WO2018197739A1

WO2018197739A1 - Medicine supply control

Info

Publication number: WO2018197739A1
Application number: PCT/FI2017/050310
Authority: WO
Inventors: Troels Roennow; Karina PALYUTINA; Enrique MARTÍN LÓPEZ; Hongwei Li
Original assignee: Nokia Technologies Oy
Priority date: 2017-04-24
Filing date: 2017-04-24
Publication date: 2018-11-01

Abstract

According to an example aspect of the present invention, there is provided a method,comprising: authenticating a medicine container unit connected to an apparatus, receiving a prescription data item, the prescription data item being associated with a blockchain prescription transaction; authenticating a user of the apparatus, and controlling dosage of medicines from the medicine container unit on the basis of the received prescription data item and in response to detecting that the container unit and the prescription data item are associated with the user.

Description

MEDICINE SUPPLY CONTROL

FIELD

[0001] The present invention relates to medicines supply control and in particular to managing provision of medicines to users.

BACKPvOUND

[0002] Smart pill dispensers have been developed for assisting users to take their pills on schedule. Such pill dispensers have removable cartridges that may store a plurality of different pill types of even multiple users and dispense pre-set combination of pills on schedule. Such dispensers may have wireless connectivity by wireless local network to mobile phone of a user. The dispenser may be able to send notifications reminding on taking the pills, or reporting if a user has been taking her dosage. The dispenser may also notify that it is running out of stock or if someone unplugs or opens the dispenser.

SUMMARY

[0003] The invention is defined by the features of the independent claims. Some specific embodiments are defined in the dependent claims.

[0004] According to a first aspect of the present invention, there is provided apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to: authenticate a medicine container unit connected to the apparatus, receive a prescription data item, the prescription data item being associated with a blockchain prescription transaction; authenticate a user of the apparatus, and control dosage of medicines from the medicine container unit on the basis of the received prescription data item and in response to detecting that the container unit and the prescription data item are associated with the user. [0005] According to a second aspect of the present invention, there is provided medicine container unit, comprising: a storage for medicines, memory for storing access control information and a prescription data item associated with a blockchain prescription transaction, and an access controller configured to allow access to the container unit on the basis of the access control information only for authorized parties.

[0006] According to a third aspect of the present invention, there is provided an apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to: receive prescription data associated with a first blockchain prescription transaction, enable loading of a medicine container unit in response to authenticating a user of the apparatus as an authorized person, control storing of at least part of the prescription data associated with the blockchain prescription transaction to the container unit; associate the container unit with a patient identified in the prescription data, and control closure of the container unit associated with the patient after loading.

[0007] According to a fourth aspect of the present invention, there is provided a method, comprising: authenticating a medicine container unit connected to an apparatus, receiving a prescription data item, the prescription data item being associated with a blockchain prescription transaction; authenticating a user of the apparatus, and controlling dosage of medicines from the medicine container unit on the basis of the received prescription data item and in response to detecting that the container unit and the prescription data item are associated with the use.

[0008] According to a fifth aspect of the present invention, there is provided a method, comprising: receiving, by an apparatus, prescription data associated with a first blockchain prescription transaction, enabling loading of a medicine container unit in response to authenticating a user of the apparatus as an authorized person, controlling storing of at least part of the prescription data associated with the blockchain prescription transaction to the container unit; associating the container unit with a patient identified in the prescription data, and controlling closure of the container unit associated with the patient after loading. [0009] According to an embodiment, the apparatus is caused to operate as a blockchain node and receive from the container unit at least part of the prescription transaction published on the blockchain.

[0010] According to an embodiment, the prescription data item is encrypted and the prescription data item is decrypted by a secret key provided to the apparatus, and the blockchain is accessed to verify the prescription transaction.

[0011] According to an embodiment, the prescription data item comprises executable code for controlling the dosage of the medicines from the container unit to an associated patient, and the apparatus executes the code.

BRIEF DESCRIPTION OF THE DRAWINGS

[0012] FIGURE 1 illustrates an example system capable of supporting at least some embodiments of the present invention;

[0013] FIGURES 2 and 3 illustrate methods in accordance with at least some embodiments of the present invention;

[0014] FIGURES 4 and 5 illustrate apparatuses for medicine provision management in accordance with at least some embodiments of the present invention; and

[0015] FIGURE 6 illustrates an example outer view of a patient dispenser and a medicine container unit method in accordance with some embodiments.

EMBODIMENTS

[0016] Innovative decentralized data storage solutions, such as blockchains enable provenance and avoid the need to rely on centralized third parties to regulate information and data systems. In addition, blockchain platforms can host smart contracts which may comprise executable code that is stored as part of a transaction in the blockchain.

[0017] There is now provided a method and apparatus enabling further automation and secure authorization for medication supply for users by applying blockchain technology. Prescription data is made accessible in a blockchain and a specific medicine container unit associated with the patient and comprising prescription data associated with a blockchain prescription transaction is applied for controlling supply of medicines for the patient.

[0018] A blockchain is a distributed computing architecture where every network node executes and records the same transactions, which are grouped into blocks. Only one block can be added at a time, and every block contains a mathematical proof that verifies that it follows in sequence from the previous block. In this way, the blockchain's distributed database is kept in consensus across the whole network, and this is achieved without the need of a central authority. Nodes that maintain and verify the network are incentivized by mathematically enforced economic incentives coded into the protocol. The blockchains can work in different ways, as well as in different scales. Apart from keeping an immutable, comprehensive record of events, to be conveniently acted upon, blockchains offer security in a complex network by accommodating consensus algorithms that are mathematically hard to corrupt. [0019] FIGURE 1 illustrates an example system in accordance with at least some embodiments of the present invention. The system illustrates nodes 10, 20, 30, 40 that are configured or programmed to manage or at least access healthcare transactions in the form of a blockchain 60. Each block 61a, 61b, 61c in the chain 60 includes one or more transactions that further incorporate information representing transaction information by at least some of the nodes 10, 20, 30, 40. In some embodiments, the nodes operate collectively in a peer-to-peer network. Furthermore, a node may exist within a trusted circle of nodes, such as a clinical ecosystem or a patient ecosystem, for example.

[0020] Each block 61a-61c within the blockchain 60 may be identified by a hash, generated e.g. using an SHA256 cryptographic hash algorithm, or some other cryptographic hash algorithm, on the header of the block. Each block also references a previous block, known as the parent block, through a previous block hash field in the block header. In other words, each block contains the hash of its parent inside its own header. The sequence of hashes linking each block to its parent creates a chain going back all the way to the first block ever created, known as the genesis block. [0021] In an embodiment, the blockchain 60 represents a chronicle or ledger (public ledger, private ledger, protected ledger, for example) of healthcare transactions. The first block may be created when the patient enters the healthcare system for a prescription for the first time. Each subsequent transaction for the patient can be combined with the blockchain 60 as a new block, possibly until the blockchain 60 becomes eventually terminated when the patient exits the healthcare system.

[0022] In an embodiment, a node represents an entity that has a stake in a prescription and medicines supply management process. The node could correspond to a device of a patient, a doctor, a nurse, a technician, a care provider, a guardian, a parent, a broker, or other individual. Further, the node could also include other types of entities including a company, an affiliation, a hospital, an organization, a demographic, a community, or other type of entity. [0023] In some embodiments, nodes 10, 20, 30, and 40 are configured or programmed to manage prescription and/or supply of medicines for a patient by utilizing the blockchain 60. Such healthcare transaction may comprise prescription transactions defining the patient, medicine, and scheduling.

[0024] In an embodiment, nodes correspond to devices. Thus, devices may be paired and in response to pairing the devices collaborate on storing and securing the contents of the distributed ledger. The nodes may comprise corporate, authority, and/or user devices, such as a server, a desktop/tablet/laptop computer, smartphone, set-top box or other suitable electronic device.

[0025] The blockchain 60 may comprise identifiers for certified doctors, patients, and certified pharmacies, where doctors issue prescriptions using blockchain transactions, and pharmacies provide medicines for patients by utilizing the medicine container units after receiving prescriptions as transactions. The medicines may be dosed or dispensed to the patients from the container unit by blockchain-connected patient dispenser devices on the basis of the blockchain prescription transactions. [0026] According to some embodiments, node 40 may comprise a doctor device, node 30 a pharmacist device, node 10 a patient dispenser device, and node 20 a medicine container unit or a cartridge. References are made in the below example embodiments to these entities. There may be a further electronic device 70, such as a smart phone, a wearable, a tablet, or another user device, that may connect at least with the patient dispenser device 10 and may also be a blockchain node. Such electronic device may also participate in the medicine supply, e.g. as means for patient communication. [0027] A patient may buy or rent the dispenser device 10 which may be placed at the patient's home. In some embodiments, medicines can only be issued from the container unit 20 by an associated dispenser device 10. The container units 20 may be owned by a hospital/health care provider or a pharmacy. The container unit 20 may only be opened for preparation at the hospital or pharmacy with, for instance, one month worth of medicine supply. The container units 20 may be leased to patients daily and full units may be regularly exchanged for the used ones.

[0028] In an embodiment, a node may be connected over a wireless or wired connection to a wide area network 50, such as Internet. The access may comprise a cellular or non-cellular connection. In an embodiment, the system comprises a server apparatus 80, which comprises a storage device for example for storing and providing user data, service data and subscriber information, over a data connection. The service data may comprise configuration data, account creation data, prescription data, transaction data of the nodes, and digital block chain data, for example. The server 80 may also provide a cloud service for data of at least some of the devices 10, 20, 30, 40, 70. Optionally, further devices may be added, such as peripheral devices for maintaining, providing or processing node 10, 20, 30, 40, 70 data.

[0029] Changes in resource ownership take the form of blockchain transactions secured by strong cryptography. A blockchain transaction may comprise an identifier of a new owner, that is the recipient, of the resource, together with a cryptographic signature of the previous owner, that is the sender, such that malicious attackers cannot re-assign resources they do not own. For example, by consensus a prescription issuance transaction by a personal that is not a certified doctor is rejected as an invalid transaction. In an embodiment, it is enough for the doctor to know the patient's public key to issue the prescription.

