THERAPY MANAGEMENT SYSTEM
Stored data is accessed over a computer network through a network data manager. Data may be stored and transferred to the network data manager from a product device using an uploader application. In one aspect, a request message containing an access requestor identifier is received at the network data manager from a client device for access to a data storage facility. The network data manager determines if the access requestor identifier is associated with a data record that identifies a product device having a registration record, and if it does, the network data manager transmits a data link to the client device, wherein the data link provides access to the data record by the client device over the computer network for a predetermined time period such that access to the data record is halted upon expiration of the predetermined time period. The client device may comprise, for example, a desktop or laptop computer. The product device, for example, may comprise a portable insulin pump that can be connected to the computer for data transfer to and from the network data manager.
This application is a division of application Ser. No. 14/797,589 filed Jul. 13, 2015, which in turn is a continuation of application Ser. No. 13/564,188 filed Aug. 1, 2012, now U.S. Pat. No. 9,503,526 issued Nov. 22, 2016, which claims the benefit of priority of the following co-pending U.S. Provisional Patent applications: U.S. Provisional Patent Application No. 61/513,998 entitled Therapy Management System, filed Aug. 1, 2011 by S. Daoud et al.; U.S. Provisional Patent Application No. 61/656,731 entitled Therapy Management System, filed Jun. 7, 2012 by S. Daoud et al. Priority of the filing dates of Aug. 1, 2011 and Jun. 7, 2012 are hereby claimed, and the disclosures of each of the Provisional Patent Applications is hereby incorporated by reference. This application hereby incorporates by reference in their entirety each of the following commonly-owned patents and patent applications: U.S. Provisional Patent Application No. 61/230,061 entitled Infusion System and Methods for Using Same, filed Jul. 30, 2009, by P. DiPerna et al.; U.S. patent application Ser. No. 12/846,688 entitled Infusion Pump System with Disposable Cartridge Having Pressure Venting and Pressure Feedback, filed Jul. 29, 2010 by P. DiPerna et al.; U.S. patent application Ser. No. 12/846,706 entitled Infusion Pump System with, titled Infusion Pump System with Disposable Cartridge Having Pressure Venting and Pressure Feedback, filed Jul. 29, 2010, by G. Kruse, et al.; U.S. patent application Ser. No. 12/846,720, entitled Infusion Pump System with Disposable Cartridge Having Pressure Venting and Pressure Feedback, filed Jul. 29, 2010, by D. Brown, et al.; U.S. patent application Ser. No. 12/846,733, entitled Infusion Pump System with Disposable Cartridge Having Pressure Venting and Pressure Feedback, filed Jul. 29, 2010, by M. Michaud, et al.; U.S. patent application Ser. No. 12/846,734, entitled Infusion Pump System with Disposable Cartridge Having Pressure Venting and Pressure Feedback, filed Jul. 29, 2010, by P. DiPerna, et al.; PCT Patent Application No. PCT/US2010/043789, entitled Infusion Pump System with Disposable Cartridge Having Pressure Venting and Pressure Feedback, filed Jul. 29, 2010, by P. DiPerna, et al.; U.S. patent application Ser. No. 10/200,109, entitled Infusion Pump and Method For Use, filed Jul. 19, 2002, by S. Mallett; U.S. patent application Ser. No. 11/462,962, entitled Variable Flow Reshapable Flow Restrictor Apparatus and Related Methods, filed Aug. 7, 2006, by P. DiPerna; U.S. patent application Ser. No. 12/039,693, entitled Adjustable Flow Controllers for Real-Time Modulation of Flow Rate, filed Feb. 28, 2008, by P. DiPerna; U.S. patent application Ser. No. 12/189,070, entitled Flow Prevention Regulation, and Safety Devices and Related Methods, filed Aug. 8, 2008, by P. DiPerna; U.S. patent application Ser. No. 12/189,064, entitled System of Stepped Flow Rate Regulation Using Compressible Members, filed Aug. 8, 2008, by Paul DiPerna; U.S. patent application Ser. No. 12/538,018, entitled Two Chamber Pumps and Related Methods, filed Aug. 7, 2009, by Paul DiPerna; U.S. patent application Ser. No. 12/020,498, entitled Two Chamber Pumps and Related Methods, filed Jan. 25, 2008, by Paul DiPerna; U.S. patent application Ser. No. 12/468,795, entitled Disposable Pump Reservoir and Related Methods, filed May 19, 2009, by Paul DiPerna; U.S. patent application Ser. No. 12/260,804, entitled Flow Regulating Stopcocks and Related Methods, filed Oct. 29, 2008, by Paul DiPerna; U.S. patent application Ser. No. 12/393,973, entitled Slideable Flow Metering Devices and Related Methods, filed Feb. 26, 2009, by Paul DiPerna; U.S. patent application Ser. No. 12/714,299, entitled Methods and Devices for Determination of Flow Reservoir Volume, filed Feb. 26, 2010, by Michael Rosinko et al.; U.S. patent application Ser. No. 12/563,046, entitled Solute Concentration Measurement Device and Related Methods, filed Sep. 18, 2009, by David Brown; U.S. Patent Application No. 61/392,858, entitled Analyte Monitoring Systems and Methods of Use, filed Oct. 13, 2010, by David Brown et al.; PCT Patent No. PCT/US2009/044569, entitled Disposable Pump Reservoir and Related Methods filed May 19, 2009, by Paul DiPerna; U.S. Patent Application No. 61/054,420, filed May 19, 2008, by Paul DiPerna; PCT Patent Application No. PCT/US2009/057208, entitled Flow Regulating Stopcocks