Securely distributing medical prescriptions

US 10,623,188 B2
Filed: 04/26/2017
Issued: 04/14/2020
Est. Priority Date: 04/26/2017
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

connecting with a portable memory device that stores (i) a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate associated with the issuer, wherein the digital prescription file is encrypted using a first public key, without the issuer knowing an identity of a medical treatment machine, and wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer;

receiving, from the portable memory device, by the medical treatment machine, the digital prescription file and the certificate;

decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical treatment machine;

identifying the issuer of the digital prescription file using the decrypted digital prescription file;

determining that the issuer of the digital prescription file is an authorized issuer by verifying that the certificate including an issuer public key that corresponds to (i) the issuer, and (ii) the issuer private key used to digitally sign the digital prescription file, is digitally signed by a trusted authority service; and

verifying a digital signature on the digital prescription file using the issuer public key that corresponds to the authorized issuer to confirm that the issuer is the authorized issuer,wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing an identity of the issuer.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A medical treatment machine, such as a dialysis machine (e.g., a home dialysis machine, such as a home hemodialysis machine or a home peritoneal dialysis machine) can receive a digital prescription file that defines parameters of a medical treatment to be administered to a patient. The digital prescription file can be prepared and delivered in such a way that the medical treatment machine can confirm that the issuer (e.g., provider) of the digital prescription file is an authorized issuer without having any a priori knowledge of the particular issuer. The digital prescription file can be delivered irrespective of the inherent security (or lack thereof) of the transmission medium in a tamper-evident format using minimal resources necessary to verify the validity of the digital prescription file and its issuer. The digital prescription file may be delivered to the dialysis machine using a network cloud-based connected health system.

79 Citations

View as Search Results

19 Claims

1. A method comprising:
- connecting with a portable memory device that stores (i) a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate associated with the issuer, wherein the digital prescription file is encrypted using a first public key, without the issuer knowing an identity of a medical treatment machine, and wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer;
  
  receiving, from the portable memory device, by the medical treatment machine, the digital prescription file and the certificate;
  
  decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical treatment machine;
  
  identifying the issuer of the digital prescription file using the decrypted digital prescription file;
  
  determining that the issuer of the digital prescription file is an authorized issuer by verifying that the certificate including an issuer public key that corresponds to (i) the issuer, and (ii) the issuer private key used to digitally sign the digital prescription file, is digitally signed by a trusted authority service; and
  
  verifying a digital signature on the digital prescription file using the issuer public key that corresponds to the authorized issuer to confirm that the issuer is the authorized issuer,wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing an identity of the issuer.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The method of claim 1, wherein the first private key that corresponds to the first public key is pre-loaded on the medical treatment machine.
  - 3. The method of claim 1, wherein the issuer public key that corresponds to the authorized issuer is provided by the trusted authority service.
  - 4. The method of claim 3, wherein the trusted authority service is a certificate authority.
  - 5. The method of claim 1, comprising performing a dialysis treatment based on the digital prescription file.
  - 6. The method of claim 1, wherein the digital prescription file is encrypted by the issuer without the issuer knowing additional information about the medical treatment machine.
  - 7. The method of claim 6, wherein the digital prescription file is decrypted by the medical treatment machine before the medical treatment machine learns the identity of the issuer.
  - 8. The method of claim 1, comprising:
    - receiving, by the medical treatment machine, the certificate that corresponds to the issuer, wherein the certificate is digitally signed by the trusted authority service using a private key that corresponds to the trusted authority service; and
      
      verifying a digital signature on the certificate using a public key that corresponds to the trusted authority service to confirm that the issuer public key included in the certificate corresponds to an authorized issuer.
  - 9. The method of claim 8, comprising determining that the trusted authority service is trusted to verify identities of issuers and certify ownership of issuer public keys corresponding to the issuers.
  - 10. The method of claim 9, wherein a certificate that includes a public key that corresponds to the trusted authority service is stored in the medical treatment machine.
  - 11. The method of claim 9, wherein a certificate that includes a public key that corresponds to the trusted authority service is received by the medical treatment machine in a manner that indicates that the trusted authority service is a trusted authorizer of prescription issuers.
  - 12. The method of claim 8, wherein the certificate that corresponds to the issuer is provided by the trusted authority service after the trusted authority service verifies the identity of the issuer and certifies that the issuer is an authorized issuer.