[0030] At least some of the nodes 10, 20, 30, 40 may generate blockchain transaction data relating to the node and hash the data using a cryptographic hashing function, to create a cryptographic hash block. The transaction data, such as a prescription data item, may be stored at a node that adds a hash of an asymmetric encryption on to generate a hash block. In some embodiments, the data may be stored directly on the node.

[0031] Blockchain state information stored in or as a blockchain ledger may store all transactions and history for the patient or only the prescription carried out in the blockchain-based system. Nodes may validate and commit transactions in order to reach consensus. Each node may have their own copy of the ledger which is in some embodiments permission-controlled, so participants see only appropriate transactions.

[0032] The blockchain ledger may comprise a hash entry, a pointer to a file, a doctor's ID and patient ID. The hash entry is the hash of a file on a file system accessible to both the doctors and pharmacists. The IDs are used to represent actors in the system, such as doctors, pharmacists and patients. In the preferred implementation the IDs are public keys, each of which has a corresponding private key. The person in possession of the private key is the sole owner of the ID, thus making them the only person capable of signing transactions involving that ID. The signature may be generated with a smartcard, a wearable, a token, a private key on a computer, mobile terminal or any other device capable of making a digital signature.

[0033] For example, a validity block for a block 61c is processed by combining previous block 61b information (a hash of a block header, for example) from the blockchain 60 with additional information, thereby linking the block 61c with the blockchain 60. The additional transaction information can include time stamp, prescription related data, a digital signature, and a token, for example. A peer node, such as one of the nodes 10, 30, 40, or further node(s), can re-calculate a value for the block, typically a hash of the block's header along with hash information from the transactions, until the resulting value satisfies the validity requirement.

[0034] Once the validity block has been properly calculated and/or validated by the peers, it can be sent to other peers in the system so that the validity block will be appended to the blockchain 60. Thus, validity block becomes part of chronicled healthcare prescription history of a patient. [0035] Application of blockchain technology and the ledger enable a way to track the unique history of prescription transactions by the individual nodes in the network. Blockchains also enable smart devices to become independent agents, autonomously conducting a variety of transactions.

[0036] FIGURE 2 illustrates a method according to some embodiments. The method may be implemented in an apparatus for controlling medicine supply to a patient, such as the patient dispenser device 10. [0037] After connecting a medicine container unit connected to the apparatus, the container unit is authenticated 200. It is to be noted that the connecting is to be understood broadly; the container unit may be connected to the apparatus implementing the method only operationally by information transfer between the apparatus and the container unit, possibly via one or more intermediate elements. The apparatus receives 210 a prescription data item, which is directly or indirectly associated with a blockchain prescription transaction. The prescription data item may be received 210 from the blockchain 60 or from the container unit 20 associated to the patient identified to the apparatus.

[0038] A user of the apparatus is authenticated 220. The authentication is preferably carried out each time a dose is to be issued, which ensures that other members of the family do not take pills that are not meant for them, or in the case of device theft, the apparatus will not issue medicine without authentication. It is to be noted that the user may be authenticated already before block 210, for example in connection with activating the medical dispenser device.

[0039] User identification information, such as a public key of the authenticated user, may be compared to the patient identification information from the container and to the prescription data to define 230 if the container and the prescription is associated with the user. If not, access to the container is rejected 240. In response to detecting that the container unit and the prescription are associated to the user, dosage of medicines is controlled 250 on the basis of the received prescription data item. Thus, the apparatus implementing the method of Figure 2 may output a control signal allowing or causing dispensing of medicine from the container unit 20 according to the prescription, for example.

[0040] In some embodiments, the patient dispenser device 10 is configured to operate as a blockchain node and receive at least part of the prescription transaction published on a blockchain associated with the patient. In the blockchain network, the patient dispenser may act as a light node.

[0041] In some embodiments, the dispenser device 10 may be configured to update blockchain data, e.g. issue a transaction indicating use dosage of medicine or of all medicines in the container unit 20 or the prescription been (soon) consumed.

[0042] The prescription data item may be encrypted by a public key of the patient or the apparatus, and the patient dispenser device 10 may be configured to to decrypt the data item by a secret key provided to the dispenser device by the user. The patient dispenser device 10 may access the blockchain 60 to verify the prescription transaction. [0043] FIGURE 3 illustrates a method according to some embodiments. The method may be implemented in an apparatus controlling issuance and supply of medicines to a medical container, such as the pharmacist device 30. Prescription data associated with a blockchain prescription transaction is received 300. The prescription data may be received from the blockchain 60 after the prescription transaction ordered and signed by an authorized doctor device 40 has been mined. The prescription transaction may be defined to transfer the prescription (or part of it) from the doctor to the pharmacist, or via one or more further entities, such as the patient and/or a government entity (or alike) that approves the prescription. For example, at least some embodiments illustrated in patent application No. PCT/FI2016/050572 may be applied for issuing and verifying blockchain based prescriptions.

[0044] User of the apparatus is authenticated 310, and access is enabled only for authorized person or pharmacist to prepare and dispense medicines. This may require the pharmacist to present her private key, or use of another reliable authentication method. This may involve checking proof of their blockchain private key, by utilizing stored identification information from a mobile app, a separate identification device, such as a badge or wearable, or receiving a password/fingerprint. It is to be noted that user identification or key information may be similarly obtained for other authentication or verification purposes, such as checks 220 and 230, and for receiving a secret key of the user/patient.