and Related Methods, filed Sep. 16, 2009, by Paul DiPerna et al.; U.S. Patent Application No. 61/054,420, entitled Disposable Pump Reservoir and Related Methods, filed May 19, 2008, by Paul DiPerna; U.S. Patent Application No. 61/097,492, entitled Flow Regulating Stopcocks and Related Methods, filed Sep. 16, 2008, by Paul DiPerna; U.S. Patent Application No. 61/156,405, entitled Methods for Determination of Pump Sensor Integrity and Calibration of Pumps, filed Feb. 27, 2009, by Michael Rosinko et al.; U.S. Patent Application No. 61/184,282, entitled Methods and Devices for Determination of Flow Reservoir Volume, filed Jun. 4, 2009, by Michael Rosinko et al.; PCT Application No. PCT/US2009/057591, entitled Solute Concentration Measurement Device and Related Methods, filed Sep. 18, 2009, by David Brown; U.S. Patent Application No. 61/098,655, attorney entitled Solute Concentration Measurement Device and Related Methods, filed Sep. 19, 2008, by David Brown; U.S. Patent Application No. 61/102,776, entitled Solute Concentration Measurement Device and Related Methods, filed Oct. 3, 2008, by David Brown; U.S. Pat. No. 7,008,403, entitled “Infusion Pump and Method for Use” by S. Mallett; U.S. Pat. No. 7,341,581, entitled “Infusion Pump and Method for Use” by S. Mallet; U.S. Pat. No. 7,374,556, entitled “Infusion Pump and Method for Use”, by S. Mallet; U.S. Patent Application Publication No. 2007/0264130, entitled “Infusion Pumps and Method for Use”, filed May 4, 2007 by S. Mallett; and U.S. Patent Application Publication No. 2009/0191067, entitled “Two Chamber Pumps and Related Methods”, filed Jan. 25, 2008 by P. DiPerna; U.S. Provisional Patent Application Ser. No. 61/511,220 filed Jul. 25, 2011 by P. DiPerna et al. and entitled “Multi-Reservoir Infusion Pump Systems and Methods, and U.S. patent application Ser. No. 13/474,032, entitled “Methods and Devices for Multiple Fluid Transfer”, filed May 17, 2012 by T. Metzmaker et al. All of the above-listed patents and applications are incorporated by reference herein in their entirety.
BACKGROUNDMany electronic devices maintain a data log of information to keep a record of their operational status, use history, and other parameters. Such electronic devices can be used for controlling a variety of operations, such as transmitting data. In the context of electronic medical devices such as infusion pumps and the like, they may be used for dispensing or releasing medicaments, including fluids and other materials such as insulin and related medicaments. The data log may provide, for example, a history of transmitted or received data, data associated with substances or fluids such as on-board and dispensed volume, composition, lot number, and other characteristics, as well as operational parameters relating to transmitting, dispensing or releasing such substances or fluids. These electronic devices may not include sufficient memory to maintain a running, cumulative record of these data over an extended time period, or there may be a need for such cumulative data or other non-cumulative data to be backed-up, mirrored, or simply stored elsewhere for archival or other purposes. Therefore, these data may be maintained at one or more locations that are remote from the device, such as, e.g., a remote computing device or a network data storage facility that may have more extensive data storage capacity than that on the electronic device. As the device continues to operate, data such as those comprising a data log and/or other operational information (which such operational information may or may not be in a data log) may need to be sent to, transferred to, or otherwise maintained at a remote location such as a network data storage site to meet various needs of the users of and manufacturers of such devices.
In most cases, privacy concerns for the data generated by the electronic device will encourage careful control of access to such data by using a variety of authorization schemes. If the device is used for medical or patient care purposes, then such privacy and other data security concerns may mandate data security schemes. In the U.S., for example, the Health Insurance Portability and Accountability Act (HIPAA) of 1996 established national standards for electronic health care transactions and for the security and privacy of health data. Other such privacy mandates for patient-related and consumer-related data exist outside the U.S. as well.
For example, portable medicament infusion devices, such as infusion pumps, are used to regulate the dispensing of fluids such as insulin and other medicaments to a patient. These electronic devices may be in constant or frequent operation and may store data relating to, e.g., the dispensing of medicaments such as insulin to the patient, data relating to various operational parameters of the pump, and the like. Such data, particularly if it is cumulative in nature, may be more than can be accurately and safely stored in the memory of the infusion device itself. It may also be desired to store all or selected portions of such data at one or more alternative sites such as, e.g., a remote computing device or a network data storage facility. Such remote locations may be used to archive such data, enable analysis thereof for the patient, the health care provider, the manufacturer, and even government regulatory authorities, and for other purposes. It is therefore desirable to maintain some or all of such data in a format that is available to meet such needs.
It is known to establish and use network data facilities for storage of data such as portable insulin pump data. Access to such data, however, can be cumbersome and protracted. In some cases, access to the network stored data requires the presence of the actual insulin pump at the computer or other device being used to obtain access. In other cases, data transfer can be a relatively slow and cumbersome process. Moreover, once access to such data is granted and an authorized communication path is established, it may be desirable or necessary to carefully control such access so that third parties are not able to use the communication path to gain unauthorized access to the data.
Easier access to the network stored data and more secure data transfer are desired improvements. The present invention addresses these needs.
SUMMARYDisclosed herein are techniques for accessing stored data over a computer network through a network data manager. In one aspect, a request message containing an access requestor identifier is received at the network data manager from a client device for access to a data storage facility. The network data manager determines if the access requestor identifier is associated with a data record that identifies a product device having a registration record, and if it does, the network data manager transmits a data link to the client device, wherein the data link provides access to the data record by the client device over the computer network for a predetermined time period such that access to the data record is halted upon expiration of the predetermined time period. The client device may comprise, for example, a desktop or laptop computer. The product device, for example, may comprise a portable insulin pump that can be connected to the computer for data transfer to and from the network data manager.
In another aspect, data transfer over a computer network from a product device is accomplished with an uploader application executing at a host device, such that the uploader application authenticates the product device, extracts a data log from the authenticated product device, and uploads the extracted data log to a data record at a data storage facility over the computer network. The uploader application can receive a data link at the host device from the network data manager in response to uploading of the extracted data log, and generates a display of the received data link, wherein the data link provides access to the data record by the host device over the computer network for a predetermined time period such that access to the data record is halted upon expiration of the predetermined time period.
In other aspects, access to data is controlled such that access is automatically terminated such that an unattended but previously authorized device cannot be used to gain access. For example, the network data manager may send an access grant message to the client device for access to the stored data and receives a data request back from the client device. The network data manager will then provide the requested data record to the client device over the computer network only if the predetermined time period for the data link has not expired. In this way, access to the stored data is securely controlled and unauthorized access is less likely. In yet another aspect, the product identifier associated with the registration record at the network data manager may relate to a product device, and the product device and client device may be integrated together into a single device. For example, the product device (and client device) may comprise an insulin pump device that directly communicates with the network data manager.
Other features and advantages of the present invention should be apparent from the following description of preferred embodiments that illustrate, by way of example, the principles of the invention.
The uploader application 110 of the system of
The network data manager 108 of the data system 106 may receive a request message for access to data stored at a data storage facility 114. The data storage facility is adapted to store large amounts of data for access by computers and may comprise, for example, multiple disk drives, solid state disk drives, semiconductor memory, and/or other suitable storage devices. The data stored at the data storage facility 114 may comprise all or portions of data transferred from the product device 102, including the product device data noted above. The request message includes an access requestor identifier, to identify an owner of a product device or to identify a third party who is neither the owner of the product device nor the network data manager. The third party may comprise, for example, a physician and/or an authorized member of the physician's staff, a representative from a partner device producer, a clinician, a certified diabetes educator (CDE), and the like. If the network data manager determines that the access requestor identifier is associated with a data record that identifies a product device that has a registration record or that otherwise identifies an authorized party, such association may be used to confirm that the access requestor has been authorized. The data record to identify authorized parties may be generated through a process such as a prior registration process with the data storage facility 114 through the network data manager 108. That is, a registration record for a product device 102 includes identifiers of any product device owners or third parties who have registered with the network data manager or have otherwise been previously authorized to gain access to data of the product device.
As explained in greater detail below, third parties may register with the network data manager in response to an invitation initiated by a product device owner and sent to the third party. In the exemplary embodiment described herein, the network data manager generates an invitation request pop-up window to a user who has logged in to their account and who requests inviting someone with whom the user will share data. The third party responds to the invitation by providing registration information to the network data manager, which stores the registration information in a data record that is associated with the product device 102. The registration data record is stored in the data storage 114 along with other information relating to the product device, such as product model number, serial number, name and address of purchaser (owner and/or user) of the product device, and the like. Additional data that may be maintained in the registration data record will depend on the product device. For example, if the product device is a portable insulin pump, additional data in the registration data record may relate to therapy settings for the pump, such as insulin delivery settings, daytime settings, night settings, dosage size and frequency, and the like, as described, for example, in U.S. patent application Ser. No. 12/846,688 to DiPerna et al. filed Jul. 29, 2010. Other data that may be acquired and stored in the registration record includes the email address used as the user name to login to the network data manager, the password used to authenticate the user, a secret question (e.g. selected by the registrant from a list) and the answer to the secret question, date of birth. If the user is under 13, in addition to capturing the patient's information mentioned above, the system also maintains registration information from the caregiver or the parent, such as first name, last name, email address, and date of birth for the caregiver or parent. Some or all of the information described above may be maintained in the registration information, depending on whether the registrant is a user of the product (patient) or a third party.
After the network data manager 108 determines that the access requestor is authorized, the network data manager transmits a data link to the requesting client device, wherein the data link provides access to the data record by the client device over the computer network 104 but automatically expires, canceling access. For example, the data link may be active only for a predetermined time period, such that access to the data record is halted upon expiration of the predetermined time period. The data link typically comprises an Internet link that is accessed via an Internet browser application executing on the client device. Accessing the Internet link takes the browser application to a Web site 116 in accordance with the authorization of the data manager 108.
Attempting to access the data link after it has been canceled will result in an expired link message. This increases data security and helps safeguard the privacy of user data. For example,
The data request from an authorized user may be automatically initiated by the device upon becoming activated or achieving network access. For example, when the device gains network data access, it may automatically send a message to the network data manager that requests access or login to the account associated with the device. The message may take the form of an email message or a mobile telephone text message or message forwarded from a social network facility, or the like. The data request from an authorized partner may comprise a message to the network data manager that initiates a login process by the authorized partner to log in to their own account. Again, the message may take the form of an email message or a mobile telephone text message or social network message or the like. The authorized partner typically must accept an invitation from an authorized user to establish an account and share the user's data. Once an authorized partner has established an account with the network data manager, the authorized partner can view a list of patients from whom they have received data sharing invitations and May choose a patient's name from the list, upon which they are granted access to view the data. The data request will typically be received through the Web site 116 (
Once network communication is established by the uploader application, the uploader sends a data request message to the network data manager, providing an access requestor identifier. The access requestor identifier may comprise, for example, the product device serial number and/or product number or other indicator of the device's authenticity, registration, and ownership data, an email address and/or password combination, user name and/or password combination, or other login identifier information by which registered users may be identified, including combinations thereof. Any combination of one or more of such information may be used as the access requestor identifier to uniquely identify a person who is requesting access to the data of the device that has been transferred to the network data manager. If the network data manager determines that the access requestor identifier is associated with a data record that identifies a product device having a registration record, the data requestor is authenticated. That is, the network data manager identifies product user registration data that is associated with the login information and that is associated with the product device. The network data manager then sends an access grant message to the client device to confirm that access to the stored data has been granted.
At the uploader application, data logs are extracted from the product device, as indicated by the flow diagram box numbered 304. The product device stores a log of operational information and records an index of upload events to keep track of the last uploaded data log with changed data. For example, in the case of a product device that is a portable medicament infusion device such as a portable insulin pump, after an upload occurs, an index number is increased by one incremental value when a change is made to the data log. The uploader application will not transfer data logs if the index number is not greater than the index number of the last upload event. In this way, duplicate data log records will not be extracted and will not be transferred to the network data manager.
For example, continuing with the case of a portable medicament infusion device such as a portable insulin pump, if an insulin dosage is delivered to the patient, the pump recognizes that the delivery is a change in its operational history, and records that event in the data log as a change. The time and dosage amount is recorded in the data log and the data log index number is incremented. If another change occurs, such as a dose delivery, or a change to device parameters such as dosage times or the like, then the data log index number is again incremented. The device discriminates between events that should initiate a log index increment and those events that should not. For example, uploading data from the device, and applying electrical power to the device, are examples of detected events that initiate a log index increment by the device. Entering values on the device keypad but not entering or submitting the values that would otherwise proceed with processing is an example of an event that would not initiate a log index increment. The device is adapted to increment the log index in response to events that have been determined to be worthy of recording at the network data manager. Upon a requested upload, the current index number will be different from the index number at the time of the last successful upload, and therefore an upload event will occur. That is, after device authentication, the network data manager sends the last index number that the network data manager received in an upload, so that the uploader application only extracts data based on the index number it received from the network data manager. As a result, the data log beginning from after the previously uploaded data log at the old index number, through the data log at the current index number, will be transferred to the network data manager. If the current index number is the same as the index number of the last upload, then the uploader application recognizes that no data change has occurred since the last upload, and the uploader application will not perform an upload.
In this way, the network data manager keeps track of the index numbers on the device and sends the index number of the last uploaded data to the device so that the uploader application extracts data from the data log for sending to the network data manager based on the difference between in index number received from the network data manager and the current index number in the data log of the device.
After the changed portion of the data log is identified, the changed data is extracted for transfer to the network data manager. This operation is represented by box 306 in
At box 308 of the uploader application processing, the network data manager receives any requested data record viewing or printing request from the client device via the data link, and processes the request to deliver the requested information, either a window view or a print file. Normal operation then continues.
Operation of the uploader application will be better understood with reference to the state diagrams of
Upon occurrence of a device detected event or device removed event, the state of the uploader application changes to the Standby Processing state, in which the uploader application remains until the user initiates an “upload” operation. If the device includes an optional GUI (graphical user interface) display that is produced by the uploader application for product devices containing GUI displays, then the user may select an upload operation from the GUI display window. For devices with a GUI display, the upload operation selection may be accomplished via a linked icon or button of the GUI display. The GUI display with selectable upload operation may be produced on a display of the host device or on a display of the product device, or both.
