Access to Electronic Health Records (EHR) is protected by law in many countries, including the US through HIPAA. During an emergency medical situation however, access to this information by the Emergency Care Team (ECT) may save the life of the Person In Distress (PID). The present invention describes a system and method for managing the access to EHRs based on the membership in a pre-established ECT and the communication status of the ECT Members during an Emergency Event. This invention includes a method of Encryption key exchange to ensure EHRs are only shared with authorized participants during the emergency event. This system and method further provides for the secure and immutable recording of the individuals who accessed the EHRs during this emergency event.

The present invention provides systems and methods for supporting encrypted communications with a medical device, such as an implantable device, through a relay device to a remote server, and may employ cloud computing technologies. An implantable medical device is generally constrained to employ a low power transceiver, which supports short distance digital communications. A relay device, such as a smartphone or WiFi access point, acts as a conduit for the communications to the internet or other network, which need not be private or secure. The medical device supports encrypted secure communications, such as a virtual private network technology. The medical device negotiates a secure channel through a smartphone or router, for example, which provides application support for the communication, but may be isolated from the content.

Method for generating a digital signature for a digital content using a computer and trustworthy signature hardware connected thereto for data exchange, includes generating a message digest from the digital content by an application executed on the computer; generating descriptive data relating to the electronic digital signature; transmitting the message digest and the descriptive data to the trustworthy signature hardware; outputting the descriptive data at an output device of the trustworthy signature hardware; carrying out a user interaction as precondition for the continuation of the method; generating signature data from the message digest and the descriptive data by the trustworthy signature hardware; and transmitting the signature data from the trustworthy signature hardware to the computer and in particular the application.

A computerized system and method to allow a safe, secure and efficient real-time access to the patient's private health records (PHR) stored in the encrypted format in a remote Private Health Vault (PHV) database. The system uses patient's private encryption key for encrypting and decrypting PHR stored in the PHV, and the patient controls access to the PHR and authorizes by electronic communications with the PHV server to allow doctors to have limited in duration access to the patient PHR. The patient's private keys may be stored in a remote Key Bank database, separately form the PHV database, and the location of the patient's PHV data may also require transmission of the location id from a separate Mapping server. Additional security is also provided by determining digital proximity of the doctor's and patient's mobile devices to the node device in the doctor's office, and terminating access when patient leaves the facilities. It also utilizes 2-way digital token exchange and confirmation of the exchange between the patent and doctor, as well as digital fingerprinting for the confirmation of identity.

A system and method for homomorphic encryption in a healthcare network environment is provided and includes receiving digital data over the healthcare network at a data custodian server in a plurality of formats from various data sources, encrypting the data according to a homomorphic encryption scheme, receiving a query at the data custodian server from a data consumer device concerning a portion of the encrypted data, initiating a secure homomorphic work session between the data custodian server and the data consumer device, generating a homomorphic work space associated with the homomorphic work session, compiling, by the data custodian server, a results set satisfying the query, loading the results set into the homomorphic work space, and building an application programming interface (API) compatible with the results set, the API facilitating encrypted analysis on the results set in the homomorphic work space.

Embodiments described herein provide for a satellite device that can be associated with a user account of a minor aged (e.g., child or adolescent) user that does not have a smartphone that can be used as a companion device to the satellite device. The satellite device can be configured to be used as a primary device, without reliance upon a paired smartphone. Certain information can be synchronized with the satellite device via the association with the family account. During initial configuration, a set of cryptographic keys can be generated to associate the account of the satellite device with the set of accounts in the family. The satellite device can then access calendars, media, or other data that is shared with user accounts within a family of user accounts.

The present disclosure is directed to managing device authorization through the use of digital signature thresholds. Individual components of a device, or individual devices in a network environment, are associated with separate secret shares from which a digital signature can be derived. The digital signature may be used to authorize performance of a function. A threshold number of such secret shares are used in order to derive the digital signature. Therefore, an authorization process that relies on digital signature verification to determine that a function is authorized will do so if a threshold number of secret shares are available at authorization time.

Methods, systems, and devices for wireless communications are described. Aspects may include receiving, at a device, a device configuration profile including one or more parameters for managing data transfers associated with a service and generating a transaction credential by which the data is to be associated in a storage. The transaction credential may be generated according to the configuration profile. Aspects may also include identifying, at the device, that data is to be stored in the storage that is associated with the service. Aspects include signing the data using the transaction credential and transmitting the signed data to the storage.

Payment administration systems and methods. A system includes first and second provider entities, a risk bearing entity, a distributed ledger and a payment manager application. The first provider entity provides at least a first step of the bundled treatment episode. The second provider entity provides at least a second step of the bundled treatment episode. The risk bearing entity approves the bundled treatment episode. The first and second provider entities and the risk bearing entity enter into one or more smart contracts related to payments for the bundled treatment episode. The distributed ledger enforces the one or more smart contracts. The payment manager application uses the distributed ledger technology. Each of the first and second provider entities send claims to the payment manager application. The payment manager application tags the claims as being part of the bundled treatment episode and approves the claims in accordance with the smart contracts.

A medical device of a medical system is configured for communicating with an external programmer over a wireless communications link. The medical device comprises a wireless communications module configured for receiving a first unencrypted version of a random number and a first encrypted version of the random number from the external programmer over the wireless communications link. The medical device further comprises control circuitry configured for performing an authentication procedure on the external programmer based on the first unencrypted version of the random number and the first encrypted version of the random number, and preventing the external programmer from commanding the medical device to perform an action unless the authentication procedure is successful.