WO2002082347A1 - Method for transmitting medical information over a network - Google Patents

Method for transmitting medical information over a network Download PDF

Info

Publication number
WO2002082347A1
WO2002082347A1 PCT/US2002/009030 US0209030W WO02082347A1 WO 2002082347 A1 WO2002082347 A1 WO 2002082347A1 US 0209030 W US0209030 W US 0209030W WO 02082347 A1 WO02082347 A1 WO 02082347A1
Authority
WO
WIPO (PCT)
Prior art keywords
patient
network
data
transmitting
over
Prior art date
Application number
PCT/US2002/009030
Other languages
French (fr)
Inventor
Richard A. Farkas
Christopher J. Cooper
Original Assignee
Inner Vision Imaging, L.L.C.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Inner Vision Imaging, L.L.C. filed Critical Inner Vision Imaging, L.L.C.
Publication of WO2002082347A1 publication Critical patent/WO2002082347A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3215Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a plurality of channels
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/88Medical equipments

Definitions

  • the present invention relates to a method for transmitting medical information over a network.
  • Medical information relating to a patient is commonly transmitted over networks, such as a telecommunication network.
  • the medical information includes both patient ' identifiable data as well as patient medical condition/ treatment data (hereinafter referred to as "patient medical condition data").
  • patient medical condition data may include not only textual data but also images and audio.
  • images and audio may be transmitted over the network on a real-time basis, e.g. at thirty frames/second.
  • HIPAA Health Insurance Portability and Accountability Act
  • the present invention provides a method for encrypting medical information which overcomes all of the above-mentioned disadvantages of the previously known attempts.
  • the method of the present invention includes the step of encrypting only the patient identifiable data and then transmitting the encrypted patient identifiable data over the network.
  • patient identifiable data would include, for example, the patient's name, Social Security number, address, fingerprint information, as well as other information from which the patient could be readily identified.
  • the method of the present invention then transmits the encrypted patient identifiable data as well as the unencrypted patient medical condition data over the network. Since the patient medical condition data cannot be correlated with a particular patient, the privacy of the medical records of that patient is preserved.
  • the method of the present invention operates most efficiently over a telecommunications network having two channels.
  • the first channel comprises a text channel while, conversely, the second channel comprises a video/audio channel.
  • the encrypted patient identifiable data is then transmitted over the text channel while the unencrypted patient medical condition data is transmitted over the audio/video channel.
  • a code key is optionally assigned to the individual patient. That code key can then be transmitted either over the network at a time temporally spaced from the transmission of the encrypted patient identifiable data and unencrypted patient medical condition data, or may be transmitted by completely separate means. For example, assuming that both the transmitting and receiving ends include software to decode the encrypted patient identifiable data, a code key is assigned at the transmitting end of the network. This code key is then transmitted to the receiving end of the network in a fashion so that the code key cannot be correlated with the transmission of the transmitted medical information.
  • patient medical information 10 is there shown diagrammatically.
  • This patient information 10 includes both patient identifiable data 12 and patient medical data 14.
  • the patient identifiable data includes all data from which the patient may be identified. Such data includes, for example, the patient's name, Social Security number, address, fingerprint information and the like. Conversely, the patient medical data includes data relating to the patient's medical condition or treatment. Such patient medical data 14 can include, for example, images and audio which may be in real time.
  • the patient's medical information 10, furthermore, is contained at a transmitting party 16 to a network 18.
  • the patient's identifiable data 12 is first encrypted at 20 using any conventional encryption method.
  • the encryption data is then transmitted at 22 over the network 18 to a receiving party 24.
  • the unencrypted patient medical data 14 is transmitted in unencrypted format at 26 over the network 18 to the receiving party 24.
  • the network 18 comprises a telecommunication network having at least two channels.
  • a first channel comprises a text channel while a second channel comprises an audio/video channel. Consequently, the encrypted patient identifiable data 12 is transmitted over the text channel of the network 18 while, conversely, the patient medical data is transmitted over the audio/video channel of the network 18.
  • the transmission of the patient medical data may be in real time.
  • the real- time transmission of audio/video data occurs at thirty frames per second for the video transmission.
  • the receiving party 24 receives both the encrypted patient identifiable data as well as the unencrypted patient medical data from the network 18. Since only encrypted patient identifiable data is transmitted by the transmitting party 24, patient privacy is maintained even if an unauthorized party intercepted transmissions over the network 18. Furthermore, since the patient identifiable data is encrypted prior to transmission over the network 18, an unauthorized party intercepting such transmission would be unable to correlate that medical condition data with a particular patient thus preserving the privacy of the patient.
  • a code key 30 may be generated by the transmitting party 16 and forwarded to the receiving party 24 in any conventional fashion.
  • the code key 30 could be transmitted over the network 18 at a time temporally spaced from the transmission of the patient medical condition data 14.
  • Other simpler means, such as transmitting the code key 30 to the receiving party 24 by facsimile, can also be utilized.
  • the present invention provides a simple and yet effective method for transmitting medical data and patient information over a network while still preserving the privacy of the patient from unwanted interception of data over the network.

