The present application is a divisional application of patent application No. 201580026617.3 entitled "clinical data obfuscation and enhancement system and method for wireless medical device" filed on 3/18/2015.
The present application claims priority and benefit from united states provisional patent application No. 61/955472, filed 3/19/2014, and is incorporated herein by reference in its entirety.
Detailed Description
While this invention is susceptible of embodiment in many different forms, there is shown in the drawings and will herein be described in detail preferred embodiments of the invention with the understanding that the present disclosure is to be considered as an example of the principles of the invention and not intended to limit the broad aspect of the invention to the embodiments illustrated. For purposes of the detailed description herein, the singular encompasses the plural as well as the plural (unless expressly stated otherwise); the words "and" or "should be either conjunctions or disjunctions; the word "all" means "any and all"; the word "any" means "any and all"; and the word "comprising" means "including but not limited to".
It has now been found that existing medical device systems employing wireless communication suffer from a number of serious limitations. In particular, existing medical instrument systems typically communicate according to industry standard communication protocols, for example. Such standard communication protocols help coordinate the technical specifications of medical devices, thereby improving industry efficiency, product compatibility, and end-user experience. While these standard communication protocols tend to include some type of security feature, such security features often prove inadequate. Indeed, because standard communication protocols are publicly available, clinical data stored on medical devices is susceptible to attack or collection by unauthorized persons. Another disadvantage of existing medical devices using standard communication protocols is that: data communication needs to be provided according to a specific formatting (formatting), and thus data communication is limited to only certain predetermined data fields.
In accordance with various aspects of the present invention, systems and methods are described that can improve the storage, management, and wireless communication of medical data in a significantly more secure manner. The system and method of the present invention is implemented while maintaining the ability of medical devices to communicate via standard communication protocols, thereby providing flexibility and ease of use in operating medical devices.
Referring to FIG. 1, there is illustrated an exemplary schematic diagram of a medical data management system 100 in accordance with various aspects of the present invention. The system 100 includes a sensor 110 and a collector 112. Sensor 110 and collector 112 are distinct and separate devices configured to perform different functions for diagnosis and/or treatment of an individual. Sensor 110 is a portable device configured to detect and measure clinical data for one or more parameters related to a physiological state and/or a physical state of an individual. By way of non-limiting example, the sensors 110 may include biosensor devices (e.g., a blood glucose sensor, a blood glucose meter, and/or a blood glucose monitor), cardiac monitoring devices (e.g., a heart rate monitor or a Holter monitor), hemodynamic monitoring devices, respiratory monitoring devices, neurological monitoring devices, body temperature monitoring devices, labor monitoring devices, combinations thereof, and/or the like. According to some aspects of the invention, the sensor 110 is a portable device that is sized to be easily carried, transported, and stored by an individual. According to additional and/or alternative aspects of the present invention, one or more components of sensor 110 may be configured to be implantable within the body of an individual.
The collector 112 is configured to receive and process the clinical data measured by the sensors 110 in a wireless manner. Non-limiting examples of collectors 112 include desktop or laptop Personal Computers (PCs), hand-held or pocket personal computers (HPCs), tablet computing devices, Personal Digital Assistants (PDAs), mobile phones (e.g., smart phones), and/or combinations thereof, among others. In some cases, the collector 112 may be a personal device owned and operated by the individual, while in other cases, the collector 112 may be owned and operated by the individual's healthcare provider.
The exemplary collector 112 shown in fig. 1 includes a collector input/output device 114, a collector communication interface 116, a collector controller ("collector CPU") 118, a collector memory 120, and a collector power supply 122. The collector 112 is typically operated using a collector input/output device 114, which may be external or integrated with respect to other components of the collector 112. For example, the collector input/output device 114 may include one or more displays, speakers, touch screens, buttons, mice, joysticks (joysticks), gesture sensing devices, voice recognition devices, combinations thereof, and/or the like. The collector input/output device 114 may be configured to receive user input and transform the user input into an electronic data signal representative of the user input, which is received by the collector CPU118 for processing.
The collector communication interface 116 is configured to facilitate data communication between the sensors 110 and the collector 112, as will be described in greater detail below. The collector power source 122 may include any source of power that can be delivered to the collector 112. Although illustrated as the collector power supply 122 being incorporated into the collector 112 (e.g., a battery), it is understood that the collector power supply 122 may be external with respect to the collector 112 (e.g., a power grid).
In general, the collector CPU118 is capable of receiving and executing any number of programming instructions. In particular, the collector CPU118 is configured to process clinical data received from the sensors 110, as will be described in greater detail later. The collector memory 120 is configured to store clinical data received from the sensors 110 and/or data resulting from processing of the clinical data. The collector memory 120 can also store instructions for performing the operations of the collector 112 described herein. As non-limiting examples, collector memory 120 may include Read Only Memory (ROM), Random Access Memory (RAM), magnetic disk storage media, optical storage media, flash memory, combinations thereof, and/or the like.
The exemplary sensor 110 shown in FIG. 1 includes a measurement system 124, a sensor controller ("sensor CPU") 126, a sensor memory 128, a sensor communication interface 130, a sensor power supply 132, and a sensor input/output device 134. The measurement system 124 is configured to measure and determine clinical data for parameter(s) related to a physiological state and/or a physical state of the individual. For example, the measurement system 124 can include one or more electrical sensors, optical sensors, mechanical sensors, chemical sensors, and/or combinations thereof (e.g., electromechanical sensors, electrochemical sensors, etc.), each of which is communicatively coupled with the sensor CPU 126 to determine clinical data for the parameter(s) related to the physiological and/or physical state of the individual. By way of non-limiting example, measurement system 124 may include one or more electrodes, image sensors, pressure sensors, accelerometers (accelerometers), fluid and/or gas flow sensors, temperature sensors, superconducting quantum interference devices (SQUIDs), Ion Specific Field Effect Transistors (ISFETs), Negative Temperature Coefficient (NTC) resistors, Positive Temperature Coefficient (PTC) resistors, band gap (band gap) detectors, ionic membranes (membranes), enzyme reactors, and/or combinations thereof, and the like.
The sensor CPU 126 is also communicatively coupled with a sensor memory 128. Sensor memory 128 may be a machine-readable storage medium that includes any mechanism for storing and providing information in a form readable by a machine. For example, the sensor memory 128 may include Read Only Memory (ROM), Random Access Memory (RAM), magnetic disk storage media, optical storage media, flash memory, combinations thereof, and/or the like. The sensor memory 128 is capable of storing instructions for performing the operations of the sensor 110 described herein.
The sensor memory 128 includes at least two memory regions that are separate and distinct. The first memory area 136 is configured to store only clinical data determined by the measurement system 124. The second memory area 138 is configured to store only the enhancement data received from the collector 112, as will be described in more detail later. It should be understood that the first and second memory sections 136, 138 can be provided using a single memory device or separate and distinct memory devices.
The sensor CPU 126 is also communicatively coupled with a sensor communication interface 130, which facilitates data communication between the sensor 110 and the collector 112. In particular, the sensor communication interface 130 and the collector communication interface 116 employ compatible technologies that facilitate data exchange between the sensors 110 and the collector 112 according to at least two different communication protocols. As known to those of ordinary skill in the art, a communication protocol is a set of rules for data exchange (e.g., syntax (syntax), semantics (semantics), and synchronization) that define data exchange). Thus, the at least two communication protocols may be different from each other in at least one of syntax (e.g., data format), semantics, and/or synchronization employed to exchange data between the sensors 110 and the collector 112.
According to some aspects of the present disclosure, the sensor communication interface 130 and the collector communication interface 116 may be configured to communicate via radio-frequency (RF) communication (e.g., short-range RF telemetry) technology, such as BluetoothWireless technology, Zigbee, Z-sense technology, FitSense, bodylan tm systems, other RF technologies, etc. According to additional and/or alternative aspects, the sensor communication interface 130 and the collector communication interface 116 may be configured to communicate via other wireless technologies, such as Infrared (IR) technologies or other optical technologies, among others. It should be understood that the sensor communication interface 130 and the collector communication interface 116 may include a transmitter that transmits data according to the communication protocol employedA transmitter and/or a receiver that receives data according to the employed communication protocol. According to some aspects, a common transmitter/receiver may be provided to be able to communicate according to each of the at least two communication protocols. According to an alternative aspect, different transmitters/receivers may be provided for each of the at least two communication protocols in the sensor communication interface 130 and the collector communication interface 116. Alternatively, a wired interface, such as a USB connection, may be established between the transmitter of the sensor communication interface 130 and the receiver of the collector communication interface 116 for transmitting and receiving data.
Sensor power supply 132 may include any source of power capable of being delivered to sensor 110. Although the sensor power supply 132 is illustrated as being incorporated into the sensor 110 (e.g., a battery), it should be understood that the sensor power supply 132 may be external to the sensor 110 (e.g., a power grid).
The sensor 110 may also include one or more sensor input/output devices 134 to facilitate operation of the sensor 110 by an individual user and/or to communicate information to the user. For example, the sensor input/output devices 134 may include one or more displays, speakers, touch screens, buttons, mice, joysticks, gesture sensing devices, voice recognition devices, combinations thereof, and/or the like. The sensor input/output device 134 may be configured to receive user input(s) and transform the user input(s) into electronic data signals representing the user input(s) that are received by the sensor CPU 126 for processing.
Referring now to FIG. 2, there is illustrated an exemplary flow diagram of a method 200 for managing medical data wirelessly communicated between a sensor 110 and a collector 112, in accordance with various aspects of the present invention. In step 210, the method begins. In step 212, clinical data of the parameter(s) related to the physiological state and/or physical state of the individual is measured and determined with the sensor 110. In step 214, the clinical data is stored in the first memory 136 of the sensor 110.
In step 216, clinical data is transmitted from the sensors 110 to the collector 112 according to the first communication protocol 140. The first communication protocol 140 may be a publicly available communication protocol or an industry standard communication protocol such as those provided by the International Organization for Standardization (ISO), International Telecommunications Union (ITU), or the Institute of Electrical and Electronics Engineers (IEEE). In addition, a number of Bluetooth Core specifications (Bluetooth Core specifications) and related configurations and Services (Profiles and Services) have been promulgated for the modality-specific communication protocols that have been adopted by a wide variety of the modality industries. As one non-limiting example, the Bluetooth configuration Specification (Bluetooth profile Specification) entitled "GLP" and the Glucose Service Specification (Glucose Service Specification) entitled "GLS" have been employed for data exchange between the blood Glucose sensor 110 and the collector 112. These bluetooth configuration specifications and service specifications are currently available at the website www.bluetooth.org/en-us/specification/attached-specifications. Because clinical data is communicated from the sensor 110 to the collector 112 according to industry standard communication protocols, the sensor 110 may be compatible with a variety of different collectors 112. According to aspects of the present invention, the clinical data is unencrypted when stored in the first memory 136 of the sensor 110 or during transmission according to the first communication protocol 140. It is contemplated that, according to some aspects, the first communication protocol 140 can be configured for only one-way communication of stored data (i.e., from the sensor 110 to the collector 112).
In step 218, the clinical data is received with the collector 112 according to the first communication protocol 140. In step 220, the clinical data is processed with the collector 112 to determine enhanced data based on the clinical data. In general, the collector 112 may include advanced processing features that may not be included with the sensors 110, and by virtue of which enhanced data can be determined based on clinical data. According to some aspects of the invention, the clinical data is processed to enhance the safety of the clinical data. For example, the processing may include: the clinical data is encrypted (encrypting) and/or hashed (hashing) to determine the enhanced data.
According to additional and/or alternative aspects of the present invention, the enhanced data may include one or more additional data fields containing additional information based on or associated with clinical data. For example, the enhancement data may include data fields for information relating to: time-stamped data of test results, statistical analysis data, summary analysis data for providing feedback on test results, clinical data analysis relative to user-specific target ranges, predictive analysis data, recommended drug doses based on analysis of clinical data, and/or combinations thereof, and the like. More generally, the clinical data may include a first set of one or more data fields, and the enhancement data may include a second set of one or more data fields different from the first set. In other words, the enhanced data according to some aspects does not necessarily have more data fields than the data fields of the clinical data according to some aspects-but only different data fields.
