A patient care environment includes a monitoring device and a vital sign device, where the vital sign device communicates patient vital sign data to the monitoring device. A site key, entity keys, and key combining algorithms are used to secure communications in the patient care environment. Neither the site key nor the entity keys are communicated between the monitoring device and the vital sign device. The monitoring device may use the site key and entity keys to decrypt encrypted messages that have been previously stored in the vital sign device and transmitted back to any monitoring device containing the correct set of site and entity keys. The site key and entity key may also be used during the discovery and/or connection operations between the monitoring device and the vital sign device to associate a wirelessly connected vital sign device with a patient record.

A system and method for homomorphic encryption in a healthcare network environment is provided and includes receiving digital data over the healthcare network at a data custodian server in a plurality of formats from various data sources, encrypting the data according to a homomorphic encryption scheme, receiving a query at the data custodian server from a data consumer device concerning a portion of the encrypted data, initiating a secure homomorphic work session between the data custodian server and the data consumer device, generating a homomorphic work space associated with the homomorphic work session, compiling, by the data custodian server, a results set satisfying the query, loading the results set into the homomorphic work space, and building an application programming interface (API) compatible with the results set, the API facilitating encrypted analysis on the results set in the homomorphic work space.

Methods, systems, and apparatus are described providing networking engines. Specifically, a method for implementing software containers implementing network engines that may be configured to act in a zero-knowledge environment is described. All information pertaining to the network engine associated with a user that is stored in the container is solely that of a user unless explicitly shared by the user. The containers may be configured to participate in a publish-and-subscribe network in order to share information. In addition, the containers may be provisioned with controls so that global operators may comply with local privacy rules.

A method and apparatus provide centralized encryption key management for sharing data across diverse entities. In particular, the present invention relates to a universal and regulatory compliant system and method for sharing personal data records across diverse entities while maintaining unique identifiers at each entity for protecting the identity of any particular person. The present invention enables multiple organizations to be able to share their respective disparate data in a manner in which the disparate personal data records can be aggregated and manipulated by a single entity without putting the personal data records at risk.

The present disclosure provides a method and system for sharing privacy data based on smart contracts. The method includes: receiving, from a first providing device, a first pointer directing to a data contract, and adding the first pointer to a relationship contract of a first user, where the data contract is deployed on a first blockchain by the first providing device in response to the newly added first privacy data, and the first privacy data belongs to the first user; in response to the first privacy data being authorized to be shared with a second providing device, providing the first pointer to the second providing device to allow the second providing device to access the first privacy data through the first pointer.

A data aggregation and process automation (DAPA) system is disclosed. The DAPA system includes an authentication module, a monitoring module, an intelligent automation module, and a transformation module. The authentication module is configured to initiate authenticated communication with a plurality of servers, and includes an authentication storage having a plurality of authentication credentials and routing information. The monitoring module is configured to monitor a first server for a first change event and monitor a second server for a second change event. The first change event results in the receipt of a first data object and the second change event results in the receipt of a second data object. The intelligent automation module is configured to identify the second server, request a service, and submit an update data object to the first server. The transformation module is configured to transform data objects from one format into another.

A computer implemented method for digitally managing personal data comprises a data storage system and the steps of receiving a variety of digital and photographic copies of personal data, prompting manual input of certain personal data, prompting categorization of the received personal data, and permitting access to such personal data upon receipt of authenticating credentials. The personal data may be stored on a blockchain, in the cloud, or locally on a person's mobile computing device, such as a smart phone. A corresponding computer program product and computer system are also disclosed.

A system for secure drug discovery information processing over blockchain based platform, the system including a database and a processor. The processor to receive data record from plurality of data records and metadata associated with data record from the database, wherein the data record corresponds to one of a predefined data type recognized by the blockchain based platform; retrieve ontologies from amongst plurality of ontologies, based on the metadata of the data record; measure term frequency of keywords in the retrieved ontology against term frequency of keywords in the data record; validate the data record to belong to domain of the retrieved ontology, if the keywords from the retrieved ontology are present in the data record above a predetermined value; and extract value features from the validated data record to determine an association of the data record to a node in a network map of biomedical entities.

The present disclosure relates to a medical equipment, to an authentication server (20) and to methods for authorizing a user access to a medical equipment (10) via an equipment user interface. According to a first aspect the disclosure proposes a method, for use in a medical equipment, for authorizing a user access to a medical equipment via an equipment user interface. The method comprises, storing S0 an authority public key of an authority asymmetric key pair associated with an authentication server and providing S3, to the user via the equipment user interface, an authorization challenge indicative of an equipment public key of a temporary equipment asymmetric key pair generated in the medical equipment. The method further comprises receiving S4 from the user via the equipment user interface, a response code comprising validity information encrypted using a shared key derivable from the authority private key of the authority asymmetric key pair and the provided equipment public key, and authorizing S7 the user access to the medical equipment, upon the validity information decrypted using the same shared key but derived in the medical equipment using the stored authority public key and an equipment private key of the temporary equipment asymmetric key pair, being valid. The present disclosure also relates to a computer program and a computer program product implementing the method.

A system and method that facilitates the automated replication of electronic medical record information between a patient and a health-care provider (HCP), such as a doctor, pharmacy, drug manufacturer, biologic manufacturer, or medical device manufacturer. The system uses: a cloud-based infrastructure that includes databases, mathematical models, and configuration information; a patient's electronic health record system providing personal data around a patient's individual personal electronic medical record (PEMR); and a server used to coordinate and authenticate the replication of data between the cloud-based infrastructure, the PEMR, and the EMR/EHR system of the HCP. The system provides support and security, such as by geographically distributed data fragmentation, for mobile platforms and web-based platforms and sophisticated mechanisms for the transmission of data between these systems.