Securely sharing data between a hearing device, hearing device user, and data storage

We claim: 1. A method to communicate with a hearing device, the method comprising: receiving or generating fitting data at a fitting station, wherein the fitting data includes fitting session information for a hearing device or a user and at least one of user information for the user of the hearing device and parameters or settings for the hearing device; encrypting the fitting data with a first digital key, the encrypted fitting data stored in a remote data storage; generating, at the fitting station, a uniform resource indicator (URI) that identifies the encrypted fitting data stored in the remote data storage, wherein the URI provides access to the encrypted fitting data stored in the remote data storage; digitally signing, with a cryptoprocessor on the hearing device, the URI with a second digital key; and storing, on the hearing device, the digitally signed URI, wherein the hearing device is configured to: binaurally communicate with an additional hearing device; and transmit the URI and the second digital key to the additional hearing device. 2. The method of claim 1 , the method further comprises: receiving, at an electronic device communicatively coupled to the hearing device, the digitally signed URI from the hearing device. 3. The method of claim 1 , the method further comprising: receiving the digitally signed URI and the second digital key at an electronic device communicatively coupled to the hearing device; receiving, at the electronic device, the encrypted fitting data based on the digitally signed URI; decrypting, at the electronic device, the encrypted fitting data based on the second digital key; and transmitting instructions from the electronic device to the hearing device to modify the hearing device, wherein the instructions are based on the decrypted fitting data. 4. The method of claim 3 , wherein the electronic device is a mobile phone configured to use a mobile application, and wherein the mobile application is configured to communicate between the hearing device and the electronic device. 5. The method of claim 1 , wherein the hearing device is configured to perform envelope encryption. 6. The method of claim 1 , wherein the first digital key is a symmetric key, wherein a hearing device manufacturer stored the symmetric key on the hearing device during production of the hearing device, or wherein the first digital key is a public key. 7. The method of claim 1 , wherein the first digital key is stored on the hearing device. 8. The method of claim 1 , wherein URI is associated with a fitting session, a hearing device serial number, or the user information. 9. The method of claim 1 , wherein the hearing device is a hearing aid. 10. A non-transitory computer-readable medium storing instructions that, when executed by a processor, cause a device to perform operations, the operations comprising: receiving or generating fitting data at a fitting station, wherein the fitting data includes fitting session information for a hearing device or a user and at least one of user information for the user of the hearing device and parameters or settings for the hearing device; encrypting, at the fitting station, the fitting data with a first digital key, the encrypted fitting data stored in a remote data storage; generating, at the fitting station, a uniform resource indicator (URI) that identifies the encrypted fitting data stored in the remote data storage, wherein the URI provides access to the encrypted fitting data stored in the remote data storage, wherein the remote data storage is remote from the fitting station and the hearing device; transmitting the URI to the hearing device for storage, wherein the remote data storage is configured to enable access to the encrypted data only based on the URI; receiving the URI on the hearing device; signing digitally, with a second digital key, the URI with a cryptoprocessor of the hearing device; and storing the digitally signed URI in the hearing device, wherein the hearing device is configured to: binaurally communicate with an additional hearing device; and transmit the URI and the second digital key to the additional hearing device. 11. The non-transitory computer-readable medium of claim 10 , wherein the operations further comprise: receiving, at an electronic device, the signed URI from the hearing device; transmitting from the electronic device a request to the remote data storage to access the encrypted data, wherein the request is based on the signed URI; receiving, at the electronic device, the encrypted data; transmitting the encrypted fitting data from the electronic device to the hearing device and requesting that the hearing device decrypt the encrypted fitting data at the hearing device; decrypting, at the hearing device, the encrypted fitting data based on the second digital key stored in the hearing device; and transmitting the decrypted data to the electronic device. 12. The non-transitory computer-readable medium of claim 10 , wherein the second digital key was stored in a memory for the hearing device by a manufacturer of the hearing device at a time of manufacture for the hearing device, and wherein the cryptoprocessor is configured to use the second digital key. 13. A hearing device comprising: a microphone; a receiver configured to provide sound information; an antenna configured to wirelessly communicate with an electronic device; and a processor configured to communicate with a memory, wherein the memory is configured to store a key, and wherein the memory stores instructions that, executed by the processor, cause the hearing device to perform operations, the operations comprising: providing access to a uniform resource indicator (URI) associated with encrypted fitting data, wherein the encrypted fitting data is associated with parameters or settings for a hearing device, user information for a user of the hearing device, or a fitting session information for the hearing device; and providing access to the stored key; and a cryptoprocessor that is separate from the processor, that is dedicated for carrying out cryptographic operations, and that is configured to digitally sign the URI based on the key, wherein the hearing device is configured to: binaurally communicate with an additional hearing device; and transmit the URI and the key to the additional hearing device. 14. The hearing device of claim 13 , wherein the key was stored in a memory for the hearing device by a manufacturer of the hearing device at a time of manufacture for the hearing device. 15. The hearing device of claim 13 , wherein the electronic device is a mobile phone configured to use a mobile application, and wherein the mobile application is configured to communicate between the hearing device and the electronic device. 16. The hearing device of claim 13 , wherein the cryptoprocessor is physically protected and only accessible and useable on the hearing device.