WO2023084479A2 - Cyber protection for pharmaceutical dispensing systems - Google Patents

Cyber protection for pharmaceutical dispensing systems Download PDF

Info

Publication number
WO2023084479A2
WO2023084479A2 PCT/IB2022/060928 IB2022060928W WO2023084479A2 WO 2023084479 A2 WO2023084479 A2 WO 2023084479A2 IB 2022060928 W IB2022060928 W IB 2022060928W WO 2023084479 A2 WO2023084479 A2 WO 2023084479A2
Authority
WO
WIPO (PCT)
Prior art keywords
pharmaceutical
dispensing
pharmaceutical dispensing
data package
data
Prior art date
Application number
PCT/IB2022/060928
Other languages
French (fr)
Other versions
WO2023084479A3 (en
Inventor
Omer Einav
Doron Shabanov
Rom Eisenberg
Tamir Ben David
Anthony Joseph Spero
Eyal Livschitz
Thomas A. Mckinney
Moshe Liberman
Original Assignee
Tech Pharmacy Services, Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Tech Pharmacy Services, Llc filed Critical Tech Pharmacy Services, Llc
Publication of WO2023084479A2 publication Critical patent/WO2023084479A2/en
Publication of WO2023084479A3 publication Critical patent/WO2023084479A3/en

Links

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/60ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
    • G16H40/67ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H20/00ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance
    • G16H20/10ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance relating to drugs or medications, e.g. for ensuring correct administration to patients
    • G16H20/13ICT specially adapted for therapies or health-improving plans, e.g. for handling prescriptions, for steering therapy or for monitoring patient compliance relating to drugs or medications, e.g. for ensuring correct administration to patients delivered from dispensers
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/60ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
    • G16H40/63ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for local operation

Definitions

  • the present invention in some embodiments thereof, relates to means and methods of cyber protection and, more particularly, but not exclusively, to means and methods of cyber protection for pharmaceutical dispensing systems.
  • Example 1 A method of ensuring pharmaceutical dispensing service from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, the method comprising: a. receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to said at least one patient; b. generating at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one first data transmission unit; c. generating at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one second data transmission unit; d. transmitting said at least one first pharmaceutical data package from said at least one first data transmission unit to a verification unit; e.
  • Example 2 The method according to example 1, wherein said method further comprises transmitting said at least one first pharmaceutical data package and said at least one second pharmaceutical data package using different transmission paths.
  • Example 3 The method according to example 1 or example 2, wherein said at least one first data transmission unit and said at least one second data transmission unit are one or more selected from the group consisting of a pharmaceutical dispensing system server, a hub server, an additional server, a local server where said pharmaceutical dispensing machine is located and a local pharmaceutical dispensing system server.
  • Example 4 The method according to any one of examples 1-3, wherein said at least one first data transmission unit and said at least one second data transmission unit are different data transmission units.
  • Example 5 The method according to any one of examples 1-4, wherein said dispensing information comprises one or more of at least one type of pharmaceutical, at least one schedule to dispense said at least one type of pharmaceutical, at least one regimen to dispense said at least one type of pharmaceutical.
  • Example 6 The method according to any one of examples 1-5, wherein said generating said at least one first pharmaceutical data package and said generating said at least one second pharmaceutical data package comprises generating encoded pharmaceutical data packages.
  • Example 7 The method according to any one of examples 1-6, wherein said generating said at least one first pharmaceutical data package and said generating said at least one second pharmaceutical data package comprises generating digitally signed pharmaceutical data packages.
  • Example 8 The method according to any one of examples 1-7, further comprising receiving said at least one first pharmaceutical data package at said pharmaceutical dispensing machine.
  • Example 9 The method according to any one of examples 1-8, further comprising receiving said at least one second pharmaceutical data package at said pharmaceutical dispensing machine.
  • Example 10 The method according to any one of examples 1-9, further comprising receiving said at least one verified pharmaceutical data package at said pharmaceutical dispensing machine.
  • Example 11 The method according to any one of examples 1-10, further comprising analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package at said verification unit.
  • Example 12 The method according to any one of examples 1-11, further comprising comparing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package at said verification unit.
  • Example 13 The method according to example 12, further comprising assessing if said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are identical.
  • Example 14 The method according to example 13, further comprising when said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are not identical, then assessing which one comprises the highest level of trust and transmitting that one to said pharmaceutical dispensing machine.
  • Example 15 The method according to example 11, further comprising, after said analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package, generating said at least one verified pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at said verification unit.
  • Example 16 The method according to any one of examples 1-15, wherein said at least one pharmaceutical dispensing instruction comprises at least one instruction for a new pharmaceutical dispensing regime.
  • Example 17 The method according to any one of examples 1-16, wherein said at least one pharmaceutical dispensing instruction comprises at least one update to at least one preexisting pharmaceutical dispensing regime.
  • Example 18 The method according to any one of examples 1-17, further comprising providing within a housing of said pharmaceutical dispensing machine at least one pharmaceutical dispensing information unit configured to be accessible without the need of opening of said housing; said at least one pharmaceutical dispensing information unit configured to receive said pharmaceutical dispensing information to be used for preparing and dispensing of said at least one pharmaceutical; said at least one pharmaceutical dispensing information unit is configured to be removed from said pharmaceutical dispensing machine and replaced with at least one back up pharmaceutical dispensing information unit.
  • Example 19 The method according to example 18, further comprising, after replacing said at least one pharmaceutical dispensing information unit with said at least one back up pharmaceutical dispensing information unit, utilizing exclusively information contained in said at least one back up pharmaceutical dispensing information unit for said pharmaceutical dispensing process.
  • Example 20 The method according to any one of examples 1-19, further comprising providing said pharmaceutical dispensing machine with at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as reference for pharmaceutical dispensing processes.
  • Example 21 The method according to any one of examples 1-20, further comprising providing said pharmaceutical dispensing machine with at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as alternative for pharmaceutical dispensing processes.
  • Example 22 The method according to any one of examples 1-21, wherein said transmitting said at least one second pharmaceutical data package is performed upon request from said verification unit.
  • Example 23 The method according to any one of examples 1-22, further comprising utilizing said at least one second data transmission unit for verified data storage purposes.
  • Example 24 The method according to any one of examples 1-23, further comprising utilizing a personal electronic device of said at least one patient for storing said at least one pharmaceutical dispensing instruction provided by said at least one authorized personnel for verification purposes.
  • Example 25 A pharmaceutical dispensing system, comprising: a. a data entry system for receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to at least one patient; b. at least one first data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction; c. at least one second data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction; d. at least one verification unit comprising instructions to: i.
  • Example 26 The pharmaceutical dispensing system according to example 25, wherein said at least one first pharmaceutical data package, said at least one second pharmaceutical data package and said at least one third pharmaceutical data package comprise a same information.
  • Example 27 The pharmaceutical dispensing system according to example 25 or example 26, wherein said at least one first data transmission unit and said at least one second data transmission unit are one or more selected from the group consisting of a pharmaceutical dispensing system server, a hub server, an additional server, a local server where said pharmaceutical dispensing machine is located and a local pharmaceutical dispensing system server.
  • Example 28 The pharmaceutical dispensing system according to any one of examples 25-27, wherein said at least one first data transmission unit and said at least one second data transmission unit are different data transmission units.
  • Example 29 The pharmaceutical dispensing system according to any one of examples 25-28, wherein said at least one first data transmission unit and said at least one second data transmission unit are the same data transmission unit.
  • Example 30 The pharmaceutical dispensing system according to any one of examples 25-29, wherein said dispensing information comprises one or more of at least one type of pharmaceutical, at least one schedule to dispense said at least one type of pharmaceutical, at least one regimen to dispense said at least one type of pharmaceutical.
  • Example 31 The pharmaceutical dispensing system according to any one of examples 25-30, wherein said generating said at least one first pharmaceutical data package, said generating said at least one second pharmaceutical data package and said generating said at least one third pharmaceutical data package comprises generating encoded pharmaceutical data packages.
  • Example 32 The pharmaceutical dispensing system according to any one of examples 25-31, wherein said generating said at least one first pharmaceutical data package, said generating said at least one second pharmaceutical data package and said generating said at least one third pharmaceutical data package comprises generating digitally signed pharmaceutical data packages.
  • Example 33 The pharmaceutical dispensing system according to any one of examples 25-32, wherein said analyzing comprises comparing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package.
  • Example 34 The pharmaceutical dispensing system according to example 33, wherein said analyzing comprises assessing if said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are identical.
  • Example 35 The pharmaceutical dispensing system according to example 33, wherein said at least one verification unit comprises instructions for when said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are not identical, then assessing which one comprises the highest level of trust.
  • Example 36 The pharmaceutical dispensing system according to example 35, wherein said generating said at least one third pharmaceutical data package comprises generating said at least one third pharmaceutical data package utilizing data from said pharmaceutical data package that was found to have said highest level of trust.
  • Example 37 The pharmaceutical dispensing system according to any one of examples 25-36, further comprising at least one third data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one fourth pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction.
  • Example 38 The pharmaceutical dispensing system according to any one of examples 25-37, wherein said at least one second data transmission unit transmits said at least one second pharmaceutical data package upon request from said verification unit.
  • Example 39 The pharmaceutical dispensing system according to any one of examples 25-38, further comprising utilizing said at least one second data transmission unit for verified data storage purposes.
  • Example 40 The pharmaceutical dispensing system according to any one of examples 25-39, further comprising utilizing a personal electronic device of said at least one patient for storing said at least one pharmaceutical dispensing instruction provided by said at least one authorized personnel for verification purposes.
  • Example 41 A pharmaceutical dispensing machine configured to ensure pharmaceutical dispensing services to at least one patient, comprising: a. a plurality of modules configured for acting together for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. a housing configured to house said a plurality of modules and said at least one pharmaceutical dispensing information unit; wherein said at least one pharmaceutical dispensing information unit is configured to be accessible without the need for opening said housing; and is further configured to be replaced with at least one back up pharmaceutical dispensing information unit.
  • Example 42 The pharmaceutical dispensing machine according to example 41, wherein said pharmaceutical dispensing machine comprises instructions for utilizing exclusively information contained in said at least one back up pharmaceutical dispensing information unit for said pharmaceutical dispensing process after replacement of said at least one pharmaceutical dispensing information unit with said at least one back up pharmaceutical dispensing information unit.
  • Example 43 The pharmaceutical dispensing machine according to example 41 or 42, further comprising at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as reference for pharmaceutical dispensing processes.
  • Example 44 The pharmaceutical dispensing machine according to any one of examples 41-43, further comprising at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as alternative for pharmaceutical dispensing processes.
  • Example 45 The pharmaceutical dispensing machine according to any one of examples 41-44, further comprising an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
  • Example 46 A pharmaceutical dispensing machine configured to ensure pharmaceutical dispensing services to at least one patient, comprising: a. a plurality of modules configured for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used for pharmaceutical dispensing processes.
  • Example 47 The pharmaceutical dispensing machine according to example 46, wherein said at least one internal back up pharmaceutical dispensing information unit is configured to be used as reference for pharmaceutical dispensing processes.
  • Example 48 The pharmaceutical dispensing machine according to example 46 or example 47, wherein said at least one internal back up pharmaceutical dispensing information unit is configured to be used as alternative for pharmaceutical dispensing processes.
  • Example 49 The pharmaceutical dispensing machine according to any one of examples 46-48, wherein said at least one pharmaceutical dispensing information unit is configured to be removed from a housing of said pharmaceutical dispensing machine and be replaced with at least one back up pharmaceutical dispensing information unit without the need for opening said housing.
  • Example 50 The pharmaceutical dispensing machine according to any one of examples 46-49, further comprising an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
  • an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
  • Example 51 A pharmaceutical dispensing machine, comprising: a. a plurality of modules configured for acting together for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. at least one safe mode button accessible to at least one authorized personnel; wherein said at least one safe mode button is configured for deactivating said at least one pharmaceutical dispensing information unit and activating a at least one backup pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical.
  • Example 52 A method of ensuring pharmaceutical dispensing service from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, the method comprising: a. receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to said at least one patient; b. generating at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one first data transmission unit; c. generating at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one second data transmission unit; d. transmitting said at least one first pharmaceutical data package from said at least one first data transmission unit to said pharmaceutical dispensing machine; e.
  • some embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, microcode, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “circuit,” “module” or “system.”
  • some embodiments of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied thereon.
  • Implementation of the method and/or system of some embodiments of the invention can involve performing and/or completing selected tasks manually, automatically, or a combination thereof.
  • several selected tasks could be implemented by hardware, by software or by firmware and/or by a combination thereof, e.g., using an operating system.
  • a data processor such as a computing platform for executing a plurality of instructions.
  • the data processor includes a volatile memory for storing instructions and/or data and/or a non-volatile storage, for example, a magnetic hard-disk and/or removable media, for storing instructions and/or data.
  • a network connection is provided as well.
  • a display and/or a user input device such as a keyboard or mouse are optionally provided as well.
  • the computer readable medium may be a computer readable signal medium or a computer readable storage medium.
  • a computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing.
  • a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
  • a computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof.
  • a computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
  • Program code embodied on a computer readable medium and/or data used thereby may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
  • Computer program code for carrying out operations for some embodiments of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages.
  • the program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server.
  • the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
  • LAN local area network
  • WAN wide area network
  • Internet Service Provider for example, AT&T, MCI, Sprint, EarthLink, MSN, GTE, etc.
  • These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
  • the computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
  • Some of the methods described herein are generally designed only for use by a computer, and may not be feasible or practical for performing purely manually, by a human expert.
  • a human expert who wanted to manually perform similar tasks might be expected to use completely different methods, e.g., making use of expert knowledge and/or the pattern recognition capabilities of the human brain, which would be vastly more efficient than manually going through the steps of the methods described herein.
  • Figure 1 is a schematic representation of an exemplary pharmaceutical dispensing system, according to some embodiments of the invention.
  • Figure 2 is a schematic representation of an exemplary micro -environment, exemplary entities within the micro-environment and interactions therein, according to some embodiments of the invention
  • Figure 3 is a schematic representation of an exemplary pharmaceutical dispensing machine according to some embodiments of the present invention
  • Figure 4 is a schematic flowchart of an exemplary flow of pharmaceutical dispensing data between the pharmaceutical dispensing system and external entities as is performed by previous known pharmaceutical dispensing system;
  • Figures 5a-b are schematic representations of an exemplary pharmaceutical dispensing system comprising exemplary additional elements for the cyber-protection of the system, according to some embodiments of the invention
  • Figure 5c is a schematic representation of an exemplary verification unit with exemplary flow of pharmaceutical dispensing data/information, according to some embodiments of the invention
  • Figure 6 is a flowchart of an exemplary method according to some embodiments of the invention.
  • Figure 7 is a flowchart of an exemplary method according to some embodiments of the invention.
  • Figure 8 is a flowchart of an exemplary method according to some embodiments of the invention.
  • the present invention in some embodiments thereof, relates to means and methods of cyber protection and, more particularly, but not exclusively, to means and methods of cyber protection for pharmaceutical dispensing systems.
  • An aspect of some embodiments of the invention relates to ensuring the delivery of pharmaceuticals to patients, receiving pharmaceuticals from a pharmaceutical dispensing system, during a cyber-attack and/or a catastrophe.
  • dispensing of pharmaceutical is ensured by providing the pharmaceutical dispensing system with one or more redundant but different pathways of pharmaceutical dispensing information.
  • the redundant pathways are separated from each other.
  • the redundant pathways are independent from each other.
  • each redundant pathway is independently protected to potentially ensure the integrity of the information, in general, and more specifically, the pharmaceutical dispensing information.
  • information passing through different pathways is analyzed and/or compared at least one once before commencing the pharmaceutical dispensing process.
  • An aspect of some embodiments of the invention relates to protecting pharmaceutical dispensing systems to ensure delivery of pharmaceuticals to subjects.
  • the pharmaceutical dispensing systems are protected in case of suspicion of a cyber-attack and/or a catastrophe.
  • the pharmaceutical dispensing systems are protected by adding a plurality of safeguard measures at multiple locations of the software and/or hardware of the pharmaceutical dispensing systems.
  • the pharmaceutical dispensing systems are protected by providing, dividing and/or copying the pharmaceutical dispensing information in at least two identical copies, which are independently verified and stored.
  • the pharmaceutical dispensing systems are provided with manual safe mode buttons that are activated by authorized personnel when necessary.
