Medical Data Encryption For Communication Over a Vulnerable System
First Claim
Patent Images
1. A system for communicating a medical record of a patient to a mobile device in compliance with HIPAA and HITECH regulations, comprising:
- a console comprising a processor coupled to a network;
a mobile device; and
a server coupled to the network,wherein the console processor is configured with processor-executable instructions to perform operations comprising;
receiving a diagnostic image for the patient;
accessing the medical record of the patient;
receiving an operator input selecting a portion of the medical record and the diagnostic image for transmission to the mobile device;
separating the selected portion of the medical record and the diagnostic image into a plurality of layers including a demographic layer comprising demographic information selected from the medical record and a data layer comprising medical data and the selected first portion of the diagnostic image;
encrypting the demographic layer using a first encryption key;
encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key; and
sending the encrypted demographic layer and data layer to the server,wherein the server is configure to perform operations comprising;
decrypting the data layer;
performing an operation on the data layer;
re-encrypting the data layer; and
sending the encrypted demographic layer and re-encrypted data layer to the mobile device via a wireless network.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for securing patient medical information for communication over a potentially vulnerable system includes separating patient'"'"'s medical file into a demographics layer and a data layer, separately encrypting the demographic layer and data layer using different encryption keys, and providing servers in a communication and processing system with a decryption key for the layer processed by such server. Medical file data may be separated into more than two layers. Users accessing the system are authenticated using standard techniques. By separately encrypting different parts of a patient medical record, processing and communication of patient medical files by intermediary servers is enabled without risking disclosure of sensitive patient information if such servers are compromised.
11 Citations
9 Claims
-
1. A system for communicating a medical record of a patient to a mobile device in compliance with HIPAA and HITECH regulations, comprising:
-
a console comprising a processor coupled to a network; a mobile device; and a server coupled to the network, wherein the console processor is configured with processor-executable instructions to perform operations comprising; receiving a diagnostic image for the patient; accessing the medical record of the patient; receiving an operator input selecting a portion of the medical record and the diagnostic image for transmission to the mobile device; separating the selected portion of the medical record and the diagnostic image into a plurality of layers including a demographic layer comprising demographic information selected from the medical record and a data layer comprising medical data and the selected first portion of the diagnostic image; encrypting the demographic layer using a first encryption key; encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key; and sending the encrypted demographic layer and data layer to the server, wherein the server is configure to perform operations comprising; decrypting the data layer; performing an operation on the data layer; re-encrypting the data layer; and sending the encrypted demographic layer and re-encrypted data layer to the mobile device via a wireless network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeVocera Acquisition Corporation (Stryker Corporation)
-
Original AssigneeMvisum Incorporated (Stryker Corporation)
-
InventorsDALA, Seema, Dala, Praveen
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current705/51
-
CPC Class CodesG06F 21/602 Providing cryptographic fac...G06F 21/6245 Protecting personal data, e...G06F 2221/2107 File encryptionG06F 2221/2149 Restricted operating enviro...G06Q 10/00 Administration; ManagementG16H 10/60 for patient-specific data, ...G16H 30/20 for handling medical images...G16H 40/67 for remote operationG16H 80/00 ICT specially adapted for f...H04L 63/0428 wherein the data content is...H04L 63/08 for authentication of entit...H04L 9/14 using a plurality of keys o...Y10S 705/901 Digital rights managementY10S 705/904 Usage protection of distrib...Y10S 705/909 Usage charge determination
