Medical records data security system
First Claim
1. A method, comprising:
- receiving first and second files from a clinic via a network, the first file comprising an encrypted version of a personal data portion of a medical record of a subject, the personal data portion being encrypted using a clinic specified key, the second file comprising a medical data portion of the medical record of the subject, the personal and medical data portions each including an identifier associated with the medical record;
receiving a third file from the clinic via the network, the third file including encrypted versions of the clinic specified key, the identifier, and a special key, the encrypted versions of the clinic specified key, the identifier, and the special key being encrypted using the special key;
receiving a copy of the special key from a third party via the network;
encrypting the copy of the special key received from the third party using the special key;
comparing the encrypted copy of the special key received from the third party with the encrypted special key contained in the third file;
if the encrypted copy of the special key received from the third party matches the encrypted special key contained in the third file, decrypting the clinic specified key and identifier stored in the third file using the copy of the special key received from the third party;
decrypting the encrypted personal data portion of the first file using the clinic specified key decrypted from the first file;
retrieving the medical data portion from the second file using the identifier decrypted from the first file; and
transmitting the decrypted personal data portion and the retrieved medical data portion to the third party via the network.
14 Assignments
0 Petitions
Accused Products
Abstract
A medical record is partitioned into personal and medical data portions, and an identification code is concatenated into each portion. The personal data portion is encrypted so a patient'"'"'s identity cannot be linked to the patient'"'"'s medical data except by authorized viewers. Each portion of the secure medical record can be transferred over a network as separate files, and stored in a data storage system separately. Access to the entire medical record is thereby provided only to those who know the key for the personal data portion of the medical record. The system and method can be used to help ensure patient confidentiality while allowing patient medical records to be accessed over a network such as the Internet, providing physicians and patients quick access to their medical records. The system and method can be used to create a database of anonymous medical records useful for medical research.
169 Citations
7 Claims
-
1. A method, comprising:
-
receiving first and second files from a clinic via a network, the first file comprising an encrypted version of a personal data portion of a medical record of a subject, the personal data portion being encrypted using a clinic specified key, the second file comprising a medical data portion of the medical record of the subject, the personal and medical data portions each including an identifier associated with the medical record;
receiving a third file from the clinic via the network, the third file including encrypted versions of the clinic specified key, the identifier, and a special key, the encrypted versions of the clinic specified key, the identifier, and the special key being encrypted using the special key;
receiving a copy of the special key from a third party via the network;
encrypting the copy of the special key received from the third party using the special key;
comparing the encrypted copy of the special key received from the third party with the encrypted special key contained in the third file;
if the encrypted copy of the special key received from the third party matches the encrypted special key contained in the third file, decrypting the clinic specified key and identifier stored in the third file using the copy of the special key received from the third party;
decrypting the encrypted personal data portion of the first file using the clinic specified key decrypted from the first file;
retrieving the medical data portion from the second file using the identifier decrypted from the first file; and
transmitting the decrypted personal data portion and the retrieved medical data portion to the third party via the network. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for implementing a medical record security system, comprising:
-
receiving first and second files from a clinic via a network, the first and second files being sent in separate transmissions from the clinic to the data storage system, the first file comprising an encrypted version of a personal data portion of a medical record of a subject, the personal data portion being encrypted using a clinic specified symmetric key and a symmetric key encryption algorithm, the second file comprising a medical data portion of the medical record of the subject, the personal and medical data portions each including an identifier associated with the medical record, the identifier including a subject identifier that identifies the subject and a clinic identifier that identifies the clinic, the first file being further encrypted using an asymmetric public key, the further encrypted first file being decrypted with an asymmetric private key associated with the asymmetric public key after the first file is received from the clinic;
storing the first and second files, the first and second files being stored in separate databases;
receiving a third file from the clinic via the network, the third file including a user identifier and encrypted versions of the clinic specified symmetric key, the identifier (or the subject identifier), and a special key, the encrypted versions of the clinic specified symmetric key, the identifier (or the subject identifier), and the special key being encrypted using the special key;
storing the third file;
receiving a copy of the user identifier and the special key from a third party via the network, the copy of the user identifier and the special key and user identifier being provided to the third party by the clinic via the network;
encrypting the copy of the special key received from the third party using the special key;
comparing the user identifier and the encrypted copy of the special key received from the third party with the user identifier and the encrypted special key contained in the third file;
if the user identifier and the encrypted copy of the special key received from the third party matches the user identifier and the encrypted special key contained in the third file, decrypting the clinic specified key and identifier stored in the third file using the copy of the special key received from the third party;
decrypting the encrypted personal data portion of the first file using the clinic specified key decrypted from the first file;
retrieving the medical data portion from the second file using the identifier decrypted from the first file; and
transmitting the decrypted personal data portion and the retrieved medical data portion to the third party via the network.
-
Specification