CN115510492A

CN115510492A - Electronic medical record management system and method based on intelligent contracts

Info

Publication number: CN115510492A
Application number: CN202211242989.8A
Authority: CN
Inventors: 李志伟
Original assignee: Guangdong Qilian Technology Co ltd
Current assignee: Guangdong Qilian Technology Co ltd
Priority date: 2022-10-11
Filing date: 2022-10-11
Publication date: 2022-12-23

Abstract

The invention discloses an electronic medical record management system and method based on intelligent contracts, wherein the system comprises: a alliance chain among a plurality of medical institutions and an application server of each medical institution are constructed, the application server of each medical institution stores electronic medical record data of patients, an authority authentication contract, an account mapping contract, a plurality of medical record contracts, an agent inquiry contract and an agent updating contract are constructed on the alliance chain; the authority authentication contract detects whether a user account has authority to access a certain intelligent contract; adding and inquiring a mapping relation between a common account and an account address on a link on a coalition chain by an account mapping contract; the medical record contract corresponds to the electronic medical record data of the patient; inquiring historical medical record data of a patient by an agent inquiry contract; the agent updates the contract to update the electronic medical record data of the patient. The invention realizes the credible sharing of the electronic medical record data among a plurality of medical institutions, utilizes the contract code to carry out authority management, and effectively protects the privacy and the safety of users.

Description

Electronic medical record management system and method based on intelligent contracts

Technical Field

The invention relates to the technical field of block chains, in particular to an electronic medical record management system and method based on an intelligent contract.

Background

With the development and landing of the block chain technology, a large number of block chain applications are coming into various industries, including financial services, public services, internet of things and the like. Due to the traceability, non-tamper-ability and multi-party co-processing characteristics, the blockchain is often used for recording some key information, and solving the trust crisis in the society and the business.

In the current medical scene, most medical institutions adopt a centralized server to store electronic medical record data of patients, and the electronic medical record data can only be used by the medical institutions, so that data is difficult to share among different medical institutions, and doctors are not favorable for the patients to know the past medical history of the patients when the patients visit other medical institutions. In addition, when the centralized server fails, data is likely to be lost or cannot be recovered, and if the centralized server is attacked safely, the data is likely to be stolen or tampered, so that the source, authenticity and safety of the electronic medical record data are difficult to guarantee.

Some medical institutions also use blockchains to store medical data of users, but use blockchains as databases only, that is, the medical data are directly stored on the blockchains and are accessed by users through digital currency. The data stored in the way is dispersed, and data query and data update are difficult, so that the operation and maintenance of the system are not facilitated; meanwhile, the mode requires the user to store the secret key, once the secret key is lost, the user cannot access the secret key any more, and potential safety hazards exist.

Disclosure of Invention

The invention aims to provide an electronic medical record management system and method based on an intelligent contract, and aims to solve the technical problems that electronic medical record data of different medical institutions are difficult to share and potential safety hazards exist in the prior art.

The purpose of the invention can be realized by the following technical scheme:

an electronic medical record management system based on intelligent contracts, comprising:

the method comprises the steps that a alliance chain among a plurality of medical institutions and an application server of each medical institution are built, electronic medical record data of patients are stored in the application server of each medical institution, and an authority authentication contract, an account mapping contract, a plurality of medical record contracts, an agent inquiry contract and an agent updating contract are built on the alliance chain so as to inquire and update the electronic medical record data;

the authority authentication contract detects whether a user account has authority to access a certain intelligent contract or not, wherein the user account comprises a management account, an editing account and a common account;

the account mapping contract adds mapping and inquires mapping by using a management account, wherein the mapping is the corresponding relation between a common account on each medical institution application server and an account address on a link on a alliance chain;

the medical record contract corresponds to electronic medical record data of a patient so as to query and update the electronic medical record data;

the agent inquiry contract inquires the historical medical record data of the patient by using the user account;

the agent update contract updates the patient's electronic medical record data using the administrative account or the editing account.

Optionally, the right authentication contract includes:

the management authority variable, the editing authority variable and the candidate authority variable respectively store a management account address, an editing account address and a candidate account address;

the management account address is an address corresponding to a management account with management authority, the editing account address is an address corresponding to an editing account with editing authority, and the candidate account address is an address corresponding to a candidate account with increased management account authority.

Optionally, the right authentication contract further includes:

an authority checking function, a management account increasing function and an editing account increasing function;

the authority check function detects the authority of the user account, if the authority is the management authority or the editing authority, the result is true, otherwise, the result is false;

the management account adding function adds a management account according to a preset management account adding condition;

and the editing account adding function detects whether the transaction initiator is a management account, if so, the editing account is added, and if not, the transaction initiator exits.

Optionally, the medical record contract at least comprises:

a medical record query function and a medical record update function;

the medical record query function calls the authority check function, if the result is true, the electronic medical record data of the patient is queried, and the electronic medical record data are arranged in a reverse order according to the medical record updating time;

and the medical record updating function calls the permission checking function, and if the result is true, the electronic medical record data of the patient is updated.

Optionally, each medical institution corresponds to a principal account address on the federation chain, and the account mapping contract includes:

a mapping addition function and a mapping query function;

the mapping adding function calls the permission checking function when a patient logs in an application server of each medical institution for the first time by using a common account, and if the result is true, the medical institution uses a main account address to establish a corresponding on-chain account address for the common account on the alliance chain;

and the mapping query function calls the permission check function to detect whether the user account has corresponding permission, and if the result is true, the mapping query function returns the linked account address and the medical record contract address of the patient.

Optionally, the medical record contract at least includes a medical record query function, and the querying the medical record contract by using the user account to query the historical medical record data of the patient includes:

utilizing a management account or an editing account to execute an agent inquiry contract to inquire the electronic medical record data of the patient and obtain the historical medical record data of the patient;

or calling a medical record query function in the medical record contract by using the linked account address corresponding to the common account to acquire the historical medical record data of the patient.

Optionally, the agent query contract includes an execution query function, and executing the agent query contract using the management account or the editing account to query the electronic medical record data of the patient includes:

the method comprises the following steps of inquiring the electronic medical record data of a patient by using an execution inquiry function in a management account or editing account execution agent inquiry contract, wherein the specific process comprises the following steps:

calling the mapping query function to obtain a medical record contract address of the patient;

and calling a medical record query function in the corresponding medical record contract according to the medical record contract address to query the electronic medical record data of the patient, so as to obtain the historical medical record data of the patient.

Optionally, the performing an update function is included in the agent update contract, and the updating the electronic medical record data of the patient by the agent update contract using the management account or the editing account includes:

updating the electronic medical record data of the patient by utilizing the execution inquiry function in the management account or the editing account execution agent update contract, and the specific process comprises the following steps:

and calling a medical record updating function in the corresponding medical record contract according to the medical record contract address to update the electronic medical record data of the patient.

The invention also provides an electronic medical record management method based on the intelligent contract, which comprises the following steps:

building a federation chain among a plurality of medical institutions;

storing the electronic medical record data of the patients of the medical institutions on the application server of the medical institutions;

establishing an authority authentication contract, an account mapping contract, a plurality of medical record contracts, an agent inquiry contract and an agent updating contract on the alliance chain so as to inquire and update the electronic medical record data;

the authority authentication contract detects whether a user account has authority to access a certain intelligent contract, wherein the user account comprises a management account, an editing account and a common account;

the account mapping contract adds mapping and inquires mapping by using a management account, wherein the mapping is the corresponding relation between a common account on each medical institution application server and an account address on a alliance chain;

Optionally, the right authentication contract includes:

the management account address is an address corresponding to a management account with management authority, the editing account address is an address corresponding to an editing account with editing authority, and the candidate account address has an address corresponding to a candidate account with increased management account authority.

The invention provides an electronic medical record management system and method based on intelligent contracts, wherein the system comprises: the method comprises the steps that a alliance chain among a plurality of medical institutions and an application server of each medical institution are built, electronic medical record data of patients are stored in the application server of each medical institution, and an authority authentication contract, an account mapping contract, a plurality of medical record contracts, an agent inquiry contract and an agent updating contract are built on the alliance chain so as to inquire and update the electronic medical record data; the authority authentication contract detects whether a user account has authority to access a certain intelligent contract or not, wherein the user account comprises a management account, an editing account and a common account; the account mapping contract adds mapping and inquires mapping by using a management account, wherein the mapping is the corresponding relation between a common account on each medical institution application server and an account address on a link on a alliance chain; the medical record contract corresponds to electronic medical record data of a patient so as to query and update the electronic medical record data; the agent inquiry contract inquires the historical medical record data of the patient by using the user account; the agent update contract updates the patient's electronic medical record data using the administrative account or the editing account.

Therefore, the invention has the advantages that:

according to the electronic medical record management system provided by the invention, the alliance chain is constructed among a plurality of medical institutions, the alliance chain can be easily accessed into the existing application programs of the medical institutions, a user does not need to download more application programs, the user experience is greatly optimized, the advantages of the block chain can be fully exerted, the electronic medical record data can be truthfully shared among the plurality of medical institutions, and the medical record data is guaranteed to be difficult to tamper, traceable and safe. Meanwhile, the invention adopts the intelligent contract to manage the electronic medical record, utilizes the characteristics of the intelligent contract to carry out authority management by using the code, ensures that the medical record privacy of the user can not be accessed by people except medical institutions and the user, and effectively protects the privacy security of the user.

Drawings

FIG. 1 is a schematic diagram of the system of the present invention;

FIG. 2 is a schematic diagram of the operation of an embodiment of the system of the present invention;

FIG. 3 is a system block diagram of an embodiment of the system of the present invention;

FIG. 4 is a schematic flow chart of the method of the present invention.

Detailed Description

Interpretation of terms:

block chains: the block chain is a data storage mode, the hash value of the last block is stored in each block, and a distributed storage mode is adopted, so that the data on the block chain is guaranteed to be not falsified, and in addition, the data on the block chain has the characteristics of non-destructibility, anonymity and traceability.

Federation chain: one of the blockchains is accessible only to members of a particular group and to limited third parties.

Intelligent contract: the intelligent contracts are a big characteristic of the block chain 2.0 era, and can be operated to complete predefined behaviors including transferring accounts, making decisions, interacting with other intelligent contracts and the like when certain conditions are met by storing codes in the block chain and being incapable of being tampered once deployed. Based on the characteristics of the blockchain, the results of the running of the intelligent contract are run by a large number of computers and verified to ensure trustworthiness.

External accounts: the blockchain with intelligent contracts includes external accounts and contract accounts. The external account is also called a common account and is controlled by a private key, and one can realize the transmission of a message from one external account by creating and signing a transaction, and the transaction transmitted between the external accounts is also called an external transaction.

Contract account: the contract account is controlled by code, and whenever the contract account receives a message, its internal code is activated, allowing it to read and write to internal storage, and in turn send other messages or create contracts. When the transaction involves a contract (internal) account, it is referred to as an internal transaction, in which case a transaction may be a transfer, correspond to a certain amount of input, call a function of the contract to trigger multiple internal transactions, or both.

The embodiment of the invention provides an electronic medical record management system and method based on an intelligent contract, and aims to solve the technical problems that electronic medical record data of different medical institutions are difficult to share and potential safety hazards exist in the prior art.

To facilitate an understanding of the invention, the invention will now be described more fully with reference to the accompanying drawings. Preferred embodiments of the present invention are shown in the drawings. This invention may, however, be embodied in many different forms and should not be construed as limited to the embodiments set forth herein. Rather, these embodiments are provided so that this disclosure will be thorough and complete.

Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.

The invention provides an electronic medical record management system and method based on an intelligent contract, which can be easily accessed into the existing application programs of medical institutions, a user does not need to download more application programs and locally store own secret keys, the user experience is greatly optimized, the advantages of a block chain can be fully exerted, the medical record can be truthfully shared among multiple medical institutions, the medical record data is guaranteed to be difficult to tamper, traceable and safe, and the privacy of the user is effectively protected through authority management.

Referring to fig. 1, an embodiment of an electronic medical record management system based on an intelligent contract according to the present invention includes:

establishing a alliance chain among a plurality of medical institutions and an application server of each medical institution, wherein electronic medical record data of a patient are stored on the application server of each medical institution, and an authority authentication contract, an account mapping contract, a plurality of medical record contracts, an agent inquiry contract and an agent updating contract are established on the alliance chain so as to inquire and update the electronic medical record data;

Referring to fig. 2, in the electronic medical record management system based on an intelligent contract provided in this embodiment, a federation chain needs to be established among a plurality of medical institutions. A plurality of medical institutions (main bodies) jointly sign a cooperation protocol, an existing open source block chain project Hyperledger Fabric is utilized to build a alliance chain, the alliance chain is deployed on an application server (namely, a server where an application program is located) of each medical institution, the application server of each medical institution in the alliance chain is allowed to access the alliance chain, and each medical institution obtains a main body account in the alliance chain, namely, a main body account address on the alliance chain corresponding to each medical institution. When a new main body needs to join the alliance chain, a cooperation agreement is required to be signed with at least one main body in the current alliance chain, and the access permission of the alliance chain is obtained, so that the main body can join the alliance chain; after a new principal joins the federation chain, the principal also obtains a principal account on the federation chain, and the principal corresponds to a principal account address on the federation chain.

In this embodiment, in order to ensure the security of data, the system only allows all application servers or IP addresses of each medical institution in the federation chain to access (i.e., the bottom layer of the federation chain), so that access to the federation chain needs to be performed only in the internal network of each medical institution in the federation chain; otherwise, the external user needs to log in the application server of each medical institution before accessing the alliance chain. Therefore, the system provided by the embodiment designs the following architecture: the system can be used only after a user logs in an application server of each medical institution in an alliance chain, and two schemes are provided during construction:

the first one is a subsystem of the original application program of the medical institution, that is, the user still needs to log in the original application program, after logging in, the interaction between the user and the alliance chain is completed by the proxy of the original application server, that is, the user sends a message to the application server first, and then the application server is used for calling the alliance chain;

the second one is that each medical institution designs an application program with a login system, which is only used for managing the electronic medical record data of the patient (such as the electronic medical record management system), and after the user logs in the electronic medical record management system, the interaction between the user and the alliance chain is completed through an application server agent where the electronic medical record management system is located. This minimizes the hardware and software resources required locally by the user, and for the application servers of each medical institution, the operations performed by the application servers are substantially identical to those performed previously (searching for data, returning data to the user), and the servers are not significantly burdened.

Referring to fig. 3, the system provided in this embodiment mainly includes a bottom control module, an authority authentication module, an account mapping module, a medical record creating module, a medical record querying module, and a medical record updating module from the system architecture.

The system provided by the embodiment has the main functions realized by intelligent contracts on the alliance chain, and mainly comprises an authority authentication contract, an account mapping contract, a plurality of medical record contracts, an agent inquiry contract and an agent update contract.

(1) Bottom layer control module

The bottom layer control module is mainly used for ensuring the authority of creating the account address and tracing the condition of each transaction when tracing is needed.

The alliance chain bottom layer of the system provides limitation for creating accounts and inquiring data, and management accounts with management authority are needed for creating user accounts and updating data to be executed so as to ensure data security. The alliance chain provides a query interface for managing transaction conditions on the account query chain, where the transaction refers to a broad transaction, that is, information sent by a user account address to the blockchain, and may be for creating an intelligent contract or a function call, and the like, and the query result is in the form of (address of a transaction sender, address of a transaction receiver, and transaction content). The bottom layer query interface is used as a part of the block chain, and can directly access the variable in the authority authentication contract corresponding to the authority authentication module, so as to determine whether the user account is a management account.

It should be noted that the user accounts in the present embodiment include a contract account (internal account) and a general account (external account), and each user account has a corresponding account address. All intelligent contracts are contract accounts, and the management account and the editing account belong to the contract accounts.

(2) Authority authentication module

The authority authentication module is used for detecting whether a user account (caller) has authority to access a variable value in a certain intelligent contract or can call a certain function in the intelligent contract. The authority Authentication module is realized by an authority Authentication Contract, which is abbreviated as AC (Authentication Contract). The authority authentication contract is automatically created by the system at the time of federation chain deployment.

Specifically, the authority authentication contract includes three storage variables for storing contract account addresses with different authority types, and the variable types are all lists (sets): a) A management authority variable for holding a management account address having all authority (management authority); b) The editing authority variable is used for storing an editing account address with editing authority; c) And the candidate permission variable is used for storing the candidate account address and the number of times of approval, each element is in the format of (the candidate account address and the number of times of approval), and the candidate account has the permission for increasing the management account.

Essentially, any user account may send a transaction to the smart contract, and thus, in this embodiment, only the user account may have authority control in the code of the smart contract.

Specifically, the authority authentication contract further includes the following functions:

a) Permission checking function: checking the transmitted parameters, and judging whether the account address has corresponding authority, wherein the parameters are [ account address, authority type ], and the authority type comprises management authority and editing authority. And the permission check function checks whether the account address is located in the corresponding account variable, if so, the true is returned, and otherwise, the false is returned. If the authority type of a certain user account is the editing authority, but the account address is in the list of the management authority variables, the true is still returned.

b) Manage account add function: an account address is added to the management authority variable, and the parameter is [ account address ]. The conditions for the administrative account add function to convert the new user account to an administrative account are: agreement is required by a preset number (e.g., a fixed value N) of management accounts, or by a management account satisfying a preset proportion of the total amount of current management accounts. For example, if the preset ratio is 1/3, more than 1/3 of all the management accounts will be approved.

The specific process of adding the management account comprises the following steps:

<1> the management account sends a transaction to the authority authentication contract and calls a management account adding function;

executing a management account adding function, judging whether a transaction initiator has a management authority, and stopping executing if the transaction initiator does not have the management authority; if not, judging whether the incoming parameters, namely the account addresses, are management accounts or not, if not, adding the incoming account addresses into a list of candidate authority variables, namely, taking the incoming account addresses as candidate account addresses, and increasing the value of the approval times in the candidate accounts by 1;

and <3> judging whether the incoming account address meets the condition of converting the new user account into the management account, if so, adding the incoming parameter, namely the account address, into the list of the management authority variables, and removing the account address from the list of the candidate authority variables.

It should be noted that the intelligent contract in the blockchain is a special account, and has more codes than a common account, and the account can call the corresponding code (function) in the intelligent contract account by initiating a transaction. That is, the <1> step is only one action that initiates (calls) the execution of the function, and is ignored in describing the specific function action. Since the smart contract is also an account (if the account has an address of the account in the chain), it contains the code, but it is not managed by the private key and can only be restricted by the code. Transactions may also be sent to the contract account to transfer or call functions.

c) Editing an account addition function: and adding an account address in the editing authority variable, wherein the parameter is [ account address ]. The specific process of adding the editing account comprises the following steps:

<1> the management account sends a transaction to the authority authentication contract and calls an editing account adding function;

<2> executing an editing account adding function, checking whether the transaction initiator is a management account, and if not, quitting; and if so, adding the incoming account address into the list of the editing authority variable, and returning the account address.

(3) Account mapping module

The account mapping module connects the federation chain up and down. In order to ensure that data on the federation chain cannot be stolen by an external malicious user, the federation chain needs to be called through an account mapping module, which is equivalent to an interface for a medical institution to interact with the federation chain. The on-chain account address on the alliance chain is a string of binary codes, and the account mapping module maps common accounts (external accounts) of the user in each medical institution application server to the on-chain account address on the alliance chain, so that the user does not need to store the string of binary codes. The account mapping module is realized by an authentication program on each medical institution application server and an account mapping contract MC (mapping contract) on one federation chain, which is automatically created when the federation chain is deployed, and which can only be called by the management account.

In the blockchain system, a user initiates a transaction and needs to sign transaction contents, which requires the use of the private key of the user. In order to make the user not need to separately store the private key, the embodiment stores the encrypted private key in the federation chain, and the method is as follows: when a user registers (logs in for the first time) in each medical institution in the alliance chain, an independent password needs to be input, the system encrypts a private key according to the independent password, in a preferred embodiment, the encryption mode is symmetric encryption (namely, the encryption and decryption need to use the same key), DES, RC5 and the like can be adopted, and then the encrypted private key is stored in an account mapping contract. After the user logs in and obtains the encrypted private key, the user is prompted to input an independent password, and then the real private key is decoded according to the independent password.

The account mapping contract MC includes a set variable, and records (user identity information, linked account address, medical record contract address, encrypted private key) data in format, and theoretically, other attributes can be queried through any one of the attributes, but generally, the first attribute is used for querying the other attributes. The identity information of the user is generally referred to herein as an identity card, but may be any other unique certificate, i.e., the same at each medical institution, such as a social security card or the like. In order to avoid the problem that the medical staff may be the patient at the same time, the first attribute is changed from the ID card to the employee card number for the medical staff.

The account mapping contract MC comprises two functions, namely a mapping addition function and a mapping query function, wherein the two functions can be only called by a management account, and the specific process is as follows:

<1> the user logs in to the medical institution's application (e.g., mobile app, web page, or applet) by means of username encryption code, or WeChat authentication, etc. It is noted that the user here may be a patient or a medical staff. Here, the user is to distinguish the user from the account, and the explanation is that the user corresponds to an actual person one by one, and the account (or the account address) is emphasized to operate on a chain.

And 2, when the user registers for the first time or uses the medical record management function, the medical institution uses the main account on the alliance chain to create a chain account on the alliance chain for the user, the chain account has a corresponding chain account address, generates a corresponding private key, requires the user to input an independent password for electronic medical record management, encrypts the generated private key according to the independent password, and calls a mapping adding function of an MC contract, wherein the function firstly calls an authority checking function in the AC contract, and the parameter value is [ the account address of a transaction sender, the management authority ], and if true, the information of the user is added into the set variable according to the record format.

And 3, according to the user name and the independent password of the user, the application program of the medical institution accesses the alliance chain and calls a mapping query function in the MC contract, the function firstly calls an authority check function of the AC contract, parameters are [ the account address of a transaction sender, the management authority ], if true, the account address and the medical record contract address of the user on the alliance chain are obtained through the identity card information of the user, the encrypted private key is decoded by the independent password to obtain the private key, and then the private key is stored in the application program of the medical institution. That is, after the user logs in the application program of the medical institution, the on-chain account address and the medical record contract address of the user on the alliance chain are already stored in the application program of the medical institution.

After that, the user can use the on-chain account address to access the alliance chain through the application program of the medical institution to inquire the medical record data of the user.

It is worth to be noted that the electronic medical record management system based on the intelligent contract provided by the invention can be regarded as a component and a bottom layer part of the whole medical institution application program APP and is used for realizing the management of the electronic medical record, and the system can be realized by other application parts of the medical institution, but is not focused. The system can be well combined with the APP of the existing medical institution through the account mapping module.

It should be noted that, when there is no special requirement, only one permission authentication contract and one account mapping contract are needed in the federation chain, that is, only one permission authentication contract and one account mapping contract are needed in general. The special requirements are as follows: 1) The medical institution needs another set of identity authority management, namely, the authority of the account is different under different conditions; 2) Medical institutions need to create different medical durations than general electronic medical records, i.e., one patient may need two medical records.

(4) Medical record creation module

Electronic medical records of patients are initialized, and one electronic medical record corresponds to one intelligent contract and can only be created by a management account.

When a patient (non-healthcare and administrator) account is first registered with a medical facility in the federation chain, the system initiates a transaction and creates and initializes a medical Record Contract (Record Contract), which may be multiple but each with different parameters.

Specifically, the medical record contract contains the following variables:

a) Creating an account address: recording which medical institution is created, namely, recording the main account address of the medical institution creating the medical record contract on the alliance chain;

b) Patient account address: recording the chain account address of the patient corresponding to the contract on the alliance chain;

c) Medical record creation time: recording the time of first creation of a medical record contract;

d) And (3) updating time of medical records: recording the latest updating time of the medical record contract;

e) The agent queries the contract address: a list recording addresses of agent query contracts on the federation chain;

f) The agent updates the contract address: a list that records the addresses of agent update contracts on the federation chain;

g) History medical record data: and the list is used for recording the electronic medical record data uploaded each time.

When a medical record contract is created for the first time, initializing the content of a-d according to the actual situation, and thus, the medical record contract corresponding to a specific patient appears on the alliance chain.

Specifically, the medical record contract further comprises four functions, namely a medical record query function, a medical record update function, an agent query contract address update function and an agent update contract address update function.

Wherein, a) the medical record query function is used for querying data in medical record contracts, and the specific process is as follows:

<1> checking whether the transaction initiation address is a value in a contract address variable queried by an agent, or managing/editing an account (the step invokes an authority query function of an AC contract), or a common account of a patient, if yes, entering the next step, and if not, exiting;

<2> updating time reverse-order arrangement historical medical record data according to medical records;

<3> return data to the transaction initiating client.

b) The medical record updating function and the parameter [ medical record data ] are used for updating data in the medical record contract, and the specific process is as follows:

<1> checking whether the transaction initiation address is a value in an agent update contract address variable or a management/editing account (the step invokes an authority check function of the AC contract), if yes, entering the next step, and if not, exiting the function;

<2> add [ medical record data ] to the historical medical record data and return success.

c) The agent inquires contract address updating function, parameter [ new agent inquires contract address list ], the concrete process is:

<1> checking whether the transaction initiator is a management account (the step calls an authority inquiry function of an AC contract), if so, entering the next step, and if not, exiting;

<2> replace the original agent query contract address with [ list of new agent query contract addresses ] and return success.

d) The agent updates the contract address updating function, and the parameter [ the new agent updates the contract address list ], comprises the following specific processes:

<1> checking whether the transaction initiator is a management account (the step calls an authority checking function of an AC contract), if so, entering the next step, and if not, exiting;

<2> replace the original agent update contract address with [ new agent update contract address list ] and return success.

It is worth to be noted that, in consideration of the situation that the medical staff can directly modify the medical record contract, whether the medical record contract is a management/editing account is determined to be added to the medical record inquiry contract and the medical record updating contract. If the agent mode is adopted completely, whether the account is managed/edited or not does not need to be judged.

It should be noted that a medical record contract is a contract account, and a contract account can be created by initiating a transaction to an empty address (or all 0 addresses), and the address of the contract account, i.e., the medical record contract address, is obtained. A medical record contract address is essentially a series of hexadecimal data representing its address in the federation chain, from which transactions can be sent to the medical record contract to invoke functions in the medical record contract.

(5) Medical record query module

The system is used for inquiring the electronic medical record data, arranging and returning the inquiry results in a reverse order according to the updating time of the medical record, and can be carried out by an agent inquiry contract (used by medical institutions and medical personnel) or directly inquired (used by patients). The two modes of medical record inquiry are as follows:

the first approach is similar to medical record updates, which are performed by proxy query contracts. Can only be used by accounts with administrative and editing rights. The Proxy Query Contract PQC (Proxy Query Contract) has a function called an execution Query function and parameters of [ user identity information, electronic medical record data ].

And <1> calling a mapping query function in the MC contract of the user mapping module, wherein the parameter is [ user information ], and obtaining a medical record contract address of the user.

And <2> calling a medical record query function in the medical record contract corresponding to the account address on the user chain, and returning a query result.

Second, a user (patient) directly initiates a transaction to a medical record contract address to call a medical record query function in a medical record contract. According to the related content of the account mapping module, after the user logs in an application program APP of a medical institution, the user's link account address and medical record contract address are already recorded in the user's application program, so that the user can directly use the own link account address to initiate a transaction to a medical record contract and call a medical record query function in the medical record contract, thereby obtaining own medical record data.

(6) Medical record updating module

Updating the electronic medical record data of the patient, that is, updating the on-chain medical record Contract corresponding to the patient, is completed by a Proxy Update Contract (PUC). The agent update contract can only be called by an account with management and editing authority, namely, the medical record contract of the patient can only be updated by the management account and the editing account.

Specifically, the agent update contract PUC has a function called an execution update function, and parameters are [ identity information of the user, electronic medical record data ].

The doctor logs in the application program of the medical institution, after editing the electronic medical record of the patient, clicks to submit, sends a transaction to the agent updating contract by the editing account of the doctor, and calls the execution updating function in the PUC contract.

Executing the update function performs the following two steps:

and (1) calling a mapping query function in the MC contract of the account mapping module, wherein the parameter is [ user information ], and obtaining the medical record contract address of the patient.

And <2> calling a medical record updating function in the medical record contract corresponding to the medical record contract address, wherein the parameter is [ medical record data ], updating the medical record contract is realized, and an updating result is returned.

The electronic medical record management system based on the intelligent contract is an electronic medical record management system based on a block chain and an intelligent contract, an alliance chain is constructed among a plurality of medical institutions, electronic medical record data of patients are stored in application servers of all the medical institutions, common accounts of the patients are mapped into an account address on one chain of the alliance chain through an account mapping contract, a corresponding medical record contract is created for the electronic medical record of each patient, the electronic medical record is inquired and updated by utilizing agent contract inquiry and agent update contracts, and the credible sharing of the electronic medical record data among the medical institutions can be realized on the premise of ensuring the safety; meanwhile, the traceability and difficult tampering of the electronic medical record data each time are ensured, and the problem of data loss can be effectively avoided; the system can also be conveniently integrated with the existing APP of the medical institution, the development and operation cost is reduced, and better use experience can be brought to the user.

The electronic medical record management system based on the intelligent contract provided by the embodiment has the following advantages:

(1) The advantages of the blockchain can be exerted, data intercommunication among a plurality of medical institutions is realized under the condition of protecting data security, all records of medical record change of a patient can be obtained through each transaction information recorded by the blockchain, and the medical record is traceable and difficult to tamper; meanwhile, when information of a certain organization is lost, the distributed storage mode also ensures that data can still be recovered.

(2) In this embodiment, the account mapping module is used to link uplink and downlink information of the link of the alliance chain, so that the alliance chain can be well combined with the existing scheme, and the existing medical institution can integrate without modifying the APP of the institution on a large scale. Of course, the scheme can also be implemented independently as a system. In addition, in the mode, the user does not need to store the private key on own equipment, and the trouble caused by the loss of the private key is avoided.

(3) According to the embodiment, the electronic medical records are managed by adopting the intelligent contract, and the characteristics of the intelligent contract are utilized, so that the medical record privacy of the user can not be accessed by people except medical institutions and the user by using the codes, and the privacy safety of the user is effectively protected. In addition, the medical records are managed through the intelligent contracts, and compared with the method that the medical record information is directly put on a chain according to the maturity sequence, the medical record data can be acquired more quickly.

(4) The embodiment provides a scheme of authority management, namely, intelligent contracts are utilized for management, 1/3 of subjects in a alliance chain are ensured to agree to obtain the authority through voting, and malicious artificial authority modification is avoided.

Referring to fig. 4, the present invention further provides an embodiment of an electronic medical record management method based on an intelligent contract, including:

building a federation chain among a plurality of medical institutions;

In a preferred embodiment, the right authentication contract comprises:

According to the electronic medical record management method based on the intelligent contract, the alliance chain is constructed among a plurality of medical institutions, the alliance chain can be easily accessed into the existing application programs of the medical institutions, a user does not need to download more application programs, user experience is greatly optimized, the advantages of the block chain can be fully played, the electronic medical record data can be truthfully shared among the medical institutions, and the fact that the medical record data are difficult to tamper, can be traced and is safe is guaranteed. Meanwhile, the invention adopts the intelligent contract to manage the electronic medical record, utilizes the characteristics of the intelligent contract to carry out authority management by using the code, ensures that the medical record privacy of the user can not be accessed by people except medical institutions and the user, and effectively protects the privacy security of the user.

In the electronic medical record management system based on the intelligent contract provided by this embodiment, because each system module can be called many times and there is no absolutely fixed use method, one possible use process is as follows:

<1> (basic construction) N medical institutions utilize the existing application to build a alliance chain for managing electronic medical record data, a self application server is allowed to access the alliance chain, each medical institution has a certain management account on the alliance chain, and meanwhile, medical staff are provided with corresponding editing accounts with editing authorities.

<2> (creation process) xiao Li comes to a medical institution in the alliance chain, firstly, the medical institution registers personal identity on the APP of the medical institution, after the registration, the system can automatically and randomly create an account address on the chain for the medical institution, generate a corresponding private key and require a small Li Shuru independent password, encrypt the generated private key according to the independent password to obtain an encrypted private key, and initiate a transaction to the alliance chain by using a main account of the medical institution. The transaction needs to complete the following two operations, 1) a medical record contract belonging to xiao Li is created on a alliance chain, the contract initial variable value is [ the main account address of the medical institution, the xiao Li account address on the alliance chain, the medical record creation time is the current time, and the medical record updating time is the current time ], and the medical record contract address corresponding to the medical record contract is obtained; 2) And calling an update function of the account mapping contract, wherein parameters are (xiao Li identity information, xiao Li chain account address, medical record contract address and encrypted private key), and updating xiao Li electronic medical record information in the alliance chain.

<3> (next is a use case) little Li Denglu medical institution's application APP and input independent password, at this moment system management account address sends a transaction to the account mapping contract on the alliance chain, calls the mapping query function of the MC contract, obtains xiao Li's chain account address and medical record contract address, and returns to medical institution's application APP system. Thereafter, the small Li Fangwen federation chains will all use their own on-chain account address. It is worth noting that similar is true for other account management.

<4> xiao Li visit to the department of the medical facility, doctor a wants to know the past medical history of xiao Li, at which time he clicks on the medical records query, and the system performs the following:

the edit account of doctor A is used to send a transaction to agent inquiry contract PQC to obtain xiao Li historical medical record data.

<5> xiao Li completed the basic medical procedure, and doctor a writes the content of the medical record and then clicks to submit. At this time, the system sends a transaction to the agent update contract PUC according to the editing account address of doctor A, the agent update contract is executed according to the scheduled operation, and the medical record update function in the medical record contract is called to update the electronic medical record data of the patient.

<6> small Li Xiangyao inquires own medical record information, and in an application program APP of a medical institution, the medical record information sends a transaction to own medical record contract by using own on-link account address, and a medical record inquiry function in the medical record contract is called to check own nearest medical record.

It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.

In the embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other ways. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.

The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.

In addition, functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.

The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present invention may be embodied in the form of a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

The above examples are only intended to illustrate the technical solution of the present invention, but not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims

1. An electronic medical record management system based on intelligent contracts is characterized by comprising:

2. The intelligent contract-based electronic medical record management system according to claim 1, wherein the authority authentication contract comprises:

3. The system of claim 1, wherein the rights-certified contract further comprises:

4. The intelligent contract-based electronic medical record management system according to claim 3, wherein the medical record contracts include at least:

a medical record query function and a medical record update function;

the medical record query function calls the authority check function, if the result is true, the electronic medical record data of the patient are queried, and the electronic medical record data are arranged in a reverse order according to the medical record updating time;

5. The system of claim 3, wherein each of the medical institutions corresponds to a principal account address in the federation chain, and the account mapping contract comprises:

a mapping addition function and a mapping query function;

6. The intelligent contract-based electronic medical record management system according to claim 5, wherein the medical record contract at least comprises a medical record query function, and the agent query contract queries the patient's historical medical record data by using the user account comprises:

7. The intelligent contract-based electronic medical record management system according to claim 6, wherein the agent query contract comprises an execution query function, and the executing the agent query contract with the management account or the editing account to query the electronic medical record data of the patient comprises:

the method comprises the following steps of inquiring the electronic medical record data of a patient by using an execution inquiry function in a management account or an editing account execution agent inquiry contract, wherein the specific process comprises the following steps:

8. The intelligent contract-based electronic medical record management system according to any one of claims 3-7, wherein the agent update contract comprises an execute update function, and the agent update contract updates the electronic medical record data of the patient using the management account or the editing account comprises:

updating electronic medical record data of a patient by using an execution inquiry function in a management account or editing account execution agent updating contract, wherein the specific process comprises the following steps:

9. An electronic medical record management method based on intelligent contracts is characterized by comprising the following steps:

building a federation chain among a plurality of medical institutions;

storing the electronic medical record data of the patients of each medical institution on an application server of each medical institution;

10. The electronic medical record management method based on the intelligent contract as claimed in claim 9, wherein the authority authentication contract comprises: