With the deployment of medical communication systems which transfer data from within the hospital to physician-carried mobile communication devices via public cell phone and other networks, the need for encrypting such sensitive data will become significant. In applications where patient medical data has to be further stored or processed outside the hospital, such as on a public or shared server or a cell phone system file server, there will be a need for file handling methods which preclude accessing or reassembling the patient's data other than by a password protected physician handheld.
While encryption and authentication technologies are currently available, such technologies only allow transmission of data from the encryption point to the decryption point, with no further protection offered post decryption. In instances, where data needs to be decrypted at an intermediate point for further processing (such as for message delivery or routing purposes), standard encryption techniques are not sufficient.
Current laws applicable to medical data in the USA, such as HIPAA, require that any server storing patient medical data be secure with access limitations and written agreements to control access to the data. However, in wide implementations, such controls, although systematically possible, are not fool-proof. A fool-proof system for managing such scenarios is required where, even if the security of a server is breached, data located within the server cannot be reassembled into meaningful parts.