US20130086390A1 - System and Method of Securing Private Health Information - Google Patents
System and Method of Securing Private Health Information Download PDFInfo
- Publication number
- US20130086390A1 US20130086390A1 US13/279,248 US201113279248A US2013086390A1 US 20130086390 A1 US20130086390 A1 US 20130086390A1 US 201113279248 A US201113279248 A US 201113279248A US 2013086390 A1 US2013086390 A1 US 2013086390A1
- Authority
- US
- United States
- Prior art keywords
- health information
- private health
- private
- encrypted
- request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
A system and method for the secure processing of private health information. Fully homomorphically encrypted private health information, along with a request to process that information, is transmitted to a third party who performs operations on the encrypted private health information in accordance with the request, yielding an encrypted result. The encrypted result may be decrypted only by the party in possession of the corresponding private key. The invention enables encrypted private health information to be processed by third parties while preventing them from decrypting it.
Description
- This application is a continuation of U.S. application Ser. No. 13/248,051, filed Sep. 29, 2011.
- 1. Field of the Invention
- This invention relates to the field of secure processing of private health information.
- 2. Description of the Background Art
- Medical professionals and institutions often transmit patients' private health information over open networks to third party business associates, who process that information in order to provide a variety of services. These services include, among other things, claims processing or administration; data analysis, utilization review; quality assurance; benefit management; practice management; repricing; facilitation of health information exchange organizations and regional health information organizations; e-prescribing; providing personal health records; data aggregation; and performing accounting, billing, actuarial, and consulting services.
- Various rules and regulations require medical professionals and institutions to adopt certain authorization and authentication safeguards to protect the confidentiality of patients' private health information when transmitting it over open networks. For example, the Health Insurance Portability and Accountability Act (HIPAA) requires certain health care providers, health care clearinghouses, and health plans (“covered entities”) to encrypt private health information using secure TCP/IP network encryption technology, such as Secure Socket Layer (SSL) encryption. In addition, a covered entity may disclose private health information to a business associate only after obtaining satisfactory assurances that the business associate will appropriately safeguard the information.
- Unfortunately, even with these safeguards, the security of private health information transmitted to third parties is too often compromised. Indeed, a recent survey demonstrated that 39% of security breaches are caused by third parties entrusted with sensitive data. (See 2010 Annual Study: U.S. Cost of a Data Breach, Symantec Corporation (March 2011).) In addition to exposing covered entities and business associates to liability, these security breaches undermine important objectives of the health care system by discouraging patients from disclosing their private information to covered entities.
- An illustrative prior art system for enabling covered entities to transmit private health information to business associates is depicted in
FIGS. 1 and 2 . - At
step 200, thekey generation module 170 of thebusiness associate 155 generates apublic key 175 andprivate key 180 according to an asymmetric key algorithm. As would be appreciated by one of skill in the art, there are a variety of asymmetric key algorithms, such as the RSA algorithm, the ElGamal algorithm, and the Paillier algorithm. - At
step 205, the coveredentity 110 collectsprivate health information 105 of the patient 100. Theprivate health information 105 may be provided directly by the patient 100 and entered into a computer system of the coveredentity 110, or it may be collected from the patient 100 using a modality such as a CT scan device, or by a medical professional involved in the care and/or health records of the patient. Theprivate health information 105 may be stored and transferred according to the Digital Imaging and Communications in Medicine (DICOM) standard, published by the American College of Radiology and the National Electronic Manufacturers Association. Medical images, which may also constitute private health information, may be stored and retrieved using a Picture Archiving and Communication System (PACS). - At
step 210, the coveredentity 110 initiates the submission of theprivate health information 105 to thebusiness associate 155. Submission of this information can be accomplished using software, such as an application programming interface (API) over any standard network protocol. - At
step 215, thebusiness associate 155 sends thepublic key 175 to the coveredentity 110. - At
step 220, thekey generation module 120 of the coveredentity 110 generates asymmetric key 125 according to a symmetric key algorithm such as Blowfish, Twofish, or Serpent. Instep 225, theencryption module 130 of the coveredentity 110 encrypts theprivate health information 105 with thesymmetric key 125, and encrypts thesymmetric key 125 with thepublic key 175 provided by thebusiness associate 155. The encrypted private health information, along with the encrypted symmetric key, is sent to the business associate 155 overconnection 150 instep 230. Instep 235, thedecryption module 190 ofbusiness associate 155 uses theprivate key 180 to decrypt thesymmetric key 125. The decryptedsymmetric key 125 is then used bydecryption module 190 of thebusiness associate 155 to decrypt theprivate health information 105 instep 240. - Once the
private health information 105 has been decrypted, it can be processed by theprocessing module 160 of thebusiness associate 155 atstep 245, yieldingresult 165. Thebusiness associate 155 may perform a variety of operations on theprivate health information 105, such as statistical analysis. - In
step 250, theencryption module 185 of thebusiness associate 155 uses thesymmetric key 125 to encrypt theresult 165 that was yielded from theprocessing module 160, yielding anencrypted result 195. Thebusiness associate 155 then sends theencrypted result 195 to the coveredentity 110 overconnection 150. Finally, atstep 255, thedecryption module 135 of the coveredentity 110 uses thesymmetric key 125 to decrypt theencrypted result 195, yielding adecrypted result 145 that can be accessed by the coveredentity 110, the patient 100, or both. - Under this and other prior art methods, a covered entity who wants to take advantage of the services offered by a business associate must provide that business associate with the symmetric key so that the business associate can decrypt the encrypted private health information and perform the requested operations on that private health information. This is disadvantageous because covered entities often do not know the precise security policies and practices of business associates, or the identities and trustworthiness of the individuals responsible for administering the operations of the business associates. Given the potentially severe penalties associated with security breaches, covered entities are often reluctant to share private health information with business associates, and may decide to forego the valuable services that certain business associates offer. Alternatively, covered entities may devote significant resources to investigate the security policies of a business associate.
- What is needed is an efficient system and method for enabling business associates to process private health information collected by covered entities without enabling business associates to access that information.
- The present invention is a system and method that enables business associates to efficiently perform operations on encrypted private health information collected from patients by covered entities, without requiring the covered entities to disclose the contents of the private health information or the unencrypted private key that could be used to decrypt that private health information. The invention utilizes a fully homomorphic encryption scheme, so that any operation performed on the encrypted private health information yields an encrypted result that cannot be decrypted without the unencrypted private key.
