A communication adapter and a computer implemented method for use with an implantable medical device, in particular a pacemaker, a defibrillator and/or a neuro-stimulator, for transferring data between the implantable medical device and a mobile device, in particular a smartphone or tablet computer. In addition, the invention relates to a protective case, a cable and a connector each comprising the communication adapter.

A system and method for identifying health data associated with a health activity and processing the health data based on protected health information control for secure viewing and communication are provided. The method includes: detecting, by one or more processors, a health activity from a hardware device accessed by a user; identifying, by the one or more processors, health data associated with the health activity; identifying, by the one or more processors, a task to be performed based on the health activity; determining, by the one or more processors, whether the user is an authorized user based on a protected health information control unit; and responsive to the user being authorized, performing the task using the health data for the authorized user.

Techniques for performing application-layer security are disclosed. In certain embodiments, analyte data may be obtained from an analyte sensor operatively coupled to a sensor electronics module of an analyte sensor system. Thereafter, the analyte data may be encrypted, in an application layer of a protocol stack of the sensor electronics module using a session key established between the analyte sensor system and a display device. The encrypted analyte data may then be transmitted to a display device.

A patient identity and information manager (PIIM) is configured for establishing direct trust relationships between itself and (i) a particular patient; (ii) a biomarker monitoring device corresponding to the patient; and (iii) a medical care provider associated with the patient. The PIIM establishes: a first direct trust relationship corresponding to the patient by way of communication between the PIIM and a patient identification/biometrics module and establishment of a validated currently active patient identity; a second direct trust relationship corresponding to the biomarker data monitoring device by way of communication between the PIIM and the biomarker data monitoring device under the currently active patient identity; and a third direct trust relationship corresponding to the care provider by way of validating the care provider and providing the validated care provide with a biomarker data encryption key corresponding to each of the currently active patient identity and the biomarker monitoring device.

Multivariate encryption systems and methods are provided herein. An example method includes receiving a multivariate input set that includes a plurality of sensitive data objects arranged according to a record template, encrypting the multivariate input set into an encrypted representation, receiving a request for at least a portion of the plurality of sensitive data objects, extracting the at least a portion of the plurality of sensitive data object from the encrypted representation and generating a response message that includes only the at least a portion of the plurality of sensitive data objects that were extracted from the encrypted representation.

A method for encrypting plaintext data is enclosed that includes operations of receiving the plaintext data, the plaintext data including a plurality of data portions, encrypting each of the plurality of data portions using a specific key for each data portion, merging each of the plurality of data portions together to form a single data stream, generating a data map of the single data stream, appending the data map to the single data stream, and performing a master cipher to form an encrypted distributable stream. Operations of the encrypting include: an additive operation on each byte of the first data portion using the additive table, an XOR operation on each byte of the first data portion as modified by the additive operation, a substitution operation on each byte of the first data portion using the substitution table as modified by the XOR operation.

A method is provided for controlling exchange of privacy sensitive data between a first certified party server (A) associated with a first party and at least a second certified party server (B) associated with a second party using a certified intermediate server (Y) subject to authorizations (X.sub.AB) imposed by an authorizing party (X), using a public network. Therein the first certified party server (A) transmits (S2) to the certified intermediate server (Y) a primary request (ARQ(I.sub.xA,.sub.xA)) that includes a digitally signed primary request indication (I.sub.XA,.sub.XA) comprising a primary request indication (I.sub.XA) specifying a set of privacy sensitive data units (X.sub.A) for which a copy (C.sub.XA) is requested and a digital signature (.sub.XA) of said first party, associated with said primary request indication (I.sub.XA). The certified intermediate server (Y) determines (S3) which authorizations are provided by the authorizing party (X) for transmission of information concerning privacy sensitive data r from the second certified second party server (B) to the first certified party server (A). The certified intermediate server (Y) executes (S4) a query procedure (QP) in which at least includes transmitting the digitally signed primary request (I.sub.XA,.sub.XA) by the certified intermediate server (Y) to the second certified party server (B). The second certified party server (B) inspects (S5) the digital signature (.sub.XA) to verify authenticity of said the primary request. Subject to confirmation of its authenticity it makes available a provider copy (C.sub.XAMB) including at least a censored copy, being a copy of a censored subset of privacy sensitive data units, the censored subset comprising the privacy sensitive data units as specified by the primary request indication (I.sub.xA) subject at least to said authorizations (X.sub.AB) and subject to availability thereof with the at least a second certified party server. It also provides a second party digital signature, i.e. a digital signature (.sub.B) of the second certified party, associated with the censored subset. Upon completion of the query procedure, the censored copy and the second party digital signature are made available to the first certified party server as a digitally signed authorized copy.

A hearing device includes: a processing unit configured to compensate for hearing loss of a user of the hearing device; and an interface; wherein the processing unit is configured to: receive a session request for a session via the interface, obtain and store a session key, encrypt the session key based on a hearing device key, send a session response comprising the encrypted session key, and receive session data in the session via the interface.

A method, performed by a user application, of creating a trusted bond between a hearing device and the user application is disclosed, wherein the method comprises obtaining first authentication material; transmitting a first authentication request comprising a first authentication type identifier and first authentication data to the hearing device; receiving a first authentication response comprising a sound signal from the hearing device; deriving second authentication material based on the sound signal; determining second authentication data based on the second authentication material; transmitting a second authentication request comprising the second authentication data to the hearing device; receiving a second authentication response comprising an authentication key identifier from the hearing device; storing an authentication key and the authentication key identifier, wherein the authentication key is based on the first authentication material; and connecting the user application to the hearing device using the authentication key and the authentication key identifier.

Various embodiments provide systems and methods for securely transferring data from a secured site to a medical device. Some embodiments provide systems and methods for securely uploading data from a medical device to a secured site. In some embodiments described herein, data can be downloaded from a secured site to a key and after severing communication with the secured site, key can be coupled to a device and download the data to the device, in some embodiments, a public and private key pair may be used to securely download data to a device.