Embodiments presented herein are generally directed to techniques for enabling a user of a mobile electronic device to wirelessly control one or more functions of an implantable medical device system. The techniques presented herein establish a secure (encrypted) communication channel between the implantable medical device system and a central system associated with the manufacturer of the implantable medical device system and use the secure communication channel to authorize a user to wirelessly control one or more functions of the implantable medical device system via the mobile electronic device.

An example operation may include one or more of authorizing a blockchain for a video file, generating a first tracking value for an entry block referencing the video file, the first tracking value generated based on first data and the video file, receiving second data for each of additional blocks in the blockchain, generating second tracking values based on the second data of the additional blocks, forming the additional blocks including the second tracking values, respectively, appending the additional blocks to the entry block, the entry block and the additional blocks cryptographically linked in an ordered sequence, each of the additional blocks referencing a version of the video file which corresponds to an original version of the video file as referenced by the entry block or a processed version of the video file, the second data in each of the additional blocks indicative of processing performed on the version of the video file in that block, and tracing through the blockchain based on the first and second tracking values to confirm an auditable and immutable chain-of-custody of the video file.

According to one embodiment, a method, computer system, and computer program product for preventing statistical inference attacks is provided. The present invention may include splitting records into items, and classifying these items into shared items and private items; grouping the private items according to privacy and confidentiality requirements; restricting access of the private items to stakeholders based on the confidentiality requirements using cryptographic keys; generating and encrypting one or more placeholders for both existent and non-existent stakeholders; storing private items in private storage as indicated by links; creating shared records comprising links, placeholders, and shared items; adding integrity signatures to the shared records; and publishing the shared records to a shared medium.

A system or method may be used to track a patient throughout a treatment journey. A ledger may be used to store data related to aspects of the treatment journey. The ledger may include a plurality of blocks, with each block corresponding to a particular treatment event. A new block may be added to the ledger when a treatment event occurs. The new block may include patient information from the treatment event. The new block may be signed, for example in response to receiving verification from an entity that is an authority on the patient information. The ledger may be stored with the new block.

A system and method for homomorphic encryption in a healthcare network environment is provided and includes receiving digital data over the healthcare network at a data custodian server in a plurality of formats from various data sources, encrypting the data according to a homomorphic encryption scheme, receiving a query at the data custodian server from a data consumer device concerning a portion of the encrypted data, initiating a secure homomorphic work session between the data custodian server and the data consumer device, generating a homomorphic work space associated with the homomorphic work session, compiling, by the data custodian server, a results set satisfying the query, loading the results set into the homomorphic work space, and building an application programming interface (API) compatible with the results set, the API facilitating encrypted analysis on the results set in the homomorphic work space.

Apparatus and associated methods relate to providing secure gatekeeping of a communication transmitted from an implantable biomedical device to a remote internet-based website. A gatekeeping device wirelessly receives the communication transmitted from the implantable biomedical device. The communication wirelessly received is encoded by the implantable biomedical device using a first encoding algorithm. The gatekeeping device then decodes the communication wirelessly received. The gatekeeping device then encodes the communication decoded using a second encoding algorithm. The gatekeeping device relays the communication encoded using the second encoding algorithm to the remote internet-based website via the internet. In some embodiments, the gatekeeping device transmits a proximity signal to be used to determine proximity of the gatekeeping device to the implantable biomedical device.

Aspects of the subject matter described in this disclosure can be implemented in an implant device capable of being configured by an external hospital interrogator device when the external hospital interrogator device is authenticated, and capable of communicating data regarding a patient when paired with an external home interrogator device. The implant device includes RF communications circuitry, one or more sensors configured to measure and/or collect data regarding the patient, and a control system. The control system is configured to receive instructions from the external hospital interrogator device for configuring the implant device when the external hospital interrogator device is authenticated, and receive identification data from the external hospital interrogator device for pairing the implant device with the external home interrogator device.

Embodiments include an offline application, encrypted patient medical data records, and an encryption key that are stored in a cache of a browser application on the local computing device when a network connection is available. The offline application is accessed when the network connection is subsequently lost. Embodiments allow the user to access decrypted patient medical data records stored in the browser application cache, as well as create and access new patient medical data records when a network connection is offline. Any access to a patient medical data record when the network connection is offline may be documented in an offline-access record, an audit record that satisfies HIPAA Security Rule restrictions, that is created and encrypted. When a network connection becomes available, corresponding patient medical data records in the EHR system are updated or created according to the offline-access record and/or an offline-updated patient medical data record.

A medical device of a medical system is configured for communicating with an external programmer over a wireless communications link. The medical device comprises a wireless communications module configured for receiving a first unencrypted version of a random number and a first encrypted version of the random number from the external programmer over the wireless communications link. The medical device further comprises control circuitry configured for performing an authentication procedure on the external programmer based on the first unencrypted version of the random number and the first encrypted version of the random number, and preventing the external programmer from commanding the medical device to perform an action unless the authentication procedure is successful.

A method for operating a medical system includes providing a public-private key pair for asymmetric cryptography, wherein the public key is provided to remote control and medical devices, and the private key is provided to a security module, encrypting a control command with the public key in the remote control, receiving the encrypted control command in the security module, decrypting the encrypted control command with the private key, encrypting a security module control command with the private key applied to the decrypted control command or an amended medical control command derived from the decrypted control command, receiving the security module control command in the medical device, decrypting the security module control command with the public key, and controlling operation of the medical device according to the decrypted security module control command, if confirmed by a user confirmation input received in the security module or the medical device.