- In particular, the covered entity sends private health information to a trusted server with sufficient processing power to fully homomorphically encrypt the private health information. The trusted server sends the fully homomorphically encrypted private health information to a business associate, who performs operations on the encrypted private health information, yielding an encrypted result. Because the business associate lacks the private key corresponding to the encrypted private health information and encrypted result, the business associate is unable to access the private health information or the result, thereby ensuring the security of both. The encrypted result is sent to the trusted server, which may decrypt it using the private key or otherwise utilize it in any manner beneficial to the patient.
- By providing a mechanism for efficiently processing the private health information of covered entities' patients while maintaining the confidentiality of that information, the present invention benefits covered entities, business associates, and patients. The invention benefits covered entities by enabling them to receive valuable services offered by business associates without requiring the covered entities to investigate the business associates' security policies. The invention also benefits covered entities by lowering or eliminating their exposure to liability associated with security breaches by business associates. Because only the holder of the unencrypted private key can decrypt the private health information and the encrypted results of processing that information, covered entities need not fear untrusted business associates, or unknown third parties, accessing that information. Nor do covered entities or patients need to fear computer hackers breaking into the networks of business associates to retrieve private health information. Because only encrypted information is provided to business associates, hackers could, at worst, retrieve from such business associates encrypted information without the corresponding unencrypted private key.
- Similarly, the invention benefits business associates by enabling them to spend fewer resources on security. Because business associates receive only encrypted information without the corresponding unencrypted private key, business associates need not develop elaborate security systems to protect the confidential information of covered entities' patients. Similarly, the invention will enable business associates to reduce or eliminate their exposure to liability associated with security breaches. In addition, the invention benefits business associates by providing them with more business, because covered entities who normally would not trust third parties with private health information can be assured that their information will be secure.
- The invention also benefits patients by protecting the confidentiality of their private health information, by making the valuable services provided by business associates more widely available, and by reducing or eliminating medical care costs associated with investigating the security policies of business associates.
- These and other advantages of one or more aspects of the invention will become apparent from consideration of the detailed description and accompanying drawings.
- The invention is illustrated by way of example, and not by way of limitation, in the figures of the accompanying drawings.
-
FIG. 1 depicts a system architecture that is exemplary of the prior art. -
FIG. 2 depicts a flow chart that is exemplary of the prior art. -
FIG. 3 depicts a system architecture according to the preferred embodiment of the present invention. -
FIG. 4 depicts a flow chart according to the preferred embodiment of the present invention. -
FIG. 5 depicts a system architecture according to an alternative embodiment of the present invention. -
FIG. 6 depicts a flow chart according to an alternative embodiment of the present invention. -
FIG. 7 depicts a system architecture according to a second alternative embodiment of the present invention. -
FIG. 8 depicts a flow chart according to a second alternative embodiment of the present invention. - The preferred embodiment of the present invention will be described with reference to
FIGS. 3 and 4 . - As depicted in
FIG. 3 , the patient 300 possesses private health information 305, which is provided to or collected by the coveredentity 310. The private health information 305 may be any private information of the patient, such as information relating to the patient's physical or mental health or condition, the care provided to the patient, demographic information, or information regarding the patient's payment for care. The coveredentity 310 may be any person or entity that collects private health information of patients, such as a health care provider, a medical professional, a health care clearinghouse, or a health plan. The coveredentity 310 wishes to take advantage of the services offered by thebusiness associate 380. Thebusiness associate 380 may offer any number of services or software applications relating to the processing of private health information. For example, thebusiness associate 380 may offer software applications for claims processing or administration; data analysis, utilization review; quality assurance; benefit management; practice management; repricing; facilitation of health information exchange organizations and regional health information organizations; e-prescribing; providing personal health records; data aggregation; and performing accounting, billing, actuarial, and consulting services. - In order to take advantage of the services or software applications offered by the
business associate 380 without disclosing private health information 305 to thebusiness associate 380, the coveredentity 310 utilizes a trusted server 325 to fully homomorphically encrypt the private health information 305. A fully homomorphic encryption scheme is described in Craig Gentry, A Fully Homomorphic Encryption Scheme, Dissertation submitted to the Department of Computer Science and the Committee on Graduate Studies of Stanford University, September 2009, as well as Craig Gentry and Shai Halevi, Implementing Gentry's Fully-Homomorphic Encryption Scheme, IBM Research, Feb. 4, 2011. These documents are incorporated by reference into this specification for all purposes. - The trusted server 325, which may be a cluster of servers, has sufficient processing power to perform fully homomorphic encryption of private health information 305. The processing power required is dependent on the length of the private health information 305, the speed at which the private health information 305 must be encrypted, and the level of security desired. The trusted server 325 may be operated by any entity or individual, including the covered
entity 310. - At
step 400, thekey generation module 335 of the trusted server 325 generates apublic key 340 andprivate key 345 compatible with a fully homomorphic asymmetric key encryption scheme. - At
step 405, the coveredentity 310 accesses the trusted server 325 throughconnection 330.Connection 330 may be an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”) provided by either the trusted server 325 or thebusiness associate 380, or any other connection accomplished using standard protocols. The coveredentity 310 may access the trusted server 325 by means of an application developed by the operator of trusted server 325, by means of an internet browser, or any other means that would be appreciated by one of skill in the art. - At
step 410, the trusted server 325 provides thepublic key 340 generated by thekey generation module 335 to the coveredentity 310. - At
