US 11,941,152 B2
Systems and methods for processing electronic images across regions
Razik Yousfi, Brooklyn, NY (US); Leo Grady, Darien, CT (US); and Nathalie D'Amours, Redwood City, CA (US)
Assigned to HeartFlow, Inc., Mountain View, CA (US)
Filed by HeartFlow, Inc., Redwood City, CA (US)
Filed on Sep. 3, 2021, as Appl. No. 17/466,312.
Application 17/466,312 is a continuation of application No. 15/635,127, filed on Jun. 27, 2017, granted, now 11,138,337.
Claims priority of provisional application 62/355,742, filed on Jun. 28, 2016.
Prior Publication US 2021/0397746 A1, Dec. 23, 2021
This patent is subject to a terminal disclaimer.
Int. Cl. G06F 21/62 (2013.01); G16H 10/60 (2018.01)
CPC G06F 21/6254 (2013.01) [G16H 10/60 (2018.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method of processing electronic images to preserve privacy while transferring data across regions, the method comprising:
receiving, by a processor physically located in a first geographic region, patient-specific data including first patient privacy information in compliance with privacy standards specific to the first geographic region;
removing, using the processor physically located in the first geographic region, the first patient privacy information from the patient-specific data to generate a first set of anonymous health data, based on the privacy standards specific to the first geographic region;
storing, using the processor physically located in the first geographic region, the first patient privacy information within the first geographic region, the first patient privacy information being stored using a storage entity separate from a permanent storage at a second geographic region;
transmitting, using the processor physically located in the first geographic region, the first set of anonymous health data to a remote data analysis server physically located in the second geographic region for a patient-specific computation based on the first set of anonymous health data, the second geographic region being distinct from and outside the first geographic region;
generating, using the remote data analysis server physically located within the second geographic region, an anatomical model of a patient based on the first set of anonymous health data and conducting the patient-specific computation through the generated anatomical model;
determining, using the remote data analysis server physically located within the second geographic region, a patient-specific blood flow computation in the patient based on the generated anatomical model and a mass or a volume of a myocardial tissue of the patient;
receiving, by the processor physically located in the first geographic region, analyzed anonymous health data from the remote data analysis server physically located in the second geographic region, the analyzed anonymous health data including results of a patient-specific blood flow computation calculated at an earlier date and stored in the permanent storage; and
identifying a patient associated with the generated anatomical model by determining, using the processor physically located in the first geographic region, first patient privacy information associated with the analyzed anonymous health data based on the first patient privacy information stored within the first geographic region and the patient-specific blood flow computation stored in the permanent storage, wherein the first patient privacy information is inaccessible within the second geographic region.