Medical data encryption for communication over a vulnerable system
First Claim
1. A system for communicating a medical record of a patient to a mobile device in compliance with HIPAA and HITECH regulations, comprising:
- a console comprising a processor coupled to a network;
a mobile device; and
a server coupled to the network,wherein the console processor is configured with processor-executable instructions to perform operations comprising;
receiving a diagnostic image for the patient;
accessing the medical record of the patient;
receiving an operator input selecting a portion of the medical record and the diagnostic image for transmission to the mobile device;
separating the selected portion of the medical record and the diagnostic image into a plurality of layers including a demographic layer comprising demographic information selected from the medical record and a data layer comprising medical data and the selected first portion of the diagnostic image;
encrypting the demographic layer using a first encryption key;
encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key; and
sending the encrypted demographic layer and data layer to the server, wherein the server is configured to perform operations comprising;
decrypting the data layer;
performing an operation on the data layer;
re-encrypting the data layer; and
sending the encrypted demographic layer and re-encrypted data layer to the mobile device via a wireless network.
3 Assignments
0 Petitions
Accused Products
Abstract
A system for securing patient medical information for communication over a potentially vulnerable system includes separating patient'"'"'s medical file into a demographics layer and a data layer, separately encrypting the demographic layer and data layer using different encryption keys, and providing servers in a communication and processing system with a decryption key for the layer processed by such server. Medical file data may be separated into more than two layers. Users accessing the system are authenticated using standard techniques. By separately encrypting different parts of a patient medical record, processing and communication of patient medical files by intermediary servers is enabled without risking disclosure of sensitive patient information if such servers are compromised.
-
Citations
9 Claims
-
1. A system for communicating a medical record of a patient to a mobile device in compliance with HIPAA and HITECH regulations, comprising:
-
a console comprising a processor coupled to a network; a mobile device; and a server coupled to the network, wherein the console processor is configured with processor-executable instructions to perform operations comprising; receiving a diagnostic image for the patient; accessing the medical record of the patient; receiving an operator input selecting a portion of the medical record and the diagnostic image for transmission to the mobile device; separating the selected portion of the medical record and the diagnostic image into a plurality of layers including a demographic layer comprising demographic information selected from the medical record and a data layer comprising medical data and the selected first portion of the diagnostic image; encrypting the demographic layer using a first encryption key; encrypting the data layer using a second encryption key, wherein the second encryption key is different from the first encryption key; and sending the encrypted demographic layer and data layer to the server, wherein the server is configured to perform operations comprising; decrypting the data layer; performing an operation on the data layer; re-encrypting the data layer; and sending the encrypted demographic layer and re-encrypted data layer to the mobile device via a wireless network. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
Specification