Medical Data Encryption For Communication Over A Vulnerable System
First Claim
1. A method for communicating a patient medical file including personal demographic information and medical data, comprising:
- separating the patient medical file into a plurality of layers including a demographic layer comprising the demographic information and a data layer comprising the medical data;
encrypting the demographic layer using a first encryption key;
encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key;
sending the encrypted demographic layer and data layer to a destination device by way of a server which is capable of decrypting one of the encrypted demographic layer or the data layer but not both;
receiving the encrypted demographic layer and data layer at the destination device; and
decrypting the encrypted demographic layer and data layer in the destination device.
7 Assignments
0 Petitions
Accused Products
Abstract
A method for securing patient medical information for communication over a potentially vulnerable system includes separating patient'"'"'s medical file into a demographics layer and a data layer, separately encrypting the demographic layer and data layer using different encryption keys, and providing servers in a communication and processing system with a decryption key for the layer processed by such server. Medical file data may be separated into more than two layers. Users accessing the system are authenticated using standard techniques. By separately encrypting different parts of a patient medical record, processing and communication of patient medical files by intermediary servers is enabled without risking disclosure of sensitive patient information if such servers are compromised.
-
Citations
19 Claims
-
1. A method for communicating a patient medical file including personal demographic information and medical data, comprising:
-
separating the patient medical file into a plurality of layers including a demographic layer comprising the demographic information and a data layer comprising the medical data; encrypting the demographic layer using a first encryption key; encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key; sending the encrypted demographic layer and data layer to a destination device by way of a server which is capable of decrypting one of the encrypted demographic layer or the data layer but not both; receiving the encrypted demographic layer and data layer at the destination device; and decrypting the encrypted demographic layer and data layer in the destination device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A method for communicating a patient medical file including personal demographic information and medical data, comprising:
-
separating the patient medical file into a plurality of layers including a demographic layer comprising the demographic information and a data layer comprising the medical data; encrypting the demographic layer using a first encryption key; encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key; sending the encrypted demographic layer and data layer to a server which is capable of decrypting one of the encrypted demographic layer and the data layer but not both; sending the encrypted demographic layer to a destination device; receiving the encrypted demographic layer at the destination device; and decrypting the encrypted demographic layer in the destination device and recovering a pointer to the data layer; sending a request from the destination device to the server requesting transmission of the encrypted data layer; sending the encrypted data layer from the server to the destination device in response to the request from destination device; receiving the encrypted data layer at the destination device; and de-encrypting the data layer in the destination device. - View Dependent Claims (12, 13, 14, 15)
-
-
16. A method for communicating a patient medical file including personal demographic information and medical data, comprising:
-
separating the patient medical file into a plurality of data layers; encrypting each one of the plurality of data layers using a respective one of a plurality of encryption keys to generate a plurality of encrypted data layers; sending the plurality of encrypted data layers to a destination device by way of a first server which is capable of decrypting one but not all of the plurality of encrypted data layers; receiving the plurality of encrypted data layers at the destination device; and decrypting the plurality of encrypted data layers in the destination device. - View Dependent Claims (17, 18, 19)
-
Specification