step 415, the coveredentity 310 initiates the submission of private health information 305 and a request for processing that information to the trusted server 325. The private health information 305 may have been collected from the patient 300 in written form, by using a modality such as a CT scan, or by a medical professional involved in the care and/or health records of the patient 300. Alternatively, the private health information 305 may have been collected from an authorized source other than the patient 300, such as a different covered entity. The private health information 305 may be stored and transferred according to the Digital Imaging and Communications in Medicine (DICOM) standard, published by the American College of Radiology and the National Electronic Manufacturers Association. Medical images, which may also constitute private health information 305, may be stored and retrieved using a Picture Archiving and Communication System (PACS). The transmission of the private health information 305 to the trusted server 325 may be initiated a variety of ways, depending on the needs of the coveredentity 310 and the service requirements of thebusiness associate 380 and/or the trusted server 325. For instance, if the coveredentity 310 desires to have the private health information 305 processed quickly, the coveredentity 310 may initiate the encryption and transmission of the private health information 305 once it is collected. In that case, the transmission may be initiated manually by a medical professional or other agent of the coveredentity 310, or automatically by software associated with the computer network or modalities of the coveredentity 310. Alternatively, if the coveredentity 310 desires to have the private health information 305 processed according to a predetermined schedule, the coveredentity 310 may deploy a software application, such as a time-based job scheduler like cron, to initiate the encryption of the private health information 305, transmission of private health information 305, and/or transmission of the request, at the appropriate time. - The private health information 305 may be encrypted by the
encryption module 320 of the coveredentity 310 using any known key algorithm, such the symmetric key algorithms Blowfish, Twofish, or Serpent, before it is sent to the trusted server 325. Accordingly, the term “private health information,” as used herein and in the claims, may refer to unencrypted or encrypted private health information, as the context permits. - At
step 420, theencryption module 350 of the trusted server 325 uses a fully homomorphic encryption scheme to fully homomorphically encrypt private health information 305 (and, if required by the applicable homomorphic encryption scheme, one or more instances of private key 345) using at least one instance ofpublic key 340, yielding encryptedprivate health information 360. Accordingly, as used herein and in the claims, the terms “encrypted private health information” and “fully homomorphically encrypted private health information” may refer to only private health information 305 that has been encrypted, or to both private health information 305 in encrypted form and one or more instances ofprivate key 345 in encrypted form, as the context permits. - At
step 425, the trusted server 325 sends the fully homomorphically encryptedprivate health information 360,public key 340, and a request for processing the fully homomorphically encryptedprivate health information 360 overconnection 375 to thebusiness associate 380. Thebusiness associate 380 may be any entity other than the patient 300 or coveredentity 310 that operates one or more computer servers capable of processing fully homomorphically encrypted private health information.Connection 375 may be an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”) provided by either the trusted server 325 or thebusiness associate 380, or any other connection accomplished using standard protocols. As would be appreciated by one of skill in the art, thepublic key 340, the encryptedprivate health information 360, and the request for processing the encryptedprivate health information 360 could be sent to thebusiness associate 380 separately, or simultaneously, and any or all could be in a compressed format to make their transmission more efficient. - After the
business associate 380 receives thepublic key 340, encryptedprivate health information 360, and the request for processing the encryptedprivate health information 360, theprocessing module 385 of thebusiness associate 380 processes the encryptedprivate health information 360 in accordance with the request using one or more functions atstep 430. The processing of the encryptedprivate health information 360 may also be conducted according to a predetermined schedule by using software such as a time-based job scheduler like cron. Because thebusiness associate 380 does not have access to the unencryptedprivate key 345, thebusiness associate 380 cannot decrypt the encryptedprivate health information 360. Nevertheless, because the private health information has been encrypted with a fully homomorphic encryption scheme, the encryptedprivate health information 360 can be processed with any number of functions without decrypting it. These functions could be quite basic, such as performing simple mathematical operations like addition and multiplication, or rather complex, such as statistical analysis or string manipulation. The output of theprocessing step 430 is anencrypted result 390. Thisencrypted result 390, like the encryptedprivate health information 360, is encrypted according to thepublic key 340, and can be decrypted only by using theprivate key 345. Accordingly, thebusiness associate 380 cannot decrypt theencrypted result 390. - The
business associate 380 sends theencrypted result 390 to the trusted server 325 atstep 435. If desired, thebusiness associate 380 may store theencrypted result 390, the encryptedprivate health information 360, and/or the request in the privatehealth information database 395 for future use. - At
step 440, the trusted server 325 decrypts theencrypted result 390 using theprivate key 345, yielding a decryptedresult 365. The trusted server 325 can then make appropriate use of the decryptedresult 365. For example, the trusted server 325 can send the decryptedresult 365 to the coveredentity 310 over a secure connection, so that the coveredentity 310 can use the decryptedresult 365 for the benefit of the patient 300, for administrative purposes, or for improving the overall quality of the services provided by the coveredentity 310. Alternatively, the trusted server 325 may utilize the decryptedresult 365 to perform additional processing as required by the coveredentity 310. The trusted server 325 may also use the privatehealth information database 370 to store the private health information 305, the encryptedprivate health information 360, theencrypted result 390, or the decryptedresult 365, for future use. - An alternative embodiment is depicted in
FIGS. 5 and 6 . - In the alternative embodiment, fully homomorphic encryption is performed by the covered
entity 510 rather than by a trusted server. The alternative embodiment is suitable for covered entities that have the resources to perform fully homomorphic encryption with the appropriate level of security and speed. - At
step 600, the coveredentity 510 accesses a computer server operated by thebusiness associate 560 through aconnection 555.Connection 555 may be an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”) provided by either thebusiness associate 560 or the coveredentity 510, or any other connection accomplished using standard protocols. The coveredentity 510 may access the computer server of thebusiness associate 560 in a variety of ways, such as by using an application developed by thebusiness associate 560 and installed on a computer server of coveredentity 510, or by means of an internet browser used by the coveredentity 510. - At
step 610, the coveredentity 510 initiates the submission of private health information 505. The private health information 505 may have been collected from the patient 500 in written form, by using a modality such as a CT scan, or by a medical professional involved in the care and/or health records of the patient 500. Alternatively, the private health information 505 may have been collected from an authorized source other than the patient 500, such as a different covered entity. The private health information 505 may be stored and transferred according to the Digital Imaging and Communications in Medicine (DICOM) standard, published by the American College of Radiology and the National Electronic Manufacturers Association. Medical images, which may also constitute private health information 505, may be stored and retrieved using a Picture Archiving and Communication System (PACS). - The covered
entity 510 may initiate the transmission of the private health information 505 in a variety of ways, depending on the needs of the coveredentity 510 and the service requirements ofbusiness associate 560. For instance, if the coveredentity 510 desires to have the private health information 505 processed quickly, the coveredentity 510 may initiate the encryption and transmission of the private health information 505 once it is collected. In that case, the transmission may be initiated manually by a medical professional or other agent of the coveredentity 510, or automatically by software associated with the computer network or modalities of the coveredentity 510. Alternatively, if the coveredentity 510 desires to have the private health information 505 processed according to predetermined schedule, the coveredentity 510 may deploy a software application, such as a time-based job scheduler like cron, to initiate the encryption and transmission of private health information 505 at the appropriate time. - At
step 615, thekey generation module 520 of coveredentity 510 generates apublic key 525 and aprivate key 530 compatible with a fully homomorphic asymmetric key encryption scheme. Once thepublic key 525 andprivate key 530 have been generated, atstep 620 theencryption module 535 of coveredentity 510 fully homomorphically encrypts the private health information 505 (and, if required by the applicable homomorphic encryption scheme, one or more instances of private key 530) using at least one instance ofpublic key 525, yielding encryptedprivate health information 545. Accordingly, as used herein and in the claims, the terms “encrypted private health information” and “fully homomorphically encrypted private health information” may refer to only private health information 505 that has been encrypted, or to both private health information 505 in encrypted form and one or more instances ofprivate key 530 in encrypted form, as the context permits. - At
step 625, the coveredentity 510 sends the encryptedprivate health information 545,public key 525, and a request for processing the encryptedprivate health information 545 to thebusiness associate 560 usingconnection 555. As would be appreciated by one of skill in the art, the encryptedprivate health information 545,public key 525, and the request for processing the encryptedprivate health information 545 could be sent to thebusiness associate 560 separately, or simultaneously, and any or all could be in a compressed format to make their transmission more efficient. - After the
business associate 560 receives thepublic key 525, encryptedprivate health information 545, and the request for processing the encryptedprivate health information 545, theprocessing module 565 of thebusiness associate 560 processes the encryptedprivate health information 545 in accordance with the request using one or more functions atstep 630. The processing of the encryptedprivate health information 545 may also be conducted according to a predetermined schedule by using software such as a time-based job scheduler like cron. Because thebusiness associate 560 does not have access to the unencryptedprivate key 530, thebusiness associate 560 cannot decrypt the encryptedprivate health information 545. Nevertheless, because the private health information has been encrypted with a fully homomorphic encryption scheme, the encryptedprivate health information 545 can be processed with any number of functions without decrypting it. These functions could be quite basic, such as performing simple mathematical operations like addition and multiplication, or rather complex, such as statistical analysis or string manipulation. The output of theprocessing step 630 is anencrypted result 570. Thisencrypted result 570, like the encryptedprivate health information 545, is encrypted according to thepublic key 525, and can be decrypted only by using theprivate key 530. Accordingly, thebusiness associate 560 cannot decrypt theencrypted result 570. - If desired, the
business associate 560 may store the encryptedprivate health information 545, theencrypted result 570, or both, in privatehealth information database 575 for future use. - At
step 635, thebusiness associate 560 sends theencrypted result 570 to the coveredentity 510. Finally, atstep 640, thedecryption module 540 of coveredentity 510 decrypts theencrypted result 570 using theprivate key 530, yielding a decryptedresult 550. - A second alternative embodiment is depicted in
FIGS. 7 and 8 . - In the second alternative embodiment, at
step 800, thekey generation module 710 of asecurity clearinghouse 700 generates apublic key 715 and aprivate key 720 compatible with a fully homomorphic asymmetric key encryption scheme. Thesecurity clearinghouse 700 may be any entity, server, or cluster of servers capable of generating public keys and private keys compatible with a fully homomorphic asymmetric key encryption scheme. Thesecurity clearinghouse 700 may be separate from the coveredentity 750, or may be owned or operated by the coveredentity 750. Thesecurity clearinghouse 700 may generate thepublic key 715 andprivate key 720 at the request of the coveredentity 750, or at the request of thepatient 735. The request may be made in person, or electronically throughrequestor interface 705, which may be a computer terminal, website, or other electronic interface accessed locally or via an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”) provided by either thesecurity clearinghouse 700, coveredentity 750, orbusiness associate 780, or any other connection accomplished using standard protocols. After thepublic key 715 andprivate key 720 have been generated, either or both keys may be stored in thekey database 730 for future retrieval.Key database 730 may be an actual database, a hard drive, or other appropriate storage repository. - At
step 805, the key storagedevice generation module 725 stores theprivate key 720, thepublic key 715, or both, on thekey storage device 740. Thekey storage device 740 may be a portable device such as a magnetic stripe card, USB flash drive, compact disc, mobile device, tablet, laptop computer, or a security token, such as a time-synchronized security token. Thekey storage device 740 may also be a stationary device, such as a computer server. Thekey storage device 740 may be remotely accessible in order to enable thepatient 735 or other authorized party to remotely retrieve the key or keys. - In the event that the request for key generation was submitted electronically through
requestor interface 705, thesecurity clearinghouse 700 may, instead of directly storing the key or keys onto thekey storage device 740, send the key or keys to thepatient 735, coveredentity 750, or other requestor, using a connection such as an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”), or any other connection accomplished using standard protocols. In that case, the recipient of the key or keys could store them as appropriate. - At
step 810, thepatient 735 provides thekey storage device 740 to the coveredentity 750, who reads thepublic key 715,private key 720, or both, from thestorage device 740. For example, thepatient 735 may provide a magnetic stripe card to coveredentity 750, who would use a magnetic stripe card reader to read thepublic key 715,private key 720, or both, from the card. The coveredentity 750 may alternatively retrievepublic key 715 fromsecurity clearinghouse 700 over a connection such as an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”), or any other connection accomplished using standard protocols. - At
step 815, the coveredentity 750 collects private health information 745 of thepatient 735. The private health information 745 may be provided directly by thepatient 735 and entered into a computer system of the coveredentity 750, or it may be collected from thepatient 735 using a modality such as a CT scan device, or by a medical professional involved in the care and/or health records of thepatient 735. The private health information 745 may be stored and transferred according to the Digital Imaging and Communications in Medicine (DICOM) standard, published by the American College of Radiology and the National Electronic Manufacturers Association. Medical images, which may also constitute private health information 745, may be stored and retrieved using a Picture Archiving and Communication System (PACS). Alternatively, the private health information 745 may have been collected from an authorized source other than thepatient 735, such as a different covered entity. - At
step 820, theencryption module 755 of the coveredentity 750 uses a fully homomorphic encryption scheme to fully homomorphically encrypt the private health information 745 (and, if required by the applicable homomorphic encryption scheme, one or more instances of the private key 720) using at least one instance ofpublic key 715, yielding encryptedprivate health information 760. Accordingly, as used herein and in the claims, the terms “encrypted private health information” and “fully homomorphically encrypted private health information” may refer to only private health information 745 that has been encrypted, or to both private health information 745 in encrypted form and one or more instances ofprivate key 720 in encrypted form, as the context permits. - If covered
entity 750 does not desire to perform the fully homomorphic encryption itself, it may instead transmit the private health information 745 to a trusted server as described in the preferred embodiment of the present invention. - At
step 825, the covered entity 750 (or a trusted server, if appropriate) sends the fully homomorphically encryptedprivate health information 760,public key 715, and a request for processing the fully homomorphically encryptedprivate health information 760 overconnection 775 to thebusiness associate 780. Alternatively, if the coveredentity 750 desires to have the encrypted private health information 745 processed according to a predetermined schedule, the coveredentity 750 may deploy a software application, such as a time-based job scheduler like cron, to initiate the encryption of the private health information 745, transmission of encryptedprivate health information 760, and/or transmission of the request, at the appropriate time. Thebusiness associate 780 may be any entity, computer server, or cluster of computer servers capable of processing fully homomorphically encrypted private health information. Thebusiness associate 780 may be owned and/or operated by the coveredentity 750.Connection 775 may be an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”) provided by either the coveredentity 750 or thebusiness associate 780, or any other connection accomplished using standard protocols. As would be appreciated by one of skill in the art, thepublic key 715, the encryptedprivate health information 760, and the request for processing the encryptedprivate health information 760 could be sent to thebusiness associate 780 separately, or simultaneously, and any or all could be in a compressed format to make their transmission more efficient. - Alternatively, the
business associate 780 may retrieve thepublic key 715 from thesecurity clearinghouse 700 over a connection such as an internet connection, wireless connection, satellite connection, network connection, application programming interface (“API”), or any other connection accomplished using standard protocols. - After the
business associate 780 receives thepublic key 715, encryptedprivate health information 760, and the request for processing the encryptedprivate health information 760, theprocessing module 785 of thebusiness associate 780 processes the encryptedprivate health information 760 in accordance with the request using one or more functions atstep 830. The processing of the encryptedprivate health information 760 may also be conducted according to a predetermined schedule by using software such as a time-based job scheduler like cron. Because thebusiness associate 780 does not have access to the unencryptedprivate key 720, thebusiness associate 780 cannot decrypt the encryptedprivate health information 760. Nevertheless, because the private health information has been encrypted with a fully homomorphic encryption scheme, the encryptedprivate health information 760 can be processed with any number of functions without decrypting it. These functions could be quite basic, such as performing simple mathematical operations like addition and multiplication, or rather complex, such as statistical analysis or string manipulation. The output of theprocessing step 830 is anencrypted result 790. Thisencrypted result 790, like the encryptedprivate health information 765, is encrypted according to thepublic key 715, and can be decrypted only by usingprivate key 720. Accordingly, thebusiness associate 780 cannot decrypt theencrypted result 790. - At
step 835, thebusiness associate 780 stores the encryptedprivate health information 760, theencrypted result 790, or both, in the privatehealth information database 795 for future use. - At
step 840, thebusiness associate 780 sends theencrypted result 790 to the covered entity 750 (or a trusted server, if appropriate). - At
step 845, thedecryption module 765 of the covered entity 750 (or a trusted server, if appropriate) decrypts theencrypted result 790 using theprivate key 720, yielding a decryptedresult 770. The coveredentity 750 can then make appropriate use of the decryptedresult 770, such as using it for the benefit of thepatient 735, for administrative purposes, or for improving the overall quality of the services provided by the coveredentity 750. - As long as the
patient 735 controls thekey storage device 740, thepatient 735 can enable other third parties, such as other covered entities, to retrieve and decrypt the encryptedprivate health information 760 or theencrypted result 790 stored in the privatehealth information database 795 of thebusiness associate 780, or in a database controlled by the coveredentity 750. Accordingly, thepatient 735 can ensure that his or her private health information 745 is both portable and secure. - Although the foregoing description has referred to particular embodiments, variations and modifications of these embodiments may be made without departing from the principles and spirit of the invention, the scope of which is defined by the appended claims. For instance, as would be appreciated by one of skill in the art, various modules described in the specification as being included in the covered entity, trusted server, or business associate may alternatively be located outside these entities and may be operated by third parties. Similarly, although the specification describes the private health information as residing with the covered entity, that information may alternatively reside on a server or other repository. In addition, although the specification describes various tasks being performed by different parties, the responsibility for accomplishing those tasks may be differently apportioned between those parties, or may be apportioned among a number of parties in various possible configurations. In particular, terms like “receiving,” “collecting,” “sending,” and “transmitting,” as used in the specification and the claims, are sufficiently broad to mean and include each other, such that collecting or receiving information is the same as transmitting or sending it, and vice-versa. Further, although this specification may have presented some embodiments of methods with a particular sequence or order of steps, this is for illustrative purposes and other sequences and orders may be employed. Similarly, although the claims may present the steps in a particular sequence or order, the claims should not be read to require any particular sequence or order unless required by the context. As would be appreciated by one of skill in the art, still other variations and modifications of the described embodiments may be made without departing from the principles and spirit of the invention as defined by the claims.
Claims (29)
1. A method of securing private health information, said method comprising the steps of:
receiving fully homomorphically encrypted private health information;
receiving a request to process said fully homomorphically encrypted private health information; and
processing said fully homomorphically encrypted private health information in accordance with said request, yielding a fully homomorphically encrypted result.
2. The method of claim 1 , wherein said private health information is collected from a patient.
3. The method of claim 2 , wherein said private health information is collected using a modality.
4. The method of claim 1 , wherein said private health information is collected from a source authorized by a patient.
5. The method of claim 1 , wherein at least one of the receiving steps is performed according to a predetermined schedule.
