“Secure Drug Delivery Data Transmission” in Patent Application Approval Process (USPTO 20220051778): Patent Application
2022 MAR 03 (NewsRx) -- By a
This patent application has not been assigned to a company or institution.
The following quote was obtained by the news editors from the background information supplied by the inventors: “A variety of diseases exist that require regular treatment by parenteral subcutaneous or intra-muscular administration of a drug or medicament, and a number of drug delivery devices have been developed to support a patient in accurately and controllably delivering an amount of drug in a self-administration process. Delivery devices include injection devices that are removed from the injection site after each drug delivery event or medication process. An injection pen device has an elongate device body defining a longitudinal main device axis. The term “distal end” refers to the end of the injection device where an injection needle is located, the term “proximal end” designates the opposite end thereof. Delivery devices further include infusion devices or pumping devices for continual delivery of a regular or basal amount of medication through a fluid channel into the body of the patient, wherein the fluid channel remains in use for a prolonged period of time.
“Disposable or single-use delivery devices are adapted to deliver a drug from a container such as a pre-filled syringe that is not intended to be replaced or refilled by the patient. Reusable, semi-reusable, or hybrid delivery devices have a container that may be replaced by the patient, or a cartridge that may be refilled, while some components of the device may be reused with the replaced or refilled drug container. An automatic injection device has an electric motor or a drive spring for biasing a piston rod and shifting a piston in a container barrel, wherein the drive spring may have to be tensioned or loaded manually prior to injection of a dose. A manually powered injection device requires a user to provide manually the energy to move the piston, for instance by applying a distal force component to the injection device.
“By way of example, diabetes may be treated by self-administration of insulin with the help of multi-variable-dose insulin injection pens. The insulin dose to be injected may typically be manually selected by turning a dosage knob and observing the actual dialed dose in a dose window or display of the insulin pen. A dose is dispensed by inserting the needle into a suitable portion of human skin and by moving the piston manually or by actuating a release of an automatic injection device.
“Drug delivery device based therapies generally benefit from an electronic unit or control unit embedded or integrated in the delivery device, or being part of an auxiliary or supplemental electronic module or add-on device detachably attached to the delivery device. The electronic unit monitors a drug delivery process, in order to proactively prevent incorrect handling of the device and/or to keep track of the doses already applied, and generates data related to an instantaneous condition and/or use of the delivery device. Suitable sensors of the electronic unit are configured to detect a status or signal from any kind of indicating component of the delivery device, including user interface elements and actuators. A wireless communication unit of the electronic unit is provided to wirelessly communicate, for example, upload, drug delivery information to a nearby mobile device or dedicated medical gateway. The drug delivery information includes at least a time stamp and the expelled dose, indicative of a time of a medication event and of a quantity of delivered medicament. The drug delivery information may be transmitted instantaneously, or stored in a memory unit connected to the processing unit, for later upload or batch transfer.
“WO 2007/107564 A1 proposes to record acoustic signals or vibration signals that may be associated with a dose delivery of the medication or to a dose adjustment process. If a detected “click-sound” falls within a low frequency range, a unit dose of medicament is being set. Similarly, if the detected “click-sounds” fall within a high frequency range, a dose of medicament is being expelled from the medication delivery device. By counting the number of clicks during an expel sequence, the amount of medicament expelled from the medicament delivery device can easily be calculated.
“The use of an auxiliary electronic module may be advantageous over embedded electronic units, not least in retrofit configurations with an existing design of a disposable injection device that is not available for the inclusion of sensors and electronics. The disposable injection device preferably is an auto-injector, a patch injector, a variable dose injection pen, or any other injection device for delivering a fixed or variable dose of a drug from a container that is not intended to be replaced by the patient.
“EP 3476417 A1 describes a medical monitoring system including a disposable injection device with a container holder for holding a container or reservoir such as a cartridge or a syringe comprising a liquid drug for subcutaneous or intramuscular injection. The system further includes a passive machine-readable tag mounted to, for instance embedded in or attached to a surface of, a device housing of the injection device and coding or storing drug information about the drug comprised in the container. The drug information includes any or all of a drug identifier, an expiry date, or a batch number of the drug, medicament, or active ingredient contained in the container. The system also includes an electronic module adapted to be releasably attached to the injection device and comprising a tag reader different from the drug delivery sensing means, for reading the drug information from the machine-readable tag. The system ultimately includes a drug status signaling or interfacing unit for signaling to a user a drug status that is based on, or derived from, the drug information.
