypted digital prescription file;
determining that the issuer of the digital prescription file is an authorized issuer by verifying that the certificate including an issuer public key that corresponds to (i) the issuer, and (ii) the issuer private key used to digitally sign the digital prescription file, is digitally signed by a trusted authority service; and
verifying a digital signature on the digital prescription file using the issuer public key that corresponds to the authorized issuer to confirm that the issuer is the authorized issuer,wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing an identity of the issuer.
1 Assignment
0 Petitions
Accused Products
Abstract
A medical treatment machine, such as a dialysis machine (e.g., a home dialysis machine, such as a home hemodialysis machine or a home peritoneal dialysis machine) can receive a digital prescription file that defines parameters of a medical treatment to be administered to a patient. The digital prescription file can be prepared and delivered in such a way that the medical treatment machine can confirm that the issuer (e.g., provider) of the digital prescription file is an authorized issuer without having any a priori knowledge of the particular issuer. The digital prescription file can be delivered irrespective of the inherent security (or lack thereof) of the transmission medium in a tamper-evident format using minimal resources necessary to verify the validity of the digital prescription file and its issuer. The digital prescription file may be delivered to the dialysis machine using a network cloud-based connected health system.
79 Citations
19 Claims
-
1. A method comprising:
-
connecting with a portable memory device that stores (i) a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate associated with the issuer, wherein the digital prescription file is encrypted using a first public key, without the issuer knowing an identity of a medical treatment machine, and wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer; receiving, from the portable memory device, by the medical treatment machine, the digital prescription file and the certificate; decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical treatment machine; identifying the issuer of the digital prescription file using the decrypted digital prescription file; determining that the issuer of the digital prescription file is an authorized issuer by verifying that the certificate including an issuer public key that corresponds to (i) the issuer, and (ii) the issuer private key used to digitally sign the digital prescription file, is digitally signed by a trusted authority service; and verifying a digital signature on the digital prescription file using the issuer public key that corresponds to the authorized issuer to confirm that the issuer is the authorized issuer, wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing an identity of the issuer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A method comprising:
-
connecting with a portable memory device that stores (i) a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate associated with the issuer, wherein the digital prescription file is encrypted using a first public key, without the issuer knowing an identity of a medical treatment machine, and wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer; receiving, from the portable memory device, by the medical treatment machine, the digital prescription file and the certificate; wherein the certificate includes an issuer public key that corresponds to the issuer, wherein the certificate is digitally signed by a trusted authority service using an authority private key that corresponds to the trusted authority service; decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical treatment machine; verifying a digital signature on the certificate using an authority public key that corresponds to the trusted authority service to confirm that the issuer public key included in the certificate corresponds to an authorized issuer; and verifying a digital signature on the digital prescription file using the issuer public key included in the certificate to confirm that the issuer is the authorized issuer, wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing an identity of the issuer. - View Dependent Claims (14)
-
-
15. A medical system comprising:
-
a medical device; data storage; and a processor configured for; connecting with a portable memory device that stores a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate, wherein the digital prescription file is encrypted using a first public key, wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer; receiving, from the portable memory device, the digital prescription file and the certificate; decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical device; identifying the issuer of the digital prescription file using the decrypted digital prescription file; determining that the issuer of the digital prescription file is an authorized issuer by verifying that the certificate including an issuer public key that corresponds to i) the issuer, and ii) the issuer private key used to digitally sign the digital prescription file, is digitally signed by a trusted authority service; and verifying a digital signature on the digital prescription file using the issuer public key that corresponds to the authorized issuer to confirm that the issuer is the authorized issuer, wherein the issuer is confirmed to be the authorized issuer without the medical device knowing an identity of the issuer. - View Dependent Claims (16, 17, 18, 19)
-
Specification