6. The method of claim 1 , wherein the processing step is performed according to a predetermined schedule.
7. The method of claim 1 , wherein said request is received using an application programming interface.
8. A method of securing private health information, said method comprising the steps of:
collecting said private health information;
transmitting said private health information to a third party;
transmitting a request to process said private health information to said third party; and
receiving a result from said third party after at least said private health information has been encrypted using a fully homomorphic encryption scheme and processed according to said request.
9. The method of claim 8 , wherein said private health information is collected from a patient.
10. The method of claim 9 , wherein said private health information is collected using a modality.
11. The method of claim 8 , wherein said private health information is collected from a source authorized by a patient.
12. The method of claim 8 , wherein the first transmitting step is performed according to a predetermined schedule.
13. The method of claim 8 , wherein the second transmitting step is performed according to a predetermined schedule.
14. The method of claim 8 , wherein the first transmitting step and the second transmitting step are performed according to a predetermined schedule.
15. The method of claim 8 , wherein said request is transmitted using an application programming interface.
16. The method of claim 8 , wherein said private health information is in DICOM format.
17. A system for securing private health information, comprising:
a computer configured to receive fully homomorphically encrypted private health information, and to receive a request to process said fully homomorphically encrypted private health information; and
a processing module for processing said fully homomorphically encrypted private health information in accordance with said request, yielding a fully homomorphically encrypted result.
18. The system of claim 17 , further comprising a modality configured to collect said private health information.
19. The system of claim 17 , further comprising a computer configured to collect said private health information from a source authorized by a patient.
20. The system of claim 17 , wherein said processing module is further configured to process said fully homomorphically encrypted private health information according to a predetermined schedule.
21. The system of claim 17 , wherein said computer is further configured to receive said request using an application programming interface.
22. A system for securing private health information, said system comprising:
a computer configured to collect said private health information;
a computer configured to transmit said private health information to a third party, and to transmit a request to process said private health information to said third party; and
a computer configured to receive a result from said third party after at least said private health information has been encrypted using a fully homomorphic encryption scheme and processed according to said request.
23. The system of claim 22 , further comprising a modality configured to collect said private health information.
24. The system of claim 22 , further comprising a computer configured to collect said private health information from a source authorized by a patient.
25. The system of claim 22 , wherein said computer configured to transmit said private health information to said third party is further configured to transmit said private health information to said third party according to a predetermined schedule.
26. The system of claim 22 , wherein said computer configured to transmit said request is further configured to transmit said request according to a predetermined schedule.
27. The system of claim 22 , wherein said computer configured to transmit said private health information to said third party is further configured to transmit said private health information to said third party according to a predetermined schedule, and wherein said computer configured to transmit said request is further configured to transmit said request according to a predetermined schedule.
28. The system of claim 22 , wherein said computer configured to transmit said request is further configured to transmit said request using an application programming interface.
29. The system of claim 22 , wherein said private health information is in DICOM format.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/279,248 US20130086390A1 (en) | 2011-09-29 | 2011-10-22 | System and Method of Securing Private Health Information |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US13/248,051 US8627107B1 (en) | 2011-09-29 | 2011-09-29 | System and method of securing private health information |
US13/279,248 US20130086390A1 (en) | 2011-09-29 | 2011-10-22 | System and Method of Securing Private Health Information |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/248,051 Continuation US8627107B1 (en) | 2011-09-29 | 2011-09-29 | System and method of securing private health information |
Publications (1)
Publication Number | Publication Date |
---|---|
US20130086390A1 true US20130086390A1 (en) | 2013-04-04 |
Family
ID=47993807
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/248,051 Expired - Fee Related US8627107B1 (en) | 2011-09-29 | 2011-09-29 | System and method of securing private health information |
US13/279,248 Abandoned US20130086390A1 (en) | 2011-09-29 | 2011-10-22 | System and Method of Securing Private Health Information |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US13/248,051 Expired - Fee Related US8627107B1 (en) | 2011-09-29 | 2011-09-29 | System and method of securing private health information |
Country Status (1)
Country | Link |
---|---|
US (2) | US8627107B1 (en) |
Cited By (12)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20130132989A1 (en) * | 2011-11-08 | 2013-05-23 | Agency For Science, Technology And Research | Method and Device for Collecting Audience Information |
US20150261932A1 (en) * | 2014-03-13 | 2015-09-17 | Medigram, Inc. | System and method for sharing and transferring ownership of communications containing electronic health information |
US20160085959A1 (en) * | 2014-09-22 | 2016-03-24 | Intel Corporation | Prevention of cable-swap security attack on storage devices |
WO2016060722A3 (en) * | 2014-07-22 | 2016-06-23 | Nant Health, Llc | Homomorphic encryption in a healthcare network environment, system and methods |
WO2018006138A1 (en) * | 2016-07-08 | 2018-01-11 | Safe2Health Pty Limited | A method and apparatus for securing health data |