After the user selects the upload operation, the state of the uploader application changes to Authenticate, at which time the uploader application initiates authentication processing. The authentication processing may result in one of three outcomes: (1) the product device is not registered with the network data manager, (2) the product device is not a recognized device that is maintained in the network data manager database, or (3) the product device is recognized and is registered (a “passed” outcome).
The processing to determine the authentication outcome involves determining if the product device is associated with a registration record that identifies a registered user of the product device, in which case the authentication passes, and otherwise indicating that a registration process must be completed for the product device in response to determining that the product device is not associated with a registration record that identifies a registered user of the product device, or indicating that the product device is not recognized as a valid device for the uploader application.
If the product device is not recognized, then the state of the uploader application changes from the Authenticate state to the Error state, and uploader application processing subsequently returns to the Standby Processing state with an appropriate error message (e.g. “Product not recognized”) that is generated in the Error state. If the product device is recognized but no registration record can be identified, then the state of the uploader application changes from the Authenticate state to the New Account/New Device state, in which the uploader application provides an appropriate message such as a request to the user to register the product device. The user may be required to establish a user account after verifying data relating to user patient status, payment, and the like. The uploader application processing subsequently returns to the Standby Processing state, once registration is complete. The user may then request the upload operation.
If the user is authenticated, then the state of the uploader application changes from Authenticate to Extract Data Logs. If the data logs are successfully extracted as described above in connection with
If authentication is successful, and if extraction of data logs is successful, then the state of the uploader application is in the Upload state, where the outcome of the state is either a successful upload or a failed upload. If the upload is successful, then the state of the uploader application changes to Done, and the user is presented with a display that offers choices between obtaining reports and completing operations. For example,
As noted above, a successful device authentication and a successful data log extraction (upload) results in a state of “successful upload” and the user is presented with a “successful upload” display that offers choices between obtaining reports and completing operations. For increased security, an embodiment of the system guards against a “spoofed” device or other attempt at establishing communication by an unauthorized person with an unauthorized device. For example, the “device” may actually be a computer being used to mimic a device, for the purpose of surreptitious or nefarious data access. To guard against such possibilities, the operation in
Confirming the device may comprise sending a request for confirmation information to the device and then validating the received response. For example, the network data manager may request the device to provide a randomly selected data record from a randomly selected time in the history of the device operation. When the confirmation response is received from the device, the network data manager can check the response to ensure that it contains correct information. The network data manager can check for correctness because the network data manager has a record of the device history, via prior data uploads from the device, and therefore the data records received from the device in response to the confirmation request should be identical to the corresponding data record previously received at the data manager from the device for the selected data record and selected time. If they are identical, then the response to the confirmation request is validated.
For example, the data manager might request that the device provide its bolus setting at 12:30 pm on Aug. 1, 2012. The data manager will have previously received exactly that data via a previous upload from the device. If the device seeking to establish communication is a legitimate device and is the same device from which the prior upload was received, then the device seeking to establish communication should be able to provide the requested information. If the device does not provide the correct information, the data manager will conclude that the device is an imposter and will not confirm the device, and therefore the user of the device will not be presented with a “successful upload” display and will not be offered a choice between obtaining reports and completing operations.
Over time, the uploaded data received at the network data manager from the device will comprise a relatively large body of data from which the network data manager may choose for confirmation requests. The network data manager is free to request confirmation data from the device according to any and all data available to the network data manager and to a legitimate device. The body of data from which the network data manager may select can comprise all the operating history data stored at the device, which will be determined by the storage capacity of the device itself. The initial communication with the device may take place upon manufacturing, with an initial set of upload data from which the network data manager can select for confirming requests. The network data manager can then select from the body of data with which the device has been initiated. Alternatively, the initial communication may not include storing an initial set of data into the device. In that scenario, the initial confirmation request from the network data manager may involve administrative information known only to a legitimate device, such as device serial number, production date and time, power-on date and time, and the like.
If the device is confirmed, then the selectable post-upload options are provided in a window display at the client device (i.e. host device or product device). As described above in conjunction with
At the Poll Attached Cables state, the uploader application returns to the Wait for Devices state if no new connected product devices are found. That is, the uploader application is capable of communicating with multiple product devices that are simultaneously connected to the client device, and therefore the cable polling is with reference to checking for any new devices that were not previously detected since the time of last upload. If the Poll Attached Cables state finds a new device, then the state changes to the Check New Device state. If the Poll Attached Cables state determines that a previously connected device is now missing, then the state changes to the Check Device state.
At the Check Event state, a notification to initiate the state must have related to either a newly connected device, or a removed device. If the event related to a newly connected device, then the uploader application state is changed to the Check New Device state. If the event related to a removed device, then the uploader application state is changed to the Check Device state. If the event notification was not recognized, or if the product device was not recognized, then the uploader application returns to the Wait for Devices state.
The Check New Device state handles uploader application processing in the case of a newly connected device. If the newly connected device is recognized as a valid device for operation with the uploader application, then the state changes to the Standby Processing state (see
If the product device is configured to communicate with the client device via a cable, then any drivers, program logic, communication protocols, and the like necessary for communication between the product device and the uploader application may be included in the cable itself. Such drivers, program logic, communication protocols, and the like necessary for communication may otherwise be provided with the product device itself, such as in the case where the client device (host device) and product device are provided in a single integrated device.
In the Standby Processing state, if a supported device is detected, the display window for the uploader application is changed so that the new device is added to a drop-down menu in the display window, as indicated by the Add Device state in
At the uploader application, the response from the network data manager is checked. For authentication outcomes (1) and (3), extracted device data not recognized, an error display message is generated as the output of the Authenticate state, and the state of the uploader application changes to the Standby Processing state for display of the error message (see
In the Extract Logs state, the uploader application changes to the Extract Device Settings state and attempts to determine device settings for the product device. Such settings may comprise, as noted previously for the case of a portable insulin pump device, dosage and duration settings for the pump during daytime, such settings for the pump during night time, and the like. If such information cannot be successfully retrieved from the product device, then an error condition results, initiating an “extraction failed” data message, and the state of the uploader application is changed to an Error state before proceeding to the Standby Processing state (see
If the extraction of device settings and device data logs are both successful, then the uploader application changes state to the Convert state. The Convert state involves processing the extracted data, which is typically a text string alphanumeric flat data file, to convert the extracted data into a form that is more readily usable by the network data manager and more usable by other applications and users. For example, in the exemplary embodiment, conversion of the extracted data is from a text format (e.g. ASCII) to a format such as XML (extensible markup language). Those skilled in the art will appreciate that the XML format facilitates generating data that is readily usable by a wide variety of applications. After the conversion of the extracted data, the state of the uploader application is changed to Upload (see
At the Check Response state, the response from the network data manager indicates either (1) a successful upload, or (2) a failed upload. If the upload was (1), successful, then the uploader application receives the data link and changes state to the Done state (see
As noted above, a third party may become authorized to share a user's data upon being invited by the user to share data and upon replying to the user's invitation.
The features described above may be implemented in a wide variety of electronic devices. One implementation, as noted above, is an embodiment comprising a portable infusion pump such as the type suitable for delivering insulin to a patient.
The housing 2228 of the infusion pump device 2200 can each be of any suitable shape and size. For instance, the housing 2228 may be extended and tubular, or in the shape of a square, rectangle, circle, cylinder or the like. The housing 2228 may be dimensioned so as to be comfortably associated with a user and/or hidden from view, for instance, within the clothes of a u For some embodiments, the housing 2228 of the pump device 2200 may have a width of about 2.5 inches to about 3.5 inches, a height of about 1 inch to about 2 inches and a thickness of about 0.2 inches to about 0.6 inches. The materials of the housing 2228 may vary as well. In some embodiments, housing 2228 of the pump device 2200 may be a very water-tight, plastic housing that is glued together permanently.
The infusion pump device 2200 may include an output/display 2262. The type of output/display 2262 may vary as may be useful for particular application. The type of visual output/display may include LCD displays, LED displays, plasma displays, OLEO displays and the like. The output/display 2262 may also be an interactive or touch sensitive screen having an input device such as a touch screen, a capacitance screen, a resistive screen or the like. In some embodiments, the output/display 2244 of the pump device 2200 may be an OLEO screen or an LCD screen or a capacitance touch screen. The pump device 2200 may additionally include a keyboard or other input device known in the art for data entry, which may be separate from the display. The output/display 2262 may also include a capability to operatively couple to a secondary display device such as a laptop computer, mobile communication device such as a smartphone or personal digital assistant (PDA), or the like.
The pump device may have wired or wireless communication capability such as for the sending and receiving of data as is known in the art. The wireless capability may be used for a variety purposes, including updating of any software or firmware for the processor of the device. The wireless communication capability may vary including, e.g., a transmitter and/or receiver, radiofrequency (RF) transceiver, WIFI connection, infrared or Bluetooth® communication device. The wired communication capability may also vary including, e.g., USB or SO port, flash drive port, or the like. In some embodiments, the pump device 2200 has a network communications block such as a transmitter/receiver 2258 having a radiofrequency (RF) transceiver, that allows the pump device to communicate with other electronic devices and to be used interchangeably without loss of data or information during an infusion protocol with a single infusion cartridge 2216. Data may be transferred between the processor of the pump device and a second electronic device by radio signal, optical transmission, or any other suitable means. The pump device 2200 may be used as stand-alone device as well.
The infusion pump device 2200 may also include GPS functionality, phone functionality, warning and/or alarm programming; music storage and replay functionality, e.g., an MP3 player; a camera or video mechanism; auto scaling capabilities, and/or one or more video type games or other applications developed by third parties for use thereon. The pump device 2200 may also include an accelerometer, for instance, which may be used for changing presented estimates, wherein instead of scrolling through a menu of options or using a numerical keypad, values can be input or changed via the accelerometer, such as by gesturing with or otherwise shaking the device.
As shown in
The processor 2260 may also include additional programming to allow the processor to learn user preferences and/or user characteristics and/or user history data, for instance, to implement changes in use suggestions based on detected trends, such as weight gain or loss; and may include programming that allows the device to generate reports, such as reports based upon user history, compliance, trending, and/or other such data. Additionally, pump device embodiments of the disclosure may include a “power off” or “suspend” function for suspending one or more functions of the device, such as suspending a delivery protocol, and/or for powering off the device or the delivery mechanism thereof. For some embodiments, two or more processors may be used for controller function of the pumps, including a high power controller and a low power controller used to maintain programming and pump functions in low power mode in order to save battery life.
The pump device 2200 may include a memory device 2256. The memory device 2256 may be any type of memory capable of storing data and communicating that data to one or more other components of the device, such as the processor. The memory may be one or more of a Flash memory, SRAM, ROM, DRAM, RAM, EPROM, dynamic storage, and the like. For instance, the memory may be coupled to the processor and configured to receive and store input data and/or store one or more template or generated delivery patterns. For example, the memory can be configured to store one or more personalized (e.g., user defined) delivery profiles, such as a profile based on a user's selection and/or grouping of various input factors (as described below); past generated delivery profiles; recommended delivery profiles; one or more traditional delivery profiles, e.g., square wave, dual square wave, basal and bolus rate profiles; and/or the like. The memory can also store user information, history of use, glucose measurements, compliance, an accessible calendar of events, and the like. In some embodiments, the memory 2230 of the pump device may be about 200 kB up to about 3 GB.
The pump device 2200 may include a power charging mechanism in some cases, such as a USB port, induction charger, or the like. The power charging system may be used to charge a power storage cell such as a rechargable battery of the pump device. Some embodiments may use a rechargable battery such as a NiCad battery, LiPo battery, NiMH battery or the like. In some embodiments, the power charging mechanism 2268 may be a USB port. As such, all data may be kept in the pump device for quick and easy downloading of data to a computer, other pump device, network, etc. using the USB port. The USB port may also provide the pump device 2200 with power charging. In some instances, the power charging mechanism 2268 may be an induction charging device 2270.
The uploader application described herein, as well as the network data manager and other components whose operation is described herein, may be provided as a computer program product embodied in a non-transitory computer readable storage medium containing computer implementable instructions that may be executed by a computer device. The storage medium may comprise, for example, flash memory, an optical disc such as data CD or DVD, or other computer-readable data storage device. The computer implementable instructions stored on the storage medium comprise instructions that when executed by a computer processor will provide the operation and functions described herein. The computer device for executing the enhanced media work may comprise a wide variety of computer devices that operate under control of a processor and include memory and input/output facilities, such as, for example, a mobile device or a tablet computer or a desktop or laptop computer. The mobile device may comprise, for example, a portable insulin pump device or other readily transported device that operates under control of a processor and includes memory and interfaces for input and output of data.
Some embodiments may be directed to a kit, which kit may include a device and/or a system for the transfer of device data over a computer network as described herein. Specifically, the kit may include one or more of a portable electronic device, such as an infusion device having a drive mechanism and receiving an infusion cartridge, as well as instructions for using the same, and may include an aliquot of the medicament, e.g., insulin to be delivered, as well as infusion set tubing. The instructions may be in written, audio, or pictorial form and may be included in a written manual and/or on an instruction CD or DVD, MP3 file, or accessible via a network. In certain embodiments, a training video may be included, for instance, on a separate DVD or other medium, may be accessible via a network, or may be included as programming on the portable infusion device. For instance, in certain embodiments, the portable infusion device may include a training module. The training module may be included as programming accessible by the processor of the device, wherein the software is configured to instruct a user in the proper use of the device.
It should be noted that the methods, systems, and devices discussed above are intended merely to be examples. Various embodiments may omit, substitute, or add various procedures or components as appropriate. For example, it should be appreciated that, in alternative embodiments, the methods may be performed in an order different from that described, and various steps may be added, omitted, or combined. Also, features described with respect to certain embodiments may be combined in various other embodiments. Different aspects and elements of the embodiments may be combined in a similar manner. Also, it should be emphasized that technology evolves and, thus, many of the elements are examples and should not be interpreted to limit the scope of the invention.
Specific details are given in this description to provide a thorough understanding of the embodiments. Nevertheless, it will be understood by one of ordinary skill in the art that the embodiments may be practiced without these specific details. For example, well-known circuits, processes, algorithms, structures, and techniques have been shown without unnecessary detail in order to avoid obscuring the embodiments. Further, the headings provided herein are intended merely to aid in the clarity of the descriptions of various embodiments, and should not be construed as limiting the scope of the invention or the functionality of any part of the invention. For example, certain methods or components may be implemented as part of other methods or components, even though they are described under different headings.
It is noted that embodiments may have been described as a process that is depicted as a flow diagram or block diagram. Although each diagram may describe the process as a sequential series of operations, many of the operations can be performed in parallel or concurrently. In addition, the order of the operations may be rearranged. A process may have additional steps not included in the figures.
The description above has been provided in terms of presently preferred embodiments so that an understanding of the present invention can be conveyed. There are, however, many configurations and techniques for data management systems that were not specifically described herein, but with which the present invention is applicable. The present invention should therefore not be seen as limited to the particular embodiments described herein, but rather, it should be understood that the present invention has wide applicability with respect to data management generally. All modifications, variations, or equivalent arrangements and implementations that are within the scope of the attached claims should therefore be considered within the scope of the invention.
Claims
1. A portable infusion system for transferring data over a computer network, the portable infusion system comprising:
- a memory that stores data of a portable infusion device;
- a network communications block adapted for communications with the computer network;
- a processor coupled to the memory and the network communications block;
- wherein the processor responds to an upload request by authenticating the portable infusion device and extracting a data log comprising at least a portion of the data stored in the memory and an identifier associated with the portable infusion device, and wherein the processor sends the extracted data log and identifier over the computer network to a network data manager, and receives an upload success message from the network data manager in response to a successful sending of the extracted data log and a determination that the identifier is associated with a data record at the network data manager that identifies a product device having a registration record;
- wherein the upload success message includes a data link, such that the data link provides access to the data record by the portable infusion system until the data link is automatically canceled, wherein access to the data record is halted upon the data link being canceled.
2. The system of claim 1, wherein the data link is automatically canceled upon expiration of a predetermined time period.
3. The system of claim 1, wherein the portable infusion system includes a portable infusion device that includes the memory, and further comprising a drive mechanism for infusion of a fluid from the portable infusion device.
4. The system of claim 1, further including a host computer that comprises a host processor, the memory, and the network communications block, wherein the host computer receives the extracted data log and identifier from device memory of the portable infusion device, and the host processor sends the extracted data log and identifier over the computer network to a network data manager.
5. A method of transferring data over a computer network from a portable infusion system, the method comprising:
- responding to an upload request by extracting a data log comprising at least a portion of data stored in memory of a portable infusion device and an identifier associated with the portable infusion device;
- sending the extracted data log and identifier over the computer network to a network data manager, and receiving an upload success message from the network data manager in response to a successful sending of the extracted data log and a determination that the identifier is associated with a data record at the network data manager that identifies a product device having a registration record;
- wherein the upload success message includes a data link, such that the data link provides access to the data record by the portable infusion system until the data link is automatically canceled, wherein access to the data record is halted upon the data link being canceled.
6. The method of claim 5, wherein the data link is automatically canceled upon expiration of a predetermined time period.
7. The method of claim 5, wherein responding comprises authenticating a portable infusion device having a drive mechanism for infusion of a fluid from the portable infusion device at a host computer that communicates with the portable infusion device.
8. The method of claim 7, wherein responding comprises receiving the extracted data log and identifier at the host computer from device memory of the portable infusion device; and wherein the host computer sends the extracted data log and identifier over the computer network to a network data manager.
9. A method of accessing stored data over a computer network through a network data manager, the method comprising:
- receiving a request message at the network data manager from a client device for access to a data storage facility, the request message including an access requestor identifier;
- determining at the network data manager that the access requestor identifier is associated with a data record that identifies a product device having a registration record; and
- transmitting a data link to the client device, wherein the data link provides access to the data record by the client device over the computer network for a predetermined time period such that access to the data record is halted upon expiration of the predetermined time period.
10. The method of claim 9, further including:
- sending an access grant message from the network data manager to the client device for access to the stored data;
- receiving a data request from the client device in response to the access grant message, requesting access to a data record of the stored data at the data storage facility;
- providing the requested data record to the client device over the computer network only if the predetermined time period has not expired.
11. The method of claim 10, wherein the data request comprises a request to view the data record.
12. The method of claim 9, wherein the product identifier relates to a portable insulin pump device.
13. The method of claim 9, wherein the product identifier relates to a product device, and the product device and client device are integrated together into a single device.
14. The method of claim 9, wherein the data link comprises an Internet link that is accessed via an Internet browser application executing on the client device.
15. The method of claim 9, wherein the associated data record further identifies an authorized access partner who has replied to an access invitation message associated with the product device.
16. The method of claim 16, wherein determining comprises:
- receiving login information from the client device at the network data manager; and
- identifying access partner registration data that is associated with the login information and that is associated with the product device.
17. The method of claim 17, wherein the access partner registration data and login information are stored at the data storage facility.
18. The method of claim 9, wherein the associated data record further identifies a product user who is associated with the registration record of the product device.
Type: Application
Filed: Jan 20, 2017
Publication Date: May 11, 2017
Inventors: Saleem Daoud (San Diego, CA), Christopher Jung (San Diego, CA), Gregory Grant Haines (San Diego, CA)
Application Number: 15/411,406