KR102636860B1 - Authentication and interlocking system and method of digital therapeutic app using one-time code - Google Patents

Abstract

The present invention provides an interface module that provides an interface for providing at least one service among digital treatment prescription information exchange, digital treatment information exchange, digital treatment use result information exchange, and authentication to a medical institution system and a digital treatment server; An authentication module that performs at least one of authentication for the medical institution system and the digital treatment server, identity authentication for the patient's consent to provide information, and digital treatment user authentication; And processing the patient information, digital treatment prescription information, and prescribed digital treatment use result information received from the medical institution system and the digital treatment server and storing them as digital treatment prescription data, and providing the digital treatment prescription data according to the service request. and a data management module, wherein the data management module exchanges the digital treatment prescription data with the digital treatment server using a DTx one-time code that can identify prescription information for the digital treatment prescribed to the patient. This relates to a digital therapeutics App authentication/linking system and method using a one-time code.

Description

Digital therapeutic app authentication/linking system and method using one-time code {AUTHENTICATION AND INTERLOCKING SYSTEM AND METHOD OF DIGITAL THERAPEUTIC APP USING ONE-TIME CODE}

The present invention provides an environment in which digital treatment prescription linkage and mutual data exchange according to standard protocols are possible for smooth prescription and medical data linkage between medical institutions and medical service companies following various regulations, and digital treatment prescriptions between medical institutions and digital treatment companies. and securely exchange medical data using minimal patient information with patient consent, and provide digital therapeutics to patients by generating a one-time code to identify the patient and authenticate the digital therapeutic delivered to the patient. , It relates to a digital treatment App authentication/linking system and method using a one-time code to exchange prescription data.

Digital therapeutics are software or digital devices that have the same clinical effectiveness as drugs for the prevention and treatment of medical disorders or diseases. As technology advances, new efficient medical services become possible, and as digital healthcare becomes more prominent, it goes beyond simple health care and diseases. Evidence-based digital treatments that prevent, manage, and treat are attracting attention. Due to the COVID-19 pandemic, interest in non-face-to-face treatment is increasing significantly, difficulties in treating patients with chronic diseases are occurring, and the number of patients with mental health problems such as depression is increasing rapidly, leading to interest in digital therapeutics to solve these problems. It is increasing.

In response to such demands, the number of companies developing various digital therapeutics is increasing, but it is difficult to exchange digital therapeutic prescription information and prescription use result information between medical institutions and medical service companies that follow various regulations, and prescribed digital therapeutics are difficult to exchange. There is a problem in that patient personal information must be passed on to digital treatment companies for use, and each digital treatment company must manage patient personal information.

In addition, patient personal information management must be accompanied by data security devices or systems such as access control, encryption, and access record management of patient personal information and prescription data in accordance with the provisions of the Personal Information Protection Act/Information and Communications Network Act, so various digital treatments must be provided. It requires a lot of cost and management resources for companies to equip such data security devices or systems.

Therefore, there is a need for a system that links prescription information by providing a standardized data model and linkage method between medical institutions and medical service companies, and delivers digital treatments by identifying patients and prescription information using minimal personal information.

delete

Korean Patent Publication No. 10-2023-0123127 (2023.8.23)

In order to solve the above problems, the present invention provides an environment in which digital treatment prescription linkage and mutual data exchange according to standard protocols are possible for smooth prescription and medical data linkage between medical institutions and medical service companies, and provides digital treatment exchange between medical institutions and digital treatment companies. We provide a digital treatment App authentication/linking system and method that utilizes a one-time code to safely exchange treatment prescription and treatment data by identifying the patient and the prescription information prescribed to the patient using minimal patient information with the patient's consent. It has a purpose.

The digital treatment App authentication/linking system using a one-time code according to an embodiment of the present invention exchanges prescription information for digital treatments, exchanges digital treatment information, and exchanges and authenticates digital treatment use result information with the medical institution system and digital treatment server. An interface module that provides an interface for providing at least one service; An authentication module that performs at least one of authentication for the medical institution system and the digital treatment server, identity authentication for the patient's consent to provide information, and digital treatment user authentication; And processing the patient information, digital treatment prescription information, and prescribed digital treatment use result information received from the medical institution system and the digital treatment server and storing them as digital treatment prescription data, and providing the digital treatment prescription data according to the service request. and a data management module, wherein the data management module exchanges the digital treatment prescription data with the digital treatment server using a DTx one-time code that can identify prescription information for the digital treatment prescribed to the patient. You can.

