Disclosed are apparatus, systems, computer readable media, or methods wherein user interface user interactions may be electronically logged and stored based on various inputs and outputs of data from the user interface forming a digital chain of events and interactions (e.g., a blockchain). An interaction logging system is disclosed including a user tracking or logging engine configured to derive session data and user interface data storing the same into interaction tracking chains or blockchains. A validation blockchain may co-exist with a session blockchain that may be formed independently and include version data of user interface software acting as a secure verifiable history of the versions of the user interface. In a session block of the session blockchain, a pointer may be stored with the session data, wherein the pointer indicates a particular block on the validation blockchain that may assist in the validation of information stored in the session blockchain.

Devices, systems and methods are provided to implement key generation for secure pairing between first and second devices using embedded out-of-band (OOB) key generation and without requiring the devices to have input/output (IO) capability to enter authentication information. Bluetooth Smart or Low Energy (BLE) OOB pairing option can be used for pairing medical devices with added security of OOB key generation. The OOB key generation comprises providing first and second devices with the same predefined credential and secure hashing algorithm, and making input of the hashing algorithm of the first and second devices the same. The first device transmits unique data to second device (e.g., via BLE advertising) to share and compute a similar input. The first and second devices use the credential and shared data with the hashing function to generate a key that is the same at each of first and second devices.

A method for healthcare revenue cycle management is disclosed, and includes receiving a transaction proposal at a first peer within a permissioned blockchain network (PBN). The transaction proposal includes a patient identity and a query, the query being a determination of unknown value to be made by a second organization of a plurality of organizations. Each organization of the plurality represents, within the PBN, one of a healthcare payer and a healthcare provider. The method also includes identifying a smart contract associated with the query and defined to automatically adjudicate the query. The method also includes invoking the smart contract in at least one endorsing peer, and receiving, from each endorsing peer, a proposed transaction response. The method further includes automatically adjudicating the query by executing chaincode on a second peer, operating on the required information to assign a value to the determination, then updating the immutable ledger.

A system may include a user device, a clinician programmer and an implantable medical device. A first security protocol may be used to establish a first encrypted communication channel between the clinician programmer and the user device through cloud server(s). The first security protocol may authenticate entities and establish a first key set for encrypting and decrypting messages transmitted within the first encrypted communication channel. The user device and the implantable medical device may be configured to wirelessly communicate with each other through a secure wireless connection. A second security protocol may be used to establish a second encrypted communication channel, by establishing at least a first secret key, at least partially within the first encrypted communication channel. The second encrypted communication channel may extend between the implantable medical device and the clinician programmer. The first encrypted messages wrap the second encrypted messages.

Devices, systems and methods are provided to implement key generation for secure pairing between first and second devices using embedded out-of-band (OOB) key generation and without requiring the devices to have input/output (IO) capability to enter authentication information. Bluetooth Smart or Low Energy (BLE) OOB pairing option can be used for pairing medical devices with added security of OOB key generation. The OOB key generation comprises providing first and second devices with the same predefined credential and secure hashing algorithm, and making input of the hashing algorithm of the first and second devices the same. The first device transmits unique data to second device (e.g., via BLE advertising) to share and compute a similar input. The first and second devices use the credential and shared data with the hashing function to generate a key that is the same at each of first and second devices.

Some embodiments are directed to a system for selectively disclosing attributes and data entries of a record. An issuer device generates a digital signature on a message comprising the attributes and a secret record identifier, and digital signatures on messages comprising respective data entries and each comprising the secret record identifier. The record, secret record identifier, and signatures are provided to a selector device. The selector device selectively discloses attributes and data entries of the record to a receiver device, proving authenticity by means of a zero-knowledge proof of knowledge of the signature on the attributes and signatures on respective data entries. The receiver device verifies the proof with respect to the public key of the issuer and the received attributes and data entries.

In various examples, a method of establishing a communication session between an external device and an implantable medical device is described. The method includes generating at the external device a first private key and a first public key. A start session order is sent over a long-range communication channel. Evidence of physical proximity is sent from the external device to the implantable medical device over a short-range communication channel. A second private key and a second public key are generated at the implantable medical device. A first shared key is generated by the implantable medical device using the first public key and the second private key. A second shared key is generated by the external device using the second public key and the first private key. The first and second shared keys are used to encrypt and decrypt one or more messages between the external device and the implantable medical device.

A method for providing secure medical alerts includes executing, using a mobile healthcare worker application executing on a mobile healthcare worker device, a Health Level 7 (HL7) compliant protocol to retrieve medical profiles from a cloud computing server. Using the mobile healthcare worker application, a medical profile of a person (e.g., child or child's mother) is identified from the medical profiles when the mobile healthcare worker device is disconnected from the cloud computing server. The identifying includes reading, using a quick response (QR) code scanner, a QR code of an immunization document of the person, or capturing, using a biometric sensor, biometric data of the person. Using the medical profile of the person, an alert is generated indicating a medical deadline for the person on a graphical user interface of the mobile healthcare worker device when the mobile healthcare worker device is disconnected from the cloud computing server.

Methods are provided for minting and distributing quantities of cryptographically generated data based on the quality of received biological datasets. Computer readable media, computing apparatuses, and systems are also provided.

According to one aspect, there is provided a server for use in evaluating a monitoring function to determine if a trigger condition is satisfied. The server comprises a processing unit and a memory unit. The memory unit is for storing a current monitoring state Ss of the server or an encrypted current monitoring state S of the monitoring function, the current monitoring state Ss of the server relating to the current monitoring state S of the monitoring function that is based on an evaluation of one or more previous events. The processing unit is configured to receive an indication of a first event from a first client node and evaluate the monitoring function to determine if the first event satisfies the trigger condition. The evaluation is performed using a privacy-preserving computation, PPC, with the server providing the current monitoring state Ss of the server as a first private input to the PPC or the encrypted current monitoring state S of the monitoring function as a first input to the PPC, and the first client node providing the first event or an encryption thereof as a private input to the PPC. The evaluation of the monitoring function provides an encrypted updated monitoring state S′ of the monitoring function or an updated monitoring state Ss′ of the server as an output of the monitoring function and an indication of whether the first event satisfies the trigger condition.