CN112908440A - Health management data sharing method and device and remote medical platform - Google Patents
Health management data sharing method and device and remote medical platform Download PDFInfo
- Publication number
- CN112908440A CN112908440A CN202110174855.6A CN202110174855A CN112908440A CN 112908440 A CN112908440 A CN 112908440A CN 202110174855 A CN202110174855 A CN 202110174855A CN 112908440 A CN112908440 A CN 112908440A
- Authority
- CN
- China
- Prior art keywords
- health management
- data
- management data
- user
- health
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 230000036541 health Effects 0.000 title claims abstract description 161
- 238000000034 method Methods 0.000 title claims abstract description 41
- 238000012545 processing Methods 0.000 claims description 25
- 238000003745 diagnosis Methods 0.000 claims description 22
- 238000013475 authorization Methods 0.000 claims description 19
- 230000010354 integration Effects 0.000 claims description 4
- 238000013507 mapping Methods 0.000 claims description 3
- 238000007726 management method Methods 0.000 description 84
- 230000008569 process Effects 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 7
- 238000010586 diagram Methods 0.000 description 5
- 238000012795 verification Methods 0.000 description 5
- 230000005540 biological transmission Effects 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 230000003993 interaction Effects 0.000 description 4
- 238000010276 construction Methods 0.000 description 3
- 238000013500 data storage Methods 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 239000012634 fragment Substances 0.000 description 2
- 238000013467 fragmentation Methods 0.000 description 2
- 238000006062 fragmentation reaction Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 230000004075 alteration Effects 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 239000003795 chemical substances by application Substances 0.000 description 1
- 238000011217 control strategy Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000009977 dual effect Effects 0.000 description 1
- 238000007689 inspection Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 238000012216 screening Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 239000002699 waste material Substances 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H50/00—ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics
- G16H50/30—ICT specially adapted for medical diagnosis, medical simulation or medical data mining; ICT specially adapted for detecting, monitoring or modelling epidemics or pandemics for calculating health indices; for individual health risk assessment
Abstract
The health management data sharing method comprises the steps of establishing a health management alliance chain, uniformly linking and storing health management data generated by users in different medical institutions, and establishing an intelligent contract, so that the different medical institutions can access the health management data of the users after being authorized by the intelligent contract. The method and the system can enable doctors of different medical institutions to see the complete health management data of the patient, and can realize the safe storage of user data and the access control authorized by the user.
Description
Technical Field
The application belongs to the technical field of health management, and particularly relates to a health management data sharing method and device and a remote medical platform.
Background
The remote medical platform integrates various internet medical resources through multi-channel cooperation, and provides multi-level health consultations and diagnosis services for users. Health management data, diagnosis and treatment data, position information and personal information generated in the service process need to follow the data security sharing specification of the platform, and the secure storage of user data and the access control authorized by a user are realized.
After the medical service of the partner is accessed to the platform, the health management data is only circulated and shared in the medical application, information among different medical institutions is independently managed, and an effective data sharing mechanism is lacked, so that a doctor can not see the complete treatment record of a user, and the complexity of accurate treatment is increased. On the other hand, medical health data of each partner is managed in a scattered mode, a data sharing and trust mechanism is lacked among different partners, data security standards are different, and user experience is affected.
Disclosure of Invention
In order to overcome the problems that health management data in the existing remote medical platform are only circulated and shared in medical application, information among different medical institutions is independently managed, an effective data sharing mechanism is lacked, so that doctors can not see complete treatment records of users, the complexity of accurate treatment is increased, medical health data of all partners are dispersedly managed, data sharing and trust mechanisms are lacked among different partners, data safety standards are different, and user experience is influenced, the health management data sharing method, the health management data sharing device and the remote medical platform are provided.
In a first aspect, the present application provides a health management data sharing method, including:
constructing a health management alliance chain;
uniformly linking and storing health management data generated by users in different medical institutions;
and establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
Further, the uniformly linking and storing the health management data generated by the user in different medical institutions includes:
carrying out asymmetric encryption on the health management data;
generating a user private key, and encrypting the user private key;
and performing uplink storage on the health management data after the asymmetric processing and the user private key after the encryption processing.
Further, the encrypting the user private key includes:
inputting a user private key into the distributed file system;
the distributed file system divides data of a user private key into pieces according to a preset threshold value, and randomly distributes each piece of data to different nodes;
and generating a file index according to the specific content of the user private key, and carrying out symmetric encryption processing on the file index.
Further, the intelligent contract comprises:
registering contracts, health diagnosis and treatment data processing contracts and authorization contracts;
the registration contract is used for mapping the participant identification character string to an address identification of the health management alliance chain;
the health diagnosis and treatment data processing contract is used for defining a data pointer and an access right and identifying health medical records provided by each participant node;
and the authorization contract is used for enabling the participant node to inquire the health medical record in the health management alliance chain.
Further, the method also comprises the following steps:
and uploading the transaction generated by the intelligent contract to the chain through a consensus algorithm so as to realize data synchronization between the nodes on the health management alliance chain.
Further, the consensus algorithm comprises:
PBFT consensus algorithm.
Further, the method also comprises the following steps:
setting a server-side data interface;
and the server-side data interface is used for interconnecting with an external database.
Further, the health management data includes:
patient complete visit records, physical examination data, and wearable medical device data.
In a second aspect, the present application provides a health management data sharing apparatus, comprising:
the building module is used for building a health management alliance chain;
the storage module is used for uniformly linking and storing the health management data generated by the user in different medical institutions;
and the establishing module is used for establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
In a third aspect, the present application provides a telemedicine platform comprising:
a health management data sharing device, a user client, and a medical institution integration interface as described in the second aspect;
the user client and the medical institution integrated interface are respectively connected with the health management data sharing device.
The technical scheme provided by the embodiment of the application can have the following beneficial effects:
according to the health management data sharing method, the health management data sharing device and the remote medical platform, which are provided by the embodiment of the invention, through constructing the health management alliance chain, the health management data generated by the user in different medical institutions are uniformly linked and stored, and the intelligent contract is established, so that the different medical institutions can access the health management data of the user after being authorized by the intelligent contract, doctors in different medical institutions can see the complete health management data of the patient, and the safe storage of the user data and the access control of the user authorization can be realized.
It is to be understood that both the foregoing general description and the following detailed description are exemplary and explanatory only and are not restrictive of the application.
Drawings
The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and together with the description, serve to explain the principles of the application.
Fig. 1 is a flowchart of a health management data sharing method according to an embodiment of the present application.
Fig. 2 is a flowchart of a health management data sharing method according to another embodiment of the present application.
Fig. 3 to 10 are flowcharts of another health management data sharing method according to an embodiment of the present application.
Fig. 11 is a functional block diagram of a health management data sharing device according to an embodiment of the present application.
FIG. 12 is a functional block diagram of a remote medical platform according to one embodiment of the present application.
FIG. 13 is a functional block diagram of another telemedicine platform provided in one embodiment of the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail below. It is to be understood that the embodiments described are only a few embodiments of the present application and not all embodiments. All other embodiments, which can be derived by a person skilled in the art from the examples given herein without making any creative effort, shall fall within the protection scope of the present application.
Fig. 1 is a flowchart of a health management data sharing method according to an embodiment of the present application, and as shown in fig. 1, the health management data sharing method includes:
s11: constructing a health management alliance chain;
s12: uniformly linking and storing health management data generated by users in different medical institutions;
s13: and establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
According to the traditional remote medical platform, after the medical service access platform of a partner, health management data are only circulated and shared in medical application, information between different medical institutions is independently managed, an effective data sharing mechanism is lacked, so that a doctor can not see the complete diagnosis record of a user, and the complexity of accurate treatment is increased. On the other hand, medical health data of each partner is managed in a scattered mode, a data sharing and trust mechanism is lacked among different partners, data security standards are different, and user experience is affected.
In this embodiment, by constructing a health management alliance chain, health management data generated by a user in different medical institutions is uniformly linked and stored, and an intelligent contract is established, so that different medical institutions access the health management data of the user after being authorized by the intelligent contract, doctors in different medical institutions can see the complete health management data of a patient, and secure storage of user data and access control of user authorization can be realized.
Fig. 2 is a flowchart of a health management data sharing method according to another embodiment of the present application, and as shown in fig. 2, the health management data sharing method includes:
s21: constructing a health management alliance chain;
the data transmission mode is changed from the original offline manual transmission into online quasi-real-time sharing. All logs are recorded on the chain, and the integrity and the anti-repudiation performance of backtracking are ensured. Resources such as cloud, data and information systems existing in the current medical institution are integrated through a block chain, a cloud-crossing and network-crossing data platform is quickly constructed, and construction fund and time investment are reduced.
S22: carrying out asymmetric encryption on the health management data;
health management data includes, but is not limited to:
patient complete visit records, physical examination data, and wearable medical device data.
Under the authorized condition, medical health services of all partners are shared in the platform, and a medical doctor can see complete treatment records, physical examination data and even wearable medical equipment data of a patient, so that accurate treatment or prevention in advance can be realized, examination and inspection data generated when the user uses the platform services can be reliably shared, and unauthorized use of personal privacy data is prevented.
An asymmetric encryption algorithm such as RSA asymmetric encryption algorithm.
S23: generating a user private key, and encrypting the user private key;
in some embodiments, as shown in fig. 3, the encrypting the user private key includes:
s231: inputting a user private key into the distributed file system;
the distributed File System is, for example, an IPFS (internet File System). The IPFS identifies the files by generating the independent hash values through the file contents instead of identifying the files through the file storage positions, and only one file with the same content exists in the system, so that the storage space is saved.
S232: the distributed file system divides data of a user private key into pieces according to a preset threshold value, and randomly distributes each piece of data to different nodes;
for example, the preset threshold is 256KB, one file is randomly stored in one node of the federation chain every 256KB of data, and if the user private key file is 600KB, the file needs to be divided into 3 files.
S233: and generating a file index according to the specific content of the private key of the user, and symmetrically encrypting the file index.
The symmetric encryption algorithm is, for example, an AES symmetric encryption algorithm.
S24: and performing uplink storage on the health management data after the asymmetric processing and the user private key after the encryption processing.
By performing uplink storage on the health management data after asymmetric processing and the user private key after encryption processing, the health management data can be protected by adopting a dual encryption logic in the protection of the privacy users of the shared platform, and the health management data can not be tampered, so that the non-tampering property of the data storage of the medical institution business system and the non-tampering property of the data transmission among different medical institutions can be assisted.
S25: and establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
In some embodiments, the intelligent contract comprises:
registering contracts, health diagnosis and treatment data processing contracts and authorization contracts;
the registration contract is used for mapping the participant identification character string to an address identification of the health management alliance chain;
participant identification uses strings rather than directly encrypted public key identities, allowing the use of an anonymous ID form that already exists, identity registration can only be limited to certificate authorities, and registration contracts map an identity string to an address on a blockchain.
The health diagnosis and treatment data processing contract is used for defining a data pointer and an access right and identifying health medical records provided by each participant node;
when one node stores and manages the medical records of another node, the system will issue a patient-provider relationship contract between the two nodes. Health care data processing contracts define various data pointers and associated access rights that can identify records held by service providers. Each data pointer contains a query string that, when executed on the provider's database, returns a subset of the enterprise user health and medical data. The query string is concatenated with the hash of this subset of data to ensure that the data has not been modified in the source file. The additional information indicates that the provider's database, i.e., hostname and port in the standard network topology, is accessible in the network. The data query and its related information are formulated by the service provider and modified as new records are added. To enable the patient to share records with others, a dictionary (hash table) maps the viewer's address to an additional list of query strings. Each string may specify a portion of the patient data, which may be accessible to a third party viewer in some embodiments.
And the authorization contract is used for enabling the participant node to inquire the health medical record in the health management alliance chain.
The authorization contract contains a list of references to health care data processing contracts representing all participants' previous and current engagements with other nodes in the system. Enterprise users can leave and rejoin the system multiple times and regain their history by downloading the latest blockchain from the network. The blockchain log may be maintained as long as there are nodes participating in the network. The authorization contract also implements a "user notification" function. Each relationship stores a state variable. This indicates that the relationship is newly established, waiting for pending updates, with or without approval from the enterprise user. In a system, a provider in the system sets the status of relationships in an enterprise user authorization contract whenever a record is updated or as part of creating a new relationship. Thus, enterprise users may poll their authorization contracts and be notified when new relationships are established or updated. Enterprise users may accept, decline, or delete relationships.
The intelligent contracts mainly realize various intelligent contracts for processing data with a alliance chain and upper-layer users, and the interaction between a data owner and a data access demand party is realized through the three intelligent contracts.
In some embodiments, further comprising:
the method specifically comprises the following steps of processing a data request of a demand party (medical institution):
the system can obtain the private key information of the user according to the processing of the intelligent contract, if the identity verification is passed, the system authorizes the demander, and the private key information is provided for the demander instead of the currency value.
Aiming at the problems that health management data transaction between doctors and patients is not fair, and patients cannot obtain medical services corresponding to medical information provided by the patients, a credible information sharing strategy among multiple roles is implemented by designing and realizing an intelligent contract of a block chain, and credible interaction of data among all parties participated by a platform is realized by managing the intelligent contract. The intelligent contract is adopted to apply, authorize and access control the health data and the electronic medical record data, so that the problem of privacy disclosure caused by internal and external potential safety hazards is avoided.
S26: and uploading the transaction generated by the intelligent contract to the chain through a consensus algorithm so as to realize data synchronization between the nodes on the health management alliance chain.
In some embodiments, the consensus algorithm comprises:
PBFT (Practical Byzantine Fault Tolerance) consensus algorithm.
The consensus algorithm is mainly responsible for selecting release nodes for the blocks after packaging and counting authorized node votes based on the PBFT consensus algorithm, and the transactions generated by the intelligent contracts are uploaded to the health management alliance chain through the consensus algorithm, so that data synchronization among all nodes of the health management alliance chain is achieved. The PBFT consensus algorithm is adopted, the system delay is short, the fault tolerance performance is good, the problems that the resource waste of the block chain consensus algorithm is serious, the generation time of the health management data block is unstable and the like are solved, and the stability of the medical information sharing platform is guaranteed in performance.
In some embodiments, further comprising:
setting a server-side data interface;
and the system is interconnected with an external database through a server-side data interface.
The efficiency of on-chain storage data and the high efficiency of visiting can be guaranteed, off-chain storage and on-chain verification can be guaranteed, the system provides a server data interface for the outside specially, interconnection can be carried out with an external database through the interface, and specific data information can be obtained through summary information.
When a user of the service uses the access control system of the health management alliance chain, the super account book in the alliance chain is used for storing the health management alliance chain and the access control strategy on the chain, and data are prevented from being tampered; encrypting and decrypting a health management alliance chain in intelligent contract agent service through cryptography, and avoiding data from being completely disclosed on a block chain; by the intelligent contract of the super account book, access control based on an open system is realized, the address algorithm derived by a public key is combined, the data access authority of the electronic medical record can be specified by a user, the access strategy is ensured to be safe, transparent and automatic, and the electronic medical record system combined with the alliance link is safe, open, feasible and controllable.
In some embodiments, as shown in fig. 4, various types of users need to complete registration when using the remote medical platform, and the user registration process includes: various users input basic account information; the platform distributes a client anonymous account according to the user type and the user identification; and the anonymous account is linked up through the intelligent contract to complete the user registration.
After the user finishes the registration, the method further includes user login authentication, as shown in fig. 5, the specific process includes:
inputting account information, and acquiring anonymized data by a client through SHA; and the alliance chain inquires the password according to the anonymized data, judges whether password authentication passes, allows access to the remote medical platform if the password authentication passes, and refuses access if the password authentication does not pass.
When the user registers, each user is allocated an anonymous identifier in the chain, the anonymous identifier is stored in the intelligent contract of the user registration, and when the user acquires data, the system accesses the system platform through the anonymous identifier. The generation of the anonymous identifier is carried out by using a SHA256 one-way encryption algorithm, so that the data anonymization is realized.
In some embodiments, as shown in fig. 6, the specific process of uploading the health management data to the health management federation chain for storage includes:
the cooperative Internet medical institution provides services and generates health medical information data; the cooperative medical institution uploads health medical information data; the system encrypts the uploaded health medical information data by using an AES encryption algorithm, uploads the health medical information data to the distributed file system, and obtains the link of the health medical information data in the distributed file system; the key center creates a public key and a private key for the user, and encrypts the public key and the index of the health medical data by using an RSA encryption algorithm; the encrypted index data, the public key and the encrypted storage link address of the distributed file system are stored in a alliance chain, and uplink operation is completed; for the generated private key information to ensure that the private key information can not be attacked and acquired, carrying out data fragmentation processing through a distributed file system, and generating a fragment file every 256KB and storing the fragment file on a random node; notify the data owner (platform enterprise user) that health medical data has been uploaded; data owner disclosure rights; the system modifies the health care data to public rights.
As shown in FIG. 7, the data owner view health management data flow includes:
an enterprise user inquires and retrieves diagnosis and treatment data of the enterprise user through client application to obtain a data identifier; the system acquires index information of the health diagnosis and treatment data from the alliance chain according to the data identification submitted by the user; the enterprise user provides the password of the data owner; the data is decrypted to obtain index information, and the cooperative medical institution performs identity verification through connection to obtain health diagnosis and treatment data; and the user browses data.
As shown in fig. 8, the health management data flow for viewing by the medical institution includes:
the cooperative medical institution of the platform inputs the identification number of the health diagnosis and treatment data; the data access service acquires index information of the health diagnosis and treatment data from the alliance chain according to the data identification submitted by the user; inputting a private key by a cooperative medical institution of the platform; the data is decrypted to obtain index information, and the cooperative medical institution performs identity verification through the link to obtain health medical data; and the cooperative medical institution browses data.
As shown in fig. 9, the intelligent contract establishment flow includes: the cooperative medical institution inquires and retrieves the health diagnosis and treatment information meeting the conditions through keywords and description information according to needs, and inputs the health diagnosis and treatment data identification number requested to be checked after screening; calling an authorization contract of the alliance chain well according to the identification provided by the data inquiry party; the alliance chain establishes an intelligent contract related to a data access requester and an owner according to the received data access request, fills in requester information, adds information related to the data requester in the contract, including a data front face of the data requester, a record label with access health medical information, a shared user request state, expected spent time information and the like, and informs a data owner (enterprise user) of contract request; after receiving a request sent by a data request party, an enterprise user can see information of a corresponding doctor and decide whether to carry out health diagnosis and treatment data authorization, if so, the corresponding data request party is searched through a contract ID to establish contract information, the user identification of a data owner is verified, whether health medical information belongs to the data owner is verified, if so, a timestamp is set as the current time to prove that a contract is established, timing is started from the current time, the data owner can acquire private key information of corresponding content data through a password and an index of health diagnosis and treatment data in a distributed file system, the private key information is recorded into a private key, the authorization state of the data owner is modified to be access approval, and the contract is established successfully; the two parties need to fulfill corresponding contract information, the system transfers the token value to be consumed to the data owner from the data requester through the transfer mode of the token contract, when the data requester wants to acquire the health diagnosis and treatment information, the system acquires corresponding private key information through the contract, decrypts the detailed information of the health medical data through the private key information, acquires a corresponding path for storing the health medical data and a corresponding index address, and acquires the detailed information of the health diagnosis and treatment information; the contract authorization service returns a success message to the enterprise user and transfers the tokens.
As shown in fig. 10, the contract fulfillment specific process includes:
after a contract is established between a data owner and a data requester, the contract needs to be fulfilled, and the data requester needs to give feedback information within a specified time; the cooperative medical institution requesting to access the data transmits a medical service index and a contract identifier to the data access service, and the data access service transmits a query request to the union contract service; the contract service of the alliance chain inquires the information content of the contract through the contract identification and returns the contract content to the data access service; judging whether the appointed contract validity period is expired, if so, linking the medical service index by the data access service, returning deposit to the medical institution, ending the contract and deleting the contract; if the validity period is over, returning to the feedback overtime; after the contract is deleted, the enterprise user is prompted to have feedback information, and the public key and the private key are regenerated for encryption; the enterprise user checks the medical service index on the feedback chain through the health diagnosis and treatment data record, the enterprise user requests to check the feedback information, the data access service submits the link for checking the feedback information to the alliance chain, the alliance chain returns the link information, the data access service forwards the link information to the medical institution, the medical institution returns the feedback information details after completing the request verification, and the enterprise user browses the feedback information at the client.
In this embodiment, after the cooperative medical resources access platform, the platform integrates data of each cooperative partner, remote medical office and wearable device through a blockchain super account book, establishes a health file and electronic medical record main data view centering on a user, ensures authenticity and credibility of data storage, transmission and exchange, truly returns data ownership to the user, controls data authority by the user, prevents and controls privacy disclosure, optimizes user experience, and improves service quality of the remote medical platform.
An embodiment of the present invention provides a health management data sharing apparatus, as shown in a functional structure diagram of fig. 11, where the health management data sharing apparatus includes:
a building module 111, configured to build a health management alliance chain;
a storage module 112, configured to uniformly uplink and store health management data generated by users in different medical institutions;
and the establishing module 113 is used for establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
In this embodiment, a health management alliance chain is constructed through a construction module, a storage module uniformly links and stores health management data generated by users in different medical institutions, and an intelligent contract is established by the construction module, so that different medical institutions can access the health management data of the users after being authorized by the intelligent contract, doctors in different medical institutions can see the complete health management data of patients, and safe storage of user data and access control of user authorization can be realized.
An embodiment of the present invention provides a remote medical platform, as shown in a functional structure diagram of fig. 12, the remote medical platform includes:
the health management data sharing device 121, the user client 122, and the medical institution integration interface 123 as described in the above embodiments;
the user client 122 and the medical institution integration interface 123 are connected to the health management data sharing device, respectively.
As shown in fig. 13, the telemedicine platform includes:
the system comprises a distributed file system, a alliance chain, a health medical information encryption/decryption module, a key center, a data request module, a data access module, an authorization management module and a user registration management module, wherein the alliance chain comprises intelligent contracts, common identifications and accounting nodes. The intelligent contract comprises a user registration contract, a health care information storage contract and a agreement contract.
The user registration management is to distribute anonymous accounts for all the participants of the platform and write the anonymous accounts into the intelligent contracts. When the user registers, each user is allocated an anonymous identifier in the chain, the anonymous identifier is stored in the intelligent contract of the user registration, and when the user acquires data, the system accesses the system platform through the anonymous identifier. The process for anonymization of data primarily uses the SHA256 one-way encryption algorithm for anonymous identifier generation.
The health medical information encryption/decryption module is used for encrypting and decrypting health medical data of a user, all modules needing interaction between the user and a background alliance chain and a server and all modules needing to provide data for the user by the server need to process (encrypt and decrypt) information through a data processing module, the security of the data is ensured by storing a private key SK slice of the user through fragmentation storage, and the risk of key leakage when a single node is attacked is reduced.
The data request module is used for: the system can obtain the private key information of the user according to the processing of the intelligent contract so as to acquire the data.
The authorization management is used for authorizing the information sent by the information acquirer by accessing the system, acquiring the token value of the data acquirer and providing private key information to the data acquirer.
In the embodiment, the remote medical platform realizes the trusted sharing service of the health diagnosis and treatment information of the user by deploying the federation chain, establishes a cooperative relationship among a plurality of trusted nodes of the platform, the user, an internet medical service provider and the like, establishes reasonable access rights among cooperative applications, enterprises and employee users of each resident platform through an intelligent contract mechanism, provides a safe data interaction mode for different medical institutions and the federation chain, provides infrastructure for the platform, is responsible for data storage and operation of the federation chain, and manages the health medical information data of the partners and enterprise users accessing the platform by using the federation chain, so that private information can be controllably and safely used and shared on the federation chain.
It is understood that the same or similar parts in the above embodiments may be mutually referred to, and the same or similar parts in other embodiments may be referred to for the content which is not described in detail in some embodiments.
It should be noted that, in the description of the present application, the terms "first", "second", etc. are used for descriptive purposes only and are not to be construed as indicating or implying relative importance. Further, in the description of the present application, the meaning of "a plurality" means at least two unless otherwise specified.
Any process or method descriptions in flow charts or otherwise described herein may be understood as representing modules, segments, or portions of code which include one or more executable instructions for implementing specific logical functions or steps of the process, and the scope of the preferred embodiments of the present application includes other implementations in which functions may be executed out of order from that shown or discussed, including substantially concurrently or in reverse order, depending on the functionality involved, as would be understood by those reasonably skilled in the art of the present application.
It should be understood that portions of the present application may be implemented in hardware, software, firmware, or a combination thereof. In the above embodiments, the various steps or methods may be implemented in software or firmware stored in memory and executed by a suitable instruction execution system. For example, if implemented in hardware, as in another embodiment, any one or combination of the following techniques, which are known in the art, may be used: a discrete logic circuit having a logic gate circuit for implementing a logic function on a data signal, an application specific integrated circuit having an appropriate combinational logic gate circuit, a Programmable Gate Array (PGA), a Field Programmable Gate Array (FPGA), or the like.
It will be understood by those skilled in the art that all or part of the steps carried by the method for implementing the above embodiments may be implemented by hardware related to instructions of a program, which may be stored in a computer readable storage medium, and when the program is executed, the program includes one or a combination of the steps of the method embodiments.
In addition, functional units in the embodiments of the present application may be integrated into one processing module, or each unit may exist alone physically, or two or more units are integrated into one module. The integrated module can be realized in a hardware mode, and can also be realized in a software functional component mode. The integrated module, if implemented in the form of a software functional component and sold or used as a stand-alone product, may also be stored in a computer readable storage medium.
The storage medium mentioned above may be a read-only memory, a magnetic or optical disk, etc.
In the description herein, reference to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., means that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the application. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present application have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present application, and that variations, modifications, substitutions and alterations may be made to the above embodiments by those of ordinary skill in the art within the scope of the present application.
It should be noted that the present invention is not limited to the above-mentioned preferred embodiments, and those skilled in the art can obtain other products in various forms without departing from the spirit of the present invention, but any changes in shape or structure can be made within the scope of the present invention with the same or similar technical solutions as those of the present invention.
Claims (10)
1. A method of health management data sharing, comprising:
constructing a health management alliance chain;
uniformly linking and storing health management data generated by users in different medical institutions;
and establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
2. The method of claim 1, wherein the uniformly linking health management data generated by users in different medical institutions comprises:
carrying out asymmetric encryption on the health management data;
generating a user private key, and encrypting the user private key;
and performing uplink storage on the health management data after the asymmetric processing and the user private key after the encryption processing.
3. The health management data sharing method according to claim 2, wherein the encrypting the user private key comprises:
inputting a user private key into the distributed file system;
the distributed file system divides data of a user private key into pieces according to a preset threshold value, and randomly distributes each piece of data to different nodes;
and generating a file index according to the specific content of the user private key, and carrying out symmetric encryption processing on the file index.
4. The health management data sharing method according to claim 1, wherein the intelligent contract comprises:
registering contracts, health diagnosis and treatment data processing contracts and authorization contracts;
the registration contract is used for mapping the participant identification character string to an address identification of the health management alliance chain;
the health diagnosis and treatment data processing contract is used for defining a data pointer and an access right and identifying health medical records provided by each participant node;
and the authorization contract is used for enabling the participant node to inquire the health medical record in the health management alliance chain.
5. The health management data sharing method according to claim 1 or 4, further comprising:
and uploading the transaction generated by the intelligent contract to the chain through a consensus algorithm so as to realize data synchronization between the nodes on the health management alliance chain.
6. The health management data sharing method of claim 5, wherein the consensus algorithm comprises:
PBFT consensus algorithm.
7. The health management data sharing method according to claim 1, further comprising:
setting a server-side data interface;
and the server-side data interface is used for interconnecting with an external database.
8. The health management data sharing method according to any one of claims 1 to 4, wherein the health management data comprises:
patient complete visit records, physical examination data, and wearable medical device data.
9. A health management data sharing apparatus, comprising:
the building module is used for building a health management alliance chain;
the storage module is used for uniformly linking and storing the health management data generated by the user in different medical institutions;
and the establishing module is used for establishing an intelligent contract so that different medical institutions can access the health management data of the user after being authorized by the intelligent contract.
10. A telemedicine platform, comprising:
the health management data sharing device of claim 9, the user client, and the medical institution integration interface;
the user client and the medical institution integrated interface are respectively connected with the health management data sharing device.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110174855.6A CN112908440A (en) | 2021-02-07 | 2021-02-07 | Health management data sharing method and device and remote medical platform |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202110174855.6A CN112908440A (en) | 2021-02-07 | 2021-02-07 | Health management data sharing method and device and remote medical platform |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN112908440A true CN112908440A (en) | 2021-06-04 |
Family
ID=76122828
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202110174855.6A Pending CN112908440A (en) | 2021-02-07 | 2021-02-07 | Health management data sharing method and device and remote medical platform |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN112908440A (en) |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113488128A (en) * | 2021-07-28 | 2021-10-08 | 平安国际智慧城市科技股份有限公司 | Block chain-based electronic medical record retrieval method and device and related equipment |
| CN113572618A (en) * | 2021-08-10 | 2021-10-29 | 东北大学 | Fabric and IPFS combined decentralized storage system and data storage method thereof |
| CN114124392A (en) * | 2021-11-01 | 2022-03-01 | 广州大学 | Data controlled circulation method, system, device and medium supporting access control |
| CN116303447A (en) * | 2023-02-28 | 2023-06-23 | 北京北明数科信息技术有限公司 | Health information data management method and system |
| CN117675870A (en) * | 2024-01-31 | 2024-03-08 | 中国医学科学院北京协和医院 | Electronic medical record distributed sharing method and device based on blockchain |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150049163A1 (en) * | 2013-03-15 | 2015-02-19 | James Paul Smurro | Network system apparatus and method of use adapted for visual neural networking with multi-channel multiplexed streaming medical imagery and packetized clinical informatics |
| CN108629583A (en) * | 2018-04-16 | 2018-10-09 | 上海分赋信息科技有限公司 | Mapped system and correlation method of the digital asset on mapping chain are realized based on distributed computing technology |
| CN109326337A (en) * | 2018-09-06 | 2019-02-12 | 西安电子科技大学 | Electronic medical record storage and shared model and method based on block chain |
| CN109523040A (en) * | 2018-11-23 | 2019-03-26 | 南京荣链科技有限公司 | A kind of user equipment that protecting privacy reports method, server, system and medium for repairment |
| CN110995701A (en) * | 2019-12-02 | 2020-04-10 | 远光软件股份有限公司 | Block chain consensus method, system, electronic equipment and storage medium |
-
2021
- 2021-02-07 CN CN202110174855.6A patent/CN112908440A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150049163A1 (en) * | 2013-03-15 | 2015-02-19 | James Paul Smurro | Network system apparatus and method of use adapted for visual neural networking with multi-channel multiplexed streaming medical imagery and packetized clinical informatics |
| CN108629583A (en) * | 2018-04-16 | 2018-10-09 | 上海分赋信息科技有限公司 | Mapped system and correlation method of the digital asset on mapping chain are realized based on distributed computing technology |
| CN109326337A (en) * | 2018-09-06 | 2019-02-12 | 西安电子科技大学 | Electronic medical record storage and shared model and method based on block chain |
| CN109523040A (en) * | 2018-11-23 | 2019-03-26 | 南京荣链科技有限公司 | A kind of user equipment that protecting privacy reports method, server, system and medium for repairment |
| CN110995701A (en) * | 2019-12-02 | 2020-04-10 | 远光软件股份有限公司 | Block chain consensus method, system, electronic equipment and storage medium |
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113488128A (en) * | 2021-07-28 | 2021-10-08 | 平安国际智慧城市科技股份有限公司 | Block chain-based electronic medical record retrieval method and device and related equipment |
| CN113572618A (en) * | 2021-08-10 | 2021-10-29 | 东北大学 | Fabric and IPFS combined decentralized storage system and data storage method thereof |
| CN113572618B (en) * | 2021-08-10 | 2022-11-18 | 东北大学 | Fabric and IPFS combined decentralized storage system and data storage method thereof |
| CN114124392A (en) * | 2021-11-01 | 2022-03-01 | 广州大学 | Data controlled circulation method, system, device and medium supporting access control |
| CN116303447A (en) * | 2023-02-28 | 2023-06-23 | 北京北明数科信息技术有限公司 | Health information data management method and system |
| CN117675870A (en) * | 2024-01-31 | 2024-03-08 | 中国医学科学院北京协和医院 | Electronic medical record distributed sharing method and device based on blockchain |
| CN117675870B (en) * | 2024-01-31 | 2024-04-19 | 中国医学科学院北京协和医院 | Electronic medical record distributed sharing method and device based on blockchain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Sharma et al. | Blockchain technology for cloud storage: A systematic literature review | |
| De Oliveira et al. | Towards a blockchain-based secure electronic medical record for healthcare applications | |
| CN111448565B (en) | Data authorization based on decentralised identification | |
| US10735202B2 (en) | Anonymous consent and data sharing on a blockchain | |
| US20230087557A1 (en) | System for privacy protection during iot secure data sharing and method thereof | |
| US11422981B2 (en) | Information management and access control in a database | |
| CN112908440A (en) | Health management data sharing method and device and remote medical platform | |
| WO2021195249A1 (en) | Method, apparatus, and computer-readable medium for secured multi-lateral data exchange over a computer network | |
| AU2017225932A1 (en) | Systems and methods for distributed identity verification | |
| US20190238319A1 (en) | Rights management of content | |
| US20200035339A1 (en) | Blockchain security system for secure record access across multiple computer systems | |
| JP2023524659A (en) | Low-trust privileged access management | |
| US20230083642A1 (en) | Methods and systems for managing user data privacy | |
| US20220191047A1 (en) | Anonymity mechanisms in permissioned blockchain networks | |
| Abadi et al. | Anylog: a grand unification of the internet of things | |
| CN112908442A (en) | Medical data sharing method, device, equipment and computer readable medium | |
| Babu et al. | MediBlocks: secure exchanging of electronic health records (EHRs) using trust-based blockchain network with privacy concerns | |
| CN113271366B (en) | Data sharing system based on block chain and safety calculation | |
| US11374755B1 (en) | Entangled token structure for blockchain networks | |
| Amiri et al. | Separ: A privacy-preserving blockchain-based system for regulating multi-platform crowdworking environments | |
| Mittal et al. | A three-phase framework for secure storage and sharing of healthcare data based on blockchain, IPFS, proxy re-encryption and group communication | |
| Vinodhini et al. | A patient-centric doctor referral model based on hyperledger chaincode | |
| US7747850B1 (en) | Automated, internet-based secure digital certificate distribution and maintenance | |
| JP7337861B2 (en) | Computer-implemented system and method for off-chain exchange of transactions related to distributed ledgers | |
| Bigini et al. | Decentralized health data distribution: A dlt-based architecture for data protection |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |