I. Field of the Invention
The present invention relates to a method for transmitting medical information over a network.
II. Description of Related Art
Medical information relating to a patient is commonly transmitted over networks, such as a telecommunication network. The medical information includes both patient identifiable data as well as patient medical condition/treatment data (hereinafter referred to as xe2x80x9cpatient medical condition dataxe2x80x9d). Such patient medical condition data may include not only textual data but also images and audio. Furthermore, such images and audio may be transmitted over the network on a real-time basis, e.g. at thirty frames/second.
In order to protect patient privacy with respect to their medical records, the United States federal government has recently enacted the Health Insurance Portability and Accountability Act (HIPAA). In essence, HIPAA protects the patient""s right to privacy to their own medical records.
In order to comply with HIPAA, several attempts have been made to encrypt all the patient information, i.e. both the patient identifiable data as well as the patient medical condition data, and then transmit the encrypted data over the network. However, the encryption of the patient medical condition data requires extensive computing power both at the transmitting and receiving end since the medical condition data is typically extensive, particularly if it includes images. Furthermore, the encryption of medical condition data on a real-time basis, e.g. thirty frames per second, renders the encryption of such medical condition data impractical, even with extensive computing power. For that reason, such previously known methods have not proven wholly successful or acceptable in use.
The present invention provides a method for encrypting medical information which overcomes all of the above-mentioned disadvantages of the previously known attempts.
In brief, the method of the present invention includes the step of encrypting only the patient identifiable data and then transmitting the encrypted patient identifiable data over the network. Such patient identifiable data would include, for example, the patient""s name, Social Security number, address, fingerprint information, as well as other information from which the patient could be readily identified. The method of the present invention then transmits the encrypted patient identifiable data as well as the unencrypted patient medical condition data over the network. Since the patient medical condition data cannot be correlated with a particular patient, the privacy of the medical records of that patient is preserved.
In practice, the method of the present invention operates most efficiently over a telecommunications network having two channels. The first channel comprises a text channel while, conversely, the second channel comprises a video/audio channel. The encrypted patient identifiable data is then transmitted over the text channel while the unencrypted patient medical condition data is transmitted over the audio/video channel.
In order to enable both the transmitting and receiving ends of the network to identify the patient and correlate that patient""s medical condition data to the patient, a code key is optionally assigned to the individual patient. That code key can then be transmitted either over the network at a time temporally spaced from the transmission of the encrypted patient identifiable data and unencrypted patient medical condition data, or may be transmitted by completely separate means. For example, assuming that both the transmitting and receiving ends include software to decode the encrypted patient identifiable data, a code key is assigned at the transmitting end of the network. This code key is then transmitted to the receiving end of the network in a fashion so that the code key cannot be correlated with the transmission of the transmitted medical information.