In addition, the DTx one-time code may include a medical institution identifier, prescription identifier, patient name, and patient mobile phone number, and may be one-way encrypted to generate a non-redundant identification code.

In addition, the data management module includes an information provision consent processing module that requests information provision consent from the patient terminal to manage patient personal information/prescription information and provide third party information, and receives and stores the result; Verifies the digital treatment prescription information received from the medical institution system, processes it, stores it as digital treatment prescription data, requests the DTx one-time code, maps it with the digital treatment prescription data, and provides consent to provide information obtained from the patient terminal. A prescription data processing module that activates the digital treatment prescription data depending on availability; and a prescription history module that provides prescription history data for previously prescribed digital therapeutic agents.

In addition, the authentication module includes an institution authentication module that performs credential authentication for interworking with the medical institution system and the digital therapeutics server; An identity authentication module that requests identity authentication in conjunction with an identity authentication system to manage patient personal information and prescription information and collect consent to provide information, and receives the results; and a DTx user authentication module that performs patient authentication when using a digital therapeutic delivered to the patient terminal.

In addition, the DTx user authentication module manages the DTx one-time code that identifies DTx prescription data, the DTx authentication code that is transmitted to the patient terminal and used as an authentication method for the digital treatment prescribed to the patient, and patient information, and the DTx one-time code , The mapping relationship between the DTx authentication code and patient information is managed as connection relationship information, and the connection relationship information is used to identify patients and DTx prescription data when exchanging DTx prescription data between the patient terminal, the digital treatment server, and the medical institution system. It may be characterized as authenticating.

Additionally, the DTx user authentication module may be characterized in that it manages CI (Connecting Information) and DI (Dupplication Information) delivered as a result of an identity authentication request as patient information.

In addition, the interface module includes an interchange API module that provides an interlocking interface for providing at least one function among prescription history information inquiry for digital therapeutics, prescription information inquiry, prescription and treatment information delivery, and prescription result information inquiry; and an authentication API module that provides an interoperable interface for issuing authentication keys, renewing authentication keys, and discarding authentication keys for authentication of the medical institution system and the digital therapeutics server.

In addition, the patient information and digital treatment prescription information received from the medical institution system may not include the patient's unique identification information, and the digital treatment prescription data transmitted to the digital treatment server may not include patient personal information. there is.

Meanwhile, in the digital treatment App authentication/linking method using a one-time code according to an embodiment of the present invention, the digital treatment App authentication/linking system processes patient information and digital treatment prescription information received from the medical institution system to provide digital treatment Prescription data processing step of storing prescription data and generating a DTx one-time code; An information provision consent collection step in which the digital treatment App authentication/linking system requests consent to provide information from a patient terminal, and receives and stores the result of the request; If the result collected in the information provision consent collection step is consent, an activation step in which the digital treatment App authentication/linking system activates the digital treatment prescription data; And the digital treatment App authentication/linking system may include a DTx authentication code transmission step of transmitting digital treatment access information and DTx authentication code to the patient terminal.

Additionally, the information provision consent collection step may be characterized by verifying the mobile phone number included in the patient information by sending a message to the mobile phone number.

In addition, the information provision consent collection step is characterized in that identity authentication is performed to confirm the information providing subject, and CI (Connecting Information) and DI (Dupplication Information) delivered as a result of the identity authentication are collected. can do.

In addition, the activation step connects the DTx one-time code and the digital therapeutic agent prescription data, activates the digital therapeutic agent prescription data, and corresponds 1:1 to the DTx one-time code, DTx used for authentication of the digital therapeutic agent. It may be characterized by generating an authentication code and reflecting the personal authentication results collected in the information provision consent collection step in the patient information.