[0045] In response to authenticating 310 the user of the apparatus as authorized person, opening and loading of a medicines container unit is enabled or allowed 320. Thus, the apparatus may mechanically open the container unit 20, or issue a control signal for opening the container unit. [0046] Storing of at least part of the prescription data associated with the blockchain prescription transaction to the container unit is controlled 330. The container unit is associated 340 with a patient identified in the prescription data. Closure of the container unit 20 associated with the patient is controlled 350 after loading. The container unit 20 is then ready to be provided to the patient. Since the container unit 20 is preferably provided with tamper-proof mechanism, it can be shipped via mail.

[0047] It is to be noted that also in Figure 3 at least some of the illustrated features may be carried out in a different order and/or there may be further features. For example, prescription data may be obtained (300) after block 310 or 320, blocks 330 and 340 may be carried out simultaneously (when writing to the container unit memory). The pharmacist device 30 may enable loading of at least one container unit 20 in response to detecting a private key of an authorized pharmacist, and cause closure of the loaded container unit associated with the patient by a public key of the patient.

[0048] The pharmacist device 30 may be configured to operate as a blockchain node and provide a new (second) blockchain transaction to the blockchain 60 indicating release of the prescribed medicine and/or the container unit 20. The blockchain transaction is associated with the patient and comprises information on the container unit 20 associated with the patient. The transaction by the pharmacist device may indicate (partial or complete) use of the prescription and the amount of medicine supplied to the user. The container unit 20 may be associated in the second transaction to the patient and in some embodiments also to an authorized patient dispenser device 10.

[0049] In an embodiment, the pharmacist device 30 is also required to verify that the patient has given his or her consent for the provision of the medicines, for example by checking that the public encryption key associated to the prescription data matches a patient signature received with or in a patient request for medicines.

[0050] FIGURE 4 illustrates elements of a medicine container unit apparatus 400 according to some embodiments. As in the present example embodiments, the medicine container unit may be configured to operate as the node or device 20. The container unit is comprises means for connecting or is configured to be connectable to a patient dispenser device at least operationally via an input/output (I/O) interface 407. In an embodiment the interface 407 is physically connectable to counter element in the dispenser device 10. The container unit may be fitted to be at least partly inserted into the dispenser device.

[0051] The container unit comprises memory 403 for storing access control information 405 and prescription data item(s) 406 associated with the blockchain prescription transaction. The container unit further comprises an access controller 401 configured to allow access to the container unit on the basis of the access control information only for authorized parties, in some embodiments only the authorized patient dispenser device 10 and the pharmacist device 30.

[0052] The controller 401 may control access to the memory 403 and supply of the medicines from the medicine storage 402. The access control is to be understood broadly, and may involve controlling reading from the memory 403, sending data stored in the memory 403, and/or allowing access to or release of the medicines in the medicine storage 402, for example. The access controller may be a microcontroller or a processor equipped with an access control program, for example. The access controller may be means for performing method steps in the device. The memory 403 may comprise program code 404 comprising computer instructions that the controller 401 is configured to execute to perform actions, such as access control features.

[0053] The container unit comprises storage 402 for medicines. In some embodiments the medicines are supplied from the storage 402 to the dispenser unit and then further to the user. In alternative embodiments the medicines are supplied directly from the container unit 400 to the user. The container may be capable of holding one type of medicine or a plurality of medicines. The container unit is associated to the patient and allow supply of each medicine type according to the patient's prescription stored in the container in response to appropriate security checks. The container unit 20 is provided with a locking mechanism and tamper-proof properties and is configured to allow only legitimate units open it and dispense from it.

[0054] The container unit 20 may be configured to receive credentials of a patient dispenser device or a pharmacist device to which the container unit is inserted or connected. The access controller 401 may be configured to allow access to the container unit in response to successful authentication of the patient dispenser device or the pharmacist device.

[0055] As already illustrated, there may be required a mutual verification procedure between the container unit 20 and the opening device 10, 30 when the container unit 20 is inserted or connected. An example protocol may apply the public key infrastructure provided by the blockchain. The container unit 20 (and further the controller 401 thereof) and the opening device 10, 30 can verify each other by applying a challenge-response procedure.

[0056] For instance, the opening device 10, 30 sends a challenge message to the container unit 20, which signs it and sends the signed (response) message back to the opening device 10, 30. Since the opening device knows the public key of the container unit 20, it can verify if/that the signature is valid. Conversely, the container unit 20 may send a message to the opening device 10 or 30, which signs it and returns it. Container unit 20 would then verify that the signature is valid. [0057] In some embodiments, the container unit 20 includes ID of the patient dispenser device 10 with which it is going to work. Storing the ID of the dispenser device 10 in the memory of container 20 should be done by the pharmacist device 30, which also includes this ID in the blockchain transaction. The ID of the patient dispenser 10 is checked by the container unit 20 when inserted following a mutual verification procedure, such as the one explained above.

[0058] FIGURE 5 illustrates a device 500 for operating a medicine container unit according to some embodiments. As in the present example embodiments, the apparatus may be configured to operate as the patient dispenser device/node 10 or the pharmacist device 30. In some embodiments, the apparatus may be configured to operate as the further user device 70 connectable to the dispenser device 10 and/or the blockchain based system.

[0059] Comprised in the device 500 is a processor 501, which may comprise, for example, a single- or multi-core processor wherein a single-core processor comprises one processing core and a multi-core processor comprises more than one processing core. The processor 501 may comprise more than one processor. The processor may comprise at least one application- specific integrated circuit, ASIC. The processor may comprise at least one field-programmable gate array, FPGA. The processor may be means for performing method steps in the device. The processor may be configured, at least in part by computer instructions, to perform actions. [0060] The device 500 may comprise memory 502. The memory may comprise random-access memory and/or permanent memory. The memory may comprise at least one RAM chip. The memory may comprise solid-state, magnetic, optical and/or holographic memory, for example. The memory may be at least in part accessible to the processor 501. The memory 502 may be at least in part comprised in the processor 501. The memory may be at least in part external to the device 500 but accessible to the device. The memory 502 may be means for storing data, such as the prescription data, blockchain and prescription transaction data, access control data and other control information.

[0061] The memory 502 may comprise program code 503 comprising computer instructions that the processor 501 is configured to execute. When computer program code 503 configured to cause the processor 501 to perform certain actions are stored in the memory 502, and the device in overall is configured to run under the direction of the processor using computer instructions from the memory, the processor and/or its at least one processing core may be considered to be configured to perform said certain actions.

[0062] The device 500 may comprise a communications unit 505 comprising at least one transmitter and/or a receiver. The communications unit 505 may be configured to transmit and receive, respectively, information in accordance with at least one wired or wireless, cellular or non-cellular standard. The transmitter and/or receiver may be configured to operate in accordance with global system for mobile communication, GSM, wideband code division multiple access, WCDMA, long term evolution, LTE, IS-95, wireless local area network, WLA , Ethernet and/or worldwide interoperability for microwave access, WiMAX, standards, for example. The device 10, 30, 70 may comprise a near-field communication, NFC, transceiver. The NFC transceiver may support at least one NFC technology, such as NFC, Bluetooth, Wibree or similar technologies.

[0063] The device 500 may comprise user interface, UI, 504. The UI may comprise at least one of a display, a keyboard, a touchscreen, a vibrator arranged to signal to a user by causing the device to vibrate, a speaker and a microphone. A user may be able to operate the device via the UI, for example to initiate medicine supply related actions illustrated herewith, view prescription information. Depending on the device type and features, there are many other possible functions operated via the UI 504, such as accept incoming communications, to originate outgoing communications, to browse the Internet, to manage authorized digital files stored in the memory 502 or on other devices accessible via the communications unit 505.

[0064] The device 500 may comprise or be arranged to accept at least one user identity module or other type of memory module. The user identity module may comprise, for example, a subscriber identity module, SIM, and/or a healthcare IC card or module installable in, or at least readable by the device. The user identity module may comprise information identifying a subscription of a user of device 500. The user identity module may comprise cryptographic information usable to verify the identity of a user of device and/or to facilitate encryption and decryption of documents and communication effected via the device 500 such as the private and/or public keys used for authentication or verification.

[0065] The processor 501 may be furnished with a transmitter arranged to output information from the processor, via electrical leads internal to the device 500, to other devices comprised in the device. Such a transmitter may comprise a serial bus transmitter arranged to, for example, output information via at least one electrical lead to memory 502 for storage therein. Alternatively to a serial bus, the transmitter may comprise a parallel bus transmitter. Likewise the processor may comprise a receiver arranged to receive information in the processor, via electrical leads internal to the device 10, 30, from other elements comprised in the device. Such a receiver may comprise a serial bus receiver arranged to, for example, receive information via at least one electrical lead from the communications unit 505 for processing in the processor. Alternatively to a serial bus, the receiver may comprise a parallel bus receiver. [0066] The device 500 may comprise a container interface 506, by which the container unit 20 may be connected and/or inserted in the device for managing loading or consuming medicines in the container unit 20. The device may be configured read from and/or write into the memory of the container unit 20 via the interface 506. The interface may also serve to power the container unit 20, or a separate power supply interface is used. The patient dispenser device 10 may further be configured to provide access for the container unit 20 to network, such as access to the blockchain 60 by using the communication unit 505.

[0067] The device 500 may comprise further devices not illustrated in Figure 5. For example, the device may comprise at least one digital camera. The device may comprise a fingerprint or retina sensor arranged to authenticate, at least in part, a user of the device. In some embodiments, the device lacks at least one device described above.

[0068] The processor 501, the memory 502, the communications unit 505, the UI

504 and/or at least some of the further elements may be interconnected by electrical leads internal to the device in a multitude of different ways. For example, each of the aforementioned devices may be separately connected to a master bus internal to the device, to allow for the devices to exchange information. However, as the skilled person will appreciate, this is only one example and depending on the embodiment various ways of interconnecting at least two of the aforementioned devices may be selected without departing from the scope of the present invention. [0069] The patient dispenser device 10 may comprise means for dispensing medicines from the container unit inserted in the apparatus to the user. In some embodiment, the patient dispenser device 10 can hold multiple container units to supply multiple patients, or a single patient taking multiple medications. In an embodiment, the container unit has multiple chambers holding different pills for a single patient.

