“Encrypted Messaging System” in Patent Application Approval Process (USPTO 20200084186)

2020 MAR 27 (NewsRx) -- By a News Reporter-Staff News Editor at Insurance Daily News -- A patent application by the inventors Yang, Changgao (Signal Hill, CA); Parks, Keith (Long Beach, CA); Whitman, Christopher Scott (Los Angeles, CA); Bo let, Martin (Bechhofen, DE), filed on August 12, 2019, was made available online on March 12, 2020, according to news reporting originating from Washington, D.C., by NewsRx correspondents.

This patent application is assigned to Medroster.com Corporation (Santa Monica, California, United States).

The following quote was obtained by the news editors from the background information supplied by the inventors: “The present invention relates to a messaging system and, more specifically, an encrypted messaging system that maintains the confidentiality of information shared in the encrypted messaging system.

“The Internet has improved communication in many industries. Messages and other information can be transmitted over the Internet and accessed across a variety of devices, often nearly simultaneously to when the message is sent.

“However, some industries have lagged behind. For example, much of the communication in the medical industry relies on using a fax machine, which is inefficient, costly, and produces poor image quality. This makes it difficult for medical practitioners to communicate with patients, other doctors, or within their own office.

“One of the problems to overcome is that the medical industry is required to observe strict confidentiality of patient information. Some of these requirements are laid out by Health Insurance Portability and Accountability Act of 1996 (HIPAA) which is legislation passed in the United States that provides data privacy and security provisions for safeguarding patient information. This patient information may include sensitive identifying information of patients such as social security card numbers, addresses, or other information. Also, because a medical professional has access to test results and diagnoses for diseases and other ailments, inadvertent exposure of patient information may result in exposing a patient to disrepute. Failure to abide by the strict confidentiality standards may erode patient confidence in their medical provider or even result in legal liability for violation of HIPAA.

“Therefore, there is a need for an improved communication method for the medical industry.”

In addition to the background information obtained for this patent application, NewsRx journalists also obtained the inventors’ summary information for this patent application: “An encrypted messaging system allows secured communication for the medical industry. The encrypted messaging system may be designed to observe strict confidentiality requirements for various use cases required in the medical industry, such as the confidentiality requirements required by HIPAA. For example, the encrypted messaging system may include features that are specifically designed for interoffice, intraoffice, or patient communications, while maintaining privacy of the information being transmitted within the encrypted messaging system.

“In an implementation, the encrypted messaging system is the Medroster software product provided by Medroster.com Corporation. The Medroster software product is a HIPAA-secure communications platform for the medical community. The Medroster software product makes communication between doctors, their staff and patients safer and more efficient by simulating how these users would communicate in real life. Medroster is cross-platform and works across desktop, iOS, Android, and tablet.

“HIPAA is implemented by the HIPAA Administrative Simplification Regulations specified by the Code of Federal Regulations in 45 CFR 160, 162, and 164, which is hereby incorporated by reference. Specifically, section 164.312(e)(ii) discusses technical security measures to guard against unauthorized access to electronic protected health information (or EPHI) that is being transmitted over an electronic communications network. The US Health and Human Services has also provided additional guidelines in the Federal Register and other materials regarding security standards required by HIPAA which are also incorporated by reference to the filing date of this patent application.

“In an implementation, the encrypted messaging system includes a method of fetching, from a key server, a first encryption key for a first conversation from a first client device intended for a medical space that corresponds to a second client device. The medical space may be part of a medical office, business entity, a HIPAA compliant unit, or, in larger medical establishments, a department or any division used by the medical industry. The first conversation may be a message from a patient to a medical office or vice versa.

“The medical office may include multiple medical spaces, such as sections or departments within a place or a doctor’s office. Some examples of medical spaces include front office, back office, reception, billing, doctor, other staff, or any other space in a medical office. In an implementation, for larger institutions such as a hospital, the medical place may be defined as a department in a hospital, for manageability and ease of use of the encrypted messaging system.

“The medical space may correspond a user logged onto the second client device and may be any type of device that can access the encrypted messaging system, such as a personal computer, tablet computer, smart phone, or smart device. The medical space may correspond to more than one user account. For example, the second client device may be logged in as a first user. However, the medical space may also correspond to a second user, different than the first user, which is associated with the same medical space. The second user may log onto the second client device or a different client device.