13. A method comprising:
- connecting with a portable memory device that stores (i) a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate associated with the issuer, wherein the digital prescription file is encrypted using a first public key, without the issuer knowing an identity of a medical treatment machine, and wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer;
  
  receiving, from the portable memory device, by the medical treatment machine, the digital prescription file and the certificate;
  
  wherein the certificate includes an issuer public key that corresponds to the issuer, wherein the certificate is digitally signed by a trusted authority service using an authority private key that corresponds to the trusted authority service;
  
  decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical treatment machine;
  
  verifying a digital signature on the certificate using an authority public key that corresponds to the trusted authority service to confirm that the issuer public key included in the certificate corresponds to an authorized issuer; and
  
  verifying a digital signature on the digital prescription file using the issuer public key included in the certificate to confirm that the issuer is the authorized issuer,wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing an identity of the issuer.
- View Dependent Claims (14)
- - 14. The method of claim 13, wherein the issuer is confirmed to be the authorized issuer without the medical treatment machine knowing additional information about the issuer.

15. A medical system comprising:
- a medical device;
  
  data storage; and
  
  a processor configured for;
  
  connecting with a portable memory device that stores a digital prescription file that is encrypted and digitally signed by an issuer of the digital prescription file before being uploaded to the portable memory device, and (ii) a certificate, wherein the digital prescription file is encrypted using a first public key, wherein the digital prescription file is digitally signed by the issuer using an issuer private key that corresponds to the issuer;
  
  receiving, from the portable memory device, the digital prescription file and the certificate;
  
  decrypting the digital prescription file using a first private key that corresponds to the first public key, wherein the first private key is accessible by the medical device;
  
  identifying the issuer of the digital prescription file using the decrypted digital prescription file;
  
  determining that the issuer of the digital prescription file is an authorized issuer by verifying that the certificate including an issuer public key that corresponds to i) the issuer, and ii) the issuer private key used to digitally sign the digital prescription file, is digitally signed by a trusted authority service; and
  
  verifying a digital signature on the digital prescription file using the issuer public key that corresponds to the authorized issuer to confirm that the issuer is the authorized issuer,wherein the issuer is confirmed to be the authorized issuer without the medical device knowing an identity of the issuer.
- View Dependent Claims (16, 17, 18, 19)
- - 16. The medical system of claim 15, wherein the medical device is a dialysis machine that is configured to perform a dialysis treatment based on the digital prescription file.
  - 17. The medical system of claim 16, wherein the dialysis machine comprises a home dialysis machine (“
    - HDM”
      
      ).
  - 18. The medical system of claim 16, wherein the dialysis machine comprises a peritoneal dialysis (“
    - PD”
      
      ) machine.
  - 19. The medical system of claim 16, wherein the dialysis machine comprises a hemodialysis (“
    - HD”
      
      ) machine.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Fresenius Medical Care Holdings Incorporated (Fresenius Medical Care AG)
Original Assignee
Fresenius Medical Care Holdings Incorporated (Fresenius Medical Care AG)
Inventors
Cohen, Harvey, Buraczenski, Matthew, O'Reilly, Matthew
Primary Examiner(s)
Simitoski, Michael

Application Number

US15/497,529
Publication Number

US 20180316505A1
Time in Patent Office

1,084 Days
Field of Search

713176
US Class Current
CPC Class Codes

A61M 1/152   Details related to the inte...

A61M 1/159   specially adapted for perit...

A61M 1/1603   Regulation parameters

A61M 1/282   Operational modes

A61M 2205/3553   remote, e.g. between patien...

A61M 2205/3584   using modem, internet or bl...

A61M 2205/50   with microprocessors or com...

A61M 2205/52   with memories providing a h...

G16H 10/60   for patient-specific data, ...

G16H 20/10   relating to drugs or medica...

H04L 63/0435   wherein the sending and rec...

H04L 63/0442   wherein the sending and rec...

H04L 63/0823   using certificates cryptogr...

H04L 9/3236   using cryptographic hash fu...

H04L 9/3247   involving digital signatures

Securely distributing medical prescriptions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

79 Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Securely distributing medical prescriptions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links