Affiliate Disclosure
If you buy through our links, we may get a commission. Read our ethics policy.

Apple CareKit integrates with Tresorit ZeroKit to secure patient data in the cloud

Apple on Tuesday announced its CareKit development framework, designed to create apps that let healthcare professionals continue followup care with patients, is now integrated with Tresorit's ZeroKit, which provides end-to-end encryption of users' account credentials and their health data to the cloud.

Apple announced CareKit last spring as an extension of ResearchKit. While ResearchKit was intended to help create apps that enabled medical researchers to gather and analyze health related data from study participants, CareKit — in response to practitioners' requests — was created to help individuals better manage their own medical conditions.

CareKit-based apps allow users to track their symptoms, activity and medications. For example, one new app in development at Texas Medical Center focuses on post surgical care, tracking patients pain levels, temperature, range of mobility and the medications they take. This data is encrypted for secure storage on users' iPhones, but many apps also make use of shared data with their care teams.

Other CareKit apps focus on managing chronic conditions or diseases like diabetes that require tracking of symptoms such as pain, hunger and dizziness as well as monitoring glucose levels.

CareKit itself doesn't handle encryption to the app developers' servers, requiring separate work by developers. Tresorit has already developed end-to-end encryption for its file sync and sharing application. This is serving as the foundation for the company's ZeroKit framework, designed to make it easy to protect user passwords and their medical records.

As noted in a release today on Apple's CareKit blog, ZeroKit integrates with Apple's CareKit to provide both secure, "zero knowledge proof" user authentication to protect user passwords from breaches, as well as helping developers to store patients' Protected Health Information (PHI) in the cloud with end-to-end encryption in order to comply with U.S. HIPAA requirements required by the Health Insurance Portability and Accountability Act.

In a press release, Tresorit explained that ZeroKit "combines zero knowledge methodology and end-to-end encryption," so that user passwords and patient data such as medical reports "never reach the servers in plain text."

Because all encryption and password transformation happens on users' devices and the readable formats never leave them, "user data cannot be read by unauthorized people," the company noted. "Even in case of a server data breach, hackers will only find unreadable data."

The company's cofounder and chief executive Istvan Lam stated, "Our mission is to help people stay secure and protect their privacy. With ZeroKit, our aim is to make our core end-to-end encryption technology available for all developers and enable them to build secure digital health tools."

Lam added, "Secure authentication goes hand-in-hand with end-to-end encryption of data: without that, end-to-end encryption is practically useless. ZeroKit is an out-of-the-box solution for this."

Tresorit's ZeroKit is already being used by healthcare apps including The Diary's CarePro, a tool to automate care coordination, and DrNearMe, a service for connecting patients to health providers.



5 Comments

apple jockey 11 Years · 166 comments

This is great news. With encrypted medical data communication with patients a reality, the last important milestone has been attained. Now Apple, with its work with and employment of medical researchersand cooperation with renowned medical institutions has in place the final pillar. The AW, and the medical gear able to communicate with the iPhone/iPad will now be secure to allow off campus recuperation. 

A can think of a number of services Apple can provide  insurance, hospitals, clinics, senior home care, etc.  A real hardware, software and service growth potential for Apple and major social contribution. 👍

frantisek 11 Years · 760 comments

Focus on platform security can show as big advantage over other platforms in this field, similar as in home automation.

rob53 13 Years · 3313 comments

Can anyone get into the carekit.org blog linked in this article? 

badmonk 11 Years · 1336 comments

This is big.  Thank you to all who worked on making this possible.

rob53 13 Years · 3313 comments

Apple finally is showing the typical Page not Found for the CareKit blog link referenced in this article. Everything about CareKit goes to https://www.apple.com/researchkit/ What's going on? Is there even a CareKit blog?