“The encrypted messaging system includes encrypting the first conversation using the first encryption key to create a first encrypted conversation. The encrypted messaging system may use any suitable method of encryption, such as Advanced Encryption Standard (AES), RSA (Rivest-Shamir-Adelman), or any other encryption scheme. The encrypted messaging system includes storing a first timestamp and a first conversation identifier that uniquely identifies the first encrypted conversation with the first encryption key and transmitting the first encrypted conversation to a message server. The first timestamp may correspond to a time when the first client device has completed drafting the first conversation, when a user of the first client device indicated to send the first conversation, when the first conversation has been requested by the second client device, or any other period of time. The first conversation identifier may be a unique conversation identifier that is not reused in the encrypted messaging system to identify any other conversation in the encrypted messaging system. The conversation identifier may be a randomized conversation identifier. This means that the first conversation identifier is generated using a random number generator of the encrypted messaging system. This may prevent malicious users from easily guessing conversation identifiers for conversations in the encrypted messaging system, which may make the process of hacking or accessing the first conversation more difficult. The message server may be a different server than the key server. The message server may also be the same server as the key server, such as a server supporting features of the message and key servers on different virtualized systems or as applications executing on the same server.

“The encrypted messaging system includes when exceeding an expiration period for the first conversation according to the first timestamp, causing to be deleted the first encrypted message from the message server. For example, the encrypted messaging system may include sending a message to the message server to delete the first encrypted conversation or the message server may automatically delete the first encrypted conversation without a message from another server. The expiration period may be any type of expiration period, such as a period of time (e.g., 1 day, 2 days, 3 days, 1 week, or other length of time), a number of access attempts to the first encrypted conversation, a number of successful access attempts to the first encrypted conversation, a number of clients that have accessed the first encrypted conversation (e.g., all parties to the conversation, at least one party to the conversation), or a combination of any of these.

“Deleting the first encrypted message may occur before or after the first encrypted conversation has been requested by the second client device. The encrypted messaging system includes receiving from the second client device a request to retrieve the first encrypted conversation from the message server.

“If the first encrypted conversation has been deleted, the encrypted messaging system includes responding to the second client device that the first encrypted message has been deleted. If the first encrypted conversation has not been deleted, the encrypted messaging system includes causing to be determined at the second client device, based on the first conversation identifier, whether the second client device has stored a copy of a first decryption key. For example, the first decryption key may be stored on the second client device in a cache or other memory store. The memory store may also be encrypted to prevent unauthorized access to the first decryption key. When the second client device has not stored a copy of the first decryption key, the encrypted messaging system includes receiving a request at the key server for the first encryption key.

“In an implementation, the encrypted messaging system includes decryption keys that are conversation specific. This means that there may be one or more messages in the first encrypted conversation, such as a back and forth between users to coordinate an appointment time. The first decryption key may decrypt all the messages associated with the first encrypted conversation, without needing an additional decryption key for each specific message in the conversation. Further, the first decryption key may be unable to decrypt other conversations in the encrypted messaging system. For example, a second conversation in the encrypted messaging system may be unable to be decrypted using the first decryption key, even if the parties included in the second encrypted conversation are the same as the parties in the first encrypted conversation.

“In an implementation, the encrypted messaging system includes ephemeral conversations. This means that, although a conversation must be downloaded onto client devices for viewing, once the conversation has been closed, the conversation is deleted from client devices. Deleting from client devices may occur when a connection to the encrypted messaging system is terminated at the client device, when the encrypted messaging system application is terminated at the client device, upon a timeout period for the client device (e.g., connected to the encrypted messaging system’s servers for a period of time, activity from the client device has not occurred for a period of time), or other. This allows the encrypted messaging system to maintain confidentiality of conversations in the encrypted messaging system, by restricting the number of computers which store copies of conversations. In an implementation, client devices may retain encrypted conversations in memory of the client devices. This allows flexibility for storage of conversations and conserves bandwidth by preventing duplicative downloading of conversations.

“In an implementation, the encrypted messaging system includes a method for a secured messaging system including: receiving from a patient user’s device a request to secure a first message to be sent to a first functional unit of a medical office. A functional unit may be a grouping of one or more users of the encrypted messaging system, that share responsibilities in the encrypted messaging system. A single user may be part of more than one functional unit. For example, the patient user may be attempting to reach a doctor, front office, or other functional unit of the system. The encrypted messaging system may include in response to the patient user’s request, selecting a first encryption key and creating, based on the first message and the first encryption key, a secured first message. The encrypted messaging system may include causing storing the secured first message and a unique identifier for the secured first message. The encrypted messaging system determines which users of the encrypted messaging system the first message was intended for. Since there may be multiple medical offices using the encrypted messaging system simultaneously, the encrypted messaging system may determine users associated with the medical office. Then, based on the users associated with the medical office, the encrypted messaging system determines first and second users of the secured messaging system associated with the first functional unit and the medical office and transmits the secured first message to these users. The encrypted messaging system may include causing to be determined, based on the unique identifier of the secured first message, that a first decryption key is stored on the first user’s device before transmitting the first secured message; and decrypting the first secured message on the first user’s device. Other implementations of the encrypted messaging system may check whether the first decryption key is stored on the first user’s device before the first user’s request to open the message, in response to the first and second users being determined, or at other times.

“In an implementation, the encrypted messaging system includes determining that the first decryption key is not stored on the second user’s device. For example, the encrypted messaging system includes causing to be determined, based on the unique identifier of the secured first message, that the first decryption key is not stored on the second user’s device before transmitting the first secured message, transmitting, based on the second user’s device not storing the first decryption key, the first decryption key to the second user’s device; and decrypting the first secured message on the second user’s device. The encrypted messaging system may include where transmitting the first decryption key and transmitting the secured first message occurs during different transmissions.

“In an implementation, the first and second users may be different roles in the encrypted messaging system. For example, the first user includes a staff role user and the second user includes a doctor role user.

“In an implementation, the encrypted messaging system includes allowing responses from a medical office to the patient user. The encrypted messaging system includes receiving from the first user’s device a request to secure a second message to be sent to the patient user; in response to the first user’s request, selecting a second encryption key; creating, based on the second message and the second encryption key, a secured second message; causing storing the secured second message and a unique identifier for the secured second message; transmitting the secured second message to the patient user’s device; causing to be determined, based on the unique identifier of the secured second message, that a second decryption key is stored on the patient user’s device before transmitting the second secured message; and decrypting the second secured message on the patient user’s device. The encrypted messaging system may include an indication that the first user is responding to the patient user on behalf of the second user. For example, the second secured message may include a badge or a icon that designates the second secured message as being sent by a staff member working with a doctor to respond to the second secured message.

“In an implementation, the patient user opens the second secured message from the first user. The encrypted messaging system may include receiving from the first user’s device a request to secure a second message to be sent to the patient user; in response to the first user’s request, selecting a second encryption key; creating, based on the second message and the second encryption key, a secured second message; causing storing the secured second message and a unique identifier for the secured second message; transmitting the secured second message to the patient user’s device; causing transmitting, based on the unique identifier of the secured second message and that the second decryption key is not stored on the patient user’s device before transmitting the second secured message, the second decryption key to the patient user’s device; and decrypting the second secured message on the patient user’s device. The encrypted messaging system does not check whether the patient user belongs to a medical office or a functional unit.

“Other objects, features, and advantages of the present invention may become apparent upon consideration of the following detailed description and the accompanying drawings, in which like reference designations represent like features throughout the figures.”

The claims supplied by the inventors are:

“1. A method comprising: fetching, from a key server, a first encryption key for a first conversation from a first client device intended for a first functional unit that corresponds to a second client device; encrypting the first conversation using the first encryption key to create a first encrypted conversation; storing a first timestamp and a first conversation identifier that uniquely identifies the first encrypted conversation with the first encryption key; transmitting the first encrypted conversation to a message server; when exceeding an expiration period for the first conversation according to the first timestamp, causing to be deleted the first encrypted conversation from the message server; receiving from the second client device a request to retrieve the first encrypted conversation from the message server; if the first encrypted conversation has been deleted, responding to the second client device that the first encrypted conversation has been deleted; if the first encrypted conversation has not been deleted, causing to be determined at the second client device, based on the first conversation identifier, whether the second client device has stored a copy of a first decryption key; and receiving, based on the second client device not storing a copy of the first decryption key, a request at the key server for the first encryption key.

“2. The method of claim 1 wherein the first conversation comprises an interoffice communication.

“3. The method of claim 1 wherein the first conversation comprises an intraoffice communication.

“4. The method of claim 1 comprising if the key server has not found the first encryption key, returning in response to the fetching the first encryption key a new encryption key generated to be used as the first encryption key.

“5. The method of claim 1 comprising: before the first encrypted conversation is transmitted to the second client device, transmitting the first encrypted conversation to the message server; and transferring, from the message server, the first conversation to the second client device.

“6. The method of claim 5 wherein the message server and the key server are separate servers.

“7. The method of claim 5 wherein exceeding the expiration period for the first conversation according to the first timestamp comprises deleting the first encrypted conversation from the second client device.

“8. The method of claim 1 wherein the medical device corresponds to the second client device and a third client device.

“9. The method of claim 1 wherein the second client device comprises an identity verified user.

“10. The method of claim 9 wherein the first client device comprises another identity verified user.

“11. The method of claim 10 wherein the identity verified user or the other identity verified user comprises a user verified through one or more identity verification methods including a unique business phone or fax number verification.

“12. The method of claim 10 wherein the identity verified user or the other identity verified user comprises a user verified through one or more identity verification methods including a mobile phone verification and access to conversations depends on a user type of the user.

“13. The method of claim 1 wherein the first client device comprises a medical office staff member user.

“14. The method of claim 1 wherein the second client device comprises a patient user.

“15. The method of claim 1 wherein the first timestamp corresponds to a time when the first conversation was sent from the first client device to the second client device.

“16. The method of claim 1 wherein the first functional unit corresponds to a medical office and the medical office further corresponds to a second functional unit that is different than the first functional unit.

“17. The method of claim 1 wherein the first encryption key may decrypt one or more messages in the first encrypted conversation.

“18. The method of claim 1 wherein the first encryption key cannot decrypt a second encrypted conversation from the first client device intended for the first functional unit that corresponds to the second client device.

“19. A method for a secured messaging system comprising: receiving from a patient user’s device a request to secure a first message to be sent to a first functional unit of a medical office; in response to the patient user’s request, selecting a first encryption key; creating, based on the first message and the first encryption key, a secured first message; causing storing the secured first message and a unique identifier for the secured first message; determining, based on the medical office, medical office users of the secured messaging system associated with the medical office; determining, based on the medical office users and the first functional unit, first and second users of the secured messaging system associated with the first functional unit and the medical office; transmitting the secured first message to devices associated with the first and second users; and causing decrypting, based on the unique identifier of the secured first message and a first decryption key being stored on the first user’s device before the first user attempting to open the secured first message, the first secured message on the first user’s device.

“20. The method of claim 19 comprising: causing transmitting, based on the unique identifier of the secured first message and that the first decryption key is not stored on the second user’s device before the first user attempting to open the secured first message, the first decryption key to the second user’s device; and decrypting the first secured message on the second user’s device.

“21. The method of claim 19 wherein transmitting the first decryption key and transmitting the secured first message occurs during different transmissions.

“22. The method of claim 19 wherein the first user comprises a staff role user and the second user comprises a doctor role user.

“23. The method of claim 19 comprising: receiving from the first user’s device a request to secure a second message to be sent to the patient user; in response to the first user’s request, selecting a second encryption key; creating, based on the second message and the second encryption key, a secured second message; causing storing the secured second message and a unique identifier for the secured second message; transmitting the secured second message to the patient user’s device; and causing decrypting, based on the unique identifier of the secured second message and that a second decryption key is stored on the patient user’s device before transmitting the second secured message, the second secured message on the patient user’s device.

“24. The method of claim 23 wherein the secured second message includes an indication that the first user is responding to the patient user on behalf of the second user.

“25. The method of claim 19 comprising: receiving from the first user’s device a request to secure a second message to be sent to the patient user; in response to the first user’s request, selecting a second encryption key; creating, based on the second message and the second encryption key, a secured second message; causing storing the secured second message and a unique identifier for the secured second message; transmitting the secured second message to the patient user’s device; causing transmitting, based on the unique identifier of the secured second message and that the second decryption key is not stored on the patient user’s device before transmitting the second secured message, the second decryption key to the patient user’s device; and decrypting the second secured message on the patient user’s device.”

URL and more information on this patent application, see: Yang, Changgao; Parks, Keith; Whitman, Christopher Scott; Bo let, Martin. Encrypted Messaging System. Filed August 12, 2019 and posted March 12, 2020. Patent URL: http://appft.uspto.gov/netacgi/nph-Parser?Sect1=PTO1&Sect2=HITOFF&d=PG01&p=1&u=%2Fnetahtml%2FPTO%2Fsrchnum.html&r=1&f=G&l=50&s1=%2220200084186%22.PGNR.&OS=DN/20200084186&RS=DN/20200084186

(Our reports deliver fact-based news of research and discoveries from around the world.)