  • An aspect of some embodiments of the invention relates to ensuring delivery of pharmaceuticals on time, according to a predetermined schedule, in time of a cyber-attack and/or a catastrophe.
  • delivery of pharmaceuticals on time is ensured by adding a plurality of safeguard measures at multiple locations of the software and/or hardware of the pharmaceutical dispensing systems, which potentially allows the safeguard of the information and allowing a continuous pharmaceutical dispensing process even during a cyber-attack and/or a catastrophe.
  • delivery of pharmaceuticals on time is ensured by providing, dividing and/or copying the pharmaceutical dispensing information in at least two identical copies, which are independently verified and stored, which can be used in case of a cyber-attack and/or a catastrophe.
  • the exemplary pharmaceutical dispensing system 100 comprises one or more environments, as shown for example in Figure 1.
  • a first environment 102 is the one comprising one or more locations hosting one or more pharmaceutical dispensing machines, for example hospitals 104, assisting living facilities 106 and/or any form of facility 108 housing one or more pharmaceutical dispensing machine that serve (provide pharmaceutical dispensing services) one or more patients/subjects.
  • a second environment 110 is a centralized server 112 and/or could server 114 in communication with all other environments and configured to store all relevant information regarding the pharmaceutical dispensing system and to coordinate all relevant activities between the different environments (see below).
  • a third environment 116 comprises one or more warehouses 118 for storing items to be supplied to the pharmaceutical dispensing machines located in other environments.
  • a fourth optional environment 120 is one or more pharmacies 122, which can optionally include a pharmaceutical dispensing machine, which are used to provide pharmaceuticals, for example, in case a specific pharmaceutical dispensing machine is not working, or a specific subject comes directly to the pharmacy to pick up pharmaceuticals, etc.
  • a fifth optional environment 124 are specific users that receive pharmaceutical dispensing services delivered to their homes 126, for example by a delivery service.
  • a sixth optional environment 128 are doctors/physicians 130 that provide prescriptions and that information is passed to one or more environments, for example to the second environment 110 (to one or more servers 112/114) or the fourth environment (to a pharmacy 122).
  • the interactions between environments happens in the real world, for example by moving pharmaceutical from one environment to another.
  • the interactions between environments is virtual, for example by exchanging information between environments.
  • each environment comprises its own micro-environment, which describes the interactions between different entities within the same environment (see below).
  • interactions can also be established between entities within a first environment and other entities within a second environment, for example, virtual interactions between a server and a physician, between a pharmaceutical dispensing machine and a subject, etc.
  • an exemplary microenvironment can be a nursing home, an assisting living facility, a hospital, etc., which comprises one or more pharmaceutical dispensing machines for providing pharmaceutical dispensing services to one or more patients/users/subjects (see also 102 above and in Figure 1).
  • an exemplary micro-environment 200 comprises one or more entities, related to the pharmaceutical dispensing system, which interact with each other.
  • an entity in the micro-environment are one or more pharmaceutical dispensing machines 202 (see below further information regarding the technical aspects of an exemplary pharmaceutical dispensing machine).
  • another entity in the micro-environment are one or more physicians/doctors/nurses/dedicated personnel/authorized personnel 204, optionally located at the facility hosting the pharmaceutical dispensing machine 202.
  • another entity in the micro-environment are one or more patients/users/subjects 206 located and/or visiting at the facility hosting the pharmaceutical dispensing machine 202 and have permission to access and retrieve pharmaceuticals from the pharmaceutical dispensing machine.
  • the one or more patients/users/subjects 206 have a digital device 208, for example a smartphone, a tablet, a smartwatch, which is used to interact with other entities in the system, for example the server 112, the pharmaceutical dispensing machine 202, etc.
  • another entity in the micro-environment while not needed to be physically within the micro-environment, but are optionally located within the micro-environment (for example a local server), are one or more servers 112 in virtual communication with the entities in the microenvironment, for example the pharmaceutical dispensing machine 202, the one or more physicians/doctors/nurses/dedicated personnel/ authorized personnel 204, the one or more patients/users/subjects 206 (or their digital devices 208), etc.
  • the different entities have interactions that enable the pharmaceutical dispensing services, as will be further explained below.
  • the pharmaceutical dispensing machine comprises one or more modules, for example, a pharmaceutical array module 302, a mechanical arm module 304, a pharmaceutical tote module 306, a printer module 308, a crimper module 310, an envelope module 312 and a control module 314.
  • the pharmaceutical array module 302 is responsible for the storage of a variety of pharmaceuticals.
  • the pharmaceutical array module 302 comprises a plurality of drug units, which each further comprise a plurality of drug elements, in which pharmaceuticals, optionally as a plurality of single pills stored together, are stored.
  • the number of drug units in the pharmaceutical array module is from about 1 to about 500.
  • each drug unit comprises a backup and/or redundant drug unit adapted to include the same drug elements.
  • each drug unit is designed to be an independent part of the pharmaceutical array module 302.
  • a drug unit can be disconnected (dismounted) from the frame of the pharmaceutical array module 302, completely, without affecting, for example, the correct functioning of other drug units.
  • a drug unit is adapted to include a specific number of drug elements within. In some embodiments, the number of drug elements within a drug unit is from about 2 to about 200. Optionally, from about 5 to about 150. Optionally, from about 10 to 100.
  • each row of drug unit comprises a plurality of drug subunits arranged one after the other.
  • a drug unit comprises a backup and/or redundant drug unit adapted to perform the same function. In some embodiments, a drug subunit comprises a backup and/or redundant drug subunit adapted to perform the same function.
  • this configuration is potentially advantageous during repairs and/or maintenance.
  • the time required to bring the pharmaceutical dispensing machine to normal functioning is very short (i.e. minutes).
  • the technician can pull out a unit and then insert a new one at its place.
  • a backup and/or redundant drug unit and/or drug subunit performs the function of the drug unit and/or drug subunit that is being repaired and/or maintained.
  • the drug units/subunits comprise a tag or a barcode or a qcode or a RFID tag, comprising the relevant information regarding the pharmaceutical inside.
  • the mechanical arm module 304 is responsible for moving elements within the pharmaceutical dispensing machine during the preparation and dispensing of pharmaceuticals.
  • mechanical arm module 304 comprises two horizontal rails on which a vertical axle runs horizontally (right and left, left and right) by means of a motor (located, for example, on the right comer of the machine).
  • the vertical axle moves horizontally as much as the length of the two horizontal axles.
  • the mechanical arm module 304 further comprises a pharmaceutical pill engagement mechanism that runs vertically (up and down, down and up) on the vertical axle by means of a motor.
  • the pharmaceutical pill engagement mechanism moves vertically as much as the length of the vertical axle.
  • the mechanical arm module 304 can be disconnected (dismounted) from the frame of the pharmaceutical dispensing machine without the need to dismount and/or disassemble the other modules.
  • only one of the two rails is used.
  • the left right motion mechanism that provides the motion is either hanging from the top rail or standing from the bottom.
  • the pill engagement mechanism utilizes a vacuum system to engage a single pharmaceutical pill.
  • the pill engagement mechanism comprises a vacuum mechanism 150, which includes all necessary electronics and pumps.
  • the vacuum mechanism comprises a probe engagement tool adapted to engage the probe in the container.
  • the pill engagement mechanism optionally comprises an envelope engaging tool adapted to hold and handle an envelope into which the pharmaceuticals, optionally single pharmaceuticals, will be inserted.
  • the envelopes are marked, filled with pharmaceuticals, closed, crimped and ready to be dispensed, they are inserted in trays located in the pharmaceutical tote module 306.
  • the trays are then picked up by the personnel of the facility and dispensed to the patients.
  • the number of trays in the pharmaceutical tote module 306 is from about 1 to about 50.
  • the printer module 160 is responsible for printing relevant information on the envelopes.
  • the crimper module 310 is responsible for closing the envelopes after the pharmaceuticals have being inserted in them.
  • the envelope module 312 is responsible for storing and preparing the envelopes before use.
  • control module 314 is responsible, for example, for controlling the packaging and dispensing operations (i.e. control of the other modules), communicate with external regional or central server and perform routinely self-diagnostic test to ensure the continuous operation of the pharmaceutical dispensing machine.
  • control module comprises one or more pharmaceutical dispensing information units configured to store the pharmaceutical dispensing information necessary to execute the pharmaceutical dispensing processes in the pharmaceutical dispensing machine.
  • the modules, the units and the elements comprise at least one dedicated sensor adapted to monitor the functioning and/or the performance and/or the demands of the modules/units/elements.
  • the at least one dedicated sensor is activated remotely by a user via a dedicated server.
  • verification on functionality of hardware, updated software, content (i.e. pharmaceuticals), consumables (i.e. envelopes) is performed on the modules, the units and the elements.
  • a user and/or a technician at the site of the pharmaceutical dispensing machine perform the verification.
  • a user and/or a technician perform the verification remotely.
  • real world interactions with the pharmaceutical dispensing machine can be found between dedicated personnel/ authorized personnel and/or user/patients 314 that pick up pharmaceuticals form the pharmaceutical dispensing machine.
  • additional real world interactions can be a technician performing maintenance to the pharmaceutical dispensing machine, or a dedicated operator/ authorized operator restocking the pharmaceutical dispensing machine with pharmaceuticals.
  • virtual interaction can be found between the pharmaceutical dispensing machine and the server 112 and optionally also, with an electronic device of a user/patient.
  • interactions can be divided in two general types.
  • Real world interactions which are physical interactions between entities within the pharmaceutical dispensing system.
  • a real world interaction is for example the physical transport of pharmaceuticals between environments, for example between a warehouse and a hospital, of between a pharmacy and a hospital and/or a house of a patient.
  • real world interactions are also when a patient and/or dedicated personnel/ authorized personnel picks up pharmaceuticals from a pharmaceutical dispensing machine.
  • virtual interactions are for example all the communications between the different entities in the pharmaceutical dispensing system. For example, between the server and the pharmacy and/or the warehouse and/or the location of the pharmaceutical dispensing machines and/or the pharmaceutical dispensing machines themselves. In some embodiments, additional virtual interactions can be found for example between a doctor and a pharmaceutical dispensing machine, a patient and a pharmaceutical dispensing machine.
  • pharmaceutical dispensing data is generated by prescriptions provided by physicians 204.
  • prescriptions comprise relevant information related to the pharmaceutical dispensing data, for example, the name of the patient, the pharmaceuticals that are prescribed, the regimen of the prescribed pharmaceuticals, and more.
  • a physician when a physician provides a paper prescription and the patient received directly the prescription, the patient usually picks up the pharmaceuticals directly form the pharmacy, and these actions of dispensing are performed outside the system, and are not directly monitored by the system.
  • a physician when a physician provides an electronic prescription (also known as e-Prescriptions), the prescription is sent to a HUB server 402 where the information is passed to the pharmacy 404, and usually also to the insurance companies 406.
  • the prescription information when the prescription information is passed directly to the pharmacy 404, is usually the pharmacy itself that performs the dispensing when the patient comes to pick it up personally. Other methods of dispensing are also possible, for example, a third party company ships the pharmaceuticals directly to the patient.
  • the prescription information is transmitted to the pharmaceutical dispensing system by two possible options.
  • option 1 - the prescription information is delivered directly to the server 112 of the pharmaceutical dispensing system, which then sends the information to the pharmaceutical dispensing machine 202 and to the server 408 of the place utilizing the services of the pharmaceutical dispensing system.
  • option 2 - the prescription information is delivered directly to the server 408 of the place utilizing the services of the pharmaceutical dispensing system, which then communicates the information to the server 112 of the pharmaceutical dispensing system, which then sends the information to the pharmaceutical dispensing machine 202.
  • optionally exchange of information is provided between the pharmaceutical dispensing machine 202 and the server 408 of the place utilizing the services of the pharmaceutical dispensing system to update about the status of pharmaceutical dispensing machine and its activities. In some embodiments, this information is transmitted to the server 408 of the place utilizing the services of the pharmaceutical dispensing system via the server 112 of the pharmaceutical dispensing system.
  • a scope of the pharmaceutical dispensing system is to ensure the dispensing of pharmaceuticals, by means of said pharmaceutical dispensing machine, to the patients/users at (or near) their scheduled time so as to ensure, as much as possible, to not cause damage and/or endangering the wellbeing of the patients/user due to lack or severely delayed of dispensing of pharmaceuticals at (or near) the scheduled time.
  • cyber-vulnerable points are those where virtual interactions can be and/or are affected (reasons explained below) and can potentially compromise the scope of the pharmaceutical dispensing system. Referring to Figures 1, 2 and 3, potential points of cybervulnerability are shown with skulls 400. In some embodiments, for example, cyber-vulnerable points are one or more of:
  • any of the lines describing transmission of prescription data are points of cyber-vulnerability.
  • the source of a failure in the virtual interactions of the pharmaceutical dispensing system can be human related, for example, a hacking of the system to either interrupt or take advantage of the pharmaceutical dispensing system, or can be nature related, for example, a natural event (e.g. earthquake, hurricane, tsunami, thunderstorm, etc.) caused the interruption of the communication with the server and/or other environments of the pharmaceutical dispensing system.
  • a natural event e.g. earthquake, hurricane, tsunami, thunderstorm, etc.
  • hardware/software units are added into the pharmaceutical dispensing system, and additionally or alternatively, redundancy pathways of information and/or addition of checking points are added to the flow of information.
  • Figures 5a-b showing schematic representations of an exemplary pharmaceutical dispensing system comprising exemplary additional elements for the cyberprotection of the system, according to some embodiments of the invention; and referring to Figure 5c showing a schematic representation of an exemplary verification unit 502 with exemplary flow of pharmaceutical dispensing data/information, according to some embodiments of the invention.
  • data and information are interchangeable; in general, ‘data’ includes therein the ‘information’ needed to be sent, therefore, it should be understood that when using the term “data” or “information” they refer to the same.
  • the pharmaceutical dispensing system comprises an independent verification unit 502.
  • the verification unit 502 is a computer comprising instructions to perform verifications on any information (in a comparative module 524 - see Figure 5c), in general, and on any pharmaceutical dispensing information, specifically, and/or changes thereof, that are transmitted over and for the pharmaceutical dispensing system. For example prescription data and/or patient data, transmitted to the pharmaceutical dispensing machine 202 located in the local facility.
  • the verification unit 502 is in communication with one or more entities to receive pharmaceutical dispensing information and perform verification analysis on the information received by the different sources of the information.
  • the verification unit 502 is in communication with the local server of the local facility 408, the local pharmaceutical dispensing server 504 (see below), the pharmaceutical dispensing system server 112, an additional server 516, the patients 514 and the pharmaceutical dispensing machine 202.
  • assessment if the verification unit 502 has been compromised is performed, for example, by the pharmaceutical dispensing system server 112 and/or the local pharmaceutical dispensing server 504. In some embodiments, for example, verification is performed by comparing and verifying the information received from the verification unit 502. In some embodiments, when the verification unit 502 has been found to be compromised, the pharmaceutical dispensing system is configured to enter an emergency mode, where pharmaceutical dispending information is provided to the pharmaceutical dispensing machine from one or more alternative sources (at least from one alternative source), for example, directly from the local pharmaceutical dispensing system server 504 (arrow 518 in Figure 5b) and/or directly from the pharmaceutical dispensing system server 112 (arrow 520 in Figure 5b).
  • alternative sources at least from one alternative source
  • the verification unit 502 comprises a comparative module 524 comprising instructions to perform one or more dual verification steps with two or more sites where the prescription information is stored, for example the pharmaceutical dispensing system server 112 and/or the local pharmaceutical dispensing server 504 and/or the additional server 516 located in proximity to the physicians and/or the hub server 402.
  • the verification unit 502 is protected by dedicated firewalls and/or passwords and/or specialized defense software.
  • physical access to the verification unit 502 is restricted to dedicated personnel/authorized personnel, and optionally requires specialized access, like retinal access, print access, voice access, etc.
  • the verification unit 502 comprises a history database module 522 (shown in Figure 5c) comprising all relevant pharmaceutical dispensing information that has ever passed through the verification unit 502.
  • the comparative module 524 of the verification unit 502 comprises instructions to perform comparative analysis and/or perform an integrity assessment of the pharmaceutical dispensing information passing through the verification unit 502 using the information saved in the history database module 522 as reference. In some embodiments, when discrepancies are found, dedicated alarms are activated to notify relevant personnel.
  • the verification unit 502 comprises an Al module 526.
  • the Al module 526 comprises instructions to provide, optionally temporarily, pharmaceutical dispensing instructions to the pharmaceutical dispensing machine 202 during emergencies and/or during a cyber-attack.
  • the instructions are optionally reviewed by dedicated personnel/authorized personnel either located at the site of the pharmaceutical dispensing machine or remotely.
  • the Al module 526 comprises instructions to provide, optionally temporarily, pharmaceutical dispensing recommendations to dedicated personnel/authorized personnel, which after approval, are translated into pharmaceutical dispensing instructions to the pharmaceutical dispensing machine 202.
  • the Al module 526 comprises instructions to learn from information passing through the comparative module 524 and/or saved in the history database module 522.
  • the pharmaceutical dispensing system comprises a local pharmaceutical dispensing server 504 placed at the local facility.
  • the local pharmaceutical dispensing server 504 is a computer comprising instructions to communicate with the pharmaceutical dispensing server 112 located outside the local facility and mirror the information relevant to the specific local facility where the pharmaceutical dispensing machine is located.
  • the verification unit 502 receives prescription data (referred hereinafter also as just ‘data’) from the local pharmaceutical dispensing server 504.
  • the verification unit 502 when the data arrives at the verification unit 502 and before it is sent to the pharmaceutical dispensing machine 202, the verification unit 502 performs a verification of the data with one or more entities, for example with the local server of the local facility 408 where the pharmaceutical dispensing machine 202 is located. In some embodiments, verification of the data comprises comparing the received data with data located at the local server of the local facility 408.
  • the local server of the local facility 408 transmits relevant information (patient names, prescriptions, medical conditions, etc.) to the pharmaceutical dispensing server 112 located outside the local facility. In some embodiments, the local server of the local facility 408 transmits relevant information (patient names, prescriptions, medical conditions, etc.) to the local pharmaceutical dispensing server 504 placed at the local facility.
  • the verification unit 502 also receives verification of dispensing information from patients 514, for example via their smart electronic devices and or any other dedicated device configured to store prescription information of the patients.
  • the pharmaceutical dispensing system performs additional verifications on the pharmaceutical dispensing information outside the local facility where the pharmaceutical dispensing machine is located. For example, when a physician 204 prescribes a pharmaceutical to a patient, the pharmaceutical dispensing information is sent to the HUB server 402, as explained before in Figure 4. In some embodiments, additionally, the pharmaceutical dispensing information is sent directly to the pharmaceutical dispensing system server 112. In some embodiments, the pharmaceutical dispensing information received by the physicians 204 is stored and used for comparative verifications with the local pharmaceutical dispensing system server 504 and/or the verification unit 502.
  • the pharmaceutical dispensing system server 112 is in communication with the HUB server 402, which also receives the pharmaceutical dispensing information from the physicians 204, and the pharmaceutical dispensing system server 112 performs a verification of the data received from the physicians 204 with the data received from the HUB server 402. In some embodiments, when the data do not match, a notification is sent.
  • the pharmaceutical dispensing system server 112 is in communication with the insurance companies 406, which also receives the pharmaceutical dispensing information from the HUB server 402, and the pharmaceutical dispensing system server 112 performs a verification of the data received from the insurance companies 406 with the data received from the HUB server 402 and/or the physicians 204. In some embodiments, when the data do not match, a notification is sent.
  • the pharmaceutical dispensing system server 112 is in communication with an additional server 516 located in proximity to the physicians and configured to also receive the prescription information.
  • information located in the additional server 516 is used to compare the prescription data coming from any other source in the system, and optionally by the verification unit 502.
  • a patient 514 when a patient 514 receives a new and/or amended prescription from the physician 204, the physician can directly update an electronic device of the patient.
  • the prescription data on the electronic device of the patient is used by the pharmaceutical dispensing system to perform one or more comparisons, analysis and/or verifications of the pharmaceutical dispensing information.
  • a potential advantage to perform one or more comparisons, analysis and/or verifications of the pharmaceutical dispensing information with the data from the patient’s electronic device is that in some cases, for example when a cyber-attack occurs to one of the servers, the pharmaceutical dispensing data located on the electronic device will not be affected by the cyber-attack since there is not direct communication between the electronic device and the affected server.
  • the pharmaceutical dispensing machine 202 is provided with a dedicated firewall 506 configured to only allow transmission of information/data relevant to prescription data between the verification unit 506 and the pharmaceutical dispensing machine 202. In some embodiments, data that is identified as not ‘prescription data’ is blocked and an alarm is activated notifying relevant personnel. In some embodiments, additionally and/or optionally, the pharmaceutical dispensing machine is configured to receive any kind of information solely from the verification unit 502.
  • the pharmaceutical dispensing machine 202 is provided with a removable dispensing information unit 508.
  • the removable dispensing information unit 508 specifically comprises the dispensing information including for example one or more of the patients’ names, prescriptions, schedule of dispensing pharmaceuticals to the patients and all relevant data needed to perform the pharmaceutical dispensing process.
  • the pharmaceutical dispensing machine 202 further comprises a backup 510 for the removable dispensing information unit 508, which is kept outside the pharmaceutical dispensing machine 202 and it is periodically updated with the same information as the removable dispensing information unit 508.
  • the removable dispensing information unit 508 is configured to be extracted from the pharmaceutical dispensing machine 202 and replaced with the backup 510.
  • the updating of the backup 510 is performed externally to the pharmaceutical dispensing machine 202.
  • a potential advantage of performing the updating of the backup 510 externally to the pharmaceutical dispensing machine 202 is that if the removable dispensing information unit 508 is compromised, for example by a cyber-attack, the backup 510 will not, and it will be just a matter of hot-swapping between the removable dispensing information unit 508 and the backup 510.
  • the pharmaceutical dispensing machine 202 comprises an internal backup comprising verified dispensing information 512.
  • the pharmaceutical dispensing machine 212 will use dispensing information stored in the internal backup comprising verified dispensing information 512.
  • the internal backup comprising verified dispensing information 512 is updated with verified information regularly, for example twice a day, three times a day, four times a day.
  • exemplary indications that at least one element of the pharmaceutical dispensing system has been compromised are as follows:
  • an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify an abnormal number of changes in prescriptions/pharmaceutical dispensing data in a short period of time.
  • an abnormal number of changes are defined according to historical pharmaceutical dispensing information stored in one or more entities of the pharmaceutical dispensing system.
  • an abnormal number of changes are defined according to a predetermined number of changes per hour, optionally per number of hours, optionally per day, optionally per week.
  • an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify an abnormal delay and/or a change in the transmission timing in the receiving/sending of pharmaceutical dispensing data.
  • the transmission timing is set by an internal ‘clock’ configured to set the parameters of transmission in the system.
  • the internal ‘clock’ is configured to inform the whole system with the current transmission rate set for the system.
  • the system send an alert,
  • abnormal delays are defined according to historical time-transmissions of pharmaceutical dispensing information stored in one or more entities of the pharmaceutical dispensing system.
  • an abnormal delay is defined according to a predetermined acceptable delay in data transmission set by the system manager (or any other dedicated personnel/authorized personnel of the pharmaceutical dispensing system).
  • an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify a discrepancy in the pharmaceutical dispensing information transmitted through the pharmaceutical dispensing system and/or stored in one or more of the entities of the pharmaceutical dispensing system.
  • an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify an abnormal increase in requests for “highly valuable” pharmaceuticals.
  • highly valuable” pharmaceuticals are pharmaceuticals that are expensive.
  • highly valuable” pharmaceuticals are pharmaceuticals that are in high demand.
  • highly valuable” pharmaceuticals are pharmaceuticals that are considered highly addictive (for example, morphine, opioids, etc.).
  • authorized personnel can access the pharmaceutical dispensing information unit and override instructions with new and/or updated instructions, when necessary, for example, during a cyber-attack and/or during a catastrophe and/or when the pharmaceutical dispensing machine cannot receive updates from the outside (servers, etc).
  • an exemplary indication of a cyber-attack is when the pharmaceutical dispensing machine generates a high number of empty envelopes. In some embodiments, this can be caused, for example, due to hacking of the pharmaceutical dispensing machine to sabotage the dispensing of pharmaceuticals. In some embodiments, this can be caused, for example, due to hacking of the pharmaceutical dispensing machine to make believe the pharmaceutical dispensing machine is dispensing empty envelopes, therefore causing the pharmaceutical dispensing machine to try dispensing again, but in reality the pharmaceutical dispensing machine is actually dispensing pharmaceuticals repeatedly.
  • an exemplary indication of a cyber-attack is when the pharmaceutical dispensing machine performs in an abnormal way. For example, it takes too long to prepare envelopes, the mechanical arm cannot pick up pharmaceuticals, totes are being released without authorization, etc.
  • the pharmaceutical dispensing system when the pharmaceutical dispensing system identifies a cyberattack, the pharmaceutical dispensing system performs one or more of the following exemplary actions: Safe mode
  • the pharmaceutical dispensing machine enters safe mode, which means no exchange of pharmaceutical dispensing information with the external entities and perform dispensing actions according to the removable dispensing information unit 508 and/or the backup verified dispensing information unit 512, until attack is resolved and/or until a dedicated personnel/authorized personnel instructs otherwise.
  • dedicated personnel/authorized personnel periodically exchange the removable dispensing information unit 508 with a backup removable dispensing information unit 510, updated with verified pharmaceutical dispensing information received from a secure verified source of the pharmaceutical dispensing system, until the problem is resolved.
  • the pharmaceutical dispensing machine receives information from a secondary secured line, which is optionally used only in cases of emergencies and/or safe mode.
  • safe mode includes temporarily disconnecting the pharmaceutical dispensing machine.
  • the pharmaceutical dispensing system when the pharmaceutical dispensing system identifies a cyberattack, the pharmaceutical dispensing system performs a back-trace of the pharmaceutical dispensing information to find out where the attack originated. In some embodiments, this is performed by verifying the information that was transmitted between two or more entities in the pharmaceutical dispensing system.
  • the pharmaceutical dispensing machine when a pharmaceutical dispensing machine identifies a cyberattack, the pharmaceutical dispensing machine send a wide notification about the attack using secure communication paths in order to notify other entities in the pharmaceutical dispensing system, for example, servers, other pharmaceutical dispensing machines, dedicated personnel.
  • the pharmaceutical dispensing machine in cases of catastrophes, when communication with the pharmaceutical dispensing server 112 is severed, and/or when the pharmaceutical dispensing machine in unable to receive updated pharmaceutical dispensing information, the pharmaceutical dispensing machine enters ‘emergency mode’. In some embodiments, similarly to the safe mode disclose above, the pharmaceutical dispensing machine performs dispensing actions according to the removable dispensing information unit 508 and/or the backup verified dispensing information unit 512, until the catastrophe passes and/or the communication problem is resolved and/or until a dedicated personnel/authorized personnel instructs otherwise.
  • dedicated personnel/authorized personnel periodically exchange the removable dispensing information unit 508 with a backup removable dispensing information unit 510, updated with verified pharmaceutical dispensing information received from a secure verified source of the pharmaceutical dispensing system, until the problem is resolved.
  • the pharmaceutical dispensing machine receives information from a secondary secured line, optionally an independent secure line (like satellite communication) which is optionally used only in cases of emergencies and/or safe mode and/or emergency mode.
  • a secondary secured line optionally an independent secure line (like satellite communication) which is optionally used only in cases of emergencies and/or safe mode and/or emergency mode.
  • emergency mode includes temporarily disconnecting the pharmaceutical dispensing machine.
  • the pharmaceutical dispensing system provides special permissions to dedicated personnel/authorized personnel at the local facility to interact with the pharmaceutical dispensing machine and modify and/or verify pharmaceutical dispensing information.
  • the pharmaceutical dispensing system comprises instructions, upon specific request from dedicated personnel/authorized personnel, to allow dispensing of pharmaceuticals to new patients that are in need of pharmaceuticals.
  • the pharmaceutical dispensing system comprises instruction to utilize one or more pharmaceutical dispensing machines to back up the pharmaceutical dispensing needs of other location, with or without their own pharmaceutical dispensing machine.
  • the pharmaceutical dispensing system comprises instructions to enable dispensing of pharmaceuticals from a different location, for example, from a different pharmaceutical dispensing machine and/or a pharmacy, etc. Exemplary prioritizing during emergency situations
  • the pharmaceutical dispensing system comprises instructions to activate an emergency prioritization rule during emergency situations.
  • the system will receive the updated instructions from the Al module 526, then, when necessary from a physician.
  • the Al module 526 is in no condition to provide a recommendation for the updating of the pharmaceutical dispensing information
  • the system will receive updated information directly from a physician.
  • a virtual schedule is activated to allow for enough time for the system to contact and receive feedback from any one of the entities providing pharmaceutical dispensing information before the scheduled time of dispensing to the patients. In some embodiments, this potentially allows for the system to assess problems in time and potentially ensure the dispensing of pharmaceuticals to the patients.
  • the system comprises a recording module (not shown) where any activity in the system and/or environment is recorded and stored for future revision and analysis.
  • data stored in the recording module cannot be modified after being recording.
  • one or more entities of the pharmaceutical dispensing system located in the local facility where the pharmaceutical dispensing machine is located, receives pharmaceutical dispensing information from an external source 602.
  • the system perform a verification 604 of the pharmaceutical dispensing information with one or more of the following 606: the pharmaceutical dispensing system server 112, the local pharmaceutical dispensing system server 504, the local server of the local facility where machine is placed 408 and the patients 514.
  • the system assesses if the there is a positive outcome 608.
  • the pharmaceutical dispensing information of the pharmaceutical dispensing machine is updated.
  • an alarm is activated and the pharmaceutical dispensing machine is switched into safe mode.
  • the pharmaceutical dispensing machine returns to normal performance once the verification provides a positive outcome (not shown).
  • the pharmaceutical dispensing system performs periodical updates 702 of one or more of: the local pharmaceutical dispensing system server 504 and the pharmaceutical dispensing system server 112. In some embodiments, the system further performs on going checks for cyber- attack 704 on one of: the local pharmaceutical dispensing system server 504, the pharmaceutical dispensing system server 112 and the verification unit 502. In some embodiments, the system assesses if a cyber-attacked is identified 706. In some embodiments, when no cyber-attacks are identified, the system continues to perform periodical updates 702. In some embodiments, when a cyber-attack is identified 708, an alarm is activated.
  • the pharmaceutical dispensing machine is switched to safe mode including one or more of: automatically stopping all updates on dispensing orders and retrieving dispensing information from Backup verified dispensing information unit 512 and/or Backup Removable Dispensing info unit 510; and swapping the removable dispensing information unit 508 with the Backup Removable Dispensing info unit 510.
  • the system checks if the cyber-attack ended every time period 710, for example every 30 minutes, every hour and/or every 3 hours. In some embodiments, the system assesses if the cyber-attack ended 712. In some embodiments, when the answer is ‘no’, then the system continues to check 710. In some embodiments, when the answer is ‘yes’ 714, then the system enables getting dispensing update from Local Pharmaceutical dispensing system server 504, Pharmaceutical dispensing system server 112.
  • the pharmaceutical dispensing system performs periodical updates 802 of one or more of: the local pharmaceutical dispensing system server 504 and the pharmaceutical dispensing system server 112. In some embodiments, the system further performs on going checks for correct communication 804 with one of: the local pharmaceutical dispensing system server 504, the pharmaceutical dispensing system server 112 and the verification unit 502. In some embodiments, the system assesses if the communication is interrupted 806. In some embodiments, when no problems with the communication are identified, the system continues to perform periodical updates 802. In some embodiments, when the communication is interrupted 808, an alarm is activated.
  • the pharmaceutical dispensing machine is switched to safe mode including one or more of: automatically stopping all updates on dispensing orders and retrieving dispensing information from Backup verified dispensing information unit 512 and/or Backup Removable Dispensing info unit 510; and swapping the removable dispensing information unit 508 with the Backup Removable Dispensing info unit 510.
  • the system checks if the communication is restored every time period 810, for example every 30 minutes, every hour and/or every 3 hours. In some embodiments, the system assesses if the communication has been established 812. In some embodiments, when the answer is ‘no’, then the system continues to check 810. In some embodiments, when the answer is ‘yes’ 814, then the system enables getting dispensing update from Local Pharmaceutical dispensing system server 504, Pharmaceutical dispensing system server 112.
  • compositions, method or structure may include additional ingredients, steps and/or parts, but only if the additional ingredients, steps and/or parts do not materially alter the basic and novel characteristics of the claimed composition, method or structure.
  • a compound or “at least one compound” may include a plurality of compounds, including mixtures thereof.
  • range format is merely for convenience and brevity and should not be construed as an inflexible limitation on the scope of the invention. Accordingly, the description of a range should be considered to have specifically disclosed all the possible subranges as well as individual numerical values within that range. For example, description of a range such as “from 1 to 6” should be considered to have specifically disclosed subranges such as “from 1 to 3”, “from 1 to 4”, “from 1 to 5”, “from 2 to 4”, “from 2 to 6”, “from 3 to 6”, etc.; as well as individual numbers within that range, for example, 1, 2, 3, 4, 5, and 6. This applies regardless of the breadth of the range.