[0070] In some embodiments, the data item stored in the container unit 20, 400 comprises executable code for controlling the dosage of the medicines from the container unit to the patient. The pharmacist device 30 may be configured to store such executable code to the container unit 20. The pharmacist device 30 may be configured to cause flashing of the prescription data to flash memory of the container unit, or in another way store the prescription data.

[0071] The patient dispenser device 10 may be configured to read the code from the container unit memory 403 via the interface 506, store the code, and execute the code in the processor 501.

[0072] In some embodiments, the blockchain prescription transaction data comprises information on prescribed medicine, schedule information, authorized entities, and their access rights. [0073] The blockchain prescription transaction may comprise at least one smart contract defining access rights comprising at least one of: prescribe medicine, refill medicines, amend prescription schedule, and dispense medicines. For example, the smart contract may specify that the pharmacist or the doctor are allowed to prescribe medicine, refill the container unit and amend prescription schedule, whereas the patient is only allowed to dispense his/her medicine. Thus, device verification or pairing 230 comprising a challenge-response execution may be a smart contract operation.

[0074] The different participating nodes or devices 10, 30, 40 may execute smart contract functions on the basis of the identities provided by the user. In some embodiments, doctors can execute transactions in which a function in the smart contract is called to change the current dose delivery. In another example, a pharmacist can execute a transaction proposing a revision of the dose by a doctor. Some further example transactions that may be provided by smart contract operations include a container unit insertion or refill transaction. If a container unit was never delivered or lost and never used by the patient, it could be proven from the blockchain record when such container unit insertion transaction is missing for the container unit.

[0075] In some embodiments, the prescription and the container unit 20 may be remotely updated or reprogrammed. For example, there may become a need for a doctor to change the patient's prescription schedule or dose, or stop the patient using the medicine once the container unit has been provided to the patient. If the container unit 20 or the patient dispenser device 10 hosts a full blockchain node, it may repetitively mine the blockchain or otherwise receive an updated prescription in a form of a new prescription transaction published in the blockchain. The dosage of the medicines from the container 20 may then be controlled to be updated to correspond to the updated prescription data in the subsequent prescription transaction.

[0076] However, it may be instead feasible to have the patient dispenser device 10 and/or the container 20 to host only a light blockchain node, which is not required to monitor the blockchain continuously. Thus, there is a particular challenge and need for a method to secure method to update the prescription data remotely, such that only an authorised doctor can cause the update. An example of such method is provided below.

[0077] In the example embodiment, a certified doctor issues an updated prescription and the doctor device 40 sends an updated prescription data, such as new dispensing schedule, for the container unit 20. The prescription data may be sent directly from the doctor's device to the container unit 20 (the dispenser device and/or other device(s) may intermediate in the transfer). The container unit may receive updated prescription data associated with the patient and signed by a doctor. The container unit may then generate an update request for updating at least part of the prescription data stored on the container unit provided to the patient, the request comprising a challenge by the container unit.

[0078] The pharmacist device 30 may receive the request for updating at least part of the prescription data stored on the container unit provided to the patient, the request comprising a challenge from the container unit. The device 30 may then respond to the challenge by a signed update response message comprising a response to the challenge and current block hash of the associated blockchain.

[0079] The container 20 then receives the update response message signed by the pharmacist device 30. The update response is verified on the basis of the current block hash. The updated prescription data signed by the doctor is verified on the basis of the current hash block. At least part of the prescription data stored on the container unit may be updated in response to the verifications being successful. [0080] The patient dispenser device 10 may then receive the updated prescription data from the container unit 20 and change dispensing of the medicines from the container unit in accordance of decrypted updated prescription information.

[0081] If the container unit 20 comprising the access control illustrated above is lost in post or stolen, it is completely useless to anyone but the patient, the medicines can be extracted by brute force only, so the attacker could not mix up the container units to deliver the wrong pills to patients. The container unit 20 may be configured to stop to be operational upon opening. In particular, the container unit 20 may contain an anti- tampering mechanism that could be powered by a small battery. This mechanism serves two purposes: 1) To ensure that any patient related data is deleted upon opening the container unit and 2) make sure that the container unit can only be operated by the pharmacist device 30 issuing the container unit.

[0082] In an embodiment, the container unit 20 comprises a positioning unit, and the container unit is configured to store or send location information. Such information may be stored and/or sent further at least in response to detecting the container unit being detected as stolen or lost. Devices 10, 30, 70 may be configured to report stolen container units 20.

[0083] By applying at least some of the above-illustrated features, common problems with medicine intake management may be addressed in a convenient and secure way. The remote reprogramming also allows for prescription errors to be fixed fast. The reprogramming procedure also facilitates adaptive scheduling where doctors can amend the schedules remotely when needs be. Another benefit from managing prescriptions in such a way is that prescribing incompatible medications is less likely, since the system can be programmed to warn doctors of any known clashes.

[0084] FIGURE 6 illustrates an artistic example view of a patient dispenser 600a, 600b, which may incorporate at least some of the features illustrated above for the node 10. A medicine container unit 610 is connected to the dispenser 600b.

[0085] It is to be understood that the embodiments of the invention disclosed are not limited to the particular structures, process steps, or materials disclosed herein, but are extended to equivalents thereof as would be recognized by those ordinarily skilled in the relevant arts. It should also be understood that terminology employed herein is used for the purpose of describing particular embodiments only and is not intended to be limiting. [0086] References throughout this specification to one embodiment or an embodiment means that a particular feature, structure, or characteristic described in connection with the embodiment is included in at least one embodiment of the present invention. Thus, appearances of the phrases "in one embodiment" or "in an embodiment" in various places throughout this specification are not necessarily all referring to the same embodiment. The skilled person will appreciate that above-illustrated embodiments may be combined in various ways. Embodiments illustrated in connection with Figures 2 to 5 may be taken in isolation or further combined together. For example, with reference to Figure 4, in some embodiments the container units 20 may be provided with access control functionality and mechanism allowing dispense of medicines for a container unit user authenticated as the associated patient even without the dispenser device 10.

[0087] Various embodiments and examples of the present invention may be referred to herein along with alternatives for the various components thereof. It is understood that such embodiments, examples, and alternatives are not to be construed as de facto equivalents of one another, but are to be considered as separate and autonomous representations of the present invention.

[0088] Furthermore, the described features, structures, or characteristics may be combined in any suitable manner in one or more embodiments. In the preceding description, numerous specific details are provided, such as examples of lengths, widths, shapes, etc., to provide a thorough understanding of embodiments of the invention. One skilled in the relevant art will recognize, however, that the invention can be practiced without one or more of the specific details, or with other methods, components, materials, etc. In other instances, well-known structures, materials, or operations are not shown or described in detail to avoid obscuring aspects of the invention. [0089] While the forgoing examples are illustrative of the principles of the present invention in one or more particular applications, it will be apparent to those of ordinary skill in the art that numerous modifications in form, usage and details of implementation can be made without the exercise of inventive faculty, and without departing from the principles and concepts of the invention. Accordingly, it is not intended that the invention be limited, except as by the claims set forth below.

[0090] The verbs "to comprise" and "to include" are used in this document as open limitations that neither exclude nor require the existence of also un-recited features. The features recited in depending claims are mutually freely combinable unless otherwise explicitly stated. Furthermore, it is to be understood that the use of "a" or "an", that is, a singular form, throughout this document does not exclude a plurality.

INDUSTRIAL APPLICABILITY

At least some embodiments of the present invention find industrial application in communications .

ACRONYMS LIST ASIC Application-specific integrated circuit FPGA Field-programmable gate array

GSM Global system for mobile communication

LTE Long term evolution

NFC Near-field communication

SIM Subscriber identity module UI User interface

WCDMA Wideband code division multiple access,

WiMAX Worldwide interoperability for microwave access

WLAN Wireless local area network

Claims

CLAIMS:

1. An apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to:

- authenticate a medicine container unit connected to the apparatus,

- receive a prescription data item, the prescription data item being associated with a blockchain prescription transaction,

- authenticate a user of the apparatus, and

- control dosage of medicines from the medicine container unit on the basis of the received prescription data item and in response to detecting that the container unit and the prescription data item are associated with the user.

2. The apparatus of claim 1, wherein the apparatus is caused to operate as a blockchain node and receive from the container unit at least part of the prescription transaction published on the blockchain.

3. The apparatus of claim 1 or 2, wherein the prescription data item is encrypted and the apparatus is caused to decrypt the data item by a secret key provided to the apparatus, and the apparatus is caused to access the blockchain to verify the prescription transaction.

4. The apparatus of any preceding claim, wherein the data item comprises executable code for controlling the dosage of the medicines from the container unit to an associated patient, and the apparatus is caused to execute the code.

5. The apparatus of any preceding claim, wherein the apparatus is a patient dispenser unit and comprises means for dispensing medicines from the container unit inserted in the apparatus to the user and means for powering the container unit.

6. The apparatus of any preceding claim, wherein the apparatus is caused to

receive updated prescription data from the container unit,

verify the updated prescription data on the blockchain, and change dispensing of the medicines from the container unit in accordance of decrypted updated prescription information.

7. A medicine container unit, comprising:

a storage for medicines,

memory for storing access control information and a prescription data item associated with a blockchain prescription transaction, and

an access controller configured to allow access to the container unit on the basis of the access control information only for authorized parties.

8. The container unit of claim 7, wherein the container unit is configured to be connectable to a patient dispenser device.

9. The container unit of claim 7 or 8, wherein the data item comprises executable code for controlling the dosage of the medicines from the container unit to an associated patient.

10. The container unit of claim 7, 8 or 9, wherein the container unit is configured to receive credentials of a patient dispenser device or a pharmacist device to which the container unit is inserted or connected, and

the access controller is configured to allow access to the container unit in response to successful authentication of the patient dispenser device or the pharmacist device.

11. The container unit of any preceding claim 7 to 10, wherein the container unit is caused to

- receive updated prescription data associated with the patient and signed by a doctor,

generate an update request for updating at least part of the prescription data stored on the container unit provided to the patient, the request comprising a challenge by the container unit,

- receive an update response message signed by a pharmacist and comprising a response to the challenge and current block hash of the blockchain,

- verify the update response on the basis of the current block hash,

- verify the updated prescription data signed by the doctor on the basis of the current hash block, and update at least part of the prescription data stored on the container unit in response to the verifications being successful.

12. The container unit of any preceding claim 7 to 11, wherein the container unit comprises a positioning unit, and the container unit is configured to store or send location information.

13. An apparatus comprising at least one processing core, at least one memory including computer program code, the at least one memory and the computer program code being configured to, with the at least one processing core, cause the apparatus at least to:

receive prescription data associated with a first blockchain prescription transaction, enable loading of a medicine container unit in response to authenticating a user of the apparatus as an authorized person,

control storing of at least part of the prescription data associated with the blockchain prescription transaction to the container unit,

associate the container unit with a patient identified in the prescription data, and control closure of the container unit associated with the patient after loading.

14. The apparatus of claim 13, wherein the apparatus is caused to enable loading of at least one container unit in response to detecting a private key of an authorized pharmacist, and cause closure of the loaded container unit associated with the patient by a public key of the patient.

15. The apparatus of claim 13 or 14, wherein the apparatus is caused to operate as a blockchain node and provide a second blockchain transaction to a blockchain, the second blockchain transaction indicating release of the prescribed medicine and/or comprising information on the container unit associated with the patient.

16. The apparatus of any preceding claim 13 to 15, wherein the apparatus is caused to flash the at least part of the prescription data to the container unit.

17. The apparatus of any preceding claim 13 to 16, wherein the apparatus is caused to: receive a request for updating at least part of the prescription data stored on the container unit provided to the patient, the request comprising a challenge from the container unit, and

respond to the challenge by a signed message comprising the challenge and current block hash of the blockchain.

18. The apparatus according to any preceding claim, wherein the prescription data or data item comprises information on prescribed medicine, schedule information, authorized entities, and their access rights.

19. The apparatus according to any preceding claim, wherein the first blockchain prescription transaction comprises a smart contract defining access rights comprising at least one of: prescribe medicine, refill medicines, amend prescription schedule, and dispense medicine.

20. A method, comprising:

- authenticating a medicine container unit connected to an apparatus,

- receiving a prescription data item, the prescription data item being associated with a blockchain prescription transaction,

- authenticating a user of the apparatus, and

- controlling dosage of medicines from the medicine container unit on the basis of the received prescription data item and in response to detecting that the container unit and the prescription data item are associated with the user.

21. The method of claim 20, wherein the apparatus operates as a blockchain node and receives from the container unit at least part of the prescription transaction published on the blockchain.

22. The method of claim 20 or 21, wherein the prescription data item is encrypted and the prescription data item is decrypted by a secret key provided to the apparatus, and the blockchain is accessed to verify the prescription transaction.

23. The method of any preceding claim 20 to 22, wherein the prescription data item comprises executable code for controlling the dosage of the medicines from the container unit to an associated patient, and the apparatus executes the code.

24. The method of any preceding claim 20 to 23, wherein the apparatus is a patient dispenser unit and dispenses medicines from the container unit inserted in the apparatus to the user and powers the container unit.

25. The method of any preceding claim 20 to 24, further comprising:

- receiving updated prescription data from the container unit,

verifying the updated prescription data on the blockchain, and

changing dispensing of the medicines from the container unit in accordance of decrypted updated prescription information.

26. A method, comprising:

receiving, by an apparatus, prescription data associated with a first blockchain prescription transaction,

enabling loading of a medicine container unit in response to authenticating a user of the apparatus as an authorized person,

- controlling storing of at least part of the prescription data associated with the blockchain prescription transaction to the container unit,

associating the container unit with a patient identified in the prescription data, and controlling closure of the container unit associated with the patient after loading.

27. The method of claim 26, wherein the loading of at least one container unit is enabled by the apparatus in response to detecting a private key of an authorized pharmacist, and the container unit is associated with the patient by a public key of the patient.

28. The method of claim 26 or 27, wherein the apparatus operates as a blockchain node and provides a second blockchain transaction to a blockchain, the second blockchain transaction indicating release of the prescribed medicine and/or comprising information on the container unit associated with the patient.

29. The method of any preceding claim 26 to 28, wherein the apparatus flashes the at least part of the prescription data to the container unit.

30. The method of any preceding claim 26 to 29, further comprising:

- receiving a request for updating at least part of the prescription data stored on the container unit provided to the patient, the request comprising a challenge from the container unit, and

- responding to the challenge by a signed message comprising the challenge and current block hash of the blockchain.

31. The method of any preceding claim 26 to 30, wherein the prescription data or data item comprises information on prescribed medicine, schedule information, authorized entities, and their access rights.

32. The method of any preceding claim 26 to 31, wherein the first blockchain prescription transaction comprises a smart contract defining access rights comprising at least one of: prescribe medicine, refill medicines, amend prescription schedule, and dispense medicine.

33. An apparatus, comprising means for carrying out the method of any one of claims 20 to 32.

34. A non-transitory computer readable medium having stored thereon a set of computer readable instructions that, when executed by at least one processor, cause an apparatus to perform the method of any one of claims 20 to 32.

35. A computer program configured to cause a method in accordance with at least one of claims 20 to 32 to be performed.