US20160104000A1 - Methods and systems for secure acquisition and transmission of image - Google Patents
Methods and systems for secure acquisition and transmission of image Download PDFInfo
- Publication number
- US20160104000A1 US20160104000A1 US14/879,184 US201514879184A US2016104000A1 US 20160104000 A1 US20160104000 A1 US 20160104000A1 US 201514879184 A US201514879184 A US 201514879184A US 2016104000 A1 US2016104000 A1 US 2016104000A1
- Authority
- US
- United States
- Prior art keywords
- volatile memory
- memory space
- image
- session
- allocated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/606—Protecting data by securing the transmission between two devices or processes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q40/00—Finance; Insurance; Tax strategies; Processing of corporate or income taxes
- G06Q40/08—Insurance
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H30/00—ICT specially adapted for the handling or processing of medical images
- G16H30/20—ICT specially adapted for the handling or processing of medical images for handling medical images, e.g. DICOM, HL7 or PACS
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H40/00—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
- G16H40/20—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management or administration of healthcare resources or facilities, e.g. managing hospital staff or surgery rooms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/14—Session management
- H04L67/143—Termination or inactivation of sessions, e.g. event-controlled end of session
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/02—Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Definitions
- the disclosure relates to methods and systems for secure acquisition and transmission of image.
- HIPAA Health Insurance Portability and Accountability Act
- healthcare providers e.g., physicians
- hospitals e.g., hospitals
- health insurance companies e.g., health insurance companies
- PHI patient health information
- HIPAA requires that computer systems that store PHI are protected from intrusion.
- HIPAA requires any communication containing PHI transmitted electronically over open networks is encrypted to prevent unauthorized interception.
- Various disclosed embodiments are directed to methods and systems for secure acquisition and transmission of images by a mobile communication device.
- the method includes acquiring an image by the mobile device and allocating volatile memory space in the mobile device for a defined session.
- the image may be acquired by a digital camera built in the mobile device.
- the method includes digitally storing the acquired image in the allocated volatile memory space.
- the method includes encrypting and transmitting the stored image using a secure transmission protocol during the session.
- the method includes de-allocating the volatile memory space at the termination of the session.
- the de-allocation of the volatile memory space causes the digitally stored image to be erased from the volatile memory space.
- the stored image is not be persistently retained in the mobile device, including any persistent memory space that may have been set aside for the storage of images.
- the volatile memory space is allocated by applying electrical power to the volatile memory and de-allocated by removing electrical power.
- the volatile memory space may be a random access memory (RAM).
- the encrypted image is transmitted to a remote server.
- the image is authenticated according to the secure transmission protocol.
- a system for secure acquisition and transmission of an image includes a mobile communication device configured to communicate over a communication network.
- the mobile communication device includes at least one processor.
- the mobile device includes a volatile memory space allocated for a defined session and de-allocated at the termination of the session.
- the mobile device includes a digital camera configured to acquire an image and to store the acquired image in the allocated volatile memory space.
- the stored image is encrypted and transmitted using a secure transmission protocol during the session.
- the volatile memory space is de-allocated, and wherein the de-allocation of the volatile memory space causes the stored image to be erased from the volatile memory space.
- the de-allocation of the volatile memory space causes the stored image to not be persistently retained in the mobile device.
- FIG. 1 is a schematic block diagram of a communication system in which embodiments of the disclosure can be implemented
- FIG. 2 illustrates an application executable on the mobile device according to disclosed embodiments
- FIG. 3 illustrates the application with an image capture button
- FIG. 4 shows an acquired image displayed on a mobile device
- FIG. 5 is a flow diagram of the method according to disclosed embodiments.
- FIGS. 1-5 discussed below, and the various embodiments used to describe the principles of the present disclosure are by way of illustration only and should not be construed in any way to limit the scope of the disclosure. Those skilled in the art will recognize that the principles of the disclosure may be implemented in any suitably arranged device or a system. The numerous innovative teachings of the present disclosure will be described with reference to exemplary non-limiting embodiments.
- an application executable on a mobile communication device allows secure acquisition and transmission of images in compliance with Health Insurance Portability and Accountability Act (HIPAA).
- HIPAA Health Insurance Portability and Accountability Act
- Healthcare providers may implement the disclosed embodiments to securely acquire and transmit images containing patient health information (PHI).
- PHI patient health information
- healthcare providers may implement the disclosed embodiments to transmit images to health insurance companies in order to receive reimbursement for services provided or to receive pre-approval for services.
- Medical laboratories may implement the disclosed embodiments to transmit images containing laboratory reports to patients or other healthcare providers.
- FIG. 1 is a schematic block diagram of a communication system 100 in which embodiments of the disclosure can be implemented.
- the system 100 includes a mobile communication device 104 which may take the form of a mobile phone, a laptop computer, a tablet computer or the like.
