Search

CN-121986464-A - Information storage within an implantable device for deploying a patient device for secure communication

CN121986464ACN 121986464 ACN121986464 ACN 121986464ACN-121986464-A

Abstract

Systems, devices, and techniques for establishing secure communications with a medical device. A medical device, such as an implantable medical device, may include a computer-readable storage medium configured to store stored encrypted information in a manner that allows a trusted instrument to access the encrypted information. The trusted instrument may decrypt the information from the medical device and use the decrypted information to establish and allow a second computing device (including the patient computing device) to communicate with the medical device.

Inventors

  • TORGERSON NATHAN A.
  • T. W. Wolf
  • V. A. Roznik
  • B. P. Bechalla
  • T. A. Drew
  • K. J. Bach
  • A.T. Fried

Assignees

  • 美敦力公司

Dates

Publication Date
20260505
Application Date
20241010
Priority Date
20231010

Claims (15)

  1. 1. A system, the system comprising: A medical device; A trusted instrument, the trusted instrument comprising processing circuitry, the processing circuit is configured to: establishing a secure communication connection with the medical device; receiving information comprising a private encryption key from the medical device via the secure communication connection; establishing a communication session with a patient computing device, the patient computing device being a device separate from the medical device and the trusted instrument; The patient computing device is adapted for secure communication with the medical device by communicating at least the private encryption key to the patient computing device.
  2. 2. The system of claim 1, wherein the information is encrypted information comprising the private encryption key, wherein the processing circuit is configured to request the encrypted information from the medical device, wherein to receive from the medical device, the processing circuit is configured to receive the encrypted information from the medical device via the secure communication connection in response to the request, and wherein the processing circuit is configured to decrypt the encrypted information in response to receiving the encrypted information.
  3. 3. The system of claim 2 or 3, wherein the information comprises a fixed identifier associated with and unique to the medical device.
  4. 4. A system according to any one of claims 1 to 3, wherein the information comprises a certificate conforming to the x.509 standard.
  5. 5. The system of any one of claims 1 to 4, wherein the patient computing device comprises at least one of a mobile phone, a tablet, or a patient remote.
  6. 6. The system of any one of claims 1 to 5, wherein the trusted instrument comprises at least one of a tablet, a mobile phone, or a patient treatment remote.
  7. 7. The system of any of claims 1-6, wherein the secure communication connection comprises a wireless communication connection.
  8. 8. The system of any one of claims 1 to 7, wherein the wireless communication connection comprises one of a Bluetooth Low Energy (BLE) connection or a Medical Implant Communication System (MICS) connection.
  9. 9. A medical device, the medical device comprising: One or more memories located within and specific to the medical device, the one or more memories configured to store information including a private encryption key, and Processing circuitry operatively coupled to the one or more memories, the processing circuitry configured to: establishing a communication connection with a trusted instrument; A request for the information stored at the memory of the medical device is received, Transmitting the information to the trusted instrument in response to the request; receiving a request from a patient computing device to establish a communication; verifying that the request from the patient computing device includes an indication that the patient computing device has the private encryption key; a communication session is allowed with the patient computing device based on verifying that the patient computing device has the private encryption key.
  10. 10. The medical device of claim 9, wherein the information includes a fixed identifier associated with and unique to the medical device.
  11. 11. The medical device of claim 9 or 10, wherein the medical device comprises an Implantable Medical Device (IMD).
  12. 12. The medical device of any one of claims 9-11, wherein the information comprises a certificate conforming to the x.509 standard.
  13. 13. The medical device of any one of claims 9-12, wherein the secure communication connection comprises a wireless communication connection.
  14. 14. The medical device of any one of claims 9-13, wherein the wireless communication connection comprises a Bluetooth Low Energy (BLE) connection.
  15. 15. The medical device of any one of claims 9-13, wherein the wireless communication connection comprises a Medical Implant Communication System (MICS) connection.

Description

Information storage within an implantable device for deploying a patient device for secure communication The present application claims the benefit of U.S. provisional application serial No. 63/589,139, filed 10/2023, titled "STORAGE OF INFORMATION INSIDE AN IMPLANTABLE DEVICE USED FOR PROVISIONING A PATIENT DEVICE FOR SECURE COMMUNICATION( for deploying information storage inside an implantable device of a patient device for secure communications, and is incorporated herein by reference in its entirety. Technical Field The present disclosure relates to secure communications for medical devices. Background As regulatory guidelines become more stringent and more instruments can communicate with other devices at a distance, there has been interest in establishing a secure method for communication between devices, including implantable medical devices. The patient computing device for communication may be configured to communicate using wired communication, or in examples of communication with an implantable medical device, using wireless communication. The patient computing device may communicate with the medical device to program operational settings and/or retrieve data stored by the medical device. Disclosure of Invention In general, the present disclosure describes systems, devices, and techniques for establishing secure communications with a medical device. In some examples, a medical device (such as an implantable medical device) may include a computer-readable storage medium configured to store stored encrypted information in a manner that allows a trusted instrument to access the encrypted information. The trusted instrument may decrypt information from the medical device and use the decrypted information to establish a second computing device to communicate with the medical device. Security techniques exist both within and outside of the medical device industry to identify and verify that a second computing device, such as a patient computing device attempting to communicate with another device (e.g., an implanted medical device), should have permission and access to establish communication. In some examples, these other techniques may involve a secure login process to an online account at the time the system is established, so the user may be identified and ensure that the communication establishment is trusted. However, for medical devices, online login to verify identity may not always be possible in a clinic or hospital environment. In some environments, wi-Fi and access to an online network may be limited or otherwise unavailable at locations where a user may desire to establish secure communications. In some examples, wi-Fi or other networks may interfere with medical equipment, and thus network access may be limited. For the systems, devices, and techniques of the present disclosure, having information in the medical device itself prevents the need to remember the password or store the password on some removable medium that may be lost, forgotten, destroyed, or stolen. Because the encrypted information used to establish communication remains in the medical device and thus in the patient, if another instrument is to be deployed for secure communication in the future, the encrypted information is still available in the device and can be used to establish another instrument if desired. In one example, the present disclosure relates to a system comprising a medical device, a trusted instrument comprising processing circuitry configured to establish a secure communication connection to the medical device, receive information including a private encryption key from the medical device via the secure communication connection, establish a communication session with a patient computing device, the patient computing device being a separate device from the medical device and the trusted instrument, and provision the patient computing device for secure communication with the medical device by communicating at least the private encryption key to the patient computing device. As another example, the present disclosure is directed to a medical device comprising one or more memories located within and dedicated to the medical device, the one or more memories configured to store information including a private encryption key, and processing circuitry operatively coupled to the one or more memories, the processing circuitry configured to establish a communication connection with a trusted instrument, receive a request for the information stored at the memory of the medical device, transmit the information to the trusted instrument in response to the request, receive a request to establish a communication from a patient computing device, verify that the request from the patient computing device includes an indication that the patient computing device has the private encryption key, and allow a communication session with the patient computing device based on verifying that the patient computing device has the priv