The present disclosure provides a distributed communication network comprising a plurality of computing nodes assigned to each participant of the network and a method of controlling access to data shared on said network. The computing node operates according to a set of pre-defined rules to control how a participant is able to behave on the network, that is, with whom they are able to communicate and on what basis, whilst at the same time giving the participant complete control over their data. The pre-defined rules are published to a blockchain ledger as a network protocol ledger to ensure it is immutable, traceable and easily distributed. In doing so, network protocol(s) not only specify the rules for the network but also enforces the rules on the participants to ensure it complies with the pre-defined behaviour.

In various examples, a method of establishing a communication session between an external device and an implantable medical device is described. The method includes generating at the external device a first private key and a first public key. A start session order is sent over a long-range communication channel. Evidence of physical proximity is sent from the external device to the implantable medical device over a short-range communication channel. A second private key and a second public key are generated at the implantable medical device. A first shared key is generated by the implantable medical device using the first public key and the second private key. A second shared key is generated by the external device using the second public key and the first private key. The first and second shared keys are used to encrypt and decrypt one or more messages between the external device and the implantable medical device.

A system for mobile carrier-centric data record custodians is provided and includes cellular network interfaces that transmit and receive wireless communication over a cellular network, an electronic medical record (EMR) database that stores EMRs, and a mobile account management server coupled with the cellular network interfaces and the EMR database, the mobile account management server receiving an EMR request associated with a mobile user account over the cellular network, querying the EMR database for a results set having EMRs satisfying the query, generating a plurality of EMR responses to the EMR request as a function of the results set and state information associated with the cellular network, and transmitting the plurality of EMR responses over the plurality of cellular network interfaces to the mobile device via the cellular network, the plurality of EMR responses being formatted for wireless protocols of the cellular network interfaces over which they are transmitted.

A highly secure networked system and methods for storage, processing, and transmission of sensitive information are described. Sensitive, e.g. personal/private, information is cleansed, salted, and hashed by data contributor computing environments. Cleansing, salting, and hashing by multiple data contributor computing environments occurs using the same processes to ensure output hashed values are consistent across multiple sources. The hashed sensitive information is hashed a second time by a secure facility computing environment. The second hashing of the data involves a private salt inaccessible to third parties. The second hashed data is linked to previously hashed data (when possible) and assigned a unique ID. Data dictionaries are created for particular individuals provided access to the highly secure information, e.g. researchers. Prior to a data dictionary being accessible by a researcher computing device, the data dictionary undergoes compliance and statistical analyses regarding potential re-identification of the source unhashed data. The data dictionaries are viewable by researchers as certified views via a secure VPN.

Providing a cognitive blockchain for user privileges is provided. A distributed secure encrypted ledger is established for storing information related to privileges for users across a plurality of nodes in a permissioned network with known identities. An internet of things (IoT) device node in the plurality of nodes records a first block in the distributed secure encrypted ledger containing activity information related to a privilege corresponding to a user of the IoT device node. A licensing node in the plurality of nodes evaluates information in the first block. The licensing node records a second block containing privilege information corresponding to the user of the IoT device node based on the evaluating.

A computer-implemented method for providing a radiological opinion includes the steps of: (a) receiving an order for a radiological opinion by means of a web-based application accessible to a user; (b) launching an upload/scan application accessible to the user; (c) scanning a user-selected folder or drive for DICOM images; (d) parsing the DICOM images found in step (c); (e) uploading the DICOM images parsed in step (d); (f) routing the uploaded DICOM images to a picture archiving communication system; (g) generating a radiology order; (h) routing the radiology order to a radiology information system; (i) receiving a radiological opinion; (j) routing the radiological opinion to the user and (k) receiving electronic payment from the user following a successful upload of the radiological opinion, the electronic payment being governed by blockchain technology.

A system and method for generating a limited use login credential associated with an account maintained by an institution, where the credential facilitates secure access to the account.

Secure medical apparatus communication is described herein. An example apparatus can include a processor and an apparatus communication component. The apparatus communication component can be coupled to the processor and can be configured to, in response to receiving data from an external communication component, generate an apparatus private key and an apparatus public key, provide the apparatus public key and data to the external communication component, receive data from the external communication component in response to providing the apparatus public key and data to the external communication component, decrypt the received data using the apparatus private key, verify an identity of the external communication component, and in response to verifying the identity of the external communication component, perform an operation on the medical apparatus using the received data.

A data system for managing the settings for configuring a hearing aid includes a hearing aid (10, 11) and a remote server (25). The hearing aid (10, 11) has a processor (121). a first memory segment (110-112) for storing said configuration settings, a transceiver (122) adapted for establishing a wireless connection to an Internet enabled personal communication device (13), and a second memory segment (114) for storing at least one security element. The remote server (25) is adapted to set up a secure session with said hearing aid via said personal communication device (13) acting as a gateway. The processor (121) allows said remote server (25) to edit said settings for configuring the hearing aid (10, 11) stored said first memory segment (110-112) during a secure session set up under control of said at least one security element stored in the second. memory segment (114).

Systems, apparatus, methods and computer-readable storage media facilitating management of operation of an implantable medical device (“IMD”) using a number of communication modes are provided. An IMD is configured to operate in a disabled mode wherein radio frequency (RF) telemetry communication is disabled, or operate in a first advertising mode using the RF telemetry communication. The IMD receives a clinician session request from a clinician device via an induction telemetry protocol while operating in the disabled mode or the first advertising mode, and transitions to operating from the disabled mode or the first advertising mode to operating in a second advertising mode based on receiving the clinician session request. From the second advertising mode, the IMD can establish a clinician telemetry session with the clinician device using the RF telemetry communication and a unique security mechanism facilitated by an identifier for the clinician device included in the clinician session request.