US10171230B2 (en) * | 2014-02-28 | 2019-01-01 | Empire Technology Development Llc | Homomorphic encryption scheme |
US10382194B1 (en) | 2014-01-10 | 2019-08-13 | Rockwell Collins, Inc. | Homomorphic encryption based high integrity computing system |
CN110309674A (en) * | 2019-07-04 | 2019-10-08 | 浙江理工大学 | A kind of sort method based on full homomorphic cryptography |
US11032061B2 (en) * | 2018-04-27 | 2021-06-08 | Microsoft Technology Licensing, Llc | Enabling constant plaintext space in bootstrapping in fully homomorphic encryption |
US20220309590A1 (en) * | 2021-03-29 | 2022-09-29 | Change Healthcare Holdings, Llc | Systems and methods for document management |
US11582020B2 (en) * | 2020-12-02 | 2023-02-14 | Verizon Patent And Licensing Inc. | Homomorphic encryption offload for lightweight devices |
US11720704B1 (en) | 2020-09-01 | 2023-08-08 | Cigna Intellectual Property, Inc. | System and method for authenticating access to private health information |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9083526B2 (en) * | 2011-04-29 | 2015-07-14 | International Business Machines Corporation | Fully homomorphic encryption |
US9281941B2 (en) | 2012-02-17 | 2016-03-08 | International Business Machines Corporation | Homomorphic evaluation including key switching, modulus switching, and dynamic noise management |
US10333696B2 (en) | 2015-01-12 | 2019-06-25 | X-Prime, Inc. | Systems and methods for implementing an efficient, scalable homomorphic transformation of encrypted data with minimal data expansion and improved processing efficiency |
US9875370B2 (en) * | 2015-03-26 | 2018-01-23 | Microsoft Technology Licensing, Llc | Database server and client for query processing on encrypted data |
US10482263B2 (en) | 2015-04-01 | 2019-11-19 | Microsoft Technology Licensing, Llc | Computing on encrypted data using deferred evaluation |
US9973334B2 (en) * | 2015-09-03 | 2018-05-15 | Cisco Technology, Inc. | Homomorphically-created symmetric key |
EP3449414B1 (en) * | 2016-04-29 | 2021-12-08 | Privitar Limited | Computer-implemented privacy engineering system and method |
US10210266B2 (en) * | 2016-05-25 | 2019-02-19 | Microsoft Technology Licensing, Llc | Database query processing on encrypted data |
US10476661B2 (en) * | 2016-06-27 | 2019-11-12 | Fujitsu Limited | Polynomial-based homomorphic encryption |
EP3506547A1 (en) * | 2017-12-28 | 2019-07-03 | Flytxt B.V. | Providing security against user collusion in data analytics using random group selection |
US11483139B2 (en) | 2020-08-07 | 2022-10-25 | Bank Of America Corporation | System for secure data transmission using fully homomorphic encryption |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100246812A1 (en) * | 2009-03-30 | 2010-09-30 | Shantanu Rane | Secure Similarity Verification Between Encrypted Signals |
US20120054485A1 (en) * | 2010-08-25 | 2012-03-01 | Sony Corporation | Terminal device, server, data processing system, data processing method, and program |
US20120143922A1 (en) * | 2010-12-03 | 2012-06-07 | Shantanu Rane | Differentially private aggregate classifier for multiple databases |
US20120215845A1 (en) * | 2011-02-22 | 2012-08-23 | Nokia Corporation | Method and apparatus for preserving privacy for appointment scheduling |
US20120297198A1 (en) * | 2011-05-19 | 2012-11-22 | Microsoft Corporation | Privacy-Preserving Metering with Low Overhead |
Family Cites Families (19)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20020143574A1 (en) * | 2001-03-15 | 2002-10-03 | Thanos Karras | Integration of mobile imaging units into an application service provider for data storage and information system support |
ATE375686T1 (en) | 2001-07-12 | 2007-10-15 | Research In Motion Ltd | SYSTEM AND METHOD FOR DATA ACCESS FOR A MOBILE TELECOMMUNICATIONS TERMINAL |
EP1451786A1 (en) | 2001-12-10 | 2004-09-01 | Beamtrust A/S | A method of distributing a public key |
US6880079B2 (en) | 2002-04-25 | 2005-04-12 | Vasco Data Security, Inc. | Methods and systems for secure transmission of information using a mobile device |
WO2006094017A2 (en) * | 2005-03-01 | 2006-09-08 | The Regents Of The University Of California | Method for private keyword search on streaming data |
US20060245587A1 (en) * | 2005-04-28 | 2006-11-02 | Binyamin Pinkas | System and method for private information matching |
US7856100B2 (en) * | 2005-12-19 | 2010-12-21 | Microsoft Corporation | Privacy-preserving data aggregation using homomorphic encryption |
US8065166B2 (en) | 2007-10-30 | 2011-11-22 | Onemednet Corporation | Methods, systems, and devices for managing medical images and records |
US8903090B2 (en) * | 2008-04-29 | 2014-12-02 | International Business Machines Corporation | Securely classifying data |
US8458451B2 (en) * | 2009-01-20 | 2013-06-04 | New York University | Database outsourcing with access privacy |
US8621203B2 (en) | 2009-06-22 | 2013-12-31 | Nokia Corporation | Method and apparatus for authenticating a mobile device |
US8433925B2 (en) | 2009-09-04 | 2013-04-30 | Gradiant | Cryptographic system for performing secure computations and signal processing directly on encrypted data in untrusted environments |
US20110060901A1 (en) | 2009-09-04 | 2011-03-10 | Gradiant | Cryptographic System for Performing Secure Iterative Matrix Inversions and Solving Systems of Linear Equations |
US8843762B2 (en) | 2009-09-04 | 2014-09-23 | Gradiant, Centro Tecnolóxico de Telecomunicacións de Galicia | Cryptographic system for performing secure iterative computations and signal processing directly on encrypted data in untrusted environments |
US8515058B1 (en) * | 2009-11-10 | 2013-08-20 | The Board Of Trustees Of The Leland Stanford Junior University | Bootstrappable homomorphic encryption method, computer program and apparatus |
US8630422B2 (en) * | 2009-11-10 | 2014-01-14 | International Business Machines Corporation | Fully homomorphic encryption method based on a bootstrappable encryption scheme, computer program and apparatus |
US8539220B2 (en) | 2010-02-26 | 2013-09-17 | Microsoft Corporation | Secure computation using a server module |
US8281121B2 (en) * | 2010-05-13 | 2012-10-02 | Microsoft Corporation | Private aggregation of distributed time-series data |
US8903083B2 (en) * | 2010-08-16 | 2014-12-02 | International Business Machines Corporation | Fast evaluation of many polynomials with small coefficients on the same point |
-
2011
- 2011-09-29 US US13/248,051 patent/US8627107B1/en not_active Expired - Fee Related
- 2011-10-22 US US13/279,248 patent/US20130086390A1/en not_active Abandoned
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20100246812A1 (en) * | 2009-03-30 | 2010-09-30 | Shantanu Rane | Secure Similarity Verification Between Encrypted Signals |
US20120054485A1 (en) * | 2010-08-25 | 2012-03-01 | Sony Corporation | Terminal device, server, data processing system, data processing method, and program |
US20120143922A1 (en) * | 2010-12-03 | 2012-06-07 | Shantanu Rane | Differentially private aggregate classifier for multiple databases |
US20120215845A1 (en) * | 2011-02-22 | 2012-08-23 | Nokia Corporation | Method and apparatus for preserving privacy for appointment scheduling |
US20120297198A1 (en) * | 2011-05-19 | 2012-11-22 | Microsoft Corporation | Privacy-Preserving Metering with Low Overhead |
Cited By (25)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8782684B2 (en) * | 2011-11-08 | 2014-07-15 | Agency For Science, Technology And Research | Method and device for collecting audience information |
US20130132989A1 (en) * | 2011-11-08 | 2013-05-23 | Agency For Science, Technology And Research | Method and Device for Collecting Audience Information |
US10382194B1 (en) | 2014-01-10 | 2019-08-13 | Rockwell Collins, Inc. | Homomorphic encryption based high integrity computing system |
US10171230B2 (en) * | 2014-02-28 | 2019-01-01 | Empire Technology Development Llc | Homomorphic encryption scheme |
US20150261932A1 (en) * | 2014-03-13 | 2015-09-17 | Medigram, Inc. | System and method for sharing and transferring ownership of communications containing electronic health information |
US11431687B2 (en) * | 2014-07-22 | 2022-08-30 | Nanthealth, Inc. | Homomorphic encryption in a healthcare network environment, system and methods |
US10757081B2 (en) * | 2014-07-22 | 2020-08-25 | Nanthealth, Inc | Homomorphic encryption in a healthcare network environment, system and methods |
US11936632B2 (en) | 2014-07-22 | 2024-03-19 | Nanthealth, Inc. | Homomorphic encryption in a healthcare network environment, system and methods |
US9819650B2 (en) | 2014-07-22 | 2017-11-14 | Nanthealth, Inc. | Homomorphic encryption in a healthcare network environment, system and methods |
US10200347B2 (en) | 2014-07-22 | 2019-02-05 | Nanthealth, Inc. | Homomorphic encryption in a healthcare network environment, system and methods |
WO2016060722A3 (en) * | 2014-07-22 | 2016-06-23 | Nant Health, Llc | Homomorphic encryption in a healthcare network environment, system and methods |
US11632358B2 (en) * | 2014-07-22 | 2023-04-18 | Nanthealth, Inc. | Homomorphic encryption in a healthcare network environment, system and methods |
US10476853B2 (en) | 2014-07-22 | 2019-11-12 | Nanthealth, Inc | Homomorphic encryption in a healthcare network environment, system and methods |
US20200099666A1 (en) * | 2014-07-22 | 2020-03-26 | Nanthealth, Inc | Homomorphic encryption in a healthcare network environment, system and methods |
US20220385450A1 (en) * | 2014-07-22 | 2022-12-01 | Nanthealth, Inc. | Homomorphic encryption in a healthcare network environment, system and methods |
US11050720B2 (en) * | 2014-07-22 | 2021-06-29 | Nanthealth, Inc. | Homomorphic encryption in a data processing network environment, system and methods |
US20160085959A1 (en) * | 2014-09-22 | 2016-03-24 | Intel Corporation | Prevention of cable-swap security attack on storage devices |
US9870462B2 (en) * | 2014-09-22 | 2018-01-16 | Intel Corporation | Prevention of cable-swap security attack on storage devices |
WO2018006138A1 (en) * | 2016-07-08 | 2018-01-11 | Safe2Health Pty Limited | A method and apparatus for securing health data |
US11032061B2 (en) * | 2018-04-27 | 2021-06-08 | Microsoft Technology Licensing, Llc | Enabling constant plaintext space in bootstrapping in fully homomorphic encryption |
CN110309674B (en) * | 2019-07-04 | 2021-10-01 | 浙江理工大学 | Ordering method based on fully homomorphic encryption |
CN110309674A (en) * | 2019-07-04 | 2019-10-08 | 浙江理工大学 | A kind of sort method based on full homomorphic cryptography |
US11720704B1 (en) | 2020-09-01 | 2023-08-08 | Cigna Intellectual Property, Inc. | System and method for authenticating access to private health information |
US11582020B2 (en) * | 2020-12-02 | 2023-02-14 | Verizon Patent And Licensing Inc. | Homomorphic encryption offload for lightweight devices |
US20220309590A1 (en) * | 2021-03-29 | 2022-09-29 | Change Healthcare Holdings, Llc | Systems and methods for document management |
Also Published As
Publication number | Publication date |
---|---|
US8627107B1 (en) | 2014-01-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8627107B1 (en) | System and method of securing private health information | |
Seol et al. | Privacy-preserving attribute-based access control model for XML-based electronic health record system | |
US7869591B1 (en) | System and method for secure three-party communications | |
US9390228B2 (en) | System and method for securely storing and sharing information | |
Benaloh et al. | Patient controlled encryption: ensuring privacy of electronic medical records | |
Le et al. | A hybrid approach of secret sharing with fragmentation and encryption in cloud environment for securing outsourced medical database: a revolutionary approach | |
US8275632B2 (en) | Privacy compliant consent and data access management system and methods | |
JP5008003B2 (en) | System and method for patient re-identification | |
WO2019241166A1 (en) | System and method for managing payments for accessing patients information | |
US20090193267A1 (en) | Secure electronic medical record storage on untrusted portal | |
US10164950B2 (en) | Controlling access to clinical data analyzed by remote computing resources | |
US20070005798A1 (en) | System and method for virtual radiology and patient document flow | |
US20080028214A1 (en) | Secure flash media for medical records | |
US20170116375A1 (en) | Medical information management system and management server | |
US20180041338A1 (en) | Methods and Apparatuses to Facilitate Protection of Sensitive Data Online and Reduce Exposure in the Event of a Data Breach | |
Zhou et al. | A secure role-based cloud storage system for encrypted patient-centric health records | |
US11579783B1 (en) | Multi-tenant storage | |
Satar et al. | Cloud-based secure healthcare framework by using enhanced ciphertext policy attribute-based encryption scheme | |
CN114065261A (en) | Block chain-based distributed trusted data sharing platform, method and system | |
EP3219048A1 (en) | System and method for securely storing and sharing information | |
Thummavet et al. | Privacy-preserving emergency access control for personal health records. | |
Warren et al. | Securing EHRs via CPMA attribute-based encryption on cloud systems | |
Izaara et al. | An access control framework for protecting personal electronic health records | |
EP3883177A1 (en) | General data protection method for multicentric sensitive data storage and sharing | |
Taechoyotin et al. | Health link: scalable health information exchange platform in Thailand |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |