View All Documents & Correspondence
A System And A Method For Data Exchange In A Healthcare Environment
Abstract: A system (100) for data exchange in a healthcare environment. A receiving module (120) receives requests from a plurality of computing devices or applications (118) via an application user interface. An authorization module (122) verifies credentials using knowledge-based authentication. A collecting module (124) collects the health-related data to store and collects a subset of health-related data for retrieval. A transformation module (126) applies a predefined schema to the subset and shares the subset of health-related data. A tokenized security module (128) grants a plurality of tokens, transfers medical data to the plurality of tokens, determines a token validity period, designates the token as one of single-use tokens and a multi-use token. Further, the tokenized security module allows access to the requested subset multiple times in the predefined time limit, allows renewal of the token by providing a new token without re-authentication and allows the token a plurality of privileges. FIG. 1
Notices, Deadlines & Correspondence
Patent Information
Applicants
COGNOTA HEALTHCARE PRIVATE LIMITED
Inventors
1. RAJENDRA PATIL
Specification
DESC:
EARLIEST PRIORITY DATE:
This Application claims priority from a provisional patent application filed in India having Patent Application No. 202221040845, filed on October 18, 2022, and titled DATA EXCHANGE IN HEALTH CARE NETWORK.
FIELD OF INVENTION
[0001] Embodiments of the present disclosure relate to the field of healthcare, and more particularly, a system and a method for data exchange in a healthcare environment.
BACKGROUND
[0002] In the current health-related industry, efficient exchange and management of health-related data has become increasingly challenging. One of the challenges is the complexity of the diversity of data sources in the healthcare system. The data often originates from various medical devices, applications, and several other sources, each using different formats, standards, and protocols. These data are pivotal for managing patient medical histories, current health statuses and the like. However, keeping a record of data of different kinds is a tedious task since lacks a standardized approach to accessing and exchanging health-related data.
[0003] Further, in the healthcare system, several essential processes, such as obtaining prescriptions and managing health insurance, involve multiple manual procedures, which are time-consuming, annoying, and inefficient for patients, healthcare professionals and the like.
[0004] Additionally, security and authentication are crucial in the healthcare domain to protect sensitive information. Unauthorized access and data breaches pose significant risks that may compromise patient privacy.
[0005] Furthermore, existing data storage systems in healthcare often suffer from decentralization and a lack of organization. This fragmentation results in difficulties in data retrieval and management.
[0006] Hence, there is a need for an improved system and method for data exchange in a healthcare environment which addresses the aforementioned issue(s).
OBJECTIVE OF THE INVENTION
[0007] An objective of the invention is to enhance the security and efficiency of healthcare data exchange by implementing a blockchain database.
[0008] Another objective of the invention is to standardize data formatting and rendering to improve data comprehension and usability.
[0009] Yet another objective of the invention is to introduces a knowledge-based authentication process, emphasizing the enhancement of data security.
BRIEF DESCRIPTION
[0010] In accordance with an embodiment of the present disclosure, a system for data exchange in a healthcare environment is provided. The system includes a processing subsystem hosted on a server. The processing subsystem is configured to execute on a network to control bidirectional communications among a plurality of modules. The processing subsystem includes a receiving module. The receiving module is configured to receive one or more requests from a plurality of computing devices or applications via an application user interface to access, store and retrieve health-related data. The plurality of computing devices are connected via the network in the healthcare environment. The processing subsystem includes an authorization module operatively coupled to the receiving module. The authorization module is configured to verify credentials corresponding to the plurality of computing devices or applications using knowledge-based authentication. The knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications. The processing subsystem includes a collecting module, operatively coupled to the authorization module. The collecting module is configured to collect the health-related data from the plurality of computing devices or applications to store in a blockchain via the network in response to receiving the request for data storage. The network includes data stores and the blockchain for enhanced security and data retrieval. The collecting module is configured to collect a subset of health-related data via the network in response to the request for retrieval of health-related data. The processing subsystem includes a transformation module operatively coupled to the collecting module. The transformation module is configured to apply a predefined schema to the subset of health-related data for ensuring a common data format. The transformation module is configured to share the subset of health-related data to the plurality of computing devices or applications in a pre-designed style. The processing subsystem includes a tokenized security module operatively coupled to the collecting module. The tokenized security module is configured to grant a plurality of tokens to a plurality of users. The plurality of tokens are associated with a definite medical data. The tokenized security module is configured to transfer the medical data to the plurality of tokens using a one-way function. The medical data is encrypted. The tokenized security module is configured to determine a token validity period based on the sensitivity of the health-related data being accessed. The tokenized security module is configured to designate the token as one of single-use token and a multi-use token. The single-use token restricts usage to a fixed number of times within a time frame. The tokenized security module is configured to allow the plurality of computing devices or applications to access the requested health-related data multiple times in the predefined time limit of the token. Further, the tokenized security module is configured to allow the plurality of computing devices or applications to renew the token by providing a new token with extended validity without re-authentication. Furthermore, tokenized security module is configured to allow the token a plurality of privileges. The plurality of privileges associated with the token as read only, data modification, and adding new information.
[0011] In accordance with another embodiment of the present disclosure, a method for data exchange in a healthcare environment. The method includes receiving, by a receiving module, one or more requests from a plurality of computing devices or applications via an application user interface to access, store and retrieve health-related data. The plurality of computing devices are connected via the network in the healthcare environment. The method includes verifying, by an authorization module, credentials corresponding to the plurality of computing devices or applications using knowledge-based authentication. The knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications. The method includes collecting, by a collecting module, the health-related data from the plurality of computing devices or applications to store in a blockchain via the network in response of receiving the request for data storage. The network includes data stores and the blockchain for enhanced security and data retrieval. The method includes collecting, by the collecting module, a subset of health-related data via the network in response to the request for retrieval of health-related data. The method includes applying, by a transformation module, a predefined schema to the subset of health-related data for ensuring a common data format. The method includes sharing, by the transformation module, the subset of health-related data to the plurality of computing devices or applications in a pre-designed style. The method includes granting, by a tokenized security module, plurality of tokens to a plurality of users. The plurality of tokens are associated with a definite medical data. The method includes transferring, by the tokenized security module, the medical data to the plurality of tokens using a one-way function. The medical data is encrypted. The method includes determining, by the tokenized security module, a token validity period based on the sensitivity of the health-related data being accessed. The method includes designating, by the tokenized security module, the token as one of single-use token and a multi-use token. The single-use token restricts usage to a fixed number of times within a time frame. The method includes allowing, by the tokenized security module, the plurality of computing devices or applications to access the requested health-related data multiple times in the predefined time limit of the token. The method includes allowing, by the tokenized security module, the plurality of computing devices or applications to renew the token by providing a new token with extended validity without re-authentication. The method includes allowing, by the tokenized security module, the token a plurality of privileges. The plurality of privileges associated with the token as read only, data modification, and adding new information.
[0012] To further clarify the advantages and features of the present disclosure, a more particular description of the disclosure will follow by reference to specific embodiments thereof, which are illustrated in the appended figures. It is to be appreciated that these figures depict only typical embodiments of the disclosure and are therefore not to be considered limiting in scope. The disclosure will be described and explained with additional specificity and detail with the appended figures.
BRIEF DESCRIPTION OF THE DRAWINGS
[0013] The disclosure will be described and explained with additional specificity and detail with the accompanying figures in which:
[0014] FIG. 1 is a block diagram representation of a system for data exchange in a healthcare environment in accordance with an embodiment of the present disclosure;
[0015] FIG. 2 is a block diagram representation of an exemplary embodiment of system for data exchange in a healthcare environment of FIG. 1 in accordance with an embodiment of the present disclosure;
[0016] FIG. 3 is a block diagram of a computer or a server in accordance with an embodiment of the present disclosure;
[0017] FIG. 4(a) illustrates a flow chart representing the steps involved in a method for data exchange in a healthcare environment in accordance with an embodiment of the present disclosure; and
[0018] FIG. 4 (b) illustrates continued steps of the method of FIG. 4 (a) in accordance with an embodiment of the present disclosure.
[0019] Further, those skilled in the art will appreciate that elements in the figures are illustrated for simplicity and may not have necessarily been drawn to scale. Furthermore, in terms of the construction of the device, one or more components of the device may have been represented in the figures by conventional symbols, and the figures may show only those specific details that are pertinent to understanding the embodiments of the present disclosure so as not to obscure the figures with details that will be readily apparent to those skilled in the art having the benefit of the description herein.
DETAILED DESCRIPTION
[0020] For the purpose of promoting an understanding of the principles of the disclosure, reference will now be made to the embodiment illustrated in the figures and specific language will be used to describe them. It will nevertheless be understood that no limitation of the scope of the disclosure is thereby intended. Such alterations and further modifications in the illustrated system, and such further applications of the principles of the disclosure as would normally occur to those skilled in the art are to be construed as being within the scope of the present disclosure.
[0021] The terms “comprises”, “comprising”, or any other variations thereof, are intended to cover a non-exclusive inclusion, such that a process or method that comprises a list of steps does not include only those steps but may include other steps not expressly listed or inherent to such a process or method. Similarly, one or more devices or subsystems or elements or structures or components preceded by "comprises... a" does not, without more constraints, preclude the existence of other devices, sub-systems, elements, structures, components, additional devices, additional sub-systems, additional elements, additional structures or additional components. Appearances of the phrase "in an embodiment", "in another embodiment" and similar language throughout this specification may, but not necessarily do, all refer to the same embodiment.
[0022] Unless otherwise defined, all technical and scientific terms used herein have the same meaning as commonly understood by those skilled in the art to which this disclosure belongs. The system, methods, and examples provided herein are only illustrative and not intended to be limiting.
[0023] In the following specification and the claims, reference will be made to a number of terms, which shall be defined to have the following meanings. The singular forms “a”, “an”, and “the” include plural references unless the context clearly dictates otherwise.
[0024] Embodiments of the present disclosure relate to a system for data exchange in a healthcare environment. The system includes a processing subsystem hosted on a server. The processing subsystem is configured to execute on a network to control bidirectional communications among a plurality of modules. The processing subsystem includes a receiving module. The receiving module is configured to receive one or more requests from a plurality of computing devices or applications via an application user interface to access, store and retrieve health-related data. The plurality of computing devices are connected via the network in the healthcare environment. The processing subsystem includes an authorization module operatively coupled to the receiving module. The authorization module is configured to verify credentials corresponding to the plurality of computing devices or applications using knowledge-based authentication. The knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications. The processing subsystem includes a collecting module, operatively coupled to the authorization module. The collecting module is configured to collect the health-related data from the plurality of computing devices or applications to store in a blockchain via the network in response to receiving the request for data storage. The network includes data stores and the blockchain for enhanced security and data retrieval. The collecting module is configured to collect a subset of health-related data via the network in response to the request for retrieval of health-related data. The processing subsystem includes a transformation module operatively coupled to the collecting module. The transformation module is configured to apply a predefined schema to the subset of health-related data for ensuring a common data format. The transformation module is configured to share the subset of health-related data to the plurality of computing devices or applications in a pre-designed style. The processing subsystem includes a tokenized security module operatively coupled to the collecting module. The tokenized security module is configured to grant a plurality of tokens to a plurality of users. The plurality of tokens are associated with a definite medical data. The tokenized security module is configured to transfer the medical data to the plurality of tokens using a one-way function. The medical data is encrypted. The tokenized security module is configured to determine a token validity period based on the sensitivity of the health-related data being accessed. The tokenized security module is configured to designate the token as one of single-use token and a multi-use token. The single-use token restricts usage to a fixed number of times within a time frame. The tokenized security module is configured to allow the plurality of computing devices or applications to access the requested health-related data multiple times in the predefined time limit of the token. The tokenized security module is configured to allow the plurality of computing devices or applications to renew the token by providing a new token with extended validity without re-authentication. The tokenized security module is configured to allow the token a plurality of privileges. The plurality of privileges associated with the token as read only, data modification, and adding new information.
[0025] FIG. 1 is a block diagram of a system (100) for data exchange in a healthcare environment in accordance with an embodiment of the present disclosure. The system (100) includes a processing subsystem (105) hosted on a server (108). In one embodiment, the server (108) may include a cloud-based server. In another embodiment, parts of the server (108) may be a local server coupled to a plurality of computing devices (118). The processing subsystem (105) is configured to execute on a network (115) to control bidirectional communications among a plurality of modules. In one example, the network (115) may be a private or public local area network (LAN) or Wide Area Network (WAN), such as the Internet. In another embodiment, the network (115) may include both wired and wireless communications according to one or more standards and/or via one or more transport mediums. In one example, the network (115) may include wireless communications according to one of the 802.11 or Bluetooth specification sets, or another standard or proprietary wireless communication protocol. In yet another embodiment, the network (115) may also include communications over a terrestrial cellular network, including, a global system for mobile communications (GSM), code division multiple access (CDMA), and/or enhanced data for global evolution (EDGE) network. In a preferred embodiment, the network is a healthcare network.
[0026] The processing subsystem (105) includes a receiving module (120). The receiving module (120) is configured to receive one or more requests from a plurality of computing devices or applications (118) via an application user interface (API) to access, store and retrieve health-related data. The plurality of computing devices are connected via the network (115) in the healthcare environment. The plurality of computing devices or applications (118) refers to a diverse set of electronic devices and software applications utilized within the healthcare network, specifically designed to interact with, process, or manage health-related data for their respective functions. The plurality of computing devices or applications (118) may be utilized by one of healthcare providers, patients, and authorized entities. Examples of the plurality of computing devices or applications (118) include blood pressure monitors, health monitoring devices, health insurance applications, health and wellness applications and the like. Examples of one or more requests may include patient health-related data access requests, health-related data storage requests, health-related data retrieval requests and the like. The health-related data includes information pertaining to an individual’s health and medical history. Examples of health-related data include patient personal information including name, age, gender, medical history, vital signs, prescriptions, insurance related data and the like. The health-related data is generated and collected from the plurality of computing devices or applications (118), each utilizing distinct data formats, standards, and communication protocols.
[0027] APIs are mechanisms that enable two software components to communicate with each other using a set of definitions and protocols. APIs define the methods and data formats that several applications may use to request and exchange information. APIs allow developers to access and retrieve data from a service, application, or platform. Some APIs enable developers to modify data by creating, updating, or deleting records or content. APIs often include authentication and authorization mechanisms to ensure that only authorized users or applications can access the data or perform actions. There are four different types of APIs commonly used in web services: public, partner, private and composite. Examples for API includes Twitter API, Google Map API, YouTube API, GitHub API and the like. The API is configured to provide a language format for communication between the plurality of computing devices or applications (118) and the network (115). The API interface is configured to allow the plurality of computing devices or applications (118) to perform data management in a centralized manner. In an embodiment language format include one of XML, JSON, encrypted formats and the like.
[0028] Further, the processing subsystem (105) includes an authorization module (122) to verify credentials corresponding to the plurality of computing devices or applications (118) using knowledge-based authentication. The knowledge-based authentication is an authentication method based on a series of knowledge questions that are used to verify a person's identity to prevent access of an unauthorized person to a place or most commonly today, to an account. Examples for knowledge questions includes What is your favorite food?", "Who was your favorite teacher?”, Where is your place of birth?” and the like. Further, knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications (118). The user-specific questions are typically answered by the legitimate plurality of computing devices or applications (118). This ensures that only authorized entities can access specific the health-related data, enhancing data security and privacy.
[0029] It will be appreciated to those skilled in the art that other suitable methods such as biometric authentication, multi-factor authentication, Single Sign-On (SSO), OAuth (Open Authorization), or the like may be used for verifying credentials corresponding to the plurality of computing devices or applications (118).
[0030] The processing subsystem (105) includes a collecting module (124) to collect the health-related data from the plurality of computing devices or applications (118) to store in a blockchain via the network in response of receiving the request for data storage. The network (115) includes data stores and the blockchain for enhanced security and data retrieval. The data store is a repository for persistently storing and managing collections of data which include not just repositories like databases, but also simpler store types such as simple files, emails, etc. The data stores are responsible for storing health-related data. The integration of the data stores with the blockchain adds an extra layer of security to healthcare data storage and access. The blockchain is a decentralized and distributed ledger technology that plays a crucial role in enhancing the security, integrity, and transparency of health-related data. The blockchain employs advanced cryptographic techniques to secure data. Further, the health-related data stored in blockchain are immutable.
[0031] The collecting module (124) is configured to collect a subset of health-related data via the network (115) in response to the request for retrieval of health-related data. The subset of health-related data is specific to the requirement of the plurality of devices or applications. Examples of the subset of health-related includes vital signs (blood pressure, heart rate, body temperature), medical history (personal medical history, family medical history), medications (current medications, prescription history), allergies (known allergies, allergic reactions), diagnoses (current diagnoses, diagnostic test results), immunization records (vaccinations, immunization history), fitness and lifestyle data (exercise routines, dietary information, weight and BMI), health insurance information (insurance coverage, claims and billing), prescriptions (current prescriptions, medication history), biometric data (blood sugar levels, cholesterol levels), healthcare provider information (primary care physician, specialist contacts), health and wellness goals (personal goals, progress tracking) and the like.
[0032] The processing subsystem (105) includes a transformation module (126) configured to apply a predefined schema to the subset of health-related data for ensuring a common data format. The predefined schema defines a structure and format in which the health-related data should be presented. The transformation module (126) is configured to collect a style of information based on a pre-designed style for the requested health-related data to ensure the health-related data is displayed in a consistent and understandable manner. The style information helps in rendering the data in an intelligible and consistent manner, enhancing its usability. Further, the transformation module (126) shares the subset of health-related data to the plurality of computing devices or applications (118) in the pre-designed style via the API. Typically, the transformation module (126) operates within the framework of the API.
[0033] The processing subsystem (105) includes a tokenized security module (128) configured to grant a plurality of tokens to a plurality of users who request for access, retrieve or store of the health-related data. The plurality of users includes healthcare providers, patients, authorized entities, and the like. The plurality of tokens is associated with a definite medical data like blood pressure (BP) reading, or any other sensitive health-related information which are critical for patient care. The tokenized security module (128) transfers the definite medical data to the plurality of tokens using a one-way function. The one-way function transforms the definite medical data into an irreversible format, which cannot be converted back to their original values. Examples for one-way function includes, but is not limited to, hash functions, trapdoor one-way functions, password hashing functions and the like. The definite medical data is encrypted using an encryption algorithm using an encryption key. Examples for encryption algorithms include Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES) and the like. Encryption algorithms use the encryption key to alter the data in a predictable way. Encryption algorithm takes the definite medical data and the encryption key as input. It then transforms the definite medical data into an unreadable, ciphertext format. Further, the tokenized security module (128) stores the token in a database. Each of the plurality of tokens is mapped to a corresponding tokenized health-related data. The token is equipped with a temporary credential and a predefined time limit. The temporary credentials are used to verify the identity of the plurality of computing devices and applications attempting to access the health-related data associated with the token. The predefined time limit refers to the duration during which the temporary credentials are considered valid for accessing specific data. The predefined time limit for token credentials is typically determined based on several factors, including security considerations, the specific use case, and the needs of the system (100) and its users.
[0034] Further, the tokenized security module (128) determines a token validity period based on the sensitivity of the health-related data being accessed. Typically, the token validity period indicates the duration of time the token is considered valid. The tokenized security module (128) designates the token as one of single-use token and a multi-use token. The single-use token restricts usage to a fixed number of times within a time frame. The tokenized security module (128) is configured to allow the plurality of computing devices or applications (118) to access the requested health-related data multiple times in the predefined time limit of the token. The tokenized security module (128) is configured to allow the plurality of computing devices or applications (118) to renew the token by providing a new token with extended validity without re-authentication. This feature enhances user convenience and ensures continuous access to data, when required. The tokenized security module (128) is configured to allow the token a plurality of privileges. The plurality of privileges associated with the token as read only, data modification, and adding new information.
[0035] It is to be noted that the system (100) may comprise, but is not limited to, a mobile phone, desktop computer, portable digital assistant (PDA), smart phone, tablet, ultra-book, netbook, laptop, multi-processor system, microprocessor-based or programmable consumer electronic system, or any other communication device that a user may use. In some embodiments, the system (100) may comprise a display module (not shown) to display information (for example, in the form of user interfaces). In further embodiments, the system (100) may comprise one or more touch screens, accelerometers, gyroscopes, cameras, microphones, global positioning system (GPS) devices, and so forth.
[0036] In one embodiment, the various functional components of the system may reside on a single computer, or they may be distributed across several computers in various arrangements. The various components of the system may, furthermore, access one or more databases, and each of the various components of the system may be in communication with one another. Further, while the components of FIG. 1 are discussed in the singular sense, it will be appreciated that in other embodiments multiple instances of the components may be employed.
[0037] FIG. 2 is a block diagram representation of an exemplary embodiment of system for data exchange in a healthcare environment of FIG. 1 in accordance with an embodiment of the present disclosure. The system (100) includes an update module (130) is operatively coupled to the tokenized security module (128). The update module (130) is configured to send updates and notifications to the plurality of computing devices or applications (118) based on specific events or when one or more thresholds are exceeded using the application program interface. Events are specific occurrences or situations that can trigger the system (100) to send data to a connected application. The events are typically relevant to a user's health or interactions with the system (100). Below are a few examples of the events:
1. Appointment Scheduled: When a user schedules a medical appointment, the system (100) may trigger an event to send relevant appointment details to a connected mobile app. This ensures that the user has the appointment information readily available.
2. Prescription Ready: After a doctor writes a prescription for a user, an event may be triggered to inform the user's preferred pharmacy that the prescription is ready for pickup. The pharmacy may then prepare the medication.
3. Health Monitoring: If a user is regularly monitoring their blood pressure using a connected device, an event may be triggered to send the latest readings to their healthcare provider, ensuring ongoing monitoring and intervention if necessary.
4. Health Goal Achievement: If a user sets specific health and fitness goals in an application, an event may be generated when those goals are achieved, or milestones are reached. The user may receive a notification or update about their progress.
5. Emergency Alert: In the case of a medical emergency, a user may activate an emergency alert in a health app, which triggers an event that sends their location and health information to emergency services and designated contacts.
[0038] The one or more thresholds are predefined values or conditions that must be met for the event to be triggered. Further, the one or more thresholds are used to determine when a particular event should be generated. Examples of threshold-based events include:
1. Medication Refill Threshold: If a user's medication supply falls below a predefined threshold (e.g., only a few days' worth of medication left), an event is triggered to remind the user to order a refill or automatically reorder the prescription.
2. Blood Sugar Alert: For individuals with diabetes, if their blood sugar levels exceed a specified threshold, the system can generate an event to notify the user to act or alert their healthcare provider.
3. Fitness Goal Reached: If a user sets a weight loss goal, an event might be triggered when the user's weight reaches or surpasses the target threshold, signaling a successful achievement of the goal.
4. Appointment Reminder: A threshold can be set to generate an event a day or a few hours before a medical appointment to remind the user and provide relevant details.
5. Health Monitoring Warning: If a user's vital signs, such as blood pressure, fall outside of a safe range (the threshold), an event can be created to inform the user of potential health concerns or alert their healthcare provider.
[0039] Let's consider an example, an insurance portal uses the system (100) to collect patient information for processing medical bill claims and a corresponding hospital entity has already added the patient details to the system (100) using the hospital official platform. The receiving module (120) receives a request from the insurance portal total to access a patient ‘X’ medical bill to process the function for claiming it. The authorization module (122) verifies the credentials of the insurance portal to access the medical data from the system (100). It also checks the authorization level, ensuring that the insurance portal has the appropriate permissions. The collecting module (124) collects the health-related data of the patient ‘X ‘that may include all the details to access and identify the patient ‘X’. The blockchain acts as a secure repository, tokenized by the tokenized security module (128), ensuring data integrity and immutability. The transformation module (126) applies a predefined schema to the requested patient ‘X’ medical bill information of the health-related data to ensure a common data format. The predefined schema defines the structure and format in which the health-related data should be presented. Using the API, the transformation module (126) shares the requested data with the insurance company portal in the pre-designed style.
[0040] FIG. 3 is a block diagram of a computer or a server in accordance with an embodiment of the present disclosure. The server (200) includes processor(s) (230), and memory (210) operatively coupled to the bus (220). The processor(s) (230), as used herein, means any type of computational circuit, such as, but not limited to, a microprocessor, a microcontroller, a complex instruction set computing microprocessor, a reduced instruction set computing microprocessor, a very long instruction word microprocessor, an explicitly parallel instruction computing microprocessor, a digital signal processor, or any other type of processing circuit, or a combination thereof.
[0041] The memory (210) includes several subsystems stored in the form of executable program which instructs the processor (230) to perform the method steps illustrated in FIG. 1. The memory (210) includes a processing subsystem (105) of FIG.1. The processing subsystem (105) further has following modules: a receiving module (120), an authorization module (122), a collecting module (124), a transformation module (126), and a tokenized security module (128).
[0042] In accordance with an embodiment of the present disclosure, a system (100) for data exchange in a healthcare environment is provided. The system (100) includes a processing subsystem (105) hosted on a server. The processing subsystem (105) is configured to execute on a network to control bidirectional communications among a plurality of modules. The processing subsystem (105) includes a receiving module (120). The receiving module (120) is configured to receive one or more requests from a plurality of computing devices or applications (118) via an application user interface to access, store and retrieve health-related data. The plurality of computing devices are connected via the network in the healthcare environment. The processing subsystem (105) includes an authorization module (122) operatively coupled to the receiving module (120). The authorization module (122) is configured to verify credentials corresponding to the plurality of computing devices or applications (118) using knowledge-based authentication. Knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications (118). The processing subsystem (105) includes a collecting module (124), operatively coupled to the authorization module (122). The collecting module (124) is configured to collect the health-related data from the plurality of computing devices or applications (118) to store in a blockchain via the network in response of receiving the request for data storage. The network includes data stores and the blockchain for enhanced security and data retrieval. The collecting module (124) is configured to collect a subset of health-related data via the network in response to the request for retrieval of health-related data. The processing subsystem (105) includes a transformation module (126) operatively coupled to the collecting module (124). The transformation module (126) is configured to apply a predefined schema to the subset of health-related data for ensuring a common data format. The transformation module (126) is configured to share the subset of health-related data to the plurality of computing devices or applications (118) in a pre-designed style. The processing subsystem (105) includes a tokenized security module (128) operatively coupled to the collecting module (124). The tokenized security module (128) is configured to grant a plurality of tokens to a plurality of users. The plurality of tokens are associated with a definite medical data. The tokenized security module (128) is configured to transfer the medical data to the plurality of tokens using a one-way function. The medical data is encrypted. The tokenized security module (128) is configured to determine a token validity period based on the sensitivity of the health-related data being accessed. The tokenized security module (128) is configured to designate the token as one of single-use token and a multi-use token. The single-use token restricts usage to a fixed number of times within a time frame. The tokenized security module (128) is configured to allow the plurality of computing devices or applications (118) to access the requested health-related data multiple times in the predefined time limit of the token. The tokenized security module (128) is configured to allow the plurality of computing devices or applications (118) to renew the token by providing a new token with extended validity without re-authentication. The tokenized security module (128) is configured to allow the token a plurality of privileges. The plurality of privileges associated with the token as read only, data modification, and adding new information.
[0043] The bus (220) as used herein refers to internal memory channels or computer network that is used to connect computer components and transfer data between them. The bus (220) includes a serial bus or a parallel bus, wherein the serial bus transmits data in bit-serial format and the parallel bus transmits data across multiple wires. The bus (220) as used herein may include but not limited to, a system bus, an internal bus, an external bus, an expansion bus, a frontside bus, a backside bus and the like.
[0044] FIG. 4(a) illustrates a flow chart representing the steps involved in a method for data exchange in a healthcare environment in accordance with an embodiment of the present disclosure. FIG. 4 (b) illustrates continued steps of the method of FIG. 4 (a) in accordance with an embodiment of the present disclosure. The method (300) includes receiving, by a receiving module, one or more requests from a plurality of computing devices or applications via an application user interface to access, store and retrieve health-related data. The plurality of computing devices are connected via the network in the health care environment in step 310. The health-related data includes information pertaining to an individual's health and medical history. Examples of health-related data include patient personal information including name, age, gender, medical history, vital signs, prescriptions, insurance related data and the like. The plurality of computing devices or applications refers to a diverse set of electronic devices and software applications utilized within the healthcare network, specifically designed to interact with, process, or manage health-related data for their respective functions. Examples of the plurality of computing devices or applications include blood pressure monitors, health monitoring devices, health insurance applications, health and wellness applications and the like. Examples of one or more requests may include patient health-related data access requests, health-related data storage requests, health-related data retrieval requests and the like. APIs are mechanisms that enable two software components to communicate with each other using a set of definitions and protocols.
[0045] The method (300) includes verifying, by an authorization module, credentials corresponding to the plurality of computing devices or applications using knowledge-based authentication. The knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications in step 320. The user-specific questions are typically answered by the legitimate plurality of computing devices or applications.
[0046] It will be appreciated to those skilled in the art that other suitable methods such as biometric authentication, multi-factor authentication, Single Sign-On (SSO), OAuth (Open Authorization), or the like may be used for verifying credentials corresponding to the plurality of computing devices or applications.
[0047] The method (300) includes collecting, by a collecting module, the health-related data from the plurality of computing devices or applications to store in a blockchain via the network in response of receiving the request for data storage. The network includes data stores and the blockchain for enhanced security and data retrieval in step 330. By combining data stores with the blockchain adds an extra layer of security to healthcare data storage and access.
[0048] The method (300) includes collecting, by the collecting module, a subset of health-related data via the network in response to the request for retrieval of health-related data in step 340.
[0049] The method (300) includes applying, by a transformation module, a predefined schema to the subset of health-related data for ensuring a common data format in step 350. The predefined schema defines the structure and format in which the health-related data should be presented.
[0050] The method (300) includes sharing, by the transformation module, the subset of health-related data to the plurality of computing devices or applications in a pre-designed style in step 360. The transformation module operates within the framework of the API. So, the requested subset of information is displayed through the API.
[0051] The method (300) includes granting, by a tokenized security module, plurality of tokens to a plurality of users. The plurality of tokens are associated with a definite medical data in step 370.
[0052] The method (300) includes transferring, by the tokenized security module, the medical data to the plurality of tokens using a one-way function. The medical data is encrypted in step 380. The one-way function transforms the definite medical data into an irreversible format, which cannot be converted back to their original values. Examples for one-way function includes hash functions, trapdoor one-way functions, password hashing functions and the like. Examples for encryption algorithms include Advanced Encryption Standard (AES), Triple Data Encryption Standard (3DES) and the like.
[0053] The method (300) includes determining, by the tokenized security module, a token validity period based on the sensitivity of the health-related data being accessed in step 390. The token validity period indicates the duration of time the token is considered valid.
[0054] The method (300) includes designating, by the tokenized security module, the token as one of single-use token and a multi-use token. The single-use token restricts usage to a fixed number of times within a time frame in step 400.
[0055] The method (300) includes allowing, by the tokenized security module, the plurality of computing devices or applications to access the requested health-related data multiple times in the predefined time limit of the token in step 410.
[0056] The method (300) includes allowing, by the tokenized security module, the plurality of computing devices or applications to renew the token by providing a new token with extended validity without re-authentication in step 420. This step enhances user convenience and ensures continuous access to data, where needed.
[0057] The method (300) includes allowing, by the tokenized security module, the token a plurality of privileges. The plurality of privileges associated with the token as read only, data modification, and adding new information in step 430.
[0058] Various embodiments of the system and method for data exchange in a healthcare environment as described above standardize data formatting and rendering in the healthcare environment. This standardization improves data comprehension and usability by using the API. The system allows users to employ their preferred data formats and communication protocol. This adaptability accommodates a wide range of healthcare professionals, applications, and devices. The implementation of a blockchain database adds an extra layer of security to healthcare data. Blockchain technology is known for its immutability, transparency, and cryptographic security, making it highly suitable for healthcare data storage. Further, the introduction of knowledge-based authentication adds an extra layer of security by using user-specific questions to verify the identity of those accessing the data.
[0059] The techniques described in this disclosure may be implemented, at least in part, in hardware, software, firmware, or any combination thereof. For example, various aspects of the described techniques may be implemented within one or more processors, including one or more microprocessors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or any other equivalent integrated or discrete logic circuitry, as well as any combinations of such components. The term “processor” or “processing subsystem” may generally refer to any of the foregoing logic circuitry, alone or in combination with other logic circuitry, or any other equivalent circuitry. A control unit including hardware may also perform one or more of the techniques of this disclosure.
[0060] Such hardware, software, and firmware may be implemented within the same device or within separate devices to support the various techniques described in this disclosure. In addition, any of the described units, modules, or components may be implemented together or separately as discrete but interoperable logic devices. Depiction of different features as modules or units is intended to highlight different functional aspects and does not necessarily imply that such modules or units must be realized by separate hardware, firmware, or software components. Rather, functionality associated with one or more modules or units may be performed by separate hardware, firmware, or software components, or integrated within common or separate hardware, firmware, or software components.
[0061] It will be understood by those skilled in the art that the foregoing general description and the following detailed description are exemplary and explanatory of the disclosure and are not intended to be restrictive thereof.
[0062] While specific language has been used to describe the disclosure, any limitations arising on account of the same are not intended. As would be apparent to a person skilled in the art, various working modifications may be made to the method in order to implement the inventive concept as taught herein.
[0063] The figures and the foregoing description give examples of embodiments. Those skilled in the art will appreciate that one or more of the described elements may well be combined into a single functional element. Alternatively, certain elements may be split into multiple functional elements. Elements from one embodiment may be added to another embodiment. For example, the order of processes described herein may be changed and are not limited to the manner described herein. Moreover, the actions of any flow diagram need not be implemented in the order shown; nor do all of the acts need to be necessarily performed. Also, those acts that are not dependent on other acts may be performed in parallel with the other acts. The scope of embodiments is by no means limited by these specific examples.
,CLAIMS:1. A system (100) for data exchange in a healthcare environment comprising:
a processing subsystem (105) hosted on a server, wherein the processing subsystem (105) is configured to execute on a network to control bidirectional communications among a plurality of modules comprising:
a receiving module (120) configured to receive one or more requests from a plurality of computing devices or applications (118) via an application user interface to access, store and retrieve health-related data wherein the plurality of computing devices are connected via the network in the healthcare environment;
characterized by that,
an authorization module (122) operatively coupled to the receiving module (120), wherein the authorization module (122) is configured to verify credentials corresponding to the plurality of computing devices or applications (118) using knowledge-based authentication, wherein the knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications (118);
a collecting module (124), operatively coupled to the authorization module (122), wherein the collecting module (124) is configured to:
collect the health-related data from the plurality of computing devices or applications (118) to store in a blockchain via the network in response of receiving the request for data storage, wherein the network comprises data stores and the blockchain for enhanced security and data retrieval; and
collect a subset of health-related data via the network in response to the request for retrieval of health-related data;
a transformation module (126), operatively coupled to the collecting module (124), wherein the transformation module (126) is configured to:
apply a predefined schema to the subset of health-related data for ensuring a common data format; and
share the subset of health-related data to the plurality of computing devices or applications (118) in a pre-designed style;
a tokenized security module (128) operatively coupled to the collecting module (124), wherein the tokenized security module (128) is configured to:
grant a plurality of tokens to a plurality of users, wherein the plurality of tokens are associated to a definite medical data;
transfer the medical data to the plurality of tokens using a one-way function, wherein the medical data is encrypted;
determine a token validity period based on the sensitivity of the health-related data being accessed;
designate the token as one of single-use token and a multi-use token, wherein the single-use token restricts usage to a fixed number of times within a time frame;
allow the plurality of computing devices or applications (118) to access the requested health-related data multiple times in the predefined time limit of the token;
allow the plurality of computing devices or applications (118) to renew the token by providing a new token with extended validity without re-authentication; and
allow the token a plurality of privileges, wherein the plurality of privileges associated with the token as read only, data modification, and adding new information.
2. The system (100) as claimed in claim 1, wherein health-related data is generated and collected from the plurality of computing devices or applications (118), each utilizing distinct data formats, standards, and communication protocols.
3. The system (100) as claimed in claim 1, wherein the application program interface is configured to provide a language format for communication between the plurality of computing devices or applications (118) and the network.
4. The system (100) as claimed in claim 1, wherein the application program interface is configured to allow the plurality of computing devices or applications (118) to perform data management in a centralized manner.
5. The system (100) as claimed in claim 1, wherein the knowledge-based authentication process includes the utilization of the user-specific information comprising personal information.
6. The system (100) as claimed in claim 1, wherein the transformation module (126) is configured to collect a style of information based on the pre-designed style for the requested health-related data to ensure the health-related data is displayed in a consistent and understandable manner.
7. The system (100) as claimed in claim 1, wherein the medical data is encrypted by using an encryption key.
8. The system (100) as claimed in claim 1, wherein the tokenized security module (128) is configured to store the token in a database, wherein each of the plurality of tokens is mapped to a corresponding tokenized health-related data, wherein the token is equipped with a temporary credential and a predefined time limit.
9. The system (100) as claimed in claim 1, comprising an update module is operatively coupled to the tokenized security module (128), wherein the update module is configured to send updates and notifications to the plurality of computing devices or applications (118) based on specific events or when one or more thresholds are exceeded using the application program interface.
10. A method (300) for data exchange in a healthcare environment comprising:
receiving, by a receiving module, one or more requests from a plurality of computing devices or applications via an application user interface to access, store and retrieve health-related data wherein the plurality of computing devices are connected via the network in the healthcare environment;(310)
characterized by that,
verifying, by an authorization module, credentials corresponding to the plurality of computing devices or applications using knowledge-based authentication, wherein the knowledge-based authentication utilizes user-specific questions to perform identity verification of the plurality of computing devices or applications; (320)
collecting, by a collecting module the health-related data from the plurality of computing devices or applications to store in a blockchain via the network in response of receiving the request for data storage, wherein the network comprises data stores and the blockchain for enhanced security and data retrieval; (330)
collecting, by the collecting module, a subset of health-related data via the network in response to the request for retrieval of health-related data; (340)
applying, by a transformation module, a predefined schema to the subset of health-related data for ensuring a common data format; (350)
sharing, by the transformation module, the subset of health-related data to the plurality of computing devices or applications in a pre-designed style; (360)
granting, by a tokenized security module, plurality of tokens to a plurality of users, wherein the plurality of tokens are associated to a definite medical data; (370)
transferring, by the tokenized security module, the medical data to the plurality of tokens using a one-way function, wherein the medical data is encrypted; (380)
determining, by the tokenized security module a token validity period based on the sensitivity of the health-related data being accessed; (390)
designating, by the tokenized security module, the token as one of single-use token and a multi-use token, wherein the single-use token restricts usage to a fixed number of times within a time frame; (400)
allowing, by the tokenized security module, the plurality of computing devices or applications to access the requested health-related data multiple times in the predefined time limit of the token; (410)
allowing, by the tokenized security module, the plurality of computing devices or applications to renew the token by providing a new token with extended validity without re-authentication; and (420)
allowing, by the tokenized security module, the token a plurality of privileges, wherein the plurality of privileges associated with the token as read only, data modification, and adding new information. (430)
Dated this 17th day of October 2023
Signature
Jinsu Abraham
Patent Agent (IN/PA-3267)
Agent for the Applicant
Documents
Application Documents
| # | Name | Date |
|---|---|---|
| 1 | 202221040845-Form 2(Title Page)-180722.pdf | 2022-07-19 |
| 2 | 202221040845-Form 1-180722.pdf | 2022-07-19 |
| 3 | 202221040845-PostDating-(27-06-2023)-(E-6-126-2023-MUM).pdf | 2023-06-27 |
| 4 | 202221040845-APPLICATIONFORPOSTDATING [27-06-2023(online)].pdf | 2023-06-27 |
| 5 | 202221040845-POA [14-07-2023(online)].pdf | 2023-07-14 |
| 6 | 202221040845-FORM 13 [14-07-2023(online)].pdf | 2023-07-14 |
| 7 | 202221040845-FORM-26 [17-07-2023(online)].pdf | 2023-07-17 |
| 8 | 202221040845-FORM FOR STARTUP [17-10-2023(online)].pdf | 2023-10-17 |
| 9 | 202221040845-EVIDENCE FOR REGISTRATION UNDER SSI [17-10-2023(online)].pdf | 2023-10-17 |
| 10 | 202221040845-DRAWING [17-10-2023(online)].pdf | 2023-10-17 |
| 11 | 202221040845-CORRESPONDENCE-OTHERS [17-10-2023(online)].pdf | 2023-10-17 |
| 12 | 202221040845-COMPLETE SPECIFICATION [17-10-2023(online)].pdf | 2023-10-17 |
| 13 | 202221040845-STARTUP [21-11-2023(online)].pdf | 2023-11-21 |
| 14 | 202221040845-FORM28 [21-11-2023(online)].pdf | 2023-11-21 |
| 15 | 202221040845-FORM-9 [21-11-2023(online)].pdf | 2023-11-21 |
| 16 | 202221040845-FORM 18A [21-11-2023(online)].pdf | 2023-11-21 |
| 17 | Abstract.jpg | 2023-12-14 |
| 18 | 202221040845-FER.pdf | 2024-04-25 |
| 19 | 202221040845-FORM 3 [09-05-2024(online)].pdf | 2024-05-09 |
| 20 | 202221040845-FER_SER_REPLY [22-07-2024(online)].pdf | 2024-07-22 |
| 21 | 202221040845-US(14)-HearingNotice-(HearingDate-06-11-2024).pdf | 2024-10-15 |
| 22 | 202221040845-FORM-26 [30-10-2024(online)].pdf | 2024-10-30 |
| 23 | 202221040845-Correspondence to notify the Controller [30-10-2024(online)].pdf | 2024-10-30 |
| 24 | 202221040845-Written submissions and relevant documents [18-11-2024(online)].pdf | 2024-11-18 |
| 25 | 202221040845-Proof of Right [18-11-2024(online)].pdf | 2024-11-18 |
| 26 | 202221040845-PatentCertificate28-03-2025.pdf | 2025-03-28 |
| 27 | 202221040845-IntimationOfGrant28-03-2025.pdf | 2025-03-28 |
Search Strategy
| 1 | SearchHistoryE_24-04-2024.pdf |