“In the context of healthcare data management, it is advisable or even mandatory to treat drug delivery data that has been collected by any kind of electronic monitoring unit, as Protected Health Information (PHI). In order to avoid data abuse, misappropriation, manipulation or the like to the detriment of the patient or a healthcare provider, several measures may be envisaged. In the following, personally identifiable patient adherence data is referred to as the monitoring data accumulated by the electronic unit, including records of time-stamped delivery events, and possibly including a log or transcript of a bidirectional interaction between patient and electronic device, including in particular any feedback or recommendation provided to the user. Communication of such patient adherence data to a remote site has to guarantee privacy and integrity of the data. Specifically, communications containing PHI or equivalent patient adherence data and transmitted electronically over open networks have to be encrypted and protected from being intercepted by anyone other than the intended recipient.
“WO 2018/138192 discloses flexible carrier-foil based smart labels that can be transferred physically as part of a fluid delivery system item between multiple entities in a healthcare continuum, i.e., from a medicament supplier to a healthcare provider to a patient. Each entity in turn encrypts and stores data tuples (data structures that store an ordered sequence of values) of the system item owned by, or assigned to, the entity in a central database or cloud-based data repository. Communicating entities perform a one-time exchange of cryptographic keys valid for any system item or data tuple for sharing of their respective data.
“U.
“PHI may be uploaded or transferred as encrypted payload data to a duly protected information technology server system, such as a computing cloud or distributed data server structure, and stored in this server system for subsequent redistribution. The patient adherence data may specifically be stored in an encrypted format that restricts access for detailed data analysis to a trusted expert holding a particular key. In case of several trusted experts, the management of the keys and content is handled by the server system, which provides maximum flexibility with regards to analysis of PHI, and even enables patients to use a web-based interface to access their data.
“In the present context, the terms “substance”, “drug”, “medicament” and “medication” are to be understood to include any flowable medical formulation suitable for controlled administration through a means, such as, for example, a cannula or a hollow needle, and comprises a liquid, a solution, a gel or a fine suspension containing one or more medical active ingredients. A medicament can be a composition comprising a single active ingredient or a pre-mixed or co-formulated composition with more than one active ingredient present in a single container. Medication includes drugs such as peptides (e.g., insulin, insulin-containing drugs, GLP-1 containing drugs or derived or analogous preparations), proteins and hormones, active ingredients derived from, or harvested by, biological sources, active ingredients based on hormones or genes, nutritional formulations, enzymes and other substances in both solid (suspended) or liquid form but also polysaccharides, vaccines, DNA, RNA, oligonucleotides, antibodies or parts of antibodies but also appropriate basic, auxiliary and carrier substances.”
In addition to the background information obtained for this patent application, NewsRx journalists also obtained the inventors’ summary information for this patent application: “It is an objective of the disclosure to enable secure, flexible and cost-effective operation of components, devices and systems for the generation, collection and transmission of delivery data associated with the use of drug delivery devices. It is another objective of the disclosure to increase and improve privacy and integrity of personalized protected health information when transmitted to a cloud computing facility and subsequently distributed to a plurality of stakeholders. These objectives may be achieved by an electronic unit and by a method of monitoring drug delivery and capturing such data for selective transmission to specific subscribers according to the claims herein. Various embodiments are evident from the claims and disclosure.
“According to the disclosure, an electronic unit may be associated with a drug delivery device holding a container with a liquid drug as, either, an embedded part of an electronic delivery device, or as a reusable electronic module attachable to a delivery device which itself may be free of integrated sensors and/or electronics. The electronic unit may include sensors and processor means to generate, or obtain/collect, and to handle, or process, delivery data, including drug data related to the drug comprised in a container of the delivery device, device or module data related to a property of the delivery device or the electronic module, and event data related to an individual delivery event or process executed by means of the delivery device. The delivery data may include plural data items, or data classes, each having a distinct origin and associated update regime (or subscription), and with a data item instance, or value, of an event data item being updated at or after each delivery event. The electronic unit may include transmitter means to transmit data items to a first data subscriber and a second data subscriber, including to a manufacturer of the electronic unit and/or of the drug delivery device, a drug-producing pharmaceutical company, a Health Care Professional (HCP), a Clinical Research Organization (CRO), a health insurance company, or the patient himself/herself, as the primary stakeholders or entities of an integrated healthcare data management system.
“The present disclosure improves over the prior art by collecting and storing the sensed, generated or otherwise obtained drug delivery data and related data available to the electronic unit in a manner that associates a specific encryption key and specific data with each of two or more particular subscribers via a compact and well-defined data structure that facilitates control and secure delivery of periodic encrypted data transmission events, e.g., subscriptions. The electronic unit may have access to a repository such as a memory having stored a first and a second encryption key associated with the first and second data subscriber, respectively, such as a subscriber-provided public key for which a matching private key is held by the subscriber, or any kind of shared secret exclusively accessible to the electronic unit and the subscriber. The electronic unit may have access to a repository having stored a first data allocation scheme, and a second data allocation scheme, e.g., a data structure (for example, a table), indicating to which data item(s) the first and second data subscriber has respectively subscribed. The allocation schemes may define non-identical subsets of delivery data, differing in at least one data item. This may improve the electronic unit’s ability to offer a data structure-based specification of the data in a subscription for at least the first and second data subscriber. The electronic unit may be configured to prepare a frame, or package, or packet of first transmit data including first payload data comprising data items according to the first allocation scheme, and to encrypt the first transmit data based on the first encryption key, such that decryption of the first payload data is not possible without possession of a decryption key matching the first encryption key, such as the private key matching the public key of the first subscriber. The electronic unit may be configured to prepare a frame, or package, or packet of second transmit data including second payload data comprising data items according to the second allocation scheme, and to encrypt the second transmit data based on the second encryption key, such that decryption of the second payload data is not possible without possession of a decryption key matching the second encryption key, such as the private key matching the public key of the second subscriber. The encrypted first and second transmit data may be sent by the transmitter of the electronic unit into a communication network and to or towards the first and second subscriber. This improved data structure organizing and storage approach may easily be scaled up from the first and second subscribers to a larger number of subscribers; it also can facilitate changes in the subscribed-to data of the subscribers.
“The first and second payload data may comprise aggregated, or merged, instances of respective data items listed in the first and second allocation scheme. Payload data may be included into subscriber-defined transmit data packets that are suitably protected with end-to-end or pass-through data security measures as an effective means of increasing and thus improving object security. Encryption of payload data may take place right at the electronic unit where the delivery data, in particular event data, is generated in the first place. Channel or transmission layer security requirements may thus be relaxed; any intermediary node or data server in the communication network, as well as any subscriber lacking the matching decryption key, may not have access to unencrypted payload data. Data security concerns related to a pairing routine between the electronic unit and an adjacent or associated mobile or gateway device of the communication network may likewise be mitigated by the proposed data generator-to-subscriber encryption. The procedure may flexibly be expanded to include further subscribers, and the allocation scheme and even the encryption key of each subscriber may be changed at any time. The payload data may be prepared on behalf of, and forwarded to, all subscribers concurrently at the end of each delivery event. Alternatively, payload data may be aggregated over several successive delivery events performed by a same delivery device and forwarded at a certain rate, i.e., once per day or week, which rate may be subscriber-dependent. Still alternatively, payload data may only be forwarded to subscriber A if and when a data item instance of a data item in the allocation scheme of subscriber A has changed. Accordingly, also the manufacturer of the electronic unit and/or of the drug delivery device and the drug-producing pharmaceutical company may repeatedly receive data item updates during the entire life-cycle of the delivery device by such a subscription. In one embodiment, the delivery device may be a disposable device such as an auto-injector or variable-dose injection pen for which the drug container or reservoir may be pre-filled with liquid and not intended to be replaced or refilled by the patient. The electronic unit may be part of an auxiliary electronic module, or add-on, attachable to the delivery device. Movable parts within the delivery device generate delivery signals that are detected by an injection sensor of the electronic unit. The device comprises a machine-readable tag or label on which may be stored, or encoded, an identifier and the first encryption key of the first data subscriber. The electronic module may include a tag reader for reading the identifier as well as the first encryption key from the tag. The first encryption key, in one example a shared secret, may therefore be copied to a mobile data memory means and conveniently provided to the end-assembly site of the delivery device, and may not need to be managed by a key server nor transit via potentially unsecure communication networks. The first encryption key may be a single-use shared-secret that is specific to, and seamlessly renewed with each exchange of, the disposable delivery device.
“In an alternative embodiment, the delivery device may be a reusable injection device with a possibility to refill or replace an empty cartridge by the patient. The electronic unit may be embedded in the injection device, such that the device qualifies as an electronic, or intelligent, injection device. The subscriber-based encryption key, in particular a public key of an asymmetric key pair, may be provided to the electronic unit in an appropriate way via the communication network and corresponding receiver of the electronic unit.
“In another variant the electronic unit may be configured to encrypt the first payload data with the first encryption key, and to transmit the encrypted first payload data. In this variant, a transmit data package comprises the encrypted first payload data plus extra data limited to network routing information. In an alternative variant, the first payload data may be encrypted with a generic key and the generic key may be encrypted with the first encryption key, wherein the generic key may be a single-use key generated by the electronic unit. In this variant, a transmit data package comprises the encrypted first payload data and the encrypted generic key, as well as indispensable routing information. The first data subscriber receiving such transmit data package will first decrypt the generic key with the aid of the matching decryption key, and subsequently decrypt the encrypted first payload data with the generic key.”
There is additional summary information. Please visit full patent to read further.”
The claims supplied by the inventors are:
“1. A method of monitoring drug delivery from a drug delivery device using an electronic unit associated with the drug delivery device and comprising a processor adapted to generate and to transmit to a manufacturer of the electronic unit, delivery data including an identifier of the electronic unit and a quality indicator QI indicative of delivery data accuracy determined by the electronic unit from sensed data associated with a delivery event, the method comprising: receiving, from the electronic unit, first transmit data including a first quality indicator value QI1 for a first delivery event and second transmit data including a second quality indicator value QI2 for a second delivery event after the first event; comparing the QI1 and QI2 quality indicator values to determine at least one point of failure of the electronic unit; and replacing the electronic unit or adapting an operation thereof before the at least one point of failure is reached.
“2. The method of claim 1, wherein the processor of the electronic unit is configured to: identify individual dose units of a single delivery event from feedback sample signals of a sensor element of the electronic unit based on a set of identification parameters for a neural network and derive from these the QI1 and QI2 quality indicator values, and wherein the step of replacing the electronic unit or adapting an operation of the electronic unit comprises: deriving adapted identification parameters by re-training the neural network; transmitting the adapted identification parameters to the electronic unit; and reconfiguring the electronic unit with the adapted identification parameters.
“3. The method of claim 1, further comprising: sensing two concurrent sensor signals from two distinct sensors, and by a transmitter, communicating the two concurrent sensor signals to a subscriber to determine whether one of the sensors is malfunctioning by determining a presence of a deteriorating correlation between the two concurrent sensor signals from the two distinct sensors.
“4. An electronic unit for association with a drug delivery device and adapted to generate and handle drug delivery data and to transmit data items of the delivery data to a first data subscriber and to a second data subscriber, respectively, the electronic unit comprising: at least one sensor for collecting delivery data associated with the delivery device; and a processor with associated memory and having: access to a first encryption key and a second encryption key associated with the first data subscriber and the second data subscriber, respectively, and access to a first data allocation scheme and to a second data allocation scheme indicating to which delivery data item or items the first data subscriber and second data subscriber have respectively subscribed; wherein the electronic unit is configured: to prepare first transmit data including at least one delivery data item according to the first data allocation scheme, and to encrypt the first transmit data based on the first encryption key; to prepare second transmit data including at least one delivery data item according to the second data allocation scheme and to encrypt the second transmit data based on the second encryption key; and to control transmission of the encrypted first transmit data and the encrypted second transmit data to the first data subscriber and the second data subscriber, respectively.
“5. The electronic unit according to claim 4, wherein the drug delivery device comprises a disposable injection device generating signals that are detectable by the at least one sensor element of the electronic unit and said electronic unit being attachable to the injection device, and wherein the injection device comprises a machine-readable tag storing the first encryption key of the first data subscriber, wherein the at least one sensor comprises a tag reader for reading the first encryption key from the machine-readable tag.
“6. The electronic unit according to claim 4, wherein the processor is configured: to encrypt the first transmit data based on the first encryption key by encrypting the delivery data items with the first encryption key, or by encrypting the delivery data items with a generic key and encrypting the generic key with the first encryption key; and to control transmission of the encrypted first transmit data by transmitting the encrypted delivery data items or by transmitting the encrypted delivery data items and the encrypted generic key, respectively.
“7. The electronic unit according to claim 4, wherein the memory is configured for storing the first encryption key and second encryption key and the first data allocation scheme and second data allocation scheme.
“8. The electronic unit according to claim 7, wherein the first data allocation scheme assigns delivery data items including an identifier and a battery level of the electronic unit to a manufacturer of the electronic unit.
“9. The electronic unit according to claim 4, further comprising a transmitter for communicating with a mobile device or with a stationary gateway device to transmit the encrypted first transmit data and encrypted second transmit data to a remote data server.
“10. The electronic unit according to claim 4 further comprising: wherein the at least one sensor is a sensor for sensing data for deriving a quality indicator QI indicative of data accuracy of data determined by the electronic unit in a delivery event, wherein QI includes a first quality indicator value QI1 for a first delivery event and a second quality indicator value QI2 for a second delivery event after the first event; and a transmitter for communicating the first quality indicator value QI1 and the second quality indicator value QI2 to at least one of the first data subscriber or the second data subscriber.
“11. The electronic unit according to claim 4: wherein the at least one sensor comprises means for sensing two concurrent sensor signals from two distinct sensors, and a transmitter for communicating the two concurrent sensor signals to at least one of the first data subscriber or the second data subscriber.
“12. The electronic unit according to claim 4 wherein first data allocation scheme and second data allocation scheme comprise a representation of data-to-subscriber allocation schemes in the form of a chart or array.
“13. The electronic unit according to claim 4 wherein the at least one sensor comprises a tag reader for a machine-readable tag or label storing drug information mounted to a device housing of the drug delivery device.
“14. A method of monitoring drug delivery from a drug delivery device by means of an associated electronic unit adapted to generate and handle delivery data and to transmit data items of the delivery data to a first data subscriber and to a second data subscriber, comprising: using the first data subscriber and the second data subscriber to generate, respectively, a first encryption key and a second encryption key and to define a first data allocation scheme and a second data allocation scheme indicating to which data item or items the first data subscriber and second data subscriber have respectively subscribed; providing to the electronic unit, by the first data subscriber and the second data subscriber, the first encryption key and second encryption key and the first data allocation scheme and second data allocation scheme; controlling the processor of the electronic unit to: prepare first transmit data including data items according to the first data allocation scheme; encrypt the first transmit data based on the first encryption key; prepare second transmit data including data items according to the second data allocation scheme; and encrypt the second transmit data based on the second encryption key.
“15. The method according to claim 14, further comprising: providing the electronic unit access to a transmitter; using the electronic unit to transmit the encrypted first transmit data and second transmit data to a data server; and using the data server to provide the encrypted first transmit data to the first data subscriber and to provide the encrypted second transmit data to the second data subscriber.
“16. The method according to claim 14, wherein the first data subscriber is a manufacturer of the electronic unit, and wherein the first data allocation scheme assigns delivery data items including an identifier of the electronic unit and a quality indicator indicative of an accuracy of a dispensed dose determined by the electronic unit, wherein the first data subscriber: receives first transmit data including a first quality indicator value for a first delivery event and second transmit data including a second quality indicator value for a second delivery event after the first event; compares the two quality indicator values to determine a point of failure of the electronic unit; and causes the electronic unit to be replaced or adapts an operation of the electronic unit before the point of failure is reached.
“17. The method according to claim 16, wherein the processor of the electronic unit is configured to identify individual dose units of a single delivery event from feedback sample signals of a sensor element of the electronic unit based on a set of identification parameters for a neural network, and wherein the step of replacing the electronic unit or adapting an operation thereof comprises: deriving adapted identification parameters by re-training the neural network; transmitting the adapted identification parameters to the electronic unit; and reconfiguring the electronic unit with the adapted identification parameters.”
URL and more information on this patent application, see: Kuhni, Florian; Reubi, Dominik; Schneider, Andreas; Schupbach, Simon. Secure Drug Delivery Data Transmission. Filed
(Our reports deliver fact-based news of research and discoveries from around the world.)
Findings from University of Texas MD Anderson Cancer Center Yields New Data on Cancer (Cancer History, Insurance Coverage, and Cost-related Medication Nonadherence In Medicare Beneficiaries, 2013-2018): Cancer
“Life Insurance Policy Application Process And System” in Patent Application Approval Process (USPTO 20220051343): Patent Application
Advisor News
- Is there a mismatch between advisor marketing and consumer preferences?
- State health plan users may see premium increases under SC House budget proposal
- Advisor: SEC trying to ambush my defense on bad annuity sales charges
- Partner split: Grant Cardone and Gary Brecka swap charges in dueling lawsuits
- 4 things every federal worker should do to safeguard their benefits
More Advisor NewsAnnuity News
Health/Employee Benefits News
- President of Insurance Brokerage Firm and CEO of Marketing Company Charged in $161M Affordable Care Act Enrollment Fraud Scheme
- STATEHOUSE: Senate Republicans approve limiting health insurance program for Hoosiers
- State health plan users may see premium increases under SC House budget proposal
- Senate Republicans approve limits on health insurance program
- Health agents ‘optimistic’ as a new administration takes charge
More Health/Employee Benefits NewsLife Insurance News
- While U.S. mortality spike is normalizing, 5 troubling trends continue
- Whole life vs. term life: The great debate
- Prudential launches OneLeave
- Annual financial and audit reports – JPMORGAN CHASE & CO.
- Conning research: Insurers must be flexible in the 2025
More Life Insurance News