Abstract

The present patent related to means and methods of ensuring pharmaceutical dispensing services from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, in critical situations like cyber-attacks and/or natural catastrophes.

Description

CYBER PROTECTION FOR PHARMACEUTICAL DISPENSING SYSTEMS
RELATED APPLICATION/S
This application claims the benefit of priority of U.S. Provisional Patent Application No. 63/279,219 filed on November 15, 2021, the contents of which are incorporated herein by reference in their entirety.
FIELD AND BACKGROUND OF THE INVENTION
The present invention, in some embodiments thereof, relates to means and methods of cyber protection and, more particularly, but not exclusively, to means and methods of cyber protection for pharmaceutical dispensing systems.
SUMMARY OF THE INVENTION
Following is a non-exclusive list including some examples of embodiments of the invention. The invention also includes embodiments which include fewer than all the features in an example and embodiments using features from multiple examples, also if not expressly listed below.
Example 1. A method of ensuring pharmaceutical dispensing service from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, the method comprising: a. receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to said at least one patient; b. generating at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one first data transmission unit; c. generating at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one second data transmission unit; d. transmitting said at least one first pharmaceutical data package from said at least one first data transmission unit to a verification unit; e. transmitting said at least one second pharmaceutical data package from said at least one second data transmission unit to said verification unit; f. receiving said at least one first pharmaceutical data package and said at least one second pharmaceutical data package at said verification unit; g. transmitting, from said verification unit, to said pharmaceutical dispensing machine one or more of: i. said at least one first pharmaceutical data package; ii. said at least one second pharmaceutical data package; iii. at least one verified pharmaceutical data package; h. dispensing said at least one pharmaceutical according to a data package comprising said at least one pharmaceutical dispensing instruction, said data package received from said verification unit.
Example 2. The method according to example 1, wherein said method further comprises transmitting said at least one first pharmaceutical data package and said at least one second pharmaceutical data package using different transmission paths.
Example 3. The method according to example 1 or example 2, wherein said at least one first data transmission unit and said at least one second data transmission unit are one or more selected from the group consisting of a pharmaceutical dispensing system server, a hub server, an additional server, a local server where said pharmaceutical dispensing machine is located and a local pharmaceutical dispensing system server.
Example 4. The method according to any one of examples 1-3, wherein said at least one first data transmission unit and said at least one second data transmission unit are different data transmission units.
Example 5. The method according to any one of examples 1-4, wherein said dispensing information comprises one or more of at least one type of pharmaceutical, at least one schedule to dispense said at least one type of pharmaceutical, at least one regimen to dispense said at least one type of pharmaceutical.
Example 6. The method according to any one of examples 1-5, wherein said generating said at least one first pharmaceutical data package and said generating said at least one second pharmaceutical data package comprises generating encoded pharmaceutical data packages.
Example 7. The method according to any one of examples 1-6, wherein said generating said at least one first pharmaceutical data package and said generating said at least one second pharmaceutical data package comprises generating digitally signed pharmaceutical data packages.
Example 8. The method according to any one of examples 1-7, further comprising receiving said at least one first pharmaceutical data package at said pharmaceutical dispensing machine. Example 9. The method according to any one of examples 1-8, further comprising receiving said at least one second pharmaceutical data package at said pharmaceutical dispensing machine.
Example 10. The method according to any one of examples 1-9, further comprising receiving said at least one verified pharmaceutical data package at said pharmaceutical dispensing machine.
Example 11. The method according to any one of examples 1-10, further comprising analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package at said verification unit.
Example 12. The method according to any one of examples 1-11, further comprising comparing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package at said verification unit.
Example 13. The method according to example 12, further comprising assessing if said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are identical.
Example 14. The method according to example 13, further comprising when said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are not identical, then assessing which one comprises the highest level of trust and transmitting that one to said pharmaceutical dispensing machine.
Example 15. The method according to example 11, further comprising, after said analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package, generating said at least one verified pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at said verification unit.
Example 16. The method according to any one of examples 1-15, wherein said at least one pharmaceutical dispensing instruction comprises at least one instruction for a new pharmaceutical dispensing regime.
Example 17. The method according to any one of examples 1-16, wherein said at least one pharmaceutical dispensing instruction comprises at least one update to at least one preexisting pharmaceutical dispensing regime.
Example 18. The method according to any one of examples 1-17, further comprising providing within a housing of said pharmaceutical dispensing machine at least one pharmaceutical dispensing information unit configured to be accessible without the need of opening of said housing; said at least one pharmaceutical dispensing information unit configured to receive said pharmaceutical dispensing information to be used for preparing and dispensing of said at least one pharmaceutical; said at least one pharmaceutical dispensing information unit is configured to be removed from said pharmaceutical dispensing machine and replaced with at least one back up pharmaceutical dispensing information unit.
Example 19. The method according to example 18, further comprising, after replacing said at least one pharmaceutical dispensing information unit with said at least one back up pharmaceutical dispensing information unit, utilizing exclusively information contained in said at least one back up pharmaceutical dispensing information unit for said pharmaceutical dispensing process.
Example 20. The method according to any one of examples 1-19, further comprising providing said pharmaceutical dispensing machine with at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as reference for pharmaceutical dispensing processes.
Example 21. The method according to any one of examples 1-20, further comprising providing said pharmaceutical dispensing machine with at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as alternative for pharmaceutical dispensing processes.
Example 22. The method according to any one of examples 1-21, wherein said transmitting said at least one second pharmaceutical data package is performed upon request from said verification unit.
Example 23. The method according to any one of examples 1-22, further comprising utilizing said at least one second data transmission unit for verified data storage purposes.
Example 24. The method according to any one of examples 1-23, further comprising utilizing a personal electronic device of said at least one patient for storing said at least one pharmaceutical dispensing instruction provided by said at least one authorized personnel for verification purposes.
Example 25. A pharmaceutical dispensing system, comprising: a. a data entry system for receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to at least one patient; b. at least one first data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction; c. at least one second data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction; d. at least one verification unit comprising instructions to: i. receiving said transmitted at least one first pharmaceutical data package and said transmitted at least one second pharmaceutical data package; ii. analyzing said at least one first pharmaceutical data package and said transmitted at least one second pharmaceutical data package; iii. generating at least one third pharmaceutical data package based on said analysis and transmit it to at least one pharmaceutical dispensing machine; e. at least one pharmaceutical dispensing machine located in the vicinity of at least one location where said at least one patient requiring pharmaceutical dispensing services is located, and comprising instructions for receiving said at least one third pharmaceutical data package from said at least one verification unit and performing at least one pharmaceutical dispensing process based on said received at least one third pharmaceutical data package.
Example 26. The pharmaceutical dispensing system according to example 25, wherein said at least one first pharmaceutical data package, said at least one second pharmaceutical data package and said at least one third pharmaceutical data package comprise a same information.
Example 27. The pharmaceutical dispensing system according to example 25 or example 26, wherein said at least one first data transmission unit and said at least one second data transmission unit are one or more selected from the group consisting of a pharmaceutical dispensing system server, a hub server, an additional server, a local server where said pharmaceutical dispensing machine is located and a local pharmaceutical dispensing system server.
Example 28. The pharmaceutical dispensing system according to any one of examples 25-27, wherein said at least one first data transmission unit and said at least one second data transmission unit are different data transmission units.
Example 29. The pharmaceutical dispensing system according to any one of examples 25-28, wherein said at least one first data transmission unit and said at least one second data transmission unit are the same data transmission unit.
Example 30. The pharmaceutical dispensing system according to any one of examples 25-29, wherein said dispensing information comprises one or more of at least one type of pharmaceutical, at least one schedule to dispense said at least one type of pharmaceutical, at least one regimen to dispense said at least one type of pharmaceutical. Example 31. The pharmaceutical dispensing system according to any one of examples 25-30, wherein said generating said at least one first pharmaceutical data package, said generating said at least one second pharmaceutical data package and said generating said at least one third pharmaceutical data package comprises generating encoded pharmaceutical data packages.
Example 32. The pharmaceutical dispensing system according to any one of examples 25-31, wherein said generating said at least one first pharmaceutical data package, said generating said at least one second pharmaceutical data package and said generating said at least one third pharmaceutical data package comprises generating digitally signed pharmaceutical data packages.
Example 33. The pharmaceutical dispensing system according to any one of examples 25-32, wherein said analyzing comprises comparing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package.
Example 34. The pharmaceutical dispensing system according to example 33, wherein said analyzing comprises assessing if said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are identical.
Example 35. The pharmaceutical dispensing system according to example 33, wherein said at least one verification unit comprises instructions for when said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are not identical, then assessing which one comprises the highest level of trust.
Example 36. The pharmaceutical dispensing system according to example 35, wherein said generating said at least one third pharmaceutical data package comprises generating said at least one third pharmaceutical data package utilizing data from said pharmaceutical data package that was found to have said highest level of trust.
Example 37. The pharmaceutical dispensing system according to any one of examples 25-36, further comprising at least one third data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one fourth pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction.
Example 38. The pharmaceutical dispensing system according to any one of examples 25-37, wherein said at least one second data transmission unit transmits said at least one second pharmaceutical data package upon request from said verification unit.
Example 39. The pharmaceutical dispensing system according to any one of examples 25-38, further comprising utilizing said at least one second data transmission unit for verified data storage purposes. Example 40. The pharmaceutical dispensing system according to any one of examples 25-39, further comprising utilizing a personal electronic device of said at least one patient for storing said at least one pharmaceutical dispensing instruction provided by said at least one authorized personnel for verification purposes.
Example 41. A pharmaceutical dispensing machine configured to ensure pharmaceutical dispensing services to at least one patient, comprising: a. a plurality of modules configured for acting together for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. a housing configured to house said a plurality of modules and said at least one pharmaceutical dispensing information unit; wherein said at least one pharmaceutical dispensing information unit is configured to be accessible without the need for opening said housing; and is further configured to be replaced with at least one back up pharmaceutical dispensing information unit.
Example 42. The pharmaceutical dispensing machine according to example 41, wherein said pharmaceutical dispensing machine comprises instructions for utilizing exclusively information contained in said at least one back up pharmaceutical dispensing information unit for said pharmaceutical dispensing process after replacement of said at least one pharmaceutical dispensing information unit with said at least one back up pharmaceutical dispensing information unit.
Example 43. The pharmaceutical dispensing machine according to example 41 or 42, further comprising at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as reference for pharmaceutical dispensing processes.
Example 44. The pharmaceutical dispensing machine according to any one of examples 41-43, further comprising at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as alternative for pharmaceutical dispensing processes.
Example 45. The pharmaceutical dispensing machine according to any one of examples 41-44, further comprising an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
Example 46. A pharmaceutical dispensing machine configured to ensure pharmaceutical dispensing services to at least one patient, comprising: a. a plurality of modules configured for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used for pharmaceutical dispensing processes.
Example 47. The pharmaceutical dispensing machine according to example 46, wherein said at least one internal back up pharmaceutical dispensing information unit is configured to be used as reference for pharmaceutical dispensing processes.
Example 48. The pharmaceutical dispensing machine according to example 46 or example 47, wherein said at least one internal back up pharmaceutical dispensing information unit is configured to be used as alternative for pharmaceutical dispensing processes.
Example 49. The pharmaceutical dispensing machine according to any one of examples 46-48, wherein said at least one pharmaceutical dispensing information unit is configured to be removed from a housing of said pharmaceutical dispensing machine and be replaced with at least one back up pharmaceutical dispensing information unit without the need for opening said housing.
Example 50. The pharmaceutical dispensing machine according to any one of examples 46-49, further comprising an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
Example 51. A pharmaceutical dispensing machine, comprising: a. a plurality of modules configured for acting together for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. at least one safe mode button accessible to at least one authorized personnel; wherein said at least one safe mode button is configured for deactivating said at least one pharmaceutical dispensing information unit and activating a at least one backup pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical.
Example 52. A method of ensuring pharmaceutical dispensing service from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, the method comprising: a. receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to said at least one patient; b. generating at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one first data transmission unit; c. generating at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one second data transmission unit; d. transmitting said at least one first pharmaceutical data package from said at least one first data transmission unit to said pharmaceutical dispensing machine; e. transmitting said at least one second pharmaceutical data package from said at least one second data transmission unit to said pharmaceutical dispensing machine; f. receiving said at least one first pharmaceutical data package and said at least one second pharmaceutical data package at said pharmaceutical dispensing machine; g. analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package; h. verifying, based on said analyzing, said at least one pharmaceutical dispensing instruction; i. dispensing said at least one pharmaceutical according to said verified at least one pharmaceutical dispensing instruction.
Unless otherwise defined, all technical and/or scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which the invention pertains. Although methods and materials similar or equivalent to those described herein can be used in the practice or testing of embodiments of the invention, exemplary methods and/or materials are described below. In case of conflict, the patent specification, including definitions, will control. In addition, the materials, methods, and examples are illustrative only and are not intended to be necessarily limiting. As will be appreciated by one skilled in the art, some embodiments of the present invention may be embodied as a system, method or computer program product. Accordingly, some embodiments of the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment (including firmware, resident software, microcode, etc.) or an embodiment combining software and hardware aspects that may all generally be referred to herein as a “circuit,” “module” or “system.” Furthermore, some embodiments of the present invention may take the form of a computer program product embodied in one or more computer readable medium(s) having computer readable program code embodied thereon. Implementation of the method and/or system of some embodiments of the invention can involve performing and/or completing selected tasks manually, automatically, or a combination thereof. Moreover, according to actual instrumentation and equipment of some embodiments of the method and/or system of the invention, several selected tasks could be implemented by hardware, by software or by firmware and/or by a combination thereof, e.g., using an operating system.
For example, hardware for performing selected tasks according to some embodiments of the invention could be implemented as a chip or a circuit. As software, selected tasks according to some embodiments of the invention could be implemented as a plurality of software instructions being executed by a computer using any suitable operating system. In an exemplary embodiment of the invention, one or more tasks according to some exemplary embodiments of method and/or system as described herein are performed by a data processor, such as a computing platform for executing a plurality of instructions. Optionally, the data processor includes a volatile memory for storing instructions and/or data and/or a non-volatile storage, for example, a magnetic hard-disk and/or removable media, for storing instructions and/or data. Optionally, a network connection is provided as well. A display and/or a user input device such as a keyboard or mouse are optionally provided as well.
Any combination of one or more computer readable medium(s) may be utilized for some embodiments of the invention. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any suitable combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a random access memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or Flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium and/or data used thereby may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for some embodiments of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the latter scenario, the remote computer may be connected to the user's computer through any type of network, including a local area network (LAN) or a wide area network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet Service Provider).
Some embodiments of the present invention may be described below with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the invention. It will be understood that each block of the flowchart illustrations and/or block diagrams, and combinations of blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer readable medium that can direct a computer, other programmable data processing apparatus, or other devices to function in a particular manner, such that the instructions stored in the computer readable medium produce an article of manufacture including instructions which implement the function/act specified in the flowchart and/or block diagram block or blocks.
The computer program instructions may also be loaded onto a computer, other programmable data processing apparatus, or other devices to cause a series of operational steps to be performed on the computer, other programmable apparatus or other devices to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide processes for implementing the functions/acts specified in the flowchart and/or block diagram block or blocks.
Some of the methods described herein are generally designed only for use by a computer, and may not be feasible or practical for performing purely manually, by a human expert. A human expert who wanted to manually perform similar tasks, might be expected to use completely different methods, e.g., making use of expert knowledge and/or the pattern recognition capabilities of the human brain, which would be vastly more efficient than manually going through the steps of the methods described herein.
BRIEF DESCRIPTION OF THE SEVERAL VIEWS OF THE DRAWINGS
Some embodiments of the invention are herein described, by way of example only, with reference to the accompanying drawings. With specific reference now to the drawings in detail, it is stressed that the particulars shown are by way of example and for purposes of illustrative discussion of embodiments of the invention. In this regard, the description taken with the drawings makes apparent to those skilled in the art how embodiments of the invention may be practiced.
In the drawings:
Figure 1 is a schematic representation of an exemplary pharmaceutical dispensing system, according to some embodiments of the invention;
Figure 2 is a schematic representation of an exemplary micro -environment, exemplary entities within the micro-environment and interactions therein, according to some embodiments of the invention; Figure 3 is a schematic representation of an exemplary pharmaceutical dispensing machine according to some embodiments of the present invention;
Figure 4 is a schematic flowchart of an exemplary flow of pharmaceutical dispensing data between the pharmaceutical dispensing system and external entities as is performed by previous known pharmaceutical dispensing system;
Figures 5a-b are schematic representations of an exemplary pharmaceutical dispensing system comprising exemplary additional elements for the cyber-protection of the system, according to some embodiments of the invention;
Figure 5c is a schematic representation of an exemplary verification unit with exemplary flow of pharmaceutical dispensing data/information, according to some embodiments of the invention
Figure 6 is a flowchart of an exemplary method according to some embodiments of the invention;
Figure 7 is a flowchart of an exemplary method according to some embodiments of the invention; and
Figure 8 is a flowchart of an exemplary method according to some embodiments of the invention.
DESCRIPTION OF SPECIFIC EMBODIMENTS OF THE INVENTION
The present invention, in some embodiments thereof, relates to means and methods of cyber protection and, more particularly, but not exclusively, to means and methods of cyber protection for pharmaceutical dispensing systems.
Overview
An aspect of some embodiments of the invention relates to ensuring the delivery of pharmaceuticals to patients, receiving pharmaceuticals from a pharmaceutical dispensing system, during a cyber-attack and/or a catastrophe. In some embodiments, dispensing of pharmaceutical is ensured by providing the pharmaceutical dispensing system with one or more redundant but different pathways of pharmaceutical dispensing information. In some embodiments, the redundant pathways are separated from each other. In some embodiments, the redundant pathways are independent from each other. In some embodiments, each redundant pathway is independently protected to potentially ensure the integrity of the information, in general, and more specifically, the pharmaceutical dispensing information. In some embodiments, information passing through different pathways is analyzed and/or compared at least one once before commencing the pharmaceutical dispensing process.
An aspect of some embodiments of the invention relates to protecting pharmaceutical dispensing systems to ensure delivery of pharmaceuticals to subjects. In some embodiments, the pharmaceutical dispensing systems are protected in case of suspicion of a cyber-attack and/or a catastrophe. In some embodiments, the pharmaceutical dispensing systems are protected by adding a plurality of safeguard measures at multiple locations of the software and/or hardware of the pharmaceutical dispensing systems. In some embodiments, the pharmaceutical dispensing systems are protected by providing, dividing and/or copying the pharmaceutical dispensing information in at least two identical copies, which are independently verified and stored. In some embodiments, the pharmaceutical dispensing systems are provided with manual safe mode buttons that are activated by authorized personnel when necessary.
An aspect of some embodiments of the invention relates to ensuring delivery of pharmaceuticals on time, according to a predetermined schedule, in time of a cyber-attack and/or a catastrophe. In some embodiments, delivery of pharmaceuticals on time is ensured by adding a plurality of safeguard measures at multiple locations of the software and/or hardware of the pharmaceutical dispensing systems, which potentially allows the safeguard of the information and allowing a continuous pharmaceutical dispensing process even during a cyber-attack and/or a catastrophe. In some embodiments, delivery of pharmaceuticals on time is ensured by providing, dividing and/or copying the pharmaceutical dispensing information in at least two identical copies, which are independently verified and stored, which can be used in case of a cyber-attack and/or a catastrophe.
Before explaining at least one embodiment of the invention in detail, it is to be understood that the invention is not necessarily limited in its application to the details of construction and the arrangement of the components and/or methods set forth in the following description and/or illustrated in the drawings and/or the Examples. The invention is capable of other embodiments or of being practiced or carried out in various ways.
Exemplary environments and entities in pharmaceutical dispensing system
Referring now to Figure 1 showing a schematic representation of an exemplary pharmaceutical dispensing system, according to some embodiments of the invention. In some embodiments, the exemplary pharmaceutical dispensing system 100 comprises one or more environments, as shown for example in Figure 1. In some embodiments, a first environment 102 is the one comprising one or more locations hosting one or more pharmaceutical dispensing machines, for example hospitals 104, assisting living facilities 106 and/or any form of facility 108 housing one or more pharmaceutical dispensing machine that serve (provide pharmaceutical dispensing services) one or more patients/subjects. In some embodiments, a second environment 110 is a centralized server 112 and/or could server 114 in communication with all other environments and configured to store all relevant information regarding the pharmaceutical dispensing system and to coordinate all relevant activities between the different environments (see below). In some embodiments, a third environment 116 comprises one or more warehouses 118 for storing items to be supplied to the pharmaceutical dispensing machines located in other environments. In some embodiments, a fourth optional environment 120 is one or more pharmacies 122, which can optionally include a pharmaceutical dispensing machine, which are used to provide pharmaceuticals, for example, in case a specific pharmaceutical dispensing machine is not working, or a specific subject comes directly to the pharmacy to pick up pharmaceuticals, etc. In some embodiments, a fifth optional environment 124 are specific users that receive pharmaceutical dispensing services delivered to their homes 126, for example by a delivery service. In some embodiments, a sixth optional environment 128 are doctors/physicians 130 that provide prescriptions and that information is passed to one or more environments, for example to the second environment 110 (to one or more servers 112/114) or the fourth environment (to a pharmacy 122). In some embodiments, the interactions between environments happens in the real world, for example by moving pharmaceutical from one environment to another. In some embodiments, the interactions between environments is virtual, for example by exchanging information between environments. In some embodiments, optionally, each environment comprises its own micro-environment, which describes the interactions between different entities within the same environment (see below). In some embodiments, interactions can also be established between entities within a first environment and other entities within a second environment, for example, virtual interactions between a server and a physician, between a pharmaceutical dispensing machine and a subject, etc.
Exemplary entities in an exemplary micro-environment in pharmaceutical dispensing system
Referring now to Figure 2, showing a schematic representation of an exemplary microenvironment, exemplary entities within the micro-environment and interactions therein, according to some embodiments of the invention. In some embodiments, an exemplary microenvironment can be a nursing home, an assisting living facility, a hospital, etc., which comprises one or more pharmaceutical dispensing machines for providing pharmaceutical dispensing services to one or more patients/users/subjects (see also 102 above and in Figure 1). In some embodiments, an exemplary micro-environment 200 comprises one or more entities, related to the pharmaceutical dispensing system, which interact with each other. In some embodiments, an entity in the micro-environment are one or more pharmaceutical dispensing machines 202 (see below further information regarding the technical aspects of an exemplary pharmaceutical dispensing machine). In some embodiments, another entity in the micro-environment are one or more physicians/doctors/nurses/dedicated personnel/authorized personnel 204, optionally located at the facility hosting the pharmaceutical dispensing machine 202. In some embodiments, another entity in the micro-environment are one or more patients/users/subjects 206 located and/or visiting at the facility hosting the pharmaceutical dispensing machine 202 and have permission to access and retrieve pharmaceuticals from the pharmaceutical dispensing machine. In some embodiments, the one or more patients/users/subjects 206 have a digital device 208, for example a smartphone, a tablet, a smartwatch, which is used to interact with other entities in the system, for example the server 112, the pharmaceutical dispensing machine 202, etc. In some embodiments, another entity in the micro-environment, while not needed to be physically within the micro-environment, but are optionally located within the micro-environment (for example a local server), are one or more servers 112 in virtual communication with the entities in the microenvironment, for example the pharmaceutical dispensing machine 202, the one or more physicians/doctors/nurses/dedicated personnel/ authorized personnel 204, the one or more patients/users/subjects 206 (or their digital devices 208), etc.
In some embodiments, the different entities have interactions that enable the pharmaceutical dispensing services, as will be further explained below.
Exemplary definitions and roles of entities in an exemplary pharmaceutical dispensing system
In the following paragraphs exemplary definitions and roles of a plurality of exemplary entities within an exemplary pharmaceutical dispensing system 100, as shown for example in Figure 1, and more specifically for an exemplary micro-environment 200, as shown for example in Figure 2, will be explained.
Exemplary pharmaceutical dispensing machine
Referring now to Figure 3, showing a schematic representation of an exemplary pharmaceutical dispensing machine according to some embodiments of the present invention. In some embodiments, the pharmaceutical dispensing machine comprises one or more modules, for example, a pharmaceutical array module 302, a mechanical arm module 304, a pharmaceutical tote module 306, a printer module 308, a crimper module 310, an envelope module 312 and a control module 314.
Exemplary pharmaceutical array module 302
In some embodiments, the pharmaceutical array module 302 is responsible for the storage of a variety of pharmaceuticals. In some embodiments, the pharmaceutical array module 302 comprises a plurality of drug units, which each further comprise a plurality of drug elements, in which pharmaceuticals, optionally as a plurality of single pills stored together, are stored. In some embodiments, the number of drug units in the pharmaceutical array module is from about 1 to about 500. Optionally, from about 4 to about 300. Optionally, from about 10 to about 200. In some embodiments, each drug unit comprises a backup and/or redundant drug unit adapted to include the same drug elements. In some embodiments, each drug unit is designed to be an independent part of the pharmaceutical array module 302. For example, a drug unit can be disconnected (dismounted) from the frame of the pharmaceutical array module 302, completely, without affecting, for example, the correct functioning of other drug units. In some embodiments, a drug unit is adapted to include a specific number of drug elements within. In some embodiments, the number of drug elements within a drug unit is from about 2 to about 200. Optionally, from about 5 to about 150. Optionally, from about 10 to 100. In some embodiments, each row of drug unit comprises a plurality of drug subunits arranged one after the other. In some embodiments, a drug unit comprises a backup and/or redundant drug unit adapted to perform the same function. In some embodiments, a drug subunit comprises a backup and/or redundant drug subunit adapted to perform the same function.
In some embodiments, this configuration is potentially advantageous during repairs and/or maintenance. In some embodiments, the time required to bring the pharmaceutical dispensing machine to normal functioning is very short (i.e. minutes). In some embodiments, the technician can pull out a unit and then insert a new one at its place. In some embodiments, during repairs and/or maintenance a backup and/or redundant drug unit and/or drug subunit performs the function of the drug unit and/or drug subunit that is being repaired and/or maintained.
In some embodiments, the drug units/subunits comprise a tag or a barcode or a qcode or a RFID tag, comprising the relevant information regarding the pharmaceutical inside. mechanical arm module 304
In some embodiments, the mechanical arm module 304 is responsible for moving elements within the pharmaceutical dispensing machine during the preparation and dispensing of pharmaceuticals. In some embodiments, mechanical arm module 304 comprises two horizontal rails on which a vertical axle runs horizontally (right and left, left and right) by means of a motor (located, for example, on the right comer of the machine). In some embodiments, the vertical axle moves horizontally as much as the length of the two horizontal axles. In some embodiments, the mechanical arm module 304 further comprises a pharmaceutical pill engagement mechanism that runs vertically (up and down, down and up) on the vertical axle by means of a motor. In some embodiments, the pharmaceutical pill engagement mechanism moves vertically as much as the length of the vertical axle. In some embodiments, the mechanical arm module 304 can be disconnected (dismounted) from the frame of the pharmaceutical dispensing machine without the need to dismount and/or disassemble the other modules. Optionally, only one of the two rails is used. In these cases, the left right motion mechanism that provides the motion is either hanging from the top rail or standing from the bottom. In some embodiments, the pill engagement mechanism utilizes a vacuum system to engage a single pharmaceutical pill. In some embodiments, the pill engagement mechanism comprises a vacuum mechanism 150, which includes all necessary electronics and pumps. In some embodiments, the vacuum mechanism comprises a probe engagement tool adapted to engage the probe in the container. In some embodiments, the pill engagement mechanism optionally comprises an envelope engaging tool adapted to hold and handle an envelope into which the pharmaceuticals, optionally single pharmaceuticals, will be inserted.
Exemplary pharmaceutical tote module 306
In some embodiments, after the envelopes are marked, filled with pharmaceuticals, closed, crimped and ready to be dispensed, they are inserted in trays located in the pharmaceutical tote module 306. In some embodiments, the trays are then picked up by the personnel of the facility and dispensed to the patients. In some embodiments, the number of trays in the pharmaceutical tote module 306 is from about 1 to about 50. Optionally, from about 4 to about 40. Optionally, from about 6 to about 30. Optionally, from about 12 to about 20.
Exemplary printer module 308
In some embodiments, the printer module 160 is responsible for printing relevant information on the envelopes.
Exemplary crimper module 310
In some embodiments, the crimper module 310 is responsible for closing the envelopes after the pharmaceuticals have being inserted in them. Exemplary envelope module 312
In some embodiments, the envelope module 312 is responsible for storing and preparing the envelopes before use.
Exemplary control module 314
In some embodiments, the control module 314 is responsible, for example, for controlling the packaging and dispensing operations (i.e. control of the other modules), communicate with external regional or central server and perform routinely self-diagnostic test to ensure the continuous operation of the pharmaceutical dispensing machine. In some embodiments, the control module comprises one or more pharmaceutical dispensing information units configured to store the pharmaceutical dispensing information necessary to execute the pharmaceutical dispensing processes in the pharmaceutical dispensing machine.
Exemplary sensors
In some embodiments, the modules, the units and the elements, comprise at least one dedicated sensor adapted to monitor the functioning and/or the performance and/or the demands of the modules/units/elements. In some embodiments, the at least one dedicated sensor is activated remotely by a user via a dedicated server.
In some embodiments, verification on functionality of hardware, updated software, content (i.e. pharmaceuticals), consumables (i.e. envelopes) is performed on the modules, the units and the elements. In some embodiments, a user and/or a technician at the site of the pharmaceutical dispensing machine perform the verification. In some embodiments, a user and/or a technician perform the verification remotely.
Exemplary interactions in the pharmaceutical dispensing machine
In some embodiments, real world interactions with the pharmaceutical dispensing machine can be found between dedicated personnel/ authorized personnel and/or user/patients 314 that pick up pharmaceuticals form the pharmaceutical dispensing machine. In some embodiments, additional real world interactions can be a technician performing maintenance to the pharmaceutical dispensing machine, or a dedicated operator/ authorized operator restocking the pharmaceutical dispensing machine with pharmaceuticals.
In some embodiments, virtual interaction can be found between the pharmaceutical dispensing machine and the server 112 and optionally also, with an electronic device of a user/patient. Exemplary interactions in the pharmaceutical dispensing system
In the following paragraphs a plurality of exemplary interactions will be explained for an exemplary pharmaceutical dispensing system 100, as shown for example in Figure 1, and more specifically for an exemplary micro-environment 200, as shown for example in Figure 2 and Figure 3.
In some embodiments, interactions can be divided in two general types. Real world interactions, which are physical interactions between entities within the pharmaceutical dispensing system.
In some embodiments, a real world interaction is for example the physical transport of pharmaceuticals between environments, for example between a warehouse and a hospital, of between a pharmacy and a hospital and/or a house of a patient. In some embodiments, real world interactions are also when a patient and/or dedicated personnel/ authorized personnel picks up pharmaceuticals from a pharmaceutical dispensing machine.
In some embodiments, virtual interactions are for example all the communications between the different entities in the pharmaceutical dispensing system. For example, between the server and the pharmacy and/or the warehouse and/or the location of the pharmaceutical dispensing machines and/or the pharmaceutical dispensing machines themselves. In some embodiments, additional virtual interactions can be found for example between a doctor and a pharmaceutical dispensing machine, a patient and a pharmaceutical dispensing machine.
Exemplary flow of pharmaceutical dispensing data between the pharmaceutical dispensing system and other entities in known systems
Referring now to Figure 4, showing a schematic flowchart 400 of an exemplary flow of pharmaceutical dispensing data between the pharmaceutical dispensing system and external entities as is performed by previous known pharmaceutical dispensing systems. In some embodiments, pharmaceutical dispensing data is generated by prescriptions provided by physicians 204. In some embodiments, prescriptions comprise relevant information related to the pharmaceutical dispensing data, for example, the name of the patient, the pharmaceuticals that are prescribed, the regimen of the prescribed pharmaceuticals, and more.
In some embodiments, when a physician provides a paper prescription and the patient received directly the prescription, the patient usually picks up the pharmaceuticals directly form the pharmacy, and these actions of dispensing are performed outside the system, and are not directly monitored by the system. In some embodiments, when a physician provides an electronic prescription (also known as e-Prescriptions), the prescription is sent to a HUB server 402 where the information is passed to the pharmacy 404, and usually also to the insurance companies 406. In some embodiments, when the prescription information is passed directly to the pharmacy 404, is usually the pharmacy itself that performs the dispensing when the patient comes to pick it up personally. Other methods of dispensing are also possible, for example, a third party company ships the pharmaceuticals directly to the patient.
In some embodiments, when a patient is part of a location and/or place that utilizes the services of the pharmaceutical dispensing system, the prescription information is transmitted to the pharmaceutical dispensing system by two possible options. In some embodiments, option 1 - the prescription information is delivered directly to the server 112 of the pharmaceutical dispensing system, which then sends the information to the pharmaceutical dispensing machine 202 and to the server 408 of the place utilizing the services of the pharmaceutical dispensing system. In some embodiments, option 2 - the prescription information is delivered directly to the server 408 of the place utilizing the services of the pharmaceutical dispensing system, which then communicates the information to the server 112 of the pharmaceutical dispensing system, which then sends the information to the pharmaceutical dispensing machine 202.
In some embodiments, optionally exchange of information is provided between the pharmaceutical dispensing machine 202 and the server 408 of the place utilizing the services of the pharmaceutical dispensing system to update about the status of pharmaceutical dispensing machine and its activities. In some embodiments, this information is transmitted to the server 408 of the place utilizing the services of the pharmaceutical dispensing system via the server 112 of the pharmaceutical dispensing system.
Exemplary scope of the pharmaceutical dispensing system
In some embodiments, a scope of the pharmaceutical dispensing system is to ensure the dispensing of pharmaceuticals, by means of said pharmaceutical dispensing machine, to the patients/users at (or near) their scheduled time so as to ensure, as much as possible, to not cause damage and/or endangering the wellbeing of the patients/user due to lack or severely delayed of dispensing of pharmaceuticals at (or near) the scheduled time.
Exemplary cyber-vulnerable points of the pharmaceutical dispensing system
In some embodiments, cyber-vulnerable points are those where virtual interactions can be and/or are affected (reasons explained below) and can potentially compromise the scope of the pharmaceutical dispensing system. Referring to Figures 1, 2 and 3, potential points of cybervulnerability are shown with skulls 400. In some embodiments, for example, cyber-vulnerable points are one or more of:
1. Virtual interactions of any entity in the pharmaceutical dispensing system with the server.
2. Virtual interactions of any entity in the pharmaceutical dispensing system with the pharmaceutical dispensing machine.
In some embodiments, any of the lines describing transmission of prescription data, as shown for example in Figure 4, are points of cyber-vulnerability.
Exemplary sources of failure in cyber-vulnerable points
In some embodiments, the source of a failure in the virtual interactions of the pharmaceutical dispensing system can be human related, for example, a hacking of the system to either interrupt or take advantage of the pharmaceutical dispensing system, or can be nature related, for example, a natural event (e.g. earthquake, hurricane, tsunami, thunderstorm, etc.) caused the interruption of the communication with the server and/or other environments of the pharmaceutical dispensing system.
Exemplary addition of elements to the pharmaceutical dispensing system
In some embodiments, in order to potentially overcome and/or prevent a failure in cyber- vulnerable points, hardware/software units are added into the pharmaceutical dispensing system, and additionally or alternatively, redundancy pathways of information and/or addition of checking points are added to the flow of information.
Referring now to Figures 5a-b, showing schematic representations of an exemplary pharmaceutical dispensing system comprising exemplary additional elements for the cyberprotection of the system, according to some embodiments of the invention; and referring to Figure 5c showing a schematic representation of an exemplary verification unit 502 with exemplary flow of pharmaceutical dispensing data/information, according to some embodiments of the invention. The terms “data” and “information” are interchangeable; in general, ‘data’ includes therein the ‘information’ needed to be sent, therefore, it should be understood that when using the term “data” or “information” they refer to the same.
In some embodiments, the pharmaceutical dispensing system comprises an independent verification unit 502. In some embodiments, the verification unit 502 is a computer comprising instructions to perform verifications on any information (in a comparative module 524 - see Figure 5c), in general, and on any pharmaceutical dispensing information, specifically, and/or changes thereof, that are transmitted over and for the pharmaceutical dispensing system. For example prescription data and/or patient data, transmitted to the pharmaceutical dispensing machine 202 located in the local facility.
In some embodiments, the verification unit 502 is in communication with one or more entities to receive pharmaceutical dispensing information and perform verification analysis on the information received by the different sources of the information. For example, the verification unit 502 is in communication with the local server of the local facility 408, the local pharmaceutical dispensing server 504 (see below), the pharmaceutical dispensing system server 112, an additional server 516, the patients 514 and the pharmaceutical dispensing machine 202.
In some embodiments, assessment if the verification unit 502 has been compromised is performed, for example, by the pharmaceutical dispensing system server 112 and/or the local pharmaceutical dispensing server 504. In some embodiments, for example, verification is performed by comparing and verifying the information received from the verification unit 502. In some embodiments, when the verification unit 502 has been found to be compromised, the pharmaceutical dispensing system is configured to enter an emergency mode, where pharmaceutical dispending information is provided to the pharmaceutical dispensing machine from one or more alternative sources (at least from one alternative source), for example, directly from the local pharmaceutical dispensing system server 504 (arrow 518 in Figure 5b) and/or directly from the pharmaceutical dispensing system server 112 (arrow 520 in Figure 5b).
In some embodiments, the verification unit 502 comprises a comparative module 524 comprising instructions to perform one or more dual verification steps with two or more sites where the prescription information is stored, for example the pharmaceutical dispensing system server 112 and/or the local pharmaceutical dispensing server 504 and/or the additional server 516 located in proximity to the physicians and/or the hub server 402. In some embodiments, the verification unit 502 is protected by dedicated firewalls and/or passwords and/or specialized defense software. In some embodiments, additionally, physical access to the verification unit 502 is restricted to dedicated personnel/authorized personnel, and optionally requires specialized access, like retinal access, print access, voice access, etc.
In some embodiments, the verification unit 502 comprises a history database module 522 (shown in Figure 5c) comprising all relevant pharmaceutical dispensing information that has ever passed through the verification unit 502. In some embodiments, the comparative module 524 of the verification unit 502 comprises instructions to perform comparative analysis and/or perform an integrity assessment of the pharmaceutical dispensing information passing through the verification unit 502 using the information saved in the history database module 522 as reference. In some embodiments, when discrepancies are found, dedicated alarms are activated to notify relevant personnel.
In some embodiments, the verification unit 502 comprises an Al module 526. In some embodiments, in case of emergencies and/or during a cyber-attack, all access of pharmaceutical dispensing information towards the verification unit 502 is ceased. In some embodiments, this causes the pharmaceutical dispensing machine to stop receiving updates on the pharmaceutical dispensing needs of the patients. In some embodiments, the Al module 526 comprises instructions to provide, optionally temporarily, pharmaceutical dispensing instructions to the pharmaceutical dispensing machine 202 during emergencies and/or during a cyber-attack. In some embodiments, the instructions are optionally reviewed by dedicated personnel/authorized personnel either located at the site of the pharmaceutical dispensing machine or remotely. In some embodiments, the Al module 526 comprises instructions to provide, optionally temporarily, pharmaceutical dispensing recommendations to dedicated personnel/authorized personnel, which after approval, are translated into pharmaceutical dispensing instructions to the pharmaceutical dispensing machine 202. In some embodiments, the Al module 526 comprises instructions to learn from information passing through the comparative module 524 and/or saved in the history database module 522.
In some embodiments, the pharmaceutical dispensing system comprises a local pharmaceutical dispensing server 504 placed at the local facility. In some embodiments, the local pharmaceutical dispensing server 504 is a computer comprising instructions to communicate with the pharmaceutical dispensing server 112 located outside the local facility and mirror the information relevant to the specific local facility where the pharmaceutical dispensing machine is located. In some embodiments, the verification unit 502 receives prescription data (referred hereinafter also as just ‘data’) from the local pharmaceutical dispensing server 504. In some embodiments, when the data arrives at the verification unit 502 and before it is sent to the pharmaceutical dispensing machine 202, the verification unit 502 performs a verification of the data with one or more entities, for example with the local server of the local facility 408 where the pharmaceutical dispensing machine 202 is located. In some embodiments, verification of the data comprises comparing the received data with data located at the local server of the local facility 408.
In some embodiments, the local server of the local facility 408 transmits relevant information (patient names, prescriptions, medical conditions, etc.) to the pharmaceutical dispensing server 112 located outside the local facility. In some embodiments, the local server of the local facility 408 transmits relevant information (patient names, prescriptions, medical conditions, etc.) to the local pharmaceutical dispensing server 504 placed at the local facility.
In some embodiments, the verification unit 502 also receives verification of dispensing information from patients 514, for example via their smart electronic devices and or any other dedicated device configured to store prescription information of the patients.
In some embodiments, the pharmaceutical dispensing system performs additional verifications on the pharmaceutical dispensing information outside the local facility where the pharmaceutical dispensing machine is located. For example, when a physician 204 prescribes a pharmaceutical to a patient, the pharmaceutical dispensing information is sent to the HUB server 402, as explained before in Figure 4. In some embodiments, additionally, the pharmaceutical dispensing information is sent directly to the pharmaceutical dispensing system server 112. In some embodiments, the pharmaceutical dispensing information received by the physicians 204 is stored and used for comparative verifications with the local pharmaceutical dispensing system server 504 and/or the verification unit 502.
In some embodiments, the pharmaceutical dispensing system server 112 is in communication with the HUB server 402, which also receives the pharmaceutical dispensing information from the physicians 204, and the pharmaceutical dispensing system server 112 performs a verification of the data received from the physicians 204 with the data received from the HUB server 402. In some embodiments, when the data do not match, a notification is sent.
In some embodiments, the pharmaceutical dispensing system server 112 is in communication with the insurance companies 406, which also receives the pharmaceutical dispensing information from the HUB server 402, and the pharmaceutical dispensing system server 112 performs a verification of the data received from the insurance companies 406 with the data received from the HUB server 402 and/or the physicians 204. In some embodiments, when the data do not match, a notification is sent.
In some embodiments, the pharmaceutical dispensing system server 112 is in communication with an additional server 516 located in proximity to the physicians and configured to also receive the prescription information. In some embodiments, information located in the additional server 516 is used to compare the prescription data coming from any other source in the system, and optionally by the verification unit 502.
In some embodiments, not shown in Figure 5a, when a patient 514 receives a new and/or amended prescription from the physician 204, the physician can directly update an electronic device of the patient. In some embodiments, the prescription data on the electronic device of the patient is used by the pharmaceutical dispensing system to perform one or more comparisons, analysis and/or verifications of the pharmaceutical dispensing information. In some embodiments, a potential advantage to perform one or more comparisons, analysis and/or verifications of the pharmaceutical dispensing information with the data from the patient’s electronic device is that in some cases, for example when a cyber-attack occurs to one of the servers, the pharmaceutical dispensing data located on the electronic device will not be affected by the cyber-attack since there is not direct communication between the electronic device and the affected server.
Exemplary additions at the pharmaceutical dispensing machine
In some embodiments, the pharmaceutical dispensing machine 202 is provided with a dedicated firewall 506 configured to only allow transmission of information/data relevant to prescription data between the verification unit 506 and the pharmaceutical dispensing machine 202. In some embodiments, data that is identified as not ‘prescription data’ is blocked and an alarm is activated notifying relevant personnel. In some embodiments, additionally and/or optionally, the pharmaceutical dispensing machine is configured to receive any kind of information solely from the verification unit 502.
In some embodiments, the pharmaceutical dispensing machine 202 is provided with a removable dispensing information unit 508. In some embodiments, the removable dispensing information unit 508 specifically comprises the dispensing information including for example one or more of the patients’ names, prescriptions, schedule of dispensing pharmaceuticals to the patients and all relevant data needed to perform the pharmaceutical dispensing process. In some embodiments, the pharmaceutical dispensing machine 202 further comprises a backup 510 for the removable dispensing information unit 508, which is kept outside the pharmaceutical dispensing machine 202 and it is periodically updated with the same information as the removable dispensing information unit 508. In some embodiments, the removable dispensing information unit 508 is configured to be extracted from the pharmaceutical dispensing machine 202 and replaced with the backup 510. In some embodiments, optionally, the updating of the backup 510 is performed externally to the pharmaceutical dispensing machine 202. In some embodiments, a potential advantage of performing the updating of the backup 510 externally to the pharmaceutical dispensing machine 202 is that if the removable dispensing information unit 508 is compromised, for example by a cyber-attack, the backup 510 will not, and it will be just a matter of hot-swapping between the removable dispensing information unit 508 and the backup 510. In some embodiments, the pharmaceutical dispensing machine 202 comprises an internal backup comprising verified dispensing information 512. In some embodiments, if the removable dispensing information unit 508 is compromised and/or there is a problem with receiving information from the verification unit and/or the local pharmaceutical dispensing server 504 and/or the pharmaceutical dispensing server 112, in order to continue providing pharmaceutical dispensing services, the pharmaceutical dispensing machine 212 will use dispensing information stored in the internal backup comprising verified dispensing information 512. In some embodiments, the internal backup comprising verified dispensing information 512 is updated with verified information regularly, for example twice a day, three times a day, four times a day.
Exemplary indications of a compromised pharmaceutical dispensing system
In some embodiments, exemplary indications that at least one element of the pharmaceutical dispensing system has been compromised are as follows:
In some embodiments, an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify an abnormal number of changes in prescriptions/pharmaceutical dispensing data in a short period of time. In some embodiments, an abnormal number of changes are defined according to historical pharmaceutical dispensing information stored in one or more entities of the pharmaceutical dispensing system. In some embodiments, an abnormal number of changes are defined according to a predetermined number of changes per hour, optionally per number of hours, optionally per day, optionally per week.
In some embodiments, an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify an abnormal delay and/or a change in the transmission timing in the receiving/sending of pharmaceutical dispensing data. In some embodiments, the transmission timing is set by an internal ‘clock’ configured to set the parameters of transmission in the system. In some embodiments, the internal ‘clock’ is configured to inform the whole system with the current transmission rate set for the system. In some embodiments, when a variation of a transmission rate is detected, the system send an alert, In some embodiments, when monitoring of abnormal delays are used, abnormal delays are defined according to historical time-transmissions of pharmaceutical dispensing information stored in one or more entities of the pharmaceutical dispensing system. In some embodiments, an abnormal delay is defined according to a predetermined acceptable delay in data transmission set by the system manager (or any other dedicated personnel/authorized personnel of the pharmaceutical dispensing system). In some embodiments, an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify a discrepancy in the pharmaceutical dispensing information transmitted through the pharmaceutical dispensing system and/or stored in one or more of the entities of the pharmaceutical dispensing system.
In some embodiments, an exemplary indication of a cyber-attack is when one or more entities in the pharmaceutical dispensing system identify an abnormal increase in requests for “highly valuable” pharmaceuticals. In some embodiments, highly valuable” pharmaceuticals are pharmaceuticals that are expensive. In some embodiments, highly valuable” pharmaceuticals are pharmaceuticals that are in high demand. In some embodiments, highly valuable” pharmaceuticals are pharmaceuticals that are considered highly addictive (for example, morphine, opioids, etc.).
In some embodiments, at any moment, authorized personnel can access the pharmaceutical dispensing information unit and override instructions with new and/or updated instructions, when necessary, for example, during a cyber-attack and/or during a catastrophe and/or when the pharmaceutical dispensing machine cannot receive updates from the outside (servers, etc...).
In some embodiments, in relation to the pharmaceutical dispensing machine, an exemplary indication of a cyber-attack is when the pharmaceutical dispensing machine generates a high number of empty envelopes. In some embodiments, this can be caused, for example, due to hacking of the pharmaceutical dispensing machine to sabotage the dispensing of pharmaceuticals. In some embodiments, this can be caused, for example, due to hacking of the pharmaceutical dispensing machine to make believe the pharmaceutical dispensing machine is dispensing empty envelopes, therefore causing the pharmaceutical dispensing machine to try dispensing again, but in reality the pharmaceutical dispensing machine is actually dispensing pharmaceuticals repeatedly.
In some embodiments, also in relation to the pharmaceutical dispensing machine, an exemplary indication of a cyber-attack is when the pharmaceutical dispensing machine performs in an abnormal way. For example, it takes too long to prepare envelopes, the mechanical arm cannot pick up pharmaceuticals, totes are being released without authorization, etc.
Exemplary responses of the pharmaceutical dispensing system to a possible cyber-attack
In some embodiments, when the pharmaceutical dispensing system identifies a cyberattack, the pharmaceutical dispensing system performs one or more of the following exemplary actions: Safe mode
In some embodiments, the pharmaceutical dispensing machine enters safe mode, which means no exchange of pharmaceutical dispensing information with the external entities and perform dispensing actions according to the removable dispensing information unit 508 and/or the backup verified dispensing information unit 512, until attack is resolved and/or until a dedicated personnel/authorized personnel instructs otherwise.
In some embodiments, dedicated personnel/authorized personnel periodically exchange the removable dispensing information unit 508 with a backup removable dispensing information unit 510, updated with verified pharmaceutical dispensing information received from a secure verified source of the pharmaceutical dispensing system, until the problem is resolved.
In some embodiments, optionally, the pharmaceutical dispensing machine receives information from a secondary secured line, which is optionally used only in cases of emergencies and/or safe mode.
In some embodiments, safe mode includes temporarily disconnecting the pharmaceutical dispensing machine.
Back-trace of the source of the attack
In some embodiments, when the pharmaceutical dispensing system identifies a cyberattack, the pharmaceutical dispensing system performs a back-trace of the pharmaceutical dispensing information to find out where the attack originated. In some embodiments, this is performed by verifying the information that was transmitted between two or more entities in the pharmaceutical dispensing system.
Wide notification of attack
In some embodiments, when a pharmaceutical dispensing machine identifies a cyberattack, the pharmaceutical dispensing machine send a wide notification about the attack using secure communication paths in order to notify other entities in the pharmaceutical dispensing system, for example, servers, other pharmaceutical dispensing machines, dedicated personnel.
Exemplary catastrophe scenario
In some embodiments, in cases of catastrophes, when communication with the pharmaceutical dispensing server 112 is severed, and/or when the pharmaceutical dispensing machine in unable to receive updated pharmaceutical dispensing information, the pharmaceutical dispensing machine enters ‘emergency mode’. In some embodiments, similarly to the safe mode disclose above, the pharmaceutical dispensing machine performs dispensing actions according to the removable dispensing information unit 508 and/or the backup verified dispensing information unit 512, until the catastrophe passes and/or the communication problem is resolved and/or until a dedicated personnel/authorized personnel instructs otherwise.
In some embodiments, dedicated personnel/authorized personnel periodically exchange the removable dispensing information unit 508 with a backup removable dispensing information unit 510, updated with verified pharmaceutical dispensing information received from a secure verified source of the pharmaceutical dispensing system, until the problem is resolved.
In some embodiments, optionally, the pharmaceutical dispensing machine receives information from a secondary secured line, optionally an independent secure line (like satellite communication) which is optionally used only in cases of emergencies and/or safe mode and/or emergency mode.
In some embodiments, emergency mode includes temporarily disconnecting the pharmaceutical dispensing machine.
In some embodiments, during emergency mode, the pharmaceutical dispensing system provides special permissions to dedicated personnel/authorized personnel at the local facility to interact with the pharmaceutical dispensing machine and modify and/or verify pharmaceutical dispensing information.
Exemplary uses of the pharmaceutical dispensing system in emergency situations
In some embodiments, in case of a catastrophe, the pharmaceutical dispensing system comprises instructions, upon specific request from dedicated personnel/authorized personnel, to allow dispensing of pharmaceuticals to new patients that are in need of pharmaceuticals. In some embodiments, additionally or alternatively, the pharmaceutical dispensing system comprises instruction to utilize one or more pharmaceutical dispensing machines to back up the pharmaceutical dispensing needs of other location, with or without their own pharmaceutical dispensing machine.
In some embodiments, when a specific location is found to be under a cyber-attack, the pharmaceutical dispensing system comprises instructions to enable dispensing of pharmaceuticals from a different location, for example, from a different pharmaceutical dispensing machine and/or a pharmacy, etc. Exemplary prioritizing during emergency situations
In some embodiments, the pharmaceutical dispensing system comprises instructions to activate an emergency prioritization rule during emergency situations. In some embodiments, for example, when there is no possibility to receive updates on pharmaceutical dispensing information for the patients, the system will receive the updated instructions from the Al module 526, then, when necessary from a physician. In some embodiments, when the Al module 526 is in no condition to provide a recommendation for the updating of the pharmaceutical dispensing information, the system will receive updated information directly from a physician. In some embodiments, during emergencies, a virtual schedule is activated to allow for enough time for the system to contact and receive feedback from any one of the entities providing pharmaceutical dispensing information before the scheduled time of dispensing to the patients. In some embodiments, this potentially allows for the system to assess problems in time and potentially ensure the dispensing of pharmaceuticals to the patients.
Exemplary recording in the system
In some embodiments, the system comprises a recording module (not shown) where any activity in the system and/or environment is recorded and stored for future revision and analysis. In some embodiments, data stored in the recording module cannot be modified after being recording.
Exemplary methods
In the following paragraphs, exemplary methods performed by one or more entities of the pharmaceutical dispensing system will be disclosed.
Referring now to Figure 6, showing a flowchart of an exemplary method according to some embodiments of the invention. In some embodiments, one or more entities of the pharmaceutical dispensing system, located in the local facility where the pharmaceutical dispensing machine is located, receives pharmaceutical dispensing information from an external source 602. In some embodiments, the system perform a verification 604 of the pharmaceutical dispensing information with one or more of the following 606: the pharmaceutical dispensing system server 112, the local pharmaceutical dispensing system server 504, the local server of the local facility where machine is placed 408 and the patients 514. In some embodiments, the system assesses if the there is a positive outcome 608. In some embodiments, when the verification process produces a positive outcome, the pharmaceutical dispensing information of the pharmaceutical dispensing machine is updated. In some embodiments, when the verification process produces a negative outcome, an alarm is activated and the pharmaceutical dispensing machine is switched into safe mode.
In some embodiments, the pharmaceutical dispensing machine returns to normal performance once the verification provides a positive outcome (not shown).
Referring now to Figure 7, showing a flowchart of an exemplary method according to some embodiments of the invention. In some embodiments, the pharmaceutical dispensing system performs periodical updates 702 of one or more of: the local pharmaceutical dispensing system server 504 and the pharmaceutical dispensing system server 112. In some embodiments, the system further performs on going checks for cyber- attack 704 on one of: the local pharmaceutical dispensing system server 504, the pharmaceutical dispensing system server 112 and the verification unit 502. In some embodiments, the system assesses if a cyber-attacked is identified 706. In some embodiments, when no cyber-attacks are identified, the system continues to perform periodical updates 702. In some embodiments, when a cyber-attack is identified 708, an alarm is activated. In some embodiments, additionally, the pharmaceutical dispensing machine is switched to safe mode including one or more of: automatically stopping all updates on dispensing orders and retrieving dispensing information from Backup verified dispensing information unit 512 and/or Backup Removable Dispensing info unit 510; and swapping the removable dispensing information unit 508 with the Backup Removable Dispensing info unit 510. In some embodiments, the system checks if the cyber-attack ended every time period 710, for example every 30 minutes, every hour and/or every 3 hours. In some embodiments, the system assesses if the cyber-attack ended 712. In some embodiments, when the answer is ‘no’, then the system continues to check 710. In some embodiments, when the answer is ‘yes’ 714, then the system enables getting dispensing update from Local Pharmaceutical dispensing system server 504, Pharmaceutical dispensing system server 112.
Referring now to Figure 8, showing a flowchart of an exemplary method according to some embodiments of the invention. In some embodiments, the pharmaceutical dispensing system performs periodical updates 802 of one or more of: the local pharmaceutical dispensing system server 504 and the pharmaceutical dispensing system server 112. In some embodiments, the system further performs on going checks for correct communication 804 with one of: the local pharmaceutical dispensing system server 504, the pharmaceutical dispensing system server 112 and the verification unit 502. In some embodiments, the system assesses if the communication is interrupted 806. In some embodiments, when no problems with the communication are identified, the system continues to perform periodical updates 802. In some embodiments, when the communication is interrupted 808, an alarm is activated. In some embodiments, additionally, the pharmaceutical dispensing machine is switched to safe mode including one or more of: automatically stopping all updates on dispensing orders and retrieving dispensing information from Backup verified dispensing information unit 512 and/or Backup Removable Dispensing info unit 510; and swapping the removable dispensing information unit 508 with the Backup Removable Dispensing info unit 510. In some embodiments, the system checks if the communication is restored every time period 810, for example every 30 minutes, every hour and/or every 3 hours. In some embodiments, the system assesses if the communication has been established 812. In some embodiments, when the answer is ‘no’, then the system continues to check 810. In some embodiments, when the answer is ‘yes’ 814, then the system enables getting dispensing update from Local Pharmaceutical dispensing system server 504, Pharmaceutical dispensing system server 112.
As used herein with reference to quantity or value, the term “about” means “within ± 20 % of’.
The terms “comprises”, “comprising”, “includes”, “including”, “has”, “having” and their conjugates mean “including but not limited to”.
The term “consisting of’ means “including and limited to”.
The term “consisting essentially of’ means that the composition, method or structure may include additional ingredients, steps and/or parts, but only if the additional ingredients, steps and/or parts do not materially alter the basic and novel characteristics of the claimed composition, method or structure.
As used herein, the singular forms “a”, “an” and “the” include plural references unless the context clearly dictates otherwise. For example, the term “a compound” or “at least one compound” may include a plurality of compounds, including mixtures thereof.
Throughout this application, embodiments of this invention may be presented with reference to a range format. It should be understood that the description in range format is merely for convenience and brevity and should not be construed as an inflexible limitation on the scope of the invention. Accordingly, the description of a range should be considered to have specifically disclosed all the possible subranges as well as individual numerical values within that range. For example, description of a range such as “from 1 to 6” should be considered to have specifically disclosed subranges such as “from 1 to 3”, “from 1 to 4”, “from 1 to 5”, “from 2 to 4”, “from 2 to 6”, “from 3 to 6”, etc.; as well as individual numbers within that range, for example, 1, 2, 3, 4, 5, and 6. This applies regardless of the breadth of the range.
Whenever a numerical range is indicated herein (for example “10-15”, “10 to 15”, or any pair of numbers linked by these another such range indication), it is meant to include any number (fractional or integral) within the indicated range limits, including the range limits, unless the context clearly dictates otherwise. The phrases “range/ranging/ranges between” a first indicate number and a second indicate number and “range/ranging/ranges from” a first indicate number “to”, “up to”, “until” or “through” (or another such range-indicating term) a second indicate number are used herein interchangeably and are meant to include the first and second indicated numbers and all the fractional and integral numbers therebetween.
Unless otherwise indicated, numbers used herein and any number ranges based thereon are approximations within the accuracy of reasonable measurement and rounding errors as understood by persons skilled in the art
It is appreciated that certain features of the invention, which are, for clarity, described in the context of separate embodiments, may also be provided in combination in a single embodiment. Conversely, various features of the invention, which are, for brevity, described in the context of a single embodiment, may also be provided separately or in any suitable subcombination or as suitable in any other described embodiment of the invention. Certain features described in the context of various embodiments are not to be considered essential features of those embodiments, unless the embodiment is inoperative without those elements.
Although the invention has been described in conjunction with specific embodiments thereof, it is evident that many alternatives, modifications and variations will be apparent to those skilled in the art. Accordingly, it is intended to embrace all such alternatives, modifications and variations that fall within the spirit and broad scope of the appended claims.
It is the intent of the applicant(s) that all publications, patents and patent applications referred to in this specification are to be incorporated in their entirety by reference into the specification, as if each individual publication, patent or patent application was specifically and individually noted when referenced that it is to be incorporated herein by reference. In addition, citation or identification of any reference in this application shall not be construed as an admission that such reference is available as prior art to the present invention. To the extent that section headings are used, they should not be construed as necessarily limiting. In addition, any priority document(s) of this application is/are hereby incorporated herein by reference in its/their entirety.

Claims

35 WHAT IS CLAIMED IS:
1. A method of ensuring pharmaceutical dispensing service from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, the method comprising: a. receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to said at least one patient; b. generating at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one first data transmission unit; c. generating at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one second data transmission unit; d. transmitting said at least one first pharmaceutical data package from said at least one first data transmission unit to a verification unit; e. transmitting said at least one second pharmaceutical data package from said at least one second data transmission unit to said verification unit; f. receiving said at least one first pharmaceutical data package and said at least one second pharmaceutical data package at said verification unit; g. transmitting, from said verification unit, to said pharmaceutical dispensing machine one or more of: i. said at least one first pharmaceutical data package; ii. said at least one second pharmaceutical data package; iii. at least one verified pharmaceutical data package; h. dispensing said at least one pharmaceutical according to a data package comprising said at least one pharmaceutical dispensing instruction, said data package received from said verification unit.
2. The method according to claim 1, wherein said method further comprises transmitting said at least one first pharmaceutical data package and said at least one second pharmaceutical data package using different transmission paths.
3. The method according to claim 1 or claim 2, wherein said at least one first data transmission unit and said at least one second data transmission unit are one or more selected from the group consisting of a pharmaceutical dispensing system server, a hub server, an 36 additional server, a local server where said pharmaceutical dispensing machine is located and a local pharmaceutical dispensing system server.
4. The method according to any one of claims 1-3, wherein said at least one first data transmission unit and said at least one second data transmission unit are different data transmission units.
5. The method according to any one of claims 1-4, wherein said dispensing information comprises one or more of at least one type of pharmaceutical, at least one schedule to dispense said at least one type of pharmaceutical, at least one regimen to dispense said at least one type of pharmaceutical.
6. The method according to any one of claims 1-5, wherein said generating said at least one first pharmaceutical data package and said generating said at least one second pharmaceutical data package comprises generating encoded pharmaceutical data packages.
7. The method according to any one of claims 1-6, wherein said generating said at least one first pharmaceutical data package and said generating said at least one second pharmaceutical data package comprises generating digitally signed pharmaceutical data packages.
8. The method according to any one of claims 1-7, further comprising receiving said at least one first pharmaceutical data package at said pharmaceutical dispensing machine.
9. The method according to any one of claims 1-8, further comprising receiving said at least one second pharmaceutical data package at said pharmaceutical dispensing machine.
10. The method according to any one of claims 1-9, further comprising receiving said at least one verified pharmaceutical data package at said pharmaceutical dispensing machine.
11. The method according to any one of claims 1-10, further comprising analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package at said verification unit.
12. The method according to any one of claims 1-11, further comprising comparing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package at said verification unit.
13. The method according to claim 12, further comprising assessing if said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are identical.
14. The method according to claim 13, further comprising when said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are not identical, then assessing which one comprises the highest level of trust and transmitting that one to said pharmaceutical dispensing machine.
15. The method according to claim 11, further comprising, after said analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package, generating said at least one verified pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at said verification unit.
16. The method according to any one of claims 1-15, wherein said at least one pharmaceutical dispensing instruction comprises at least one instruction for a new pharmaceutical dispensing regime.
17. The method according to any one of claims 1-16, wherein said at least one pharmaceutical dispensing instruction comprises at least one update to at least one pre-existing pharmaceutical dispensing regime.
18. The method according to any one of claims 1-17, further comprising providing within a housing of said pharmaceutical dispensing machine at least one pharmaceutical dispensing information unit configured to be accessible without the need of opening of said housing; said at least one pharmaceutical dispensing information unit configured to receive said pharmaceutical dispensing information to be used for preparing and dispensing of said at least one pharmaceutical; said at least one pharmaceutical dispensing information unit is configured to be removed from said pharmaceutical dispensing machine and replaced with at least one back up pharmaceutical dispensing information unit.
19. The method according to claim 18, further comprising, after replacing said at least one pharmaceutical dispensing information unit with said at least one back up pharmaceutical dispensing information unit, utilizing exclusively information contained in said at least one back up pharmaceutical dispensing information unit for said pharmaceutical dispensing process.
20. The method according to any one of claims 1-19, further comprising providing said pharmaceutical dispensing machine with at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as reference for pharmaceutical dispensing processes.
21. The method according to any one of claims 1-20, further comprising providing said pharmaceutical dispensing machine with at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as alternative for pharmaceutical dispensing processes.
22. The method according to any one of claims 1-21, wherein said transmitting said at least one second pharmaceutical data package is performed upon request from said verification unit.
23. The method according to any one of claims 1-22, further comprising utilizing said at least one second data transmission unit for verified data storage purposes.
24. The method according to any one of claims 1-23, further comprising utilizing a personal electronic device of said at least one patient for storing said at least one pharmaceutical dispensing instruction provided by said at least one authorized personnel for verification purposes.
25. A pharmaceutical dispensing system, comprising: a. a data entry system for receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to at least one patient; 39 b. at least one first data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction; c. at least one second data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction; d. at least one verification unit comprising instructions to: i. receiving said transmitted at least one first pharmaceutical data package and said transmitted at least one second pharmaceutical data package; ii. analyzing said at least one first pharmaceutical data package and said transmitted at least one second pharmaceutical data package; iii. generating at least one third pharmaceutical data package based on said analysis and transmit it to at least one pharmaceutical dispensing machine; e. at least one pharmaceutical dispensing machine located in the vicinity of at least one location where said at least one patient requiring pharmaceutical dispensing services is located, and comprising instructions for receiving said at least one third pharmaceutical data package from said at least one verification unit and performing at least one pharmaceutical dispensing process based on said received at least one third pharmaceutical data package.
26. The pharmaceutical dispensing system according to claim 25, wherein said at least one first pharmaceutical data package, said at least one second pharmaceutical data package and said at least one third pharmaceutical data package comprise a same information.
27. The pharmaceutical dispensing system according to claim 25 or claim 26, wherein said at least one first data transmission unit and said at least one second data transmission unit are one or more selected from the group consisting of a pharmaceutical dispensing system server, a hub server, an additional server, a local server where said pharmaceutical dispensing machine is located and a local pharmaceutical dispensing system server.
28. The pharmaceutical dispensing system according to any one of claims 25-27, wherein said at least one first data transmission unit and said at least one second data transmission unit are different data transmission units. 40
29. The pharmaceutical dispensing system according to any one of claims 25-28, wherein said at least one first data transmission unit and said at least one second data transmission unit are the same data transmission unit.
30. The pharmaceutical dispensing system according to any one of claims 25-29, wherein said dispensing information comprises one or more of at least one type of pharmaceutical, at least one schedule to dispense said at least one type of pharmaceutical, at least one regimen to dispense said at least one type of pharmaceutical.
31. The pharmaceutical dispensing system according to any one of claims 25-30, wherein said generating said at least one first pharmaceutical data package, said generating said at least one second pharmaceutical data package and said generating said at least one third pharmaceutical data package comprises generating encoded pharmaceutical data packages.
32. The pharmaceutical dispensing system according to any one of claims 25-31, wherein said generating said at least one first pharmaceutical data package, said generating said at least one second pharmaceutical data package and said generating said at least one third pharmaceutical data package comprises generating digitally signed pharmaceutical data packages.
33. The pharmaceutical dispensing system according to any one of claims 25-32, wherein said analyzing comprises comparing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package.
34. The pharmaceutical dispensing system according to claim 33, wherein said analyzing comprises assessing if said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are identical.
35. The pharmaceutical dispensing system according to claim 33, wherein said at least one verification unit comprises instructions for when said at least one first pharmaceutical data package and said at least one second pharmaceutical data package are not identical, then assessing which one comprises the highest level of trust. 41
36. The pharmaceutical dispensing system according to claim 35, wherein said generating said at least one third pharmaceutical data package comprises generating said at least one third pharmaceutical data package utilizing data from said pharmaceutical data package that was found to have said highest level of trust.
37. The pharmaceutical dispensing system according to any one of claims 25-36, further comprising at least one third data transmission unit, in communication with said data entry system, comprising instructions for generating and transmitting at least one fourth pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction.
38. The pharmaceutical dispensing system according to any one of claims 25-37, wherein said at least one second data transmission unit transmits said at least one second pharmaceutical data package upon request from said verification unit.
39. The pharmaceutical dispensing system according to any one of claims 25-38, further comprising utilizing said at least one second data transmission unit for verified data storage purposes.
40. The pharmaceutical dispensing system according to any one of claims 25-39, further comprising utilizing a personal electronic device of said at least one patient for storing said at least one pharmaceutical dispensing instruction provided by said at least one authorized personnel for verification purposes.
41. A pharmaceutical dispensing machine configured to ensure pharmaceutical dispensing services to at least one patient, comprising: a. a plurality of modules configured for acting together for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. a housing configured to house said a plurality of modules and said at least one pharmaceutical dispensing information unit; 42 wherein said at least one pharmaceutical dispensing information unit is configured to be accessible without the need for opening said housing; and is further configured to be replaced with at least one back up pharmaceutical dispensing information unit.
42. The pharmaceutical dispensing machine according to claim 41, wherein said pharmaceutical dispensing machine comprises instructions for utilizing exclusively information contained in said at least one back up pharmaceutical dispensing information unit for said pharmaceutical dispensing process after replacement of said at least one pharmaceutical dispensing information unit with said at least one back up pharmaceutical dispensing information unit.
43. The pharmaceutical dispensing machine according to claims 41 or 42, further comprising at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as reference for pharmaceutical dispensing processes.
44. The pharmaceutical dispensing machine according to any one of claims 41-43, further comprising at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used as alternative for pharmaceutical dispensing processes.
45. The pharmaceutical dispensing machine according to any one of claims 41-44, further comprising an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
46. A pharmaceutical dispensing machine configured to ensure pharmaceutical dispensing services to at least one patient, comprising: a. a plurality of modules configured for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; 43 c. at least one internal back up pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information and configured to be used for pharmaceutical dispensing processes.
47. The pharmaceutical dispensing machine according to claim 46, wherein said at least one internal back up pharmaceutical dispensing information unit is configured to be used as reference for pharmaceutical dispensing processes.
48. The pharmaceutical dispensing machine according to claim 46 or claim 47, wherein said at least one internal back up pharmaceutical dispensing information unit is configured to be used as alternative for pharmaceutical dispensing processes.
49. The pharmaceutical dispensing machine according to any one of claims 46-48, wherein said at least one pharmaceutical dispensing information unit is configured to be removed from a housing of said pharmaceutical dispensing machine and be replaced with at least one back up pharmaceutical dispensing information unit without the need for opening said housing.
50. The pharmaceutical dispensing machine according to any one of claims 46-49, further comprising an external verification unit configured to verify said pharmaceutical dispensing information before being transmitted to said at least one pharmaceutical dispensing information unit in said pharmaceutical dispensing machine and/or to said at least one back up pharmaceutical dispensing information unit.
51. A pharmaceutical dispensing machine, comprising: a. a plurality of modules configured for acting together for storing, preparing and dispensing at least one pharmaceutical to at least one patient; b. at least one pharmaceutical dispensing information unit configured to receive pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical; c. at least one safe mode button accessible to at least one authorized personnel; wherein said at least one safe mode button is configured for deactivating said at least one pharmaceutical dispensing information unit and activating a at least one backup pharmaceutical dispensing information unit comprising verified pharmaceutical dispensing information to be used for said preparing and dispensing of said at least one pharmaceutical. 44
52. A method of ensuring pharmaceutical dispensing service from at least one pharmaceutical dispensing machine in a pharmaceutical dispensing system to at least one patient, the method comprising: a. receiving at least one pharmaceutical dispensing instruction from at least one authorized personnel; said at least one pharmaceutical dispensing instruction comprising dispensing information of at least one pharmaceutical to be dispensed to said at least one patient; b. generating at least one first pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one first data transmission unit; c. generating at least one second pharmaceutical data package comprising said at least one pharmaceutical dispensing instruction at at least one second data transmission unit; d. transmitting said at least one first pharmaceutical data package from said at least one first data transmission unit to said pharmaceutical dispensing machine; e. transmitting said at least one second pharmaceutical data package from said at least one second data transmission unit to said pharmaceutical dispensing machine; f. receiving said at least one first pharmaceutical data package and said at least one second pharmaceutical data package at said pharmaceutical dispensing machine; g. analyzing said at least one first pharmaceutical data package with said at least one second pharmaceutical data package; h. verifying, based on said analyzing, said at least one pharmaceutical dispensing instruction; i. dispensing said at least one pharmaceutical according to said verified at least one pharmaceutical dispensing instruction.
PCT/IB2022/060928 2021-11-15 2022-11-14 Cyber protection for pharmaceutical dispensing systems WO2023084479A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US202163279219P 2021-11-15 2021-11-15
US63/279,219 2021-11-15

Publications (2)

Publication Number Publication Date
WO2023084479A2 true WO2023084479A2 (en) 2023-05-19
WO2023084479A3 WO2023084479A3 (en) 2023-07-06

Family

ID=86337324

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/IB2022/060928 WO2023084479A2 (en) 2021-11-15 2022-11-14 Cyber protection for pharmaceutical dispensing systems

Country Status (1)

Country Link
WO (1) WO2023084479A2 (en)

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2220624A4 (en) * 2007-11-08 2017-11-15 GlaxoSmithKline LLC Medical product dispensing systems and methods
US8537004B2 (en) * 2009-09-30 2013-09-17 Carefusion 303, Inc. Verification of dispensed items
ES2735359T3 (en) * 2013-08-09 2019-12-18 Perceptimed Inc Remote pharmaceutical verification
EP3191972A4 (en) * 2014-09-11 2018-03-14 Mylan Inc. Medication delivery system and method
NZ730560A (en) * 2014-09-29 2020-05-29 Zogenix International Ltd Control system for control of distribution of medication

Also Published As

Publication number Publication date
WO2023084479A3 (en) 2023-07-06

Similar Documents

Publication Publication Date Title
CN108135779B (en) Medical equipment with transfer mechanism
US20240013150A1 (en) Automated preparation of medications in anticipation of use
CN100433026C (en) Power control for instrumented medication package
Rodriguez‐Gonzalez et al. Robotic dispensing improves patient safety, inventory management, and staff satisfaction in an outpatient hospital pharmacy
CA2502290C (en) Automated drug substitution, verification, and reporting system
CA2696082C (en) System for controlling medical devices
US10614916B1 (en) Means and methods for providing a continuous pharmaceutical operation service
US20210225479A1 (en) System and method of pharmaceutical operations for post-acute care facilities long-term care facilities
US11120905B2 (en) Means and methods for providing a continuous pharmaceutical operation service
MX2010008784A (en) An automated medication management system and method for use.
JP2007535036A (en) Integrated discontinuous remote drug management and compliance system
Mandrack et al. Nursing best practices using automated dispensing cabinets: nurses' key role in improving medication safety
WO2018222640A1 (en) Method and system for safe medication dispensing
Chang et al. Implement the RFID position based system of automatic tablets packaging machine for patient safety
US10543152B1 (en) Method and apparatus for providing prescription verification
WO2019102433A1 (en) System and method for personalized dispensing of mini-tablets
Francis et al. 2020—The Year the World Was Awakened to the Importance of Supply Chain Management
de Pinto et al. The impact of the Falsified Medicines Directive in the dispensing operations of an Austrian hospital pharmacy
WO2023084479A2 (en) Cyber protection for pharmaceutical dispensing systems
Bouami et al. Healthcare Delivery System Security: the orchestration of automated and organizational solutions
US11694783B2 (en) Apparatus and method of dispensing pharmaceuticals and other medications
AU2014248942A1 (en) Pharmacy workflow management system
Buyurgan et al. Supply chain-related adverse events and patient safety in healthcare
WO2014076711A2 (en) A system for patient and patient information management
US20230285247A1 (en) Apparatus and method of dispensing pharmaceuticals and other medications