Abstract

A method for transmitting medical information (10) relating to a patient over a network (18), such as a telecommunication network. The medical information (10) includes both patient identifiable data (12) as well as patient medical condition/treatment data (14). The method includes the first step of encrypting (20) the patient identifiable data (12) and then transmitting both the encrypted patient identifiable data (22) and the unencrypted patient medical condition/treatment data (26) over the network (18). The network (18) preferably includes two channels (22, 26), and the encrypted patient identifiable data (12) is transmitted over one channel (22) while the unencrypted patient medical condition/treatment data (14) is transmitted over the other channel (26).

Description

METHOD FOR TRANSMITTING MEDICAL INFORMATION OVER A NETWORK
Background of the Invention
I. Field of the Invention The present invention relates to a method for transmitting medical information over a network.
II. Description of Related Art
Medical information relating to a patient is commonly transmitted over networks, such as a telecommunication network. The medical information includes both patient' identifiable data as well as patient medical condition/ treatment data (hereinafter referred to as "patient medical condition data"). Such patient medical condition data may include not only textual data but also images and audio. Furthermore, such images and audio may be transmitted over the network on a real-time basis, e.g. at thirty frames/second. In order to protect patient privacy with respect to their medical records, the United States federal government has recently enacted the Health Insurance Portability and Accountability Act (HIPAA). In essence, HIPAA protects the patient's right to privacy to their own medical records.
In order to comply with HIPAA, several attempts have been made to encrypt all the patient information, i.e. both the patient identifiable data as well as the patient medical condition data, and then transmit the encrypted data over the network. However, the encryption of the patient medical condition data requires extensive computing power both at the transmitting and receiving end since the medical condition data is typically extensive, particularly if it includes images. Furthermore, the encryption of medical condition data on a real-time basis, e.g. thirty frames per second, renders the encryption of such medical condition data impractical, even with extensive computing power. For that reason, such previously known methods have not proven wholly successful or acceptable in use. Summary of the Present Invention
The present invention provides a method for encrypting medical information which overcomes all of the above-mentioned disadvantages of the previously known attempts. In brief, the method of the present invention includes the step of encrypting only the patient identifiable data and then transmitting the encrypted patient identifiable data over the network. Such patient identifiable data would include, for example, the patient's name, Social Security number, address, fingerprint information, as well as other information from which the patient could be readily identified. The method of the present invention then transmits the encrypted patient identifiable data as well as the unencrypted patient medical condition data over the network. Since the patient medical condition data cannot be correlated with a particular patient, the privacy of the medical records of that patient is preserved. In practice, the method of the present invention operates most efficiently over a telecommunications network having two channels. The first channel comprises a text channel while, conversely, the second channel comprises a video/audio channel. The encrypted patient identifiable data is then transmitted over the text channel while the unencrypted patient medical condition data is transmitted over the audio/video channel.
In order to enable both the transmitting and receiving ends of the network to identify the patient and correlate that patient's medical condition data to the patient, a code key is optionally assigned to the individual patient. That code key can then be transmitted either over the network at a time temporally spaced from the transmission of the encrypted patient identifiable data and unencrypted patient medical condition data, or may be transmitted by completely separate means. For example, assuming that both the transmitting and receiving ends include software to decode the encrypted patient identifiable data, a code key is assigned at the transmitting end of the network. This code key is then transmitted to the receiving end of the network in a fashion so that the code key cannot be correlated with the transmission of the transmitted medical information.
Brief Description of the Drawing
A better understanding of the present invention will be had upon reference to the drawing which is a diagrammatic chart illustrating a preferred embodiment of the method of the present invention.
Detailed Description of a Preferred Embodiment of the Present Invention
With reference to the drawing, patient medical information 10 is there shown diagrammatically. This patient information 10 includes both patient identifiable data 12 and patient medical data 14.
The patient identifiable data includes all data from which the patient may be identified. Such data includes, for example, the patient's name, Social Security number, address, fingerprint information and the like. Conversely, the patient medical data includes data relating to the patient's medical condition or treatment. Such patient medical data 14 can include, for example, images and audio which may be in real time. The patient's medical information 10, furthermore, is contained at a transmitting party 16 to a network 18.
The patient's identifiable data 12 is first encrypted at 20 using any conventional encryption method. The encryption data is then transmitted at 22 over the network 18 to a receiving party 24. Conversely, the unencrypted patient medical data 14 is transmitted in unencrypted format at 26 over the network 18 to the receiving party 24.
Preferably, the network 18 comprises a telecommunication network having at least two channels. A first channel comprises a text channel while a second channel comprises an audio/video channel. Consequently, the encrypted patient identifiable data 12 is transmitted over the text channel of the network 18 while, conversely, the patient medical data is transmitted over the audio/video channel of the network 18. The transmission of the patient medical data, furthermore, may be in real time. Typically, over a conventional telecommunication network, the real- time transmission of audio/video data occurs at thirty frames per second for the video transmission.
The receiving party 24 receives both the encrypted patient identifiable data as well as the unencrypted patient medical data from the network 18. Since only encrypted patient identifiable data is transmitted by the transmitting party 24, patient privacy is maintained even if an unauthorized party intercepted transmissions over the network 18. Furthermore, since the patient identifiable data is encrypted prior to transmission over the network 18, an unauthorized party intercepting such transmission would be unable to correlate that medical condition data with a particular patient thus preserving the privacy of the patient.
In some cases, however, it may be desirable for the receiving party 24 to identify the particular patient, perhaps for correlating that particular patient with medical records previously received by the receiving party 24 for that particular patient. In that event, a code key 30 may be generated by the transmitting party 16 and forwarded to the receiving party 24 in any conventional fashion. For example, the code key 30 could be transmitted over the network 18 at a time temporally spaced from the transmission of the patient medical condition data 14. Other simpler means, such as transmitting the code key 30 to the receiving party 24 by facsimile, can also be utilized.
From the foregoing, it can be seen that the present invention provides a simple and yet effective method for transmitting medical data and patient information over a network while still preserving the privacy of the patient from unwanted interception of data over the network. Having described our invention, however, many modifications thereto will become apparent to those skilled in the art to which it pertains without deviation from the spirit of the invention as defined by the scope of the appended claims. We claim:

Claims

Claims 1. A method for transmitting medical information relating to a patient over a network, said medical information including patient identifiable data and patient medical condition/treatment data, said method comprising the steps of: encrypting the patient identifiable data, and transmitting the encrypted patient identifiable data and the unencrypted patient medical condition/treatment data over the network.
2. The method as defined in claim 1 wherein the network comprises a teleconferencing network having at least two separate channels, wherein said transmitting step further comprises the steps of transmitting the encrypted patient identifiable data over one channel and transmitting the unencrypted patient medical condition/treatment data over the other channel.
3. The method as defined in claim 1 wherein said encrypting step further comprises the steps of creating a code key necessary to decode the encrypted patient identifiable data, and transmitting said key over the network.
4. The method as defined in claim 2 wherein said one channel comprises a text channel and wherein said other channel comprises a video channel.
5. The method as defined in claim 1 wherein said transmitting step further comprises the step of assigning an arbitrary indicia to the patient, and transmitting said arbitrary indicia over the network.
PCT/US2002/009030 2001-04-05 2002-03-26 Method for transmitting medical information over a network WO2002082347A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US09/827,003 US6795554B2 (en) 2001-04-05 2001-04-05 Method of transmitting medical information over a network
US09/827,003 2001-04-05

Publications (1)

Publication Number Publication Date
WO2002082347A1 true WO2002082347A1 (en) 2002-10-17

Family

ID=25248073

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2002/009030 WO2002082347A1 (en) 2001-04-05 2002-03-26 Method for transmitting medical information over a network

Country Status (2)

Country Link
US (1) US6795554B2 (en)
WO (1) WO2002082347A1 (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20070118389A1 (en) 2001-03-09 2007-05-24 Shipon Jacob A Integrated teleconferencing system
US7725584B1 (en) * 2001-07-30 2010-05-25 Western Digital Ventures, Inc. Using multiple communication channels to synchronize a mobile terminal based on data type
US20040083360A1 (en) * 2002-10-28 2004-04-29 Rod Walsh System and method for partially-encrypted data transmission and reception
US8000475B1 (en) * 2003-04-28 2011-08-16 Bigband Networks Inc. System and method for encrypting and modulating video streams
WO2005010792A1 (en) * 2003-07-15 2005-02-03 Ims Health Incorporated Data privacy management systems and methods
US20050060192A1 (en) * 2003-08-28 2005-03-17 Brown Alan H. Healthcare information apparatus and method
US20050108059A1 (en) * 2003-10-31 2005-05-19 Tay Howard P. Portable health data system
WO2005091138A1 (en) * 2004-03-16 2005-09-29 Grid Analytics Llc System and method for aggregation and analysis of information from multiple disparate sources while assuring source and record anonymity using an exchange hub
US20060173708A1 (en) * 2005-01-28 2006-08-03 Circle Of Care, Inc. System and method for providing health care
US20060259331A1 (en) * 2005-05-16 2006-11-16 Lurtz Agi C Medical records website and related methods
US7673135B2 (en) 2005-12-08 2010-03-02 Microsoft Corporation Request authentication token
US20070203754A1 (en) * 2006-01-26 2007-08-30 Harrington David G Network health record and repository systems and methods
US8424073B2 (en) * 2006-11-13 2013-04-16 Microsoft Corporation Refreshing a page validation token
US9191405B2 (en) 2012-01-30 2015-11-17 Microsoft Technology Licensing, Llc Dynamic cross-site request forgery protection in a web-based client application
US20150127358A1 (en) * 2013-11-05 2015-05-07 Athenahealth, Inc. Care tracker

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP0884670A1 (en) * 1997-06-14 1998-12-16 International Computers Limited Secure database
US6032119A (en) * 1997-01-16 2000-02-29 Health Hero Network, Inc. Personalized display of health information
US20010031997A1 (en) * 1999-12-21 2001-10-18 Medtronic, Inc. Instrumentation and software for remote monitoring and programming of implantable medical devices (IMDs)

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
AU4823697A (en) * 1996-10-15 1998-05-11 Cymedix Corp. Automated networked service request and fulfillment system and method

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6032119A (en) * 1997-01-16 2000-02-29 Health Hero Network, Inc. Personalized display of health information
EP0884670A1 (en) * 1997-06-14 1998-12-16 International Computers Limited Secure database
US20010031997A1 (en) * 1999-12-21 2001-10-18 Medtronic, Inc. Instrumentation and software for remote monitoring and programming of implantable medical devices (IMDs)

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
BUSINESS WIRE, 30 November 2000 (2000-11-30) *
DATABASE GALE GROUP NEWSWIRE ASAP [online] "Biodata ensures compliance with HIPAA regulations; advanced acoustical concepts uses BabylonMETA to deliver encryption to its telemedicine customers", XP002951114, accession no. DIALOG Database accession no. 67440331 *

Also Published As

Publication number Publication date
US6795554B2 (en) 2004-09-21
US20020146124A1 (en) 2002-10-10

Similar Documents

Publication Publication Date Title
US6795554B2 (en) Method of transmitting medical information over a network
US6449473B1 (en) Security method for transmissions in telecommunication networks
US5491749A (en) Method and apparatus for entity authentication and key distribution secure against off-line adversarial attacks
EP0792041A3 (en) Method and apparatus for block encryption
CN100481932C (en) Process and electronic module for secured data transmission
EP0792042A3 (en) Method of effecting communications using common cryptokey
AU4855896A (en) A method for providing blind access to an encryption key
US20140298013A1 (en) Dynamic encryption method
WO2021094515A1 (en) Secure electronic messaging guaranteeing integrity and non-repudation
EP1851897B1 (en) System and method for three-phase data encryption
US7917748B2 (en) Secure group secret distribution
CN109784071A (en) A kind of encryption method of picture, decryption method and processing system
CN115348085B (en) Epidemic prevention management method based on quantum encryption and epidemic prevention terminal
CN110177106A (en) Medical imaging data transmission system
JP2001142396A (en) Ciphering device, its method, ciphering/deciphering device, its method and communication system
EP3883177B1 (en) General data protection method for multicentric sensitive data storage and sharing
CN108701195B (en) Data security protection method and device
CN114401132A (en) Data encryption method, device, equipment and storage medium
JP2005242471A (en) Information collection/transfer/acquisition system, information collection controller, information collection control method, program therefor and recording medium recording them
Hossain et al. Secured transmission of sensitive images of skin diseases using steganography and cryptography
JPH0993242A (en) Data transmitter-receiver
KR102347605B1 (en) System of block encryption and decryption with weather data based on location and time and operating method thereof
JPH1155247A (en) Method for transmitting secret information for ensuring transmitter anonymity and device therefor and program storage medium
Aslan et al. Secured medical imaging over the Internet
ANITHA et al. AN ANALYTICAL STUDY ON COMBINED STEGNO AND CRYPTOGRAPHY SECURITY ALGORITHMS

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ OM PH PL PT RO RU SD SE SG SI SK SL TJ TM TN TR TT TZ UA UG UZ VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
DFPE Request for preliminary examination filed prior to expiration of 19th month from priority date (pct application filed before 20040101)
REG Reference to national code

Ref country code: DE

Ref legal event code: 8642

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP

WWW Wipo information: withdrawn in national office

Country of ref document: JP