In step 222, the augmentation data is sent from the collector 112 to the sensor 110 according to the second communication protocol 142. In step 224, the augmentation data is received from the collector 112 with the sensor 110. In step 226, the augmentation data is stored in the second memory 138 of the sensor 110. Thus, in contrast to existing medical instruments that employ only industry standard communication protocols, which typically allow the collector 112 to read data from only the sensors 110 (i.e., one-way communication of clinical data), the system 100 of the present invention advantageously allows two-way communication of data related to clinical data.
According to some aspects in which the enhancement data is encrypted, only the collector 112 is able to decrypt the enhancement data. That is, the sensor 110 does not include any decryption capability (e.g., decryption key), which further mitigates the risk of an unauthorized attempt to access the enhanced data on the sensor 110 being successful. However, the sensor 110 itself cannot use the enhancement data. Of course, the sensor 110 functions as a safe portable medical recording device. In some cases, only the user and/or the user's designated healthcare provider may obtain the appropriate decryption key needed in accessing the user's enhanced data on the sensor 110. In other cases, the decryption key can be made available to emergency medical personnel (EMT), doctors or other healthcare providers, and the like. This may be particularly beneficial in emergency situations. For example, if an individual suffers from a diabetic seizure during a distant trip from home (diabetic epilepsy), the EMT may be able to better treat the individual by quickly accessing the individual's history of glucose concentration test results stored on the sensor 110 carried by the individual.
According to some aspects in which the enhanced data includes one or more additional data fields, the sensor 110 may also be unable to use some or all of the enhanced data due to the lack of advanced processing functionality of the collector 112 by the sensor 110. According to additional and/or alternative aspects, the sensor 110 may also be unable to use the enhanced data due to format differences between the enhanced data and the clinical data. In either of these cases, the sensor 110 can also function as a safe portable medical recording device as described above.
According to some aspects of the invention, the sensor 110 may be configured such that: the second memory 138 can be wirelessly accessible by another device (e.g., the collector 112) only in response to the sensor communication interface 130 receiving a data communication in accordance with the second communication protocol 142. In this way, the enhancement data stored on the second memory 138 can be further secured so that the enhancement data is not accessed by unauthorized attempts. This may provide a particularly effective security plane in which the second communication protocol 142 is a non-publicly available communication protocol, a non-widely adopted communication protocol, or a non-industry standard communication protocol (e.g., custom communication protocol).
According to some aspects of the present invention, in step 228, the clinical data stored in the first memory 136 of the sensor 110 can be deleted because the more secure enhancement data stored in the second memory 138 contains the necessary information for medical record use. Thus, by deleting unencrypted clinical data (which can be accessed via the first communication protocol 140 that is publicly available and configured to be compatible with numerous devices), the system 100 can minimize or, in some cases, eliminate the risk of the user's medical information being obtained by unauthorized persons. According to some aspects, deletion of clinical data in the first memory 136 can be triggered in response to the enhancement data being successfully stored in the second memory 138. According to additional and/or alternative aspects, deletion of the clinical data in the first memory 136 can be triggered in response to user input received via the sensor input/output device 134. It is contemplated that in some embodiments, the sensor 110 may be configured to: in response to the enhancement data being successfully stored in the second memory 138, the sensor 110 automatically prompts the user via the sensor input/output device 134 to request such user input.
As described above, once stored in the second memory 138 of the sensor 110, the enhancement data can then be accessed by the collector 112 via wireless data communication according to the second communication protocol 142. In this way, the sensor 110 can advantageously be used as a safe portable medical recording device. Thus, the second communication protocol 142 is configured to allow two-way data communication between the sensor 110 and the collector 112.
Fig. 2, described above by way of example, represents an algorithm corresponding to at least some of the instructions executed by the sensor CPU 126 and/or collector CPU118 of fig. 1 to implement the aforementioned functions associated with the described concepts. Steps may be omitted, additional steps included, and/or the order of steps presented above may be modified within the spirit and scope of the inventive concept. For example, the method 200 may also include the following additional steps: the clinical data and/or the enhancement data are stored in the collector memory 120.
The system and method of the present invention are particularly advantageous for individuals who are actively involved in the monitoring and recording of measured values of health-related data. For example, the systems and methods of the present invention can be particularly advantageous for individuals who: these individuals actively monitor and record measurements related to blood glucose concentrations and/or other analytes of interest in human blood or other fluids.
Fig. 3 illustrates an exemplary sensor 310 for communicating with the collector 112, the sensor 310 including a meter 310A and a test sensor 310B. The sensors 310 include a sensor controller ("sensor CPU") 126, a sensor memory 128, a sensor communication interface 130, a sensor power supply 132, and a sensor input/output device 134 as described above. In addition, the sensor 310 includes a measurement system 324 defined by a component 324A of the meter and a component 324B of the test sensor.
The meter 310A includes a port 313 for receiving and analyzing a fluid sample on the test sensor 310B. The test sensor 310B is configured to receive a fluid sample that is analyzed using the meter 310A. Analytes that can be analyzed include glucose, blood lipids (lipidprofiles) (e.g., cholesterol, triglycerides, LDL (low density lipoprotein) and HDL (high density lipoprotein)), microalbumin (microalbumin), hemoglobin a1C. Fructose, lactate or bilirubin. Analyte information, such as analyte concentration, can be determined. The analyte may be in a whole blood sample, a serum sample, a plasma sample, other bodily fluids such as ISF (interstitial fluid) and urine, and non-bodily fluids.
The test sensor 310B includes a fluid receiving area (not shown) for receiving a fluid sample. A user may use a lancet or lancing device to puncture a finger or other area of the body to produce a fluid sample at the skin surface. The user may then collect the sample (e.g., a blood sample) by placing the test sensor 310B in contact with the sample. The fluid receiving zone may comprise reagents: the reagent reacts with the sample to indicate information about the analyte in the sample (e.g., analyte concentration, etc.).
The test sensor 310B may be an electrochemical test sensor. Electrochemical test sensors typically include: a plurality of electrodes; and a fluid-receiving zone containing an enzyme. The fluid receiving zone comprises reagents that: the reagent converts an analyte of interest (e.g., glucose) in a fluid sample (e.g., blood) into an electrochemically measurable chemical species. The reagent typically comprises an enzyme, such as glucose oxidase, which reacts with the analyte and with an electron acceptor, such as a ferricyanide salt, to produce an electrochemically measurable species which can be detected by an electrode. Other enzymes such as glucose dehydrogenase may be used to react with glucose. Generally, the enzyme is selected to react with the desired analyte or analytes to be tested to aid in determining the analyte concentration of the fluid sample. If the concentration of another analyte is to be determined, the appropriate enzyme is selected to react with that analyte.
Alternatively, the test sensor 310B may be an optical test sensor. The optical test sensor system may use techniques such as transmission spectroscopy, absorption spectroscopy, diffuse reflection spectroscopy, fluorescence resonance energy transfer (fluorescence resonance energy transfer), combinations thereof, and other techniques for measuring analyte concentration. The indicator reagent system reacts with the analyte in the bodily fluid sample to alter the light directed to the test sensor 310B. The degree of light alteration (light alteration) is an indication of the analyte concentration in the body fluid.
Some of the test sensors that may be used and are commercially available include Bayer health Care, Inc. (B), commercially available from Whippany, New Jersey, N.J.Eye health care LLC). These test sensors include, but are not limited toA blood sugar monitoring system,And2 blood glucose monitoring system, andandXL is a test sensor used in blood glucose monitoring systems. Other test sensors besides those listed above may also be incorporated into the methods and systems of the present invention.
In fig. 3, the meter 310A receives the test sensor 310B and engages with the test sensor 310B. Meter 310A measures the analyte concentration in the sample collected by test sensor 310B. The meter 310A may include contacts 315 for electrodes to detect the electrochemical reaction of the electrochemical test sensor. Alternatively, the meter 310A may include an optical detector (not shown) to detect the degree of light change of the optical test sensor. To calculate the actual analyte concentration from the electrochemical or optical reaction measured by the meter 310A and to generally control the testing process of the sample, the meter 310A uses the sensor CPU 126, which sensor CPU 126 may execute programmed instructions according to a measurement algorithm. Data processed by the sensor CPU 126 may be stored in a sensor memory 128. Further, the meter 310A may include a sensor input/output device 134 that includes a display (e.g., a liquid crystal display, etc.). Buttons, scroll wheels, touch screens, or combinations thereof may also be provided as part of the sensor input/output device 134 to enable a user to interact with the meter 310A. The display typically shows information about the test results, the test procedure and/or information in response to signals input by the user.
As described above, although the system 300 is configured to measure an analyte concentration in a fluid sample, the system 100 and method 200 are not limited to receiving and managing information from tests performed on analytes such as blood glucose. Indeed, the system 100 and method 200 of the present invention are capable of receiving data from other systems or devices as follows: the other systems or devices measure and/or record health data and do not require analyte testing, such as body temperature measurements, blood pressure measurements, heart rate measurements, blood oxygen content measurements, respiratory measurements for Chronic Obstructive Pulmonary Disease (COPD) analysis, or weight measurements for analysis of ranilic acid (Lasix) usage, etc.
As described above, the present invention includes a system having a controller (i.e., sensor CPU 126 and collector CPU 118) for providing a variety of functions for processing information and determining results from inputs. In general, the controller may be implemented as a combination of hardware and software elements. The hardware aspects may include a combination of the following operably coupled hardware components: these hardware components include microprocessors, logic circuits, communication/network ports, digital filters, memory or logic circuits. The controller may be adapted to perform operations specified by computer executable code that may be stored on a computer readable medium.
As described above, the controller may be a programmable processing device for executing software or stored instructions. In general, the physical processors and/or machines employed for any processing or evaluation in various embodiments of the invention may include one or more microprocessors, Field Programmable Gate Arrays (FPGAs), Digital Signal Processors (DSPs), microcontrollers, etc. programmed according to the teachings of the exemplary embodiments of the invention, as will be appreciated by those skilled in the computer and software arts. Appropriate software can be readily prepared by programmers of ordinary skill based on the teachings of the various exemplary embodiments, as will be appreciated by those skilled in the software art. Furthermore, the devices and subsystems of the exemplary embodiments can be implemented through the preparation of application specific integrated circuits (ASIC's) or through the interconnection of an appropriate network of conventional sub-circuits (component circuits), as will be appreciated by those skilled in the electrical art. Thus, the exemplary embodiments are not limited to any specific combination of hardware circuitry and/or software.
Exemplary embodiments of the invention may include the following software stored on a combination or any of computer readable media (e.g., sensor memory 128 and/or collector memory 120): software for controlling, driving, and enabling interaction with a human user, etc. the devices and subsystems of the various exemplary embodiments. Such software may include, but is not limited to, device drivers, firmware, operating systems, development tools, application software, and the like. Such computer-readable media may also include the computer program product of an embodiment of the present invention for performing all or a portion of the processing (if processing is distributed) that is implemented in the embodiments. Computer code devices of exemplary embodiments of the present invention may include any suitable interpretable or executable code mechanism, including but not limited to scripts (scripts), interpretable programs, Dynamic Link Libraries (DLLs), Java classes (Javaclasses) and Java applets (Java applets), and fully executable programs, among others. Furthermore, certain portions of the processing of exemplary embodiments of the present invention may be distributed for better performance, reliability, cost, and the like.
Common forms of computer-readable media may include, for example: floppy disks, flexible disks (flexible disks), hard disks, magnetic tape, and any other suitable magnetic medium; CD-ROM, CDRW, DVD, and any other suitable optical medium; punched cards, paper tape, optical mark sheets, and any other suitable physical medium having a pattern of holes or other optically recognizable indicia; RAM, PROM, EPROM, FLASH-EPROM, and any other suitable memory chip or cartridge; a carrier wave or any other suitable medium capable of being read by a computer.
The embodiments and obvious variations thereof are considered to be within the spirit and scope of the claimed invention, as defined by the appended claims. Moreover, the inventive concept expressly includes any and all combinations and subcombinations of the various elements and aspects described above.