Various embodiments for configuring a medical database by a processor in communication with at least one storage device in a computing environment are provided. Medical data are assigned to a patient. A plurality of data types is organized for the medical data. Portions of each of the plurality of data types are designated as public and private data. A plurality of access levels is organized for the medical data. Each of the plurality of data types includes the plurality of access levels. A first access level of the plurality of access levels corresponds to the patient. The medical data is classified according to the plurality of data types, for each of the plurality of data types, according to the plurality of access levels, and according to one of the public and the private data. The medical data is encrypted in a hierarchical structure corresponding to each of the plurality of access levels.

Some methods may involve receiving, at a first node of the health network, encrypted sensor data from one or more sensors. The first node may be in a data communication path between the one or more sensors and other nodes of the health network. The method may involve decrypting, by the first node of the health network, only a portion of the encrypted sensor data, and transmitting the encrypted sensor data from the first node of the health network to a second node of the health network. The first node may be a gateway device. In some examples, the second node may be able to decrypt more of the encrypted sensor data than the first node.

Systems and methods are provided for collaborative decision-making in medicine. The systems can employ a distributed record-keeping and verification system to solicit suggested modifications to an initial healthcare regime from interested healthcare workers. The systems can aggregate the suggested modifications and use a consensus algorithm to determine the most appropriate modification.

Some embodiments are directed to a categorization system for 100 categorizing a sensitive data field in a dataset, e.g., a disease classification according to the ICD classification. A client device is to obtain categories for one or more records of the dataset. The client device determines categorization data for the categorization. The categorization data comprises homomorphic encryptions of possible values of the sensitive data field and encodings of the categories associated to the respective possible values, thus keeping the categorization secret. A data provider device stores the dataset and determines homomorphic encryption indicating differences between the value of the sensitive data field for a record and respective possible values. A categorization device determines which of those encryptions indicates a match and provides a category encoding associated with a matching possible value to the client device. The client device associates the encoded category to the record.

An example operation may include one or more of identifying an expiration date associated with an asset, creating a blockchain transaction identifying the asset and the expiration date, storing the blockchain transaction on a blockchain, identifying a requesting entity with a certificate permitting access to the asset, and providing the requesting entity with access to the asset provided the expiration date is still pending.

A computer-implemented method of auditing drug supply chain data gathered from a distributed ledger is disclosed. The method includes receiving a population of drug product records from the distributed ledger. The method includes receiving a first set of drug product criteria. The method includes determining a weighted probability for one or more drug product records of the population of drug product records. The method includes generating a randomized first subset of drug product records from the population of drug product records based on the weighted probability of the one or more drug product records. Other methods, systems, and the like for unbiased drug selection for audit are also disclosed.

A computer implemented method of predicting the health and therapeutic behavior of patients and making treatment plan recommendations includes the steps of: receiving patient healthcare data having one or more conditions and limiting factors; determining a therapeutic behavior pattern of patient; determining unsuccessful therapies and successful therapies for each condition based on therapeutic behavior pattern; and calculating cost quote for successful therapies based on limiting factors for time period. A computer implemented method of providing cost effective therapy for a patient is also provided and includes the steps of: receiving patient healthcare data; determining unsuccessful therapies and successful therapies; calculating probability of disease progression; calculating possible therapies ranked by probability of successful treatment; calculate cost quote for possible therapies; and paying a smart contract for a selected therapy.

Systems and methods are described for automatically identifying fraud, waste or abuse in health insurance claims submitted to insurance companies by healthcare providers. Insurance claim information and at one image associated with the insurance claim may be received, where the image has been submitted by a healthcare provider to an insurance carrier as supporting evidence of a medical service performed by the healthcare provider. The system may generate a digital signature representing the image, then may compare the digital signature generated for the image to previously generated digital signatures of other images that have been submitted in association with other insurance claims. The system may then determine a likelihood that the given insurance claim is associated with fraud, waste or abuse, based in part on whether the digital signature is identical or close to one or more of the previously generated digital signatures.

Methods, systems, and techniques for private identity verification involve obtaining a cryptographically secure commitment that is generated using a first user identifier and a private user identifier associated with the first user identifier; receiving, from an identity verification system, initial zero knowledge proof messages comprising the commitment; sending, to the identity verification system, a set of cryptographically secure known identifier commitments generated using a set of private user identifiers; receiving, from the identity verification system: (i) a zero knowledge proof response generated using the zero knowledge proof challenge; and (ii) proof that the private user identifier used in the initial zero knowledge proof messages comprises part of the set of private user identifiers; and verifying that the private user identifier used in the initial zero knowledge proof messages comprises part of the set of private user identifiers.

A method and apparatus for the creation of simulated records from a small sample data set with configurable levels of variability, the creation of simulated data from an encrypted token that uniquely identifies an individual, and the creation of simulated values using as the basis retained data (birth years, 3-digit zip areas, gender, etc.) from the de-identification process.