Abstract: An authentication system, a mobile electronic device, an instantiating unit and a method, as well as a computer program product are disclosed for the authentication of a patient against a central registry which exchanges data with a repository for the storage of medical data records. In an embodiment, an individualized application is loaded and installed on the mobile radio device in order to sign messages to the registry with a signature. The signature can be triggered in the registry to check the authenticity of the remote patient in order to provide data access.

Abstract: A method, a system, a registry, a repository and a computer program product are disclosed for securely accessing sensitive medical data records stored in a repository. Before accessing security-critical data in the repository, a registration inquiry with a separate registry must be carried out in order to obtain a security token having limited temporary validity, for example in the form of a barcode. A data source and/or a data sink can then use the security token to access the security-critical data in that an index module indexes the data record inquired about on the repository.

Abstract: A method for identifying a patient for later access to an electronic patient record for the patient using a communication device belonging to an inquiring person. The patient record is stored in a database using a primary key which serves to identify the patient and which has at least one unambiguously associated secondary key, where the secondary key used to identify a patient is at least one subscriber information item which characterizes a subscriber in a wireless communication network. The secondary key for identification is transmitted between a mobile terminal used for communication in the wireless communication network and a portal via the at least one communication network.

Abstract: A method for facilitating a stateless transmission of data between data sources and client devices may be provided. A message is received from each of the data sources. The message includes data obtained by the respective data source and data indicative of a destination address for the data. The destination address is associated with a client device of the client devices. For each message, the data is stored based on the destination address for the data. A request for data is received from one of the client devices. The request includes data indicative of an address associated with the one of the plurality of client devices. When the address associated with the one of the plurality of client devices corresponds to the destination address for any of the stored data, the stored data with the corresponding destination address is transmitted to the one of the client devices.

Abstract: A method, a system and a computer program product are disclosed for referencing medical electronically available patient-related data records which are stored in a distributed manner in a computer-based network, including a multiplicity of computer-based entities. In at least one embodiment, a request for patient-related data records is generated on the basis of an original identifier and is sent to an index server. By accessing a table, the index server checks whether entries or data records are stored for the respective patient in the respective repository. If so, it inserts this reference to the storage location into the result. The request is forwarded from index server to index server until all index servers have been processed, so that the end result can be forwarded to the requesting workstation with all references to requested patient-related data records.

Abstract: An authentication system, a mobile electronic device, an instantiating unit and a method, as well as a computer program product are disclosed for the authentication of a patient against a central registry which exchanges data with a repository for the storage of medical data records. In an embodiment, an individualised application is loaded and installed on the mobile radio device in order to sign messages to the registry with a signature. The signature can be triggered in the registry to check the authenticity of the remote patient in order to provide data access.

Abstract: In at least one example embodiment, the invention relates to a computer-implemented method, a computer-implemented system and a computer program product for controlling the access to splittable resources in a distributed client server system operating in parallel. The resource control system is designed for a plurality of clients connected to the system and is used to maintain consistency of the data. When a client makes a first attempt to access a resource of the server, an exclusive lock for the requested resource is allocated to the accessing client, that blocks the access to the resource for other clients, said exclusive lock only being allocated for a pre-determinable period of time and then automatically discontinued.

Abstract: A method for facilitating a stateless transmission of data between data sources and client devices may be provided. A message is received from each of the data sources. The message includes data obtained by the respective data source and data indicative of a destination address for the data. The destination address is associated with a client device of the client devices. For each message, the data is stored based on the destination address for the data. A request for data is received from one of the client devices. The request includes data indicative of an address associated with the one of the plurality of client devices. When the address associated with the one of the plurality of client devices corresponds to the destination address for any of the stored data, the stored data with the corresponding destination address is transmitted to the one of the client devices.

Abstract: A method for identifying a patient for later access to an electronic patient record for the patient using a communication device belonging to an inquiring person. The patient record is stored in a database using a primary key which serves to identify the patient and which has at least one unambiguously associated secondary key, where the secondary key used to identify a patient is at least one subscriber information item which characterizes a subscriber in a wireless communication network. The secondary key for identification is transmitted between a mobile terminal used for communication in the wireless communication network and a portal via the at least one communication network.

Abstract: A method, a system, a registry, a repository and a computer program product are disclosed for securely accessing sensitive medical data records stored in a repository. Before accessing security-critical data in the repository, a registration inquiry with a separate registry must be carried out in order to obtain a security token having limited temporary validity, for example in the form of a barcode. A data source and/or a data sink can then use the security token to access the security-critical data in that an index module indexes the data record inquired about on the repository.

Abstract: A method for identifying a patient for later access to an electronic patient record for the patient using a communication device belonging to an inquiring person. The patient record is stored in a database using a primary key which serves to identify the patient and which has at least one unambiguously associated secondary key, where the secondary key used to identify a patient is at least one subscriber information item which characterizes a subscriber in a wireless communication network. The secondary key for identification is transmitted between a mobile terminal used for communication in the wireless communication network and a portal via the at least one communication network.

Abstract: An approach for signing messages and checking the authenticity of the sender at the receiver is disclosed. For this purpose, a mobile communication network is expanded by a signature function. The transmitted message packet comprises the message and a signature of the message encrypted with a secret key. The mobile radio communication number of the transmitting device is preferably used as the public key. The receiver can check the authenticity of the message by employing a decryption method.

Abstract: A mobile communications device is disclosed for use in an electronic access system for communicating with a central server for processing at least access authorization for an application running on the server. In at least one embodiment, an optical identification signal in the form of a barcode or a photographic recording of the user is captured on the mobile communications device in the form of an identification code and sent together with the mobile number to the server for further processing. The access authorization of the user for the respective application can therefore be verified on the central server. At least one embodiment relates in particular to medical and healthcare-related applications.

Abstract: In at least one example embodiment, the invention relates to a computer-implemented method, a computer-implemented system and a computer program product for controlling the access to splittable resources in a distributed client server system operating in parallel. The resource control system is designed for a plurality of clients connected to the system and is used to maintain consistency of the data. When a client makes a first attempt to access a resource of the server, an exclusive lock for the requested resource is allocated to the accessing client, that blocks the access to the resource for other clients, said exclusive lock only being allocated for a pre-determinable period of time and then automatically discontinued.

Abstract: A server implemented method for securing data is provided. The method includes generating a context container for storing data objects transferred to the server during a session with a client, creating, from the data objects in the context container, a plurality of protected zones of data objects, wherein each protected zone includes data objects of a different class of security and creating a reference for each protected zone. Further, the method includes providing the client access to that protected zone via the reference, wherein the reference is non-persistently stored in the server.

Abstract: A guard computer and a system including the guard computer for connecting an external device to a physical computer network are provided. The guard computer includes a network interface for connecting to the physical computer network, a device interface for connecting the external device having a data repository containing data, The guard computer also includes a configuration file containing a set of rules for making the data available to the network and a processor making data available to the network based upon the set of rules.

Abstract: A method for dispensing medical items designated in a prescription, such as an electronic prescription, including providing the electronic prescription to a server, and the server providing the electronic prescription to a pharmacy or other agent that fills the prescription and provides the medical items to the patient. A consent statement is provided by the patient for permission to the pharmacy to receive and fill the prescription and for permission to the server to receive and forward the prescription. Secure communications are provided for key communications to establish trust of identity of the parties and entities.

Abstract: A medical professional registers himself with the trust centre (TC) or trusted registry (TR) acting on behalf of and/or operated by the mobile communication service provider. According to an embodiment of the present invention, the trust centre or trusted registry generates a pair of keys (“private key, public key”) and associates the private key with the mobile-phone identity (IMEI, SIM-chip-number or phone number) in a secret table stored at the TC or TR. The TC or TR also associates the public key with the medical author's name (plus office address) as an entry into a directory.

Abstract: A medical professional registers himself with the trust centre (TC) or trusted registry (TR) acting on behalf of and/or operated by the mobile communication service provider. According to an embodiment of the present invention, the trust centre or trusted registry generates a pair of keys (“private key, public key”) and associates the private key with the mobile-phone identity (IMEI, SIM-chip-number or phone number) in a secret table stored at the TC or TR. The TC or TR also associates the public key with the medical author's name (plus office address) as an entry into a directory.

Abstract: A semantic search is provided. The semantic search generates related terms that relate to a search term using a selected ontology domain. The related terms may be compared to information in a medical document. The semantic search may also generate related terms for the medical document. The related terms for the medical document may be compared to the related terms that relate to the search term.