- the mobile device 104 is configured to wirelessly communicate with other communication devices via a communication network 122 .
- the network 122 may be a mobile cellular network such as a 3GPP network or other CDMA/GSM network.
- the network 122 may be linked to another network 126 such as the Internet 126 .
- the system 100 includes a web server 130 and an application server 134 connected to the Internet 126 .
- the mobile device 104 may communicate with the web server 130 and the application server 134 over the networks 122 and 126 .
- the mobile device 104 may retrieve one or more web pages from the web server 130 and may access one or more applications from the application server 134 .
- the mobile device 104 includes a processor 108 connected to a memory 112 .
- the processor 108 may be of the type generally used in mobile devices such as those manufactured by Intel Corporation or ARM Holdings.
- the memory 112 comprises a non-volatile memory 116 and a volatile memory 120 .
- the non-volatile memory 116 any data stored is persistently retained even after electrical power is removed from the non-volatile memory 116 .
- any data stored in the non-volatile memory 116 is not erased following removal of electrical power.
- any data stored in the volatile memory 120 is erased, and thus lost, after electrical power is removed from the volatile memory 120 .
- any data stored in the volatile memory 120 is not persistently retained after removal of electrical power.
- the mobile device 104 also includes a digital camera 114 configured to acquire images. The acquired images are stored in the memory 112 .
- the mobile device 104 also includes a transceiver 140 coupled to an antenna 144 .
- the transceiver 118 and the antenna 120 allow the mobile device 104 to wirelessly transmit and receive data over a wireless network such as the network 122 .
- an application executable on a mobile communication device allows secure acquisition and transmission of images in compliance with HIPAA.
- FIG. 2 illustrates an exemplary application 200 executable on the mobile device 104 .
- the application 200 may reside in the mobile device 104 or may reside remotely such as, for example, in the application server 134 .
- the mobile device 104 may access the application over the networks 122 and 126 .
- the application 200 provides a username 204 field and a password 208 field displayed on the mobile device 104 .
- a user can login by entering a username and a password.
- a connection is established with a secure server such as the server 130 and the server 134 over the networks 122 and 126 .
- a web page 300 is displayed which has an image capture button 304 as shown in FIG. 3 .
- the user can press the image capture button 304 to activate the digital camera 114 of the mobile device 104 to acquire an image.
- FIG. 4 shows an acquired image 404 including a date and time stamp 408 which are displayed on the mobile device 104 .
- a volatile memory space in the volatile memory 120 is allocated by the processor 108 for a defined session and de-allocated at the termination of the session.
- the session is defined for a predetermined time period.
- the volatile memory space may be allocated by marking portions of it as being allocated to the application 200 in a memory allocation table and de-allocated by marking those portions as unallocated at the termination of the session and perhaps also overwriting it.
- the volatile memory space may be allocated by applying electrical power to the volatile memory 120 and de-allocated by removing electrical power at the termination of the session. Volatile memory space that is temporarily allocated to an application is sometimes called “scratchpad” memory.
- such temporarily allocated volatile memory is called a “sandbox” and is designed to prevent applications from interfering with one another or the operating system, except as the operating system permits.
- the acquired image is stored in the allocated volatile memory space.
- the volatile memory space may be a random access memory (RAM).
- the stored image is then encrypted and transmitted to a remote server using a secure transmission protocol.
- the image may be encrypted and transmitted to the application server 134 over the networks 122 and 126 .
- the secure transmission protocol at the remote server the encrypted image is authenticated upon reception.
- the volatile memory space is de-allocated which causes the stored image to be erased from the volatile memory space.
- the volatile memory space is de-allocated by marking the volatile memory space as unallocated at the termination of the session and perhaps overwriting it. Consequently, the acquired image is not persistently retained in the mobile device 104 after the termination of the session.
- the disclosed embodiments provide secure acquisition and transmission of images in compliance with HIPAA. Since the acquired images are erased from the volatile memory after the defined session, and thus not persistently retained by the mobile device 104 , the data is protected from intrusion and misappropriation. Also, because the transmitted images are encrypted, they are prevented from unauthorized interception.
- FIG. 5 is a flow diagram of the method according to disclosed embodiments.
- an image is acquired by a mobile device.
- the image may, for example, be the image of a document containing protected healthcare information of a patient.
- a volatile memory space is allocated in the mobile device for a defined session.
- the volatile memory space may be a random access memory allocated for a predetermined time period by marking it as allocated or applying electrical power to it.
- the acquired image is digitally stored in the allocated volatile memory space.
- the stored image is encrypted, and the encrypted image is transmitted using a secure transmission protocol.
- the volatile memory space is de-allocated at the termination of the session.
- the de-allocation of the volatile memory space causes the digitally stored image to be erased from the volatile memory space.
- the volatile memory space may be de-allocated by marking it as de-allocated or removing electrical power from the volatile memory space.
- machine usable/readable or computer usable/readable mediums include: nonvolatile, hard-coded type mediums such as read only memories (ROMs) or erasable, electrically programmable read only memories (EEPROMs), and user-recordable type mediums such as floppy disks, hard disk drives and compact disk read only memories (CD-ROMs) or digital versatile disks (DVDs).
- ROMs read only memories
- EEPROMs electrically programmable read only memories
- user-recordable type mediums such as floppy disks, hard disk drives and compact disk read only memories (CD-ROMs) or digital versatile disks (DVDs).
Abstract
Methods and systems allow secure acquisition and transmission of images by a mobile communication device. The method includes acquiring an image by the mobile device and allocating volatile memory space in the mobile device for a defined session. The image may be acquired by a digital camera built in the mobile device. The method includes digitally storing the acquired image in the allocated volatile memory space. The method includes encrypting and transmitting the stored image using a secure transmission protocol during the session. The method includes de-allocating the volatile memory space at the termination of the session. The de-allocation of the volatile memory space may cause the digitally stored image to be erased from the volatile memory space. Thus, the stored image is not persistently retained by the mobile device.
Description
- This application claims the benefit of U.S. Provisional Application Ser. No. 62/062,601, filed by Osorio, et al., on Oct. 10, 2014, entitled “Multi-feature Mobile Software Application that Generate [sic.] a Secure Environment to Capture Data under a HIPAA/Hitech Complaint [sic.] Protocol,” commonly assigned with this application and incorporated herein by reference.
- The disclosure relates to methods and systems for secure acquisition and transmission of image.
- The Health Insurance Portability and Accountability Act (HIPAA) requires healthcare providers (e.g., physicians), hospitals, health insurance companies and other businesses associated with the healthcare industry that receive patient health information (PHI) to implement control of access to computer systems and networks that store PHI. HIPAA requires that computer systems that store PHI are protected from intrusion. Also, HIPAA requires any communication containing PHI transmitted electronically over open networks is encrypted to prevent unauthorized interception.
- Since healthcare providers and other businesses associated with the healthcare industry typically maintain computer systems to store PHI, they must ensure that PHI is protected from intrusions. Also, healthcare providers and health insurance companies must ensure that any electronically transmitted PHI is protected from unauthorized interception. If PHI is stolen by intrusion of computer systems or if PHI is intercepted during transmission, businesses may face legal and financial liabilities. Existing systems and methods generally do not allow secure acquisition and transmission of images which may contain PHI.
- Various disclosed embodiments are directed to methods and systems for secure acquisition and transmission of images by a mobile communication device. The method includes acquiring an image by the mobile device and allocating volatile memory space in the mobile device for a defined session. The image may be acquired by a digital camera built in the mobile device. The method includes digitally storing the acquired image in the allocated volatile memory space.
- The method includes encrypting and transmitting the stored image using a secure transmission protocol during the session. The method includes de-allocating the volatile memory space at the termination of the session. The de-allocation of the volatile memory space causes the digitally stored image to be erased from the volatile memory space. Thus, the stored image is not be persistently retained in the mobile device, including any persistent memory space that may have been set aside for the storage of images.
- According to disclosed embodiments, the volatile memory space is allocated by applying electrical power to the volatile memory and de-allocated by removing electrical power. The volatile memory space may be a random access memory (RAM).
- According to disclosed embodiments, the encrypted image is transmitted to a remote server. Upon reception of the image by the remote server, the image is authenticated according to the secure transmission protocol.
- According to disclosed embodiments, a system for secure acquisition and transmission of an image includes a mobile communication device configured to communicate over a communication network. The mobile communication device includes at least one processor. The mobile device includes a volatile memory space allocated for a defined session and de-allocated at the termination of the session. The mobile device includes a digital camera configured to acquire an image and to store the acquired image in the allocated volatile memory space.
- According to disclosed embodiments, the stored image is encrypted and transmitted using a secure transmission protocol during the session. At the termination of the session, the volatile memory space is de-allocated, and wherein the de-allocation of the volatile memory space causes the stored image to be erased from the volatile memory space. Thus, the de-allocation of the volatile memory space causes the stored image to not be persistently retained in the mobile device.
- The foregoing has outlined rather broadly the features and technical advantages of the present disclosure so that those skilled in the art may better understand the detailed description that follows. Additional features and advantages of the disclosure will be described hereinafter that form the subject of the claims. Those skilled in the art will appreciate that they may readily use the conception and the specific embodiment disclosed as a basis for modifying or designing other structures for carrying out the same purposes of the present disclosure. Those skilled in the art will also realize that such equivalent constructions do not depart from the spirit and scope of the disclosure in its broadest form.
- Before undertaking the DETAILED DESCRIPTION below, it may be advantageous to set forth definitions of certain words or phrases used throughout this patent document: the terms “include” and “comprise,” as well as derivatives thereof, mean inclusion without limitation; the term “or” is inclusive, meaning and/or; the phrases “associated with” and “associated therewith,” as well as derivatives thereof, may mean to include, be included within, interconnect with, contain, be contained within, connect to or with, couple to or with, be communicable with, cooperate with, interleave, juxtapose, be proximate to, be bound to or with, have, have a property of, or the like; and the term “controller” means any device, system or part thereof that controls at least one operation, whether such a device is implemented in hardware, firmware, software or some combination of at least two of the same. It should be noted that the functionality associated with any particular controller may be centralized or distributed, whether locally or remotely. Definitions for certain words and phrases are provided throughout this patent document, and those of ordinary skill in the art will understand that such definitions apply in many, if not most, instances to prior as well as future uses of such defined words and phrases. While some terms may include a wide variety of embodiments, the appended claims may expressly limit these terms to specific embodiments.
- Reference is now made to the following descriptions taken in conjunction with the accompanying drawings, in which:
-
FIG. 1 is a schematic block diagram of a communication system in which embodiments of the disclosure can be implemented; -
FIG. 2 illustrates an application executable on the mobile device according to disclosed embodiments; -
FIG. 3 illustrates the application with an image capture button; -
FIG. 4 shows an acquired image displayed on a mobile device; and -
FIG. 5 is a flow diagram of the method according to disclosed embodiments. -
FIGS. 1-5 , discussed below, and the various embodiments used to describe the principles of the present disclosure are by way of illustration only and should not be construed in any way to limit the scope of the disclosure. Those skilled in the art will recognize that the principles of the disclosure may be implemented in any suitably arranged device or a system. The numerous innovative teachings of the present disclosure will be described with reference to exemplary non-limiting embodiments. - Various disclosed embodiments provide methods and systems for secure acquisition and transmission of images. According to disclosed embodiments, an application executable on a mobile communication device allows secure acquisition and transmission of images in compliance with Health Insurance Portability and Accountability Act (HIPAA). Healthcare providers may implement the disclosed embodiments to securely acquire and transmit images containing patient health information (PHI). For example, healthcare providers may implement the disclosed embodiments to transmit images to health insurance companies in order to receive reimbursement for services provided or to receive pre-approval for services. Medical laboratories may implement the disclosed embodiments to transmit images containing laboratory reports to patients or other healthcare providers.
-
FIG. 1 is a schematic block diagram of a communication system 100 in which embodiments of the disclosure can be implemented. The system 100 includes a mobile communication device 104 which may take the form of a mobile phone, a laptop computer, a tablet computer or the like. The mobile device 104 is configured to wirelessly communicate with other communication devices via acommunication network 122. Thenetwork 122 may be a mobile cellular network such as a 3GPP network or other CDMA/GSM network. Thenetwork 122 may be linked to anothernetwork 126 such as the Internet 126. - The system 100 includes a
web server 130 and anapplication server 134 connected to the Internet 126. The mobile device 104 may communicate with theweb server 130 and theapplication server 134 over thenetworks web server 130 and may access one or more applications from theapplication server 134. - The mobile device 104 includes a
processor 108 connected to a memory 112. Theprocessor 108 may be of the type generally used in mobile devices such as those manufactured by Intel Corporation or ARM Holdings. - According to disclosed embodiments, the memory 112 comprises a
non-volatile memory 116 and avolatile memory 120. In thenon-volatile memory 116, any data stored is persistently retained even after electrical power is removed from thenon-volatile memory 116. Thus, any data stored in thenon-volatile memory 116 is not erased following removal of electrical power. In contrast, any data stored in thevolatile memory 120 is erased, and thus lost, after electrical power is removed from thevolatile memory 120. Thus, any data stored in thevolatile memory 120 is not persistently retained after removal of electrical power. - The mobile device 104 also includes a
digital camera 114 configured to acquire images. The acquired images are stored in the memory 112. The mobile device 104 also includes atransceiver 140 coupled to anantenna 144. The transceiver 118 and theantenna 120 allow the mobile device 104 to wirelessly transmit and receive data over a wireless network such as thenetwork 122. - According to disclosed embodiments, an application executable on a mobile communication device allows secure acquisition and transmission of images in compliance with HIPAA.
FIG. 2 illustrates anexemplary application 200 executable on the mobile device 104. Theapplication 200 may reside in the mobile device 104 or may reside remotely such as, for example, in theapplication server 134. When theapplication 200 resides in theapplication server 134, the mobile device 104 may access the application over thenetworks - The
application 200 provides ausername 204 field and apassword 208 field displayed on the mobile device 104. A user can login by entering a username and a password. Upon successful login a connection is established with a secure server such as theserver 130 and theserver 134 over thenetworks web page 300 is displayed which has animage capture button 304 as shown inFIG. 3 . The user can press theimage capture button 304 to activate thedigital camera 114 of the mobile device 104 to acquire an image.FIG. 4 shows an acquiredimage 404 including a date andtime stamp 408 which are displayed on the mobile device 104. - According to disclosed embodiments, a volatile memory space in the
volatile memory 120 is allocated by theprocessor 108 for a defined session and de-allocated at the termination of the session. The session is defined for a predetermined time period. According to disclosed embodiments, the volatile memory space may be allocated by marking portions of it as being allocated to theapplication 200 in a memory allocation table and de-allocated by marking those portions as unallocated at the termination of the session and perhaps also overwriting it. Alternatively, the volatile memory space may be allocated by applying electrical power to thevolatile memory 120 and de-allocated by removing electrical power at the termination of the session. Volatile memory space that is temporarily allocated to an application is sometimes called “scratchpad” memory. In the context of certain mobile device operating systems commercially available from Apple Incorporated of Cupertino, Calif. (e.g., OS X®), such temporarily allocated volatile memory is called a “sandbox” and is designed to prevent applications from interfering with one another or the operating system, except as the operating system permits. - According to disclosed embodiments, the acquired image is stored in the allocated volatile memory space. The volatile memory space may be a random access memory (RAM). The stored image is then encrypted and transmitted to a remote server using a secure transmission protocol. For example the image may be encrypted and transmitted to the
application server 134 over thenetworks - According to disclosed embodiments, after the termination of the session, the volatile memory space is de-allocated which causes the stored image to be erased from the volatile memory space. The volatile memory space is de-allocated by marking the volatile memory space as unallocated at the termination of the session and perhaps overwriting it. Consequently, the acquired image is not persistently retained in the mobile device 104 after the termination of the session.
- Thus, it will be appreciated that the disclosed embodiments provide secure acquisition and transmission of images in compliance with HIPAA. Since the acquired images are erased from the volatile memory after the defined session, and thus not persistently retained by the mobile device 104, the data is protected from intrusion and misappropriation. Also, because the transmitted images are encrypted, they are prevented from unauthorized interception.
-
FIG. 5 is a flow diagram of the method according to disclosed embodiments. Inblock 504, an image is acquired by a mobile device. The image may, for example, be the image of a document containing protected healthcare information of a patient. - In
block 508, a volatile memory space is allocated in the mobile device for a defined session. As discussed before, the volatile memory space may be a random access memory allocated for a predetermined time period by marking it as allocated or applying electrical power to it. - In
block 512, the acquired image is digitally stored in the allocated volatile memory space. Inblock 516, the stored image is encrypted, and the encrypted image is transmitted using a secure transmission protocol. - In
block 520, the volatile memory space is de-allocated at the termination of the session. The de-allocation of the volatile memory space causes the digitally stored image to be erased from the volatile memory space. As discussed before, the volatile memory space may be de-allocated by marking it as de-allocated or removing electrical power from the volatile memory space. - Those skilled in the art will recognize that, for simplicity and clarity, the full structure and operation of all systems suitable for use with the present disclosure is not being depicted or described herein. Instead, only so much of a system as is unique to the present disclosure or necessary for an understanding of the present disclosure is depicted and described. The remainder of the construction and operation of the disclosed systems may conform to any of the various current implementations and practices known in the art.
- Of course, those of skill in the art will recognize that, unless specifically indicated or required by the sequence of operations, certain steps in the processes described above may be omitted, performed concurrently or sequentially, or performed in a different order. Further, no component, element, or process should be considered essential to any specific claimed embodiment, and each of the components, elements, or processes can be combined in still other embodiments.
- It is important to note that while the disclosure includes a description in the context of a fully functional system, those skilled in the art will appreciate that at least portions of the mechanism of the present disclosure are capable of being distributed in the form of instructions contained within a machine-usable, computer-usable, or computer-readable medium in any of a variety of forms, and that the present disclosure applies equally regardless of the particular type of instruction or signal bearing medium or storage medium utilized to actually carry out the distribution. Examples of machine usable/readable or computer usable/readable mediums include: nonvolatile, hard-coded type mediums such as read only memories (ROMs) or erasable, electrically programmable read only memories (EEPROMs), and user-recordable type mediums such as floppy disks, hard disk drives and compact disk read only memories (CD-ROMs) or digital versatile disks (DVDs).
- Although an exemplary embodiment of the present disclosure has been described in detail, those skilled in the art will understand that various changes, substitutions, variations, and improvements disclosed herein may be made without departing from the spirit and scope of the disclosure in its broadest form.
- None of the description in the present application should be read as implying that any particular element, step, or function is an essential element which must be included in the claim scope: the scope of patented subject matter is defined only by the allowed claims. Moreover, none of these claims are intended to invoke paragraph six of 35 USC §112 unless the exact words “means for” are followed by a participle.
Claims (23)
1. A method for secure acquisition and transmission of an image by a mobile communication device, comprising:
acquiring an image by the mobile device;
allocating volatile memory space in the mobile device for a session;
digitally storing the acquired image in the allocated volatile memory space;
transmitting the digitally stored image using a secure transmission protocol during the session; and
de-allocating the volatile memory space at the termination of the session.
2. The method of claim 1 , wherein the de-allocation of the volatile memory space causes the stored image to not be persistently retained in the mobile device.
3. The method of claim 1 , wherein the secure transmission protocol encrypts the digitally stored image prior to the transmission.
4. The method of claim 1 , wherein the volatile memory space is de-allocated by marking the volatile memory space as unallocated upon the termination.
5. The method of claim 1 , wherein the volatile memory space is a random access memory (RAM).
6. The method of claim 1 , wherein the encrypted image is transmitted to a remote server.
7. The method of claim 6 , wherein the secure transmission protocol authenticates the image upon reception by the remote server.
8. The method of claim 1 , wherein the image is acquired by a digital camera built in the mobile device.
9. The method of claim 1 , wherein the session is defined for a predetermined time period.
10. A system for secure acquisition and transmission of an image, comprising:
a mobile communication device configured to communicate over a communication network, the mobile communication device comprising:
at least one processor;
a volatile memory space allocated by the processor for a defined session and de-allocated at the termination of the session; and
a digital camera configured to acquire an image and to store the acquired image in the allocated volatile memory space, wherein the mobile communication device transmits the stored image using a secure transmission protocol during the session.
11. The system of claim 10 , wherein the de-allocation of the volatile memory space causes the stored image to not be persistently retained in the mobile device.
12. The system of claim 10 , wherein the secure transmission protocol encrypts the digitally stored image prior to the transmission.
13. The system of claim 10 , wherein the volatile memory space is de-allocated by marking the volatile memory space as unallocated upon the termination.
14. The system of claim 10 , wherein the volatile memory space is a random access memory (RAM).
15. The system of claim 1 , wherein the encrypted image is transmitted to a remote server.
16. The system of claim 15 , wherein the secure transmission protocol authenticates the image upon reception by the remote server.
17. The system of claim 10 , wherein the session is defined for a predetermined time period.
18. A system for secure acquisition and transmission of an image, comprising:
a mobile communication device configured to communicate over a communication network, the mobile communication device comprising:
at least one processor;
a volatile memory space allocated by the processor for a defined session and de-allocated at the termination of the session;
a digital camera configured to acquire an image and to store the acquired image in the allocated volatile memory space; and
a server, wherein the mobile communication device transmits the stored image to the server over the communication network using a secure transmission protocol during the session, and wherein the de-allocation of the volatile memory space causes the stored image to be erased from the volatile memory space.
19. The system of claim 18 , wherein the de-allocation of the volatile memory space causes the stored image to not be persistently retained in the mobile device.
20. The system of claim 18 , wherein the secure transmission protocol encrypts the digitally stored image prior to the transmission.
21. The system of claim 18 , wherein the volatile memory space is de-allocated by marking the volatile memory space as unallocated upon the termination.
22. The system of claim 18 , wherein the secure transmission protocol authenticates the image upon reception by the server.
23. The system of claim 18 , wherein the session is defined for a predetermined time period.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US14/879,184 US20160104000A1 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure acquisition and transmission of image |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US201462062601P | 2014-10-10 | 2014-10-10 | |
US14/879,184 US20160104000A1 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure acquisition and transmission of image |
Publications (1)
Publication Number | Publication Date |
---|---|
US20160104000A1 true US20160104000A1 (en) | 2016-04-14 |
Family
ID=55655547
Family Applications (4)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/879,193 Abandoned US20160103964A1 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure acquisition, interpretation and transmission of data under hipaa compliant protocol |
US14/879,184 Abandoned US20160104000A1 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure acquisition and transmission of image |
US14/879,248 Active 2037-10-25 US10388408B2 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure transmission and reception of data between a mobile device and a central computer system |
US16/505,320 Active US10803979B2 (en) | 2014-10-10 | 2019-07-08 | Methods and systems for secure acquisition and transmission of an image |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/879,193 Abandoned US20160103964A1 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure acquisition, interpretation and transmission of data under hipaa compliant protocol |
Family Applications After (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US14/879,248 Active 2037-10-25 US10388408B2 (en) | 2014-10-10 | 2015-10-09 | Methods and systems for secure transmission and reception of data between a mobile device and a central computer system |
US16/505,320 Active US10803979B2 (en) | 2014-10-10 | 2019-07-08 | Methods and systems for secure acquisition and transmission of an image |
Country Status (1)
Country | Link |
---|---|
US (4) | US20160103964A1 (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160103782A1 (en) * | 2014-10-10 | 2016-04-14 | MD Cloud Practice Solutions, L.L.C. | Methods and systems for secure transmission and reception of data between a mobile device and a central computer system |
Families Citing this family (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US11392670B1 (en) * | 2011-12-09 | 2022-07-19 | Iqvia Inc. | Systems and methods for streaming normalized clinical trial capacity information |
Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3916095A (en) * | 1972-02-17 | 1975-10-28 | Dacom Inc | Dual-line data compression method and system for compressing, transmitting and reproducing facsimile data |
US5671246A (en) * | 1996-04-22 | 1997-09-23 | Hewlett-Packard Comany | Method and apparatus for adaptive adjustment of cache allocation for storage of font data |
US6128621A (en) * | 1997-10-31 | 2000-10-03 | Oracle Corporation | Apparatus and method for pickling data |
US6237079B1 (en) * | 1997-03-30 | 2001-05-22 | Canon Kabushiki Kaisha | Coprocessor interface having pending instructions queue and clean-up queue and dynamically allocating memory |
US20030100373A1 (en) * | 2001-11-28 | 2003-05-29 | Aruze Corporation | Game machine door locking apparatus control system |
US20030226006A1 (en) * | 2002-06-04 | 2003-12-04 | Ballard Curtis C. | Method and system of locating a firmware image in non-volatile memory |
US20040021788A1 (en) * | 2002-07-29 | 2004-02-05 | Fuji Photo Film Co., Ltd. | Solid state image pickup device with non-volatile memory |
US20110223970A1 (en) * | 2010-03-15 | 2011-09-15 | Nokia Corporation | Image-Based Addressing of Physical Content for Electronic Communication |
US8166210B2 (en) * | 2004-11-19 | 2012-04-24 | Canon Kabushiki Kaisha | Electronic device and control method therefor |
US8316460B1 (en) * | 2011-11-22 | 2012-11-20 | Google Inc. | Private web browsing using encryption |
US20150015911A1 (en) * | 2013-07-09 | 2015-01-15 | Naoki Shimizu | Information processing device, image processing control method, and recording medium storing image processing control program |
US20150028578A1 (en) * | 2013-05-17 | 2015-01-29 | Thomas D. Pawlik | Method of authenticating an item |
US20160037057A1 (en) * | 2009-10-14 | 2016-02-04 | Trice Imaging, Inc. | Systems and devices for encrypting, converting and interacting with medical images |
Family Cites Families (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20030154398A1 (en) | 2002-02-08 | 2003-08-14 | Eaton Eric Thomas | System for providing continuity between session clients and method therefor |
US20040162831A1 (en) * | 2003-02-06 | 2004-08-19 | Patterson John Douglas | Document handling system and method |
US20040221788A1 (en) | 2003-05-07 | 2004-11-11 | George Sievewright | Preventing marine vessel from colliding with piling or dock |
US7430671B2 (en) * | 2004-03-31 | 2008-09-30 | Nortel Networks Limited | Systems and methods for preserving confidentiality of sensitive information in a point-of-care communications environment |
EP1844612B1 (en) * | 2005-02-04 | 2017-05-10 | Barco NV | Method and device for image and video transmission over low-bandwidth and high-latency transmission channels |
US7959080B2 (en) * | 2008-03-11 | 2011-06-14 | Xpress Systems, Llc | System for printing hospital labels and wristbands |
US20130096938A1 (en) * | 2011-10-10 | 2013-04-18 | Abbott Biotechnology Ltd. | Managing healthcare services |
US20150278474A1 (en) * | 2011-10-10 | 2015-10-01 | Peter Carl Stueckemann | Managing healthcare services |
US9280678B2 (en) * | 2013-12-02 | 2016-03-08 | Fortinet, Inc. | Secure cloud storage distribution and aggregation |
US20160103964A1 (en) * | 2014-10-10 | 2016-04-14 | MD Cloud Practice Solutions, L.L.C. | Methods and systems for secure acquisition, interpretation and transmission of data under hipaa compliant protocol |
-
2015
- 2015-10-09 US US14/879,193 patent/US20160103964A1/en not_active Abandoned
- 2015-10-09 US US14/879,184 patent/US20160104000A1/en not_active Abandoned
- 2015-10-09 US US14/879,248 patent/US10388408B2/en active Active
-
2019
- 2019-07-08 US US16/505,320 patent/US10803979B2/en active Active
Patent Citations (13)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US3916095A (en) * | 1972-02-17 | 1975-10-28 | Dacom Inc | Dual-line data compression method and system for compressing, transmitting and reproducing facsimile data |
US5671246A (en) * | 1996-04-22 | 1997-09-23 | Hewlett-Packard Comany | Method and apparatus for adaptive adjustment of cache allocation for storage of font data |
US6237079B1 (en) * | 1997-03-30 | 2001-05-22 | Canon Kabushiki Kaisha | Coprocessor interface having pending instructions queue and clean-up queue and dynamically allocating memory |
US6128621A (en) * | 1997-10-31 | 2000-10-03 | Oracle Corporation | Apparatus and method for pickling data |
US20030100373A1 (en) * | 2001-11-28 | 2003-05-29 | Aruze Corporation | Game machine door locking apparatus control system |
US20030226006A1 (en) * | 2002-06-04 | 2003-12-04 | Ballard Curtis C. | Method and system of locating a firmware image in non-volatile memory |
US20040021788A1 (en) * | 2002-07-29 | 2004-02-05 | Fuji Photo Film Co., Ltd. | Solid state image pickup device with non-volatile memory |
US8166210B2 (en) * | 2004-11-19 | 2012-04-24 | Canon Kabushiki Kaisha | Electronic device and control method therefor |
US20160037057A1 (en) * | 2009-10-14 | 2016-02-04 | Trice Imaging, Inc. | Systems and devices for encrypting, converting and interacting with medical images |
US20110223970A1 (en) * | 2010-03-15 | 2011-09-15 | Nokia Corporation | Image-Based Addressing of Physical Content for Electronic Communication |
US8316460B1 (en) * | 2011-11-22 | 2012-11-20 | Google Inc. | Private web browsing using encryption |
US20150028578A1 (en) * | 2013-05-17 | 2015-01-29 | Thomas D. Pawlik | Method of authenticating an item |
US20150015911A1 (en) * | 2013-07-09 | 2015-01-15 | Naoki Shimizu | Information processing device, image processing control method, and recording medium storing image processing control program |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20160103782A1 (en) * | 2014-10-10 | 2016-04-14 | MD Cloud Practice Solutions, L.L.C. | Methods and systems for secure transmission and reception of data between a mobile device and a central computer system |
US10388408B2 (en) * | 2014-10-10 | 2019-08-20 | MD Cloud Practice Solutions, L.L.C. | Methods and systems for secure transmission and reception of data between a mobile device and a central computer system |
US10803979B2 (en) | 2014-10-10 | 2020-10-13 | MD Cloud Practice Solutions, L.L.C. | Methods and systems for secure acquisition and transmission of an image |
Also Published As
Publication number | Publication date |
---|---|
US10803979B2 (en) | 2020-10-13 |
US20160103782A1 (en) | 2016-04-14 |
US10388408B2 (en) | 2019-08-20 |
US20160103964A1 (en) | 2016-04-14 |
US20190333615A1 (en) | 2019-10-31 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10789555B2 (en) | Mobile device-based system for automated, real time health record exchange | |
US9602506B2 (en) | Method and apparatus for supporting login through user terminal | |
EP2955900B1 (en) | File sharing method and device | |
US9767299B2 (en) | Secure cloud data sharing | |
US11496490B2 (en) | Notification of a security breach on a mobile device | |
EP3796201A2 (en) | Systems and methods for diffracted data retrieval | |
FI3859689T3 (en) | Providing access to a lock for a service provider | |
US10803979B2 (en) | Methods and systems for secure acquisition and transmission of an image | |
EP3248130B1 (en) | Trusted execution environment on a distant server for a mobile phone | |
DE102015215120A1 (en) | METHOD FOR USING A DEVICE FOR UNLOCKING ANOTHER DEVICE | |
WO2020186823A1 (en) | Blockchain-based data querying method, device, system and apparatus, and storage medium | |
US20160234291A1 (en) | File sharing method and file sharing system utilizing the same | |
JP2017017378A5 (en) | ||
CA2962156A1 (en) | Sesame secure messaging | |
US20130262600A1 (en) | Image processing apparatus | |
US20180122500A1 (en) | Systems and methods providing centralized medical privileging and data | |
WO2016111654A1 (en) | Encrypted-bypass webrtc-based voice and/or video communication method | |
GB2509064A (en) | Method and system for distributing health data | |
ES2963412T3 (en) | Secure transmission | |
US20170147793A1 (en) | System for remote monitoring and supervision of data | |
US20200135335A1 (en) | Systems and methods for integrating a globally secure communications network with stored medical diagnostics | |
US20190052610A1 (en) | Apparatus and method for encapsulation of profile certificate private keys or other data | |
KR20160050605A (en) | Service server, and operating method thereof | |
CN105979113A (en) | Method of protecting picture privacy through using wireless communication technology | |
JP2008011100A (en) | Attribute authentication method, attribute certificate generating apparatus, service provision destination apparatus, service provision source apparatus, and attribute authentication system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: MD CLOUD PRACTICE SOLUTIONS, L.L.C., TEXAS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:OSORIO, FEDERICO;OVALLES, ANDRES GUTIERREZ;SIGNING DATES FROM 20151007 TO 20151012;REEL/FRAME:036904/0805 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |