1. Field of the Invention
This application relates generally to a method and apparatus for securely publishing medical information relating to a patient onto a computer readable medium, and more specifically, to a method and apparatus for encrypting medical information of a patient on a portable computer readable medium, wherein the medical information can subsequently be decrypted and made accessible to a user from the computer readable medium by a password.
2. Description of Related Art
Traditionally when a patient visits a healthcare provider and undergoes an examination, the results of the examination are stored in a computer-accessible database maintained by the health care provider. Storing medical information in an electronic database minimizes the physical storage space required to maintain such records. Further, electronic medical records can optionally be recorded onto a portable computer readable medium such as a CD or DVD, for example, for archival purposes or to be given to the patient for his or her own medical records. Such discs can also be generated to convey medical information to a different healthcare provider that will conduct a follow-up examination or further analyze the results of the examination conducted by the healthcare provider that conducted the examination and created the disc.
Conventional discs storing medical information have traditionally lacked security features to safeguard the medical information stored thereon in the event the disc is lost, and comes into the possession of an unauthorized party that is not rightfully entitled to view the medical information. Thus, health care providers are reluctant to store private medical information onto such discs, and this reluctance can impede the necessary flow of such medical information as required to effectively treat the patient.
Accordingly, there is a need in the art for a method and apparatus for encrypted medical information on a portable computer readable medium and conveying a password for decrypting the medical information on the portable computer readable medium to a user. The method and apparatus can optionally include presenting the password on or with the portable computer readable medium itself without clearly identifying the password as such.
According to one aspect, the subject application involves a method of protecting medical output to be stored on a portable computer-readable medium. The method includes using a computer operatively connected to a communication network to receive the medical output to be stored on the portable computer-readable medium over the communication network. Access to the medical output is restricted and a key is established. The key is to be entered by an intended recipient of the portable computer-readable medium into a user computer to which the portable computer-readable medium is provided to gain access to the medical output stored on the portable computer-readable medium. An identifier is assigned to the portable computer-readable medium and stored on both the portable computer-readable medium and a computer memory operatively connected to the computer. The medical output is stored on the portable computer-readable memory, and access to the medical output on the portable computer-readable medium is restricted, requiring the key to access and view the medical output. The key is also stored in the computer memory and a relationship associating the identifier with the key is established to enable identification of the key with knowledge of the identifier. A security utility and a medical presentation utility that is compatible with the medical output are also stored on the portable computer-readable medium. The security utility is executable by the user computer to grant access to the medical output on the portable computer-readable medium in response to entry of the key. The medical presentation utility is executable by the user computer to present the medical output to the intended recipient of the portable computer-readable medium subsequent to entry of the key into the security utility.
According to another aspect, the subject application involves a publisher for publishing a portable computer-readable medium storing encrypted medical output. The publisher includes a network interface for receiving the medical output over a communication network and a computer-accessible memory for at least temporarily storing the medical output received over the communication network. A recording bay is provided for receiving the portable computer-readable medium and writing the medical output to the portable computer-readable medium. A labeler creates label content to be associated with the portable computer-readable medium, and a processing component is provided for executing computer-executable instructions stored in the computer-executable memory for performing a method. The method performed includes restricting access to the medical output and establishing a key that is to be entered by an intended recipient of the portable computer-readable medium into a user computer to gain access to the medical output stored on the portable computer-readable medium. An identifier is assigned to the portable computer-readable medium and the identifier is stored on both the portable computer-readable medium and a computer memory operatively connected to the publisher. The medical output is stored on the portable computer-readable memory via the recording bay, and access to the medical output on the portable computer-readable medium is restricted, requiring the key to access and view the medical output. The key is stored in the computer memory and a relationship associating the identifier with the key is established to enable identification of the key with knowledge of the identifier. A security utility and a medical presentation utility that is compatible with the medical output are also stored on the portable computer-readable medium. The security utility is executable by the user computer to grant access to the medical output on the portable computer-readable medium in response to entry of the key and the medical presentation utility is executable by the user computer to present the medical output to the intended recipient of the portable computer-readable medium subsequent to entry of the key into the security utility.
The above summary presents a simplified summary in order to provide a basic understanding of some aspects of the systems and/or methods discussed herein. This summary is not an extensive overview of the systems and/or methods discussed herein. It is not intended to identify key/critical elements or to delineate the scope of such systems and/or methods. Its sole purpose is to present some concepts in a simplified form as a prelude to the more detailed description that is presented later.
The invention may take physical form in certain parts and arrangement of parts, embodiments of which will be described in detail in this specification and illustrated in the accompanying drawings which form a part hereof and wherein:
Certain terminology is used herein for convenience only and is not to be taken as a limitation on the present invention. Relative language used herein is best understood with reference to the drawings, in which like numerals are used to identify like or similar items. Further, in the drawings, certain features may be shown in somewhat schematic form.
It is also to be noted that the phrase “at least one of”, if used herein, followed by a plurality of members herein means one of the members, or a combination of more than one of the members. For example, the phrase “at least one of a first widget and a second widget” means in the present application: the first widget, the second widget, or the first widget and the second widget. Likewise, “at least one of a first widget, a second widget and a third widget” means in the present application: the first widget, the second widget, the third widget, the first widget and the second widget, the first widget and the third widget, the second widget and the third widget, or the first widget and the second widget and the third widget.
The subject application relates to a method and apparatus for storing a medical modality output (referred to herein as a “medical output”) representing an analysis of a human or other living patient that is formatted in a standard medical output format that can be stored on a portable computer-readable medium. The standard medical format can be any format in which the medical output (e.g., x-ray, MRI scan, electrocardiogram, etc . . . ) produced by a medical modality is commonly formatted, and that can be presented to a user via a user computer terminal provided with a compatible medical output viewer or other such media presentation software to reproduce or otherwise present the medical output to the user. Such media presentation software can optionally be stored on the portable computer-readable medium 12 along with the medical output, and can be executed by the user computer from the portable computer-readable medium 12. The medical output from any medical modality can be stored on a portable computer-readable medium 12 as described herein, however, for the sake of clarity and to particularly describe the present technology, an example of a medical output in the form of a medical image will be discussed herein. But it is to be understood that the output of a medical modality can include any image, audio track, data plot, graphical representation, motion picture, text report, and any other type of media file output by a medical modality, any medical-related information about a patient, or any combination thereof, is included within the scope of the technology described herein. Thus, references to a medical image 94 (
Examples of the medical output formatting standard include, but are not limited to, a format that is compliant with Part 10 (PS 3.10-2008) or any other part of the Digital Imaging and Communications in Medicine (“DICOM”) file format established by the National Electrical Manufacturers Association (“NEMA”), compliant with the Portable Data for Imaging (“PDI”) standards maintained by IHE International, or both for example. Publication of a portable computer-readable medium 12 includes at least one of storing the medical output produced by a medical modality onto the portable computer-readable medium 12 and applying label information within a label region on the portable computer-readable medium 12. Embodiments of the label information include, but are not limited to, human-readable information (i.e., visually readable by the human eye without first requiring conversion by a computer or other electronic reader), machine-readable information such as 2D and 3D bar codes, or any combination thereof
The process of publishing the portable computer-readable medium 12 can be arranged into “jobs”. Each job results in the publication of one or a plurality of portable computer-readable media 12 storing medical output that can optionally comprise one or more medical images or other forms of output produced by a medical modality. All medical output included in the job is to be stored on the portable computer-readable medium 12 according to one or more parameters in a parameter set, which is also referred to herein as a “job profile”. For example, the job profile can include a setting of the publisher 10 indicating a type of encryption to be performed by the publisher 10 on the medical output to be stored on the portable computer-readable medium 12. Other embodiments of the job profile include a setting indicating a suitable viewer (whether encrypted or unencrypted) to be stored on the portable computer-readable medium 12 in addition to the medical output, for example. Yet other embodiments of the job profile include a setting that can be read by the publisher 10 to determine the type (e.g., CD or DVD) of the portable computer-readable medium 12 to be used for storing the medical output.
The job profile to be selected to govern each publication of a portable computer-readable medium 12 can optionally be selected automatically by the publisher 10 in response to receiving an identifier called an Application Entity Title (hereinafter “AE Title”). A relationship such as a lookup table, for example, can be stored in a non-volatile computer-accessible memory provided to the publisher 10, such as buffer memory 88a for example, to relate each AE Title to a corresponding job profile. Each medical modality, for example, can be assigned a predetermined AE Title, and when a job including medical output from that medical modality is sent to the publisher over a communication network 104 (
For the illustrative embodiments, the medical image 94 representing the medical output is not limited to electronic data representing only medical images, but also includes all associated charts, files, and the like. And as mentioned above, the medical output can optionally be formatted in compliance with Part 10 (PS 3.10-2008) or any other part of the DICOM standard established by the National Electrical Manufacturers Association (“NEMA”), in compliance with the PDI standards maintained by IHE International, or both, to be stored on the portable computer-readable medium 12. The medical images referred to herein are in electronic form, and can optionally be broken into separate electronic files to be recorded onto the portable computer-readable medium 12, and can be a document, image, audio file, video file, or any combination thereof, and other such files related to the medical image captured by a medical modality.
With continued reference to
The publisher 10 encrypts, locks, restricts access to, or otherwise secures access to the electronic data on the portable computer-readable medium 12 to limit access to the encrypted electronic data to authorized users. The authorized users can use a password or other suitable key to decrypt, unlock or otherwise gain access to the electronic data to be retrieved and displayed by the user computer. The authorized users can then view the electronic data from the portable computer-readable medium 12 and cause it to be displayed in a private setting such as the patient's home, or the radiologist's office, with a user computer executing the Viewer or other compatible medical presentation utility. Alternately, the authorized user can be a medical facility different from the facility that captured or otherwise created the medical image 94. This different facility can gain access to the encrypted electronic data on the portable computer-readable medium 12 via the password or other suitable key and import data from the portable computer-readable medium 12, including the medical images and patient information, to be entered into a network maintained by the different facility.
As shown in
In addition to the recorder 16 and automated feeder 18, the publisher 10 further comprises a user interface 22 which, for some embodiments herein can be a touch-screen display panel, for example, presenting the operator with one or more options that the operator can select to enter a command for controlling operation of the publisher 10 as described in detail below. A printer 24 is provided for printing onto a surface of a label 26 at least variable label content 112 (
A microprocessor such as a multiple-core processor, for example, or other suitable central processing unit 80 provided to a control unit 28 (
The control unit 28 also includes other conventional computer components such as a volatile operational memory such as random access memory (“RAM”) 79 (
The portable computer-readable medium 12 is said to be portable in that it is a mass storage medium that can be used to store information according to a standard that enables the end user to retrieve and review the electronic data with computers other than the publisher 10 itself In other words, the portable computer-readable medium 12 can be a passive medium to be temporarily inserted into a compatible drive unit of a personal computer or other computer terminal for retrieving and reviewing the electronic data there from. Examples of suitable portable computer-readable media 12 include, but are not limited to, optical media such as a compact disc (also commonly referred to as a “CD”, “CD-ROM”, “CD+R”, “CD-R”, “CD-RW”—collectively referred to herein as “CD”); digital video disc (also commonly referred to as a “digital versatile disc,” and including “DVD”, “DVD-ROM”, “DVD-R”, “DVD-RW”, “DVD+R”, “DVD+RW”, “DVD-RAM”, and the like—collectively referred to herein as “DVD”); Blu-ray Discs such as BD-R, BD-RE, and the like—collectively referred to herein as “Blu-ray Disc”); HD-DVD; and the like. Another suitable portable computer-readable medium 12 includes a USB flash drive commonly referred to as a jump drive, USB drive or memory key that includes an EEPROM based memory integrated with a USB interface. According to other embodiments, the portable computer-readable medium 12 can include other types of media such as SD cards, compact flash cards, and the like.
According to the embodiment shown in
The medical image in
In addition to, or instead of one or both of the two optical recording bays 32a, 32b in
For the embodiments that store medical images 94 onto optical computer-readable media 12, the automated feeder 18 of the publisher 10 retrieves a proper computer-readable medium 12 for storing a particular medical image 94 from a supply bin 17. The portable computer-readable medium 12 retrieved is inserted into one of the recording bays 32a, 32b from where the electronic data representing the medical output can be recorded. Each supply bin 17 can be an open column approximating the diameter of an optical computer-readable medium 12 that is defined by one or more plastic partitions. The automated feeder 18 can include any device that can be computer controlled, and autonomously-driven according to the execution of computer-executable logic. For example, a suitable automated feeder 18 can include a robotic arm 36 that can be positioned at a plurality of locations along a track 38. According to such embodiments, a drive motor 34 is activated according to the instructions from the computer-executable logic executed by the control unit 28 to adjust the position of an outwardly extending arm 36 along a transverse track 38. The automated feeder 18 can be operatively connected to communicate with the central processing unit 80 (
With the portable computer-readable medium 12 secured to the feeder 18, the grasping tool 40 along with the portable computer-readable medium 12 is elevated out of the storage bin 17. The position of the arm 36 is then adjusted along the transverse track 38 toward the first or second recording bay 32a, 32b into which the portable computer-readable medium 12 is to be inserted. A door of the recording bays 32a, 32b can be opened to allow a supporting tray, such as the tray that can be extended out of a conventional CD/DVD/Blu-ray Disc writer for example, to be extended out of the recording bays 32a, 32b for receiving the portable computer-readable medium 12 in a manner known in the art. Once the portable computer-readable medium 12 is supported above the extended supporting tray, the diameter of the grasping tool 40 can be reduced to allow the aperture 42 of the portable computer-readable medium 12 to pass over the grasping tool 40, causing the portable computer-readable medium 12 to fall from the grasping tool 40 and into one of the recording bays 32a, 32b. This results in the portable computer-readable medium 12 falling onto the supporting tray, which is then retracted back into the recording bays 32a, 32b. Once the optical computer-readable medium 12 is disposed within one of the recording bays 32a, 32b, it is to be spun from its initial stationary state to a suitable angular velocity to achieve a desired write speed as part of a “spin-up” phase. Upon reaching the suitable angular velocity, the portion located a given radial distance from the center of the CD/DVD/Blu-ray Disc/HD-DVD, etc . . . at which the medical output is to be written rotates at a known velocity relative to a laser that is used to write the medical output onto the optical computer-readable medium 12, and thus, writing of the medical output at a desired speed can be controlled. During the initial stages of the spin-up phase, the control unit 28 also initiates interrogation of the computer-readable medium 12 in one of the recording bays 32a, 32b with the laser to determine the type (e.g., CD, DVD or Blu-ray Disc) that is present. Based on this interrogation the control unit 28 can execute the proper computer-executable logic for controlling the storage of the medical image 94 onto the type of the optical computer-readable medium 12 that is detected.
The label 26 shown in
According to alternate embodiments, the portable computer-readable medium 12 can optionally store medical output for a plurality of different patients. According to such embodiments the variable label content 112 can include the variable label content specific to one of the plurality of different patients, in addition to content indicating that the portable computer-readable medium 12 stores medical output pertaining to more than just a single patient.
The publisher 10 can include an encryption feature that is to be activated by an administrator via a window 140 displayed by a user interface 22 as shown in
The window 140 is presented to a user of the publisher 10 who is manually creating a job to store medical output onto the portable computer-readable medium 12. Other embodiments of the publisher 10 can optionally automatically determine whether encryption is to be employed, the type of encryption for the job, any other parameters regarding encryption, or any combination thereof based on the job profile selected in response to receiving the AE Title as explained above, based on a default setting of the publisher 10, or based on an encryption setting imported from the USB drive or other computer-accessible memory, for example.
For such automatic embodiments, the publisher 10 can automatically determine the password or other key code according to the job profile corresponding to the active setting for each publication of a portable computer-readable medium 12. The job profile can optionally define a collection of characters included in the information to be stored on the portable computer-readable medium 12, or optionally a collection of characters that are to appear on the label 26 of the portable computer-readable medium 12 to be combined in a predetermined sequence to form the password as described herein. The password can optionally be compiled from information about the patient, the healthcare provider, intended recipient of the portable computer-readable medium 12, or any combination thereof. When a publication process is initiated according to such embodiments, the appropriate encryption can be automatically performed by the publisher 10 without further input from the user who initiated the publication process. Such encryption can be performed in the background without alerting the user who initiated the publication process that encryption is to be performed.
The publisher 10 can optionally present the user with a user interface that allows the user of the publisher 10 to manually select a desired type of encryption such as 7Zip, TrueCrypt, or any other supported type of encryption scheme. For example, upon selecting the “Encrypt” check box 142 in
An unencrypted “Readme” text file can optionally be stored on the portable computer-readable medium 12 with the encrypted medical output. Thus, encryption can be performed to restrict access to the contents of the portable computer-readable medium 12 as a whole, or can be selectively performed as desired by the user on a per-file basis to encrypt a portion of the electronic data, but less than all, stored on the portable computer-readable medium 12. The text file can be opened and displayed by any computer terminal without restriction. The text file can include information about the patient, the medical output stored on the portable computer-readable medium 12, the party who the recipient of the portable computer-readable medium 12 can contact to resolve problems gaining access to encrypted medical output on the portable computer-readable medium 12, any other information not of a medically sensitive nature or required to be maintained in confidence, or any combination thereof. For example, the text file can include the disc ID 241 as shown in
The password, regardless of how it is established, can be stored in the database in a computer memory such as the hard disk drive provided to the publisher 10 or other network-connected memory, for example, in association with an identifier that can uniquely identify the portable computer-readable medium 12. The computer memory can be accessible to a provider of the portable computer-readable medium 12 or optionally an affiliated entity with administrative permissions. However, the computer memory can optionally be made inaccessible to users without authorization to gain access to passwords used to secure a portable computer-readable medium 12 delivered to someone other than the user. According to alternate embodiments, the computer memory can provided limited access to a restricted portion of information stored thereon. For instance, a user can enter and submit information identifying a portable computer-readable medium 12 in the user's possession into a website. A query can be performed by a server or other network-connected computer to retrieve the password corresponding to the submitted information and return the password to the user.
The password can be stored in an electronic spreadsheet, database or other suitable data storage utility in the computer memory in a row or column corresponding to the disc ID 241 (
According to alternate embodiments, the password for gaining access to the medical output can be stored on the portable computer-readable medium 12, provided on the label as a contiguous string of characters, or a combination thereof, but not expressly identified as the password. For instance, the password can be the Disc ID 141 or 241, the patient's last name, or any other combination of characters stored on the portable computer-readable medium 12.
The encryption feature provided to the publisher 10 can allow the administrator to specify at least one of: how to deliver a password to the intended recipient, how to generate the password required to grant authorized users access to medical output on the portable computer readable medium 12, how the password or other type of key will be changed, how frequently the password is to be changed, or a combination thereof. For example, instead of, or in addition to providing the password on the portable computer readable medium 12 itself or another object such as a disk holder for storing the portable computer readable medium 12, the password can optionally be e-mailed from an e-mail component of the publisher 10 to an e-mail address associated with the authorized user who is to receive the portable computer readable medium 12, technical support personnel associated with the medical care provider that published the portable computer-readable medium 12, or any other desired party. The e-mail component is operatively connected to the network adaptor of the publisher 10 to transmit such electronic communications over the communication network to the intended recipient. The e-mail address can optionally be stored in a contact database in communication with the publisher 10 such that the email can be generated and transmitted automatically in response to publication of the portable computer-readable medium 12. Other embodiments of the publisher 10 include a mailing component that is operable to transmit the key and optionally the identifier to a workstation or printer, for example, to generate a printed letter, postcard, etc . . . to be mailed to the intended recipient. The password needed to access medical output stored on the portable computer readable medium 12 is to be included on an automatically-generated printed letter, postcard or other physical communication medium and transported via postal courier to the authorized user who is to receive the portable computer readable medium 12. The mailing component of the publisher 10 can optionally retrieve contact information such as an address for the intended recipient and transmit such retrieved information to the printer to address the communications to be delivered to the intended recipient. According to alternate embodiments, an identifier such as the disc ID 241 that can identify the portable computer-readable medium 12 delivered to the authorized user can also optionally be identified in the e-mail or physical communication. The identification of the identifier can be explicit as in the statement “The identifier is: XYZ.” According to alternate embodiments, the identification of the identifier can be indirect and based on information that is known to the authorized user but is not generally known to others and does not accompany the portable computer-readable medium 12. For instance, statements such as “The identifier is: the patient's birth year” and “The identifier is: the patient's social security number” and “The identifier is: the first name of the patient's primary care physician” are examples of such an indirect identification of the identifier if the patient's birth year, social security number and primary-care physician do not accompany the portable computer-readable medium 12 when delivered to the authorized user.
According to such embodiments, the publisher 10 does not need to generate a cryptic password based on at least one of variable label content 112, fixed label content 110, or a combination thereof. Instead, the publisher 10 can be configured to automatically, upon publication of the portable computer readable medium 12, generate a letter listing the password to be transported via postal courier to the authorized user of the portable computer readable medium 12. Alternately, the publisher 10 can automatically generate an e-mail addressed to the authorized user of a portable computer readable medium 12 to be transmitted over a communication network such as the Internet upon publication of the portable computer readable medium 12. The password transmitted via the letter or e-mail can be assigned in any conventional manner, can be selected from a list of passwords, can be randomly generated, can be the same password as another portable computer-readable medium 12, and can be clearly labeled as the password in the letter or e-mail but omitted altogether from the label 26. According to other embodiments the password can be automatically generated based on any DICOM data (i.e., data associated with the medical output according to the DICOM standard). Examples of the DICOM data include data extracted from the DICOM header 97 (
According to an alternate embodiment, the publisher 10 can be configured to generate a password based at least in part on the variable label content 112, fixed label content 110, or a combination thereof. That password can appear on the label 26 in an obfuscated manner (i.e., not expressly identified on the label as the password, but capable of being determined based on information on the label 26 by an authorized party with knowledge of the manner of determining the password) and be subsequently discerned by an authorized user from the variable and/or fixed label content 112, 110 and entered into a user computer to gain access to the medical output stored on the portable computer readable medium 12. For such embodiments, the password can be discerned from the label 26 provided to the portable computer readable medium 12 itself, thus assuring an authorized user has the ability to discern the password from the label 26 to obtain the password as long as the authorized user has possession of the portable computer readable medium 12 and the label is readable. Discerning the obfuscated password from characters and information in the unencrypted text file on the portable computer readable medium 12 mentioned above is analogous to discerning the obfuscated password from characters appearing on the label 26 described with reference to
With reference to
In each of the above examples, the password required to gain access to the medical output on the portable computer-readable medium 12 can be discerned from information appearing on the label 26 of the portable computer readable medium 12 without expressly identifying it as such on the label 26. When the authorized user is given the portable computer readable medium 12, the healthcare provider can also at that time convey the manner in which the password can be discerned. Such a conveyance can occur verbally, for example. According to alternate embodiments a separate instruction indicating how to discern the password from the label 26 can be provided to the authorized user via a separate letter transported via postal courier or e-mail as described above. Those who come into possession of the portable computer readable medium 12 (and are not rightfully supposed or intended to view the medical output) will not be able to gain access to the encrypted medical output stored thereon simply by placing a portable computer readable medium 12 in any personal computer and opening the medical output as if it was not encrypted.
According to alternate embodiments, the publisher 10 can be configured to use a randomly-selected combination of characters from the label 26 as the password. This random combination can be one of a plurality of predetermined combinations, or can change for each portable computer readable medium 12 according to output from a random number generator implemented with the publisher 10. Regardless of the manner in which the password is generated, however, the publisher 10 can maintain, or transmit to be saved in a remotely stored electronic database, a log storing a list of portable computer readable media 12 published by the publisher 10 along with each of their passwords. For example, each portable computer-readable medium 12 can be represented in the log by the disc ID 141 appearing on the label 26 as shown in
For example, consider a first portable computer readable medium 12 published with medical output that is encrypted, and must be decrypted with a password comprising the first five digits of the patient ID 114 in combination with the patient's year of birth before the medical output can be displayed. Likewise a second portable computer readable medium 12 can be published, encrypting or otherwise securing the medical output using a password including the day on which the patient was born in combination with the patient's year of birth. In both instances, the healthcare provider can provide each authorized user with the manner in which they can discern their respective password from information contained in the label 26.
According to other embodiments, the password required to view medical output stored on a portable computer readable medium 12 can be specific to a particular authorized end-user or intended recipient. For example, a portable computer readable medium 12 to be delivered to a particular physician or healthcare provider for review can optionally require a password created from the first five characters of the patient ID 114 listed on the label 26 to gain access to the medical output secured with the password. Each of a plurality of different portable computer-readable media 12 for the common intended recipient can optionally store medical output encrypted in this manner, such as by utilizing a plurality of characters from the intended recipient's name as the password. Just as before, the particular physician or healthcare provider who is authorized to view the medical output will be informed of the manner in which the password can be determined from information appearing on the label 26. Accordingly, authorized users in possession of the portable computer readable medium 12 can discern the password required to view the medical output stored thereon while unauthorized individuals will be unlikely to determine the password.
For a computer readable medium 12 storing encrypted medical output, a decryption or other suitable security utility can also be included on the portable computer readable medium 12. The decryption utility includes computer executable instructions that, when executed, prompt the user for the password. In response to receiving the correct password the decryption utility unlocks the encrypted medical output to be viewed by the user. The decryption utility can be launched on the computer being used to view the medical output automatically in response to receiving a request to open encrypted medical output. Portions of the decryption utility, including the medical output being decrypted can optionally be temporarily stored on the computer, depending on the decryption utility and encryption performed on the medical output. Upon being executed, the decryption utility causes a window such as that shown in
According to alternate embodiments, the decryption utility can form an integrated portion of the Viewer. In other words, if an attempt is made to open the medical output from the portable computer-readable medium 12 with the Viewer, the Viewer can optionally automatically launch the decryption utility portion to display the window 132 in
Referring once again to the embodiment in
The window 132 shown in
Upon selecting the Help button 207, a window 212 such as that shown in
The amount of medical output that must first be decrypted before being presented by the computer to the end user can depend on the type of encryption used. For example, if 7Zip is used for the encryption, all encrypted medical output must be decrypted and stored at least temporarily on the computer before the user can be presented with any portion of the decrypted medical output. In contrast, using TrueCrypt for encryption allows the user to view a preview of the contents of the portable computer readable medium 12 in a decrypted state, and from there select the portion, which is optionally less than all, of the medical output the user desires to view. The selected portion of the medical output can be decrypted, at least temporarily saved at the temporary memory location of the computer-accessible memory and viewed before all of the encrypted medical output on the portable computer readable medium 12 is decrypted.
Further, in many instances more than a single portable computer readable medium 12 will be required to store the entire amount of medical output to be delivered to the end user via the portable computer readable medium 12. The medical output can, under such circumstances be divided and stored on a plurality of portable computer readable media 12. Each of the portable computer readable media 12 in the series is to be individually encrypted independent of encryption of medical output on other portable computer readable media 12 in the series, in a manner allowing the user to decrypt and be presented with the medical output stored on each portable computer readable medium 12 in any order. Thus, the medical output on each portable computer readable medium 12 can be decrypted in sequence (i.e., disc 1, disc 2, disc 3, . . . disc N), and out of sequence (i.e., disc 3, disc 1, disc N, . . . disc 2). Further, any single portable computer readable medium 12 in the series, or any combination of the portable computer readable media 12 in the series can be loaded into the computer by the end user and the medical output thereon viewed/extracted individually, independent of the other portable computer readable media 12. In other words, if the user wishes only to view or otherwise review the medical output on disc 2 without viewing the medical output stored on any other portable computer readable medium 12 such as disc 1, the user can decrypt the medical output on disc 2, launch the Viewer and view or otherwise observe that medical output independent of disc 1 (i.e., without first decrypting and saving or extracting the medical output from disc 1).
According to alternate embodiments, an evaluation utility can also be included on the portable computer readable medium 12 to be executed for determining whether the computer-accessible memory of the computer used to view the medical output has enough free space to store the decrypted medical output. When the user elects to simply view the medical output (i.e., by selecting the View button 137 discussed above), the evaluation utility can determine whether the temporary memory location to be used to temporarily store the decrypted medical output is large enough for this purpose. Similarly, when the user elects to extract and save the decrypted medical output (i.e., by selecting the Extract button 136 discussed above), the evaluation utility can determine whether the memory location selected by the user to save the decrypted medical output is large enough to store the selected medical output. For either embodiment, if the available memory location is not large enough to store the medical output to be decrypted, the evaluation utility, when executed, can recommend to the user that additional memory is needed, and how much additional memory is needed before beginning decryption of the medical output, and prompt the user to clear the required memory locations needed before the decryption process begins. The evaluation utility can avoid: 1) wasting the user's time in a decryption process that is not going to complete, and 2) avoiding filling the hard drive in such a way as to render it useless or severely compromised in certain circumstances.
As used herein, the term component can include computer hardware, computer-executable instructions stored on a non-volatile computer memory to be executed by a computer processor, or a combination thereof to perform the various method steps described herein in the securing of medical output.
Illustrative embodiments have been described, hereinabove. It will be apparent to those skilled in the art that the above devices and methods may incorporate changes and modifications without departing from the general scope of this invention. It is intended to include all such modifications and alterations within the scope of the present invention. Furthermore, to the extent that the term “includes” is used in either the detailed description or the claims, such term is intended to be inclusive in a manner similar to the term “comprising” as “comprising” is interpreted when employed as a transitional word in a claim.
This application claims the benefit of U.S. Provisional Application No. 61/161,217, filed Mar. 18, 2009, and U.S. Provisional Application No. 61/159,278, filed Mar. 11, 2009, which are incorporated in their entirety herein by reference.
Filing Document | Filing Date | Country | Kind | 371c Date |
---|---|---|---|---|
PCT/US10/26959 | 3/11/2010 | WO | 00 | 4/6/2012 |
Number | Date | Country | |
---|---|---|---|
61159278 | Mar 2009 | US | |
61161217 | Mar 2009 | US |