In addition, the digital therapeutic App authentication/linking system may further include a DTx one-time code transmission step of receiving a DTx authentication code from the digital therapeutic product server and transmitting a DTx one-time code corresponding to the DTx authentication code.

In addition, the digital treatment App authentication/linking system receives a digital treatment prescription data request from the digital treatment server, searches for digital treatment prescription data corresponding to the DTx authentication code included in the request, and provides information on the searched prescription data. It may further include a DTx prescription data provision step of providing the digital treatment prescription data only when consent to provision of information is agreed.

Digital treatment providers can search prescription information through a one-time code provided by the digital treatment App authentication/linking system and provide digital treatments to the patient without having to manage the patient's personal information.

Instead of individually linking with medical institutions, digital treatment providers can receive prescription information prescribed by various medical institutions through linking with the digital treatment App authentication/linking system.

Medical institutions can prescribe digital treatment information provided by various digital treatment companies to patients through the digital treatment App authentication/linking system.

Medical institutions and digital therapeutics companies can exchange medical data through standardized service linking methods.

Figure 1 is a schematic diagram showing the overall configuration including the digital treatment App authentication/linking system using a one-time code.
Figure 2 is a diagram illustrating the main functions of a digital therapeutic App authentication/linking system using a one-time code according to an embodiment of the present invention.
Figure 3 is a schematic flowchart of the mutual exchange of prescription data between linked objects in the digital therapeutic App authentication/linking method using a one-time code according to an embodiment of the present invention.
Figure 4 is a flowchart showing the digital treatment App authentication/linking method using a one-time code.
Figure 5 is a detailed flow chart showing in detail the data flow between linked objects in the digital therapeutic app authentication/linking method using a one-time code.

Hereinafter, specific embodiments of the present invention will be described in detail with reference to the drawings. However, the spirit of the present invention is not limited to the presented embodiments, and those skilled in the art who understand the spirit of the present invention may add, change, or delete other components within the scope of the same spirit, or create other degenerative inventions or this invention. Other embodiments that are included within the scope of the invention can be easily proposed, but this will also be said to be included within the scope of the invention of the present application.

In addition, the terms described below are terms set in consideration of the function in the present invention, and may vary depending on the inventor's intention or custom, so the definition should be made based on the content throughout the specification, and in this specification, the terms related to the present invention In cases where it is determined that detailed descriptions of well-known configurations or functions may obscure the gist of the present invention, detailed descriptions thereof will be omitted.

Hereinafter, a digital therapeutic App authentication/linking system (100, hereinafter referred to as DTx App authentication/linking system) using a one-time code according to an embodiment of the present invention will be described with reference to the drawings.

Patient information and prescription information referred to in the present invention refers to medical information received from the medical institution system 200.

In other words, it means data before processing in the DTx App authentication/linking system 100.

Prescription data referred to in the present invention refers to data that is processed and managed by the DTx App authentication/linking system 100 of patient information and prescription information received from the medical institution system 200.

Figure 1 is a schematic diagram showing the overall configuration including the digital therapeutic App authentication/linking system 100 using a one-time code.

The DTx App authentication/linking system 100 according to an embodiment of the present invention is connected to the medical institution system 200, the digital treatment server 300 (hereinafter referred to as DTx server), and the patient terminal 400 through an online network and can communicate with each other. You can.

The online network referred to in the present invention may be a core network integrated with a wired public network, wireless mobile communication network, or mobile Internet, etc., and may include TCP/IP protocols and various services existing at the upper layer thereof, such as HTTP (Hyper Text Transfer Protocol). , can refer to a worldwide open computer network structure that provides HTTPS (Hyper Text Transfer Protocol Secure), Telnet, FTP (File Transfer Protocol), DNS (Domain Name System), and SMTP (Simple Mail Transfer Protocol). It is not limited to examples, but comprehensively refers to a data communication network that can transmit and receive data in various forms.

The server referred to in the present invention may be constructed as a server that functions as at least one of a type of web server, database server, and mobile server. For example, it may display processed results on a web page through an online network or provide necessary input data. It can be transmitted through a web page, where a web page should be interpreted as including software for performing specific tasks such as web applications in addition to simple text, images, sounds, videos, etc., and can also be used on desktops, laptops, smartphones, It can also be built to provide applications and interfaces to be installed on tablet PCs, etc. However, it is not limited to this, and the type of server can be changed in various ways at a level that is obvious to a person skilled in the art.

The system referred to in the present invention may be configured to include the server and various communication devices such as desktops, tablets, netbooks, personal digital assistants (PDAs), portable multimedia players (PMPs), smartphones, and wearable smart devices.

The medical institution system 200 in the present invention is a prescription system (OCS, Order Communication System) or an electronic medical record (EMR, Electronic Medical Record) system used in medical institutions such as general/general hospitals, oriental medicine hospitals, and nursing hospitals. It may be a hospital information system (HIS) that includes at least one or more.

The medical institution system 200 converts the patient's prescription information to the standardized linkage specifications and transmits it to the DTx App authentication/linkage system 100, and can then check the results of the use of the digital therapeutic (DTx) used by the patient.

The DTx server 300 in the present invention may be a system that includes at least one server that provides digital therapeutics (DTx), or servers and hardware devices, and an application (App) that operates on the hardware devices to provide digital therapeutics.

Here, digital therapeutics (hereinafter referred to as DTx) are software or digital devices that have the same clinical effectiveness as drugs for the prevention and treatment of medical disorders or diseases, and include virtual reality (VR)/augmented reality (AR), digital content, and computers. Technologies such as games, metaverse, and mobile may be applied, or technologies such as big data or artificial intelligence may be applied to maximize treatment effects.

The DTx server 300 can provide DTx information to the DTx App authentication/linking system 100.

For example, the DTx server 300 may register DTx information in the DTx App authentication/linking system 100 so that DTx can be used for prescriptions.

At this time, information and reference information necessary for prescription, such as DTx code, DTx connection information, usage information, and precautions, can be provided.

Additionally, the DTx server 300 can provide DTx in the form of an application (App) so that patients can download and use it through access information.

At this time, the DTx server 300 communicates with the application (App) installed on the patient terminal 400 to deliver the prescribed DTx, receives the DTx use results, and transmits them to the DTx App authentication/linking system 100, thereby supporting the medical institution system. (200) Allows you to check the usage results for this prescription.

The patient terminal 400 in the present invention should be interpreted as including various communication means such as desktops, tablets, netbooks, personal digital assistants (PDAs), portable multimedia players (PMPs), smartphones, and wearable smart devices, and DTx By installing web-based or separate software/applications provided by the App authentication/linking system 100 and the DTx server 300, various functions provided by the servers can be executed.

The DTx App authentication/linking system 100 in the present invention is a standardized interface for providing DTx prescription information exchange, DTx information exchange, DTx usage information exchange, and authentication services to the medical institution system 200 and the DTx server 300. It is possible to provide authentication for the medical institution system 200 and the DTx server 300, identity authentication for the patient's consent to provide information, and DTx user authentication.

Additionally, patient information and DTx prescription information received from the medical institution system 200 can be processed and stored/managed as DTx prescription data, and the corresponding prescription data can be delivered upon request from the DTx server 300.

In addition, the usage results of the DTx prescription data used by the patient can be received, connected to the DTx prescription data, stored/managed, and the DTx usage result data can be transmitted to the medical institution system 200.

Figure 2 is a diagram illustrating the main functions of the digital therapeutic App authentication/linking system 100 using a one-time code according to an embodiment of the present invention.

Below, we will look at specific details related to the DTx App authentication/linking system 100.

The DTx App authentication/linking system 100 may include an interface module 110, a data management module 120, an authentication module 130, an FHIR module 140, and a database (DB, 150).

The module is a functional component, and each module may be composed of a plurality of servers such as an application server, database server, web server, and web application server depending on the architectural design.

The interface module 110 may provide an interface defined according to a predefined network protocol to exchange data between the medical institution system 200 and the DTx server 300.

For example, the predefined network protocol may be a RESTful API or HL7 (Health Level 7)-based RESTful API.

Here, HL7 is a standard certified by the American National Standards Institute (ANSI) for the exchange of information between various health and medical information systems, and can unify the interface by standardizing the format of messages sent and received to enable direct information exchange between medical information systems. .

RESTful API and HL7 standards are already known technologies, so detailed information will be omitted.

The interface module 110 is an interchange API module 111 provided to transmit and receive medical information such as patient information, prescription information, and prescription use result information, authentication of the medical institution system 200 or DTx server 300, and patient information. It may include an authentication API module 112 provided for identity authentication.

More specifically, the interchange API module 111 can provide an interchange API for querying DTx prescription information, querying DTx prescription history information, transmitting DTx prescription information, and querying DTx prescription result information.

The authentication API module 112 can provide an authentication API to perform an authentication process for the medical institution system 200 and the DTx server 300 using the interchange API.

For example, the authentication API may include APIs for requesting authentication key issuance, updating authentication key, and deleting authentication key.

However, it is not limited to this and various APIs for interoperability may be defined and provided according to the authentication process.

The authentication module 130 is an institutional authentication module 121 that performs authentication for the medical institution system 200 and the DTx server 300 that exchanges data with the DTx App authentication/linking system 100, and the patient's consent to provide information. It may include an identity authentication module 122 that requests identity authentication and receives the results, and a DTx user authentication module 123 that authenticates the prescribed DTx and the patient using it.

The institutional authentication module 121 is a Client Credentials-type authentication process in which external systems such as the medical institution system 200 and the DTx server 300 prove their qualifications to use the services provided by the DTx App authentication/linking system 100. can be provided.

For example, the organization authentication module 121 may perform the OAuth2 authentication method.

More specifically, the medical institution system 200 and the DTx server 300 may request credential authentication through a web service or web portal site interface provided by the DTx App authentication/linking system 100. In this case, The authentication module 120 registers credentials and institutional information (medical institution, digital therapeutics company) and then issues a Secret Key to store authentication information and authorization information.

Afterwards, the medical institution system 200 and the DTx server 300 can request services provided by the DTx App authentication/linking system 100 by obtaining an authentication key (Access Token) using the issued Secret Key.

The DTx App authentication/linking system 100 determines whether a service request is acceptable to the relevant institution through institution authentication and identifies institution information through an access token, so this must be performed before requesting a service.

The identity authentication module 122 can interface with an identity authentication service system, which is an external system, to provide an identity authentication screen to the patient terminal 400 and receive the identity authentication results.

For example, the identity authentication service system may be a mobile phone identity authentication system that verifies the identity of the mobile phone holder from the telecommunication company.

The DTx user authentication module 123 does not transmit patient personal information to the DTx server 300, but in order to exchange prescription data with the DTx server 300, it provides a DTx one-time code to identify the DTx prescription data prescribed to the patient. It can be created and managed.

At this time, the DTx one-time code includes the medical institution identifier, prescription identifier, patient name, and patient mobile phone number, and can be one-way encrypted to generate a non-redundant identification code.

The DTx user authentication module 123 manages minimal patient information, and the patient information may be included in prescription information delivered by the medical institution system 200.

At this time, the patient information included in the prescription information does not include unique identification information such as resident registration number, passport number, driver's license number, alien registration number, etc. that can directly identify the patient in a 1:1 correspondence, We use only the minimum amount of patient personal information necessary to provide services.

This is to prevent personal information leakage in advance by managing only the minimum personal information necessary to identify the patient.

Meanwhile, the DTx one-time code can be used to identify a single prescription.

Additionally, it can be used as an auxiliary authentication key to request or transmit patient-related information from the DTx server 300 to the DTx App authentication/linking system 100.

Here, the DTx one-time code is not used immediately after creation, but can be used after activation.

Before activation, the DTx one-time code is managed in connection with the patient's name and mobile phone number. However, after requesting the patient's consent to provide information through self-verification and obtaining consent, it is activated and linked to prescription data so that it can be used as an identifier. .

In addition, CI (Connecting Information) and DI (Dupplication Information) delivered as a result of the identity authentication request can be included and managed as patient information.

This can compensate for the disadvantage of not being able to identify prescription data or previously prescribed prescription history data due to a change in the patient's phone number.

Meanwhile, the DTx user authentication module 123 can generate, map, and manage a DTx one-time code and a corresponding DTx authentication code.

Here, the DTx authentication code is transmitted to the patient terminal 400 after the patient agrees to provide information and can be used as a means for authenticating the user and the prescribed DTx when the patient uses the prescribed DTx.

For example, to use DTx, the patient runs the DTx application (App), enters the DTx authentication code sent to the patient terminal (400), goes through the user authentication process of the DTx App authentication/linking system (100), and then uses DTx. You can.

At this time, the DTx application (App) installed on the patient terminal 400 can receive the authentication procedure and DTx prescription data through the DTx server 300 without directly communicating with the DTx App authentication/linking system 100.

The data management module 130 processes patient information, DTx prescription information, and prescribed DTx use result information received from the medical institution system 200 and the DTx server 300, stores it as DTx prescription data, and stores it as DTx prescription data according to service requests. DTx prescription data can be provided.

The data management module 130 may include an information provision consent processing module 131, a prescription data processing module 132, and a prescription history module 133.

The information provision consent processing module 131 may request consent to provide information to a third party through the patient terminal 400 for mutual exchange of DTx prescription data and receive the result.

More specifically, the information provision consent processing module 131 may transmit a URL through which information provision consent can be performed to the patient terminal 400 using the patient's mobile phone number.

For example, a method of delivering the information provision consent URL to the patient terminal 400 may be a mobile text message, SNS message, or notification from an application installed on the patient terminal 400.

Meanwhile, when the information provision consent processing module 131 transmits the information provision consent URL, it can first verify whether the patient's mobile phone number is valid.

For example, the verification method transmits a random URL for verifying the patient's mobile phone number to the patient terminal 400 before providing the information provision consent screen, and when the patient terminal 400 clicks on the URL and connects, it is included and delivered. Validity can be verified by comparing the mobile phone number of the patient terminal 400 and the mobile phone number of the patient information stored in the DTx App authentication/linking system 100.

When the validity of the mobile phone number is verified, the URL of the information provision consent is transmitted to the patient terminal 400, and at this time, the DTx one-time code can also be transmitted.

The prescription data processing module 132 may verify the DTx prescription information received from the medical institution system 200, process the information, and store it as DTx prescription data.

More specifically, the prescription data processing module 132 may perform expression and data verification on prescription information received through the FHIR module 140, which will be described later.

Additionally, the prescription data processing module 132 may process the DTx prescription information for which verification work has been completed according to the data structure of the DTx App authentication/linking system 100 and store it as DTx prescription data.

At this time, a DTx one-time code can be requested through the DTx user authentication module 123, and a process of mapping the DTx one-time code and DTx prescription data can be performed.

Thereafter, through the information provision consent processing module 131, the patient's consent to provide information can be collected and stored, and data activation can be performed on the DTx prescription data for which the patient has agreed to provide information.

Here, data activation refers to a state in which the use and provision of data is permitted to a third party, and may mean that prescription data can be transmitted to the DTx server 300.

Meanwhile, the prescription data processing module 132 verifies the data through the FHIR module 140 on the DTx use result information received from the DTx server 300, processes it, and includes it in the corresponding DTx prescription data. The results of prescription use can be saved.

The prescription history module 133 may provide DTx prescription history data in response to a request for previous prescription history from the medical institution system 200 and the DTx server 300.

For example, the medical institution system 200 may request prescription history for a specific DTx prescribed to a specific patient from the DTx App authentication/linking system 100.

The prescription history module 133 can search the corresponding DTx prescription data in response to the DTx prescription history request, check whether there is consent to provide information, and provide a list of DTx prescription data for which the user has agreed to provide information.

As a result, the medical institution system 200 can proceed with the next prescription by referring to the DTx prescription history data, and the DTx server 300 can deliver the results of DTx use, including the results of previous prescriptions and uses for the same DTx. .

The DTx App authentication/linking system 100 may further include an FHIR module 140 that processes data exchanged based on FHIR (Fast Healthcare Interoperability Resources).

The FHIR module 140 can perform verification of expressions and required data for FHIR (Fast Healthcare Interoperability Resource) data.

Here, FHIR data refers to a text-based data model that defines medical information in accordance with the HL7 standard, and data verification work can be performed on the premise that DTx prescription information is linked to FHIR data.

FHIR must be defined in advance according to the type of data being linked.

The FHIR module 140 can configure or parse medical information such as prescription information and patient information to be exchanged according to defined FHIR standards.

Figure 3 is a schematic flowchart of the mutual exchange of prescription data between linked objects in the digital therapeutic App authentication/linking method using a one-time code according to an embodiment of the present invention.

Referring to FIG. 3, the overall flow of mutually exchanging prescription data will be described.

When a medical professional prescribes DTx to a patient, the medical institution system 200 can transmit DTx prescription information to the DTx App authentication/linking system 100.

The DTx App authentication/linking system (100) processes the received DTx prescription information, stores it as DTx prescription data, and provides third-party information to the patient terminal (400) to provide the DTx prescription data to the DTx server (300). You can request consent and collect consent.

If the patient agrees to provide information, the DTx App authentication/linking system 100 delivers DTx App installation information and authentication code to the patient terminal 400, and the patient downloads and installs the DTx App on the patient terminal 400. , run it and enter the authentication code you received.

At this time, the DTx App communicates with the DTx server 300 and transmits the entered authentication code to the DTx server 300, and the DTx server 300 sends the authentication code and the patient information entered from the patient to the DTx App authentication/linking system ( 100), the patient's DTx prescription data can be received.

The DTx server 300 may check the received Dtx prescription data and provide DTx to the patient terminal 400.

Afterwards, the patient uses the DTx provided through the patient terminal 400, and when DTx use is completed, the DTx server 300 can transmit the DTx use result information to the DTx App authentication/linking system 100, and the DTx App The authentication/linking system 100 can manage the received usage results by including them in DTx prescription data.

Additionally, the results of using DTx can be transmitted to the medical institution system 200.

Figure 4 is a flowchart showing the digital treatment App authentication/linking method using a one-time code according to an embodiment of the present invention, and Figure 5 shows the data flow between linking objects in the digital therapy App authentication/linking method using a one-time code. This is a detailed flow chart shown in detail.

Referring to FIGS. 4 to 5 , the procedure for transmitting DTx prescription data prescribed by the medical institution system 200 to the DTx server 300 using a one-time code and authenticating the DTx App installed on the patient terminal 400 Explain in detail.

The DTx App authentication/linking system 100 processes patient information and DTx prescription information received from the medical institution system 200, stores them as DTx prescription data, and performs a prescription data processing step of generating a DTx one-time code. (S310)

Since the received DTx prescription information can be delivered in a data model format based on a standardized standard (FHIR), it is possible to determine whether data can be extracted (parsed) according to the standard and proceed with the next task.

After the verification process, the extracted data can be processed and stored into the data structure of the DTx App authentication/linking system 100.

Here, the DTx App authentication/linking system 100 generates and manages a DTx one-time code to exchange DTx prescription data and prescription use results without transmitting patient personal information to the DTx server 300.

The DTx one-time code can be used to identify one prescription, and after creation, the DTx one-time code is linked to the patient's name and mobile phone number. After going through the patient medical information consent process, it is activated and used as an identifier for DTx prescription data. You can.

Next, the DTx App authentication/linking system 100 requests consent to provide information from the patient terminal 400, and performs an information provision consent collection step in which the result of the request is received and stored. (S320)

Here, the DTx App authentication/linking system 100 can transmit a URL for performing information provision consent to the patient terminal 400.

The URL can be delivered through text messages, SNS notifications, notifications from dedicated applications, etc.

When the patient accesses the received URL and performs the information provision consent process, the DTx App authentication/linking system 100 maps the consent with each DTx prescription data and stores it.

The informed consent process can be performed at each prescription.

In the information provision consent collection step (S320), before transmitting the information provision consent URL, a process can be performed to verify the validity of the patient's mobile phone number by sending a message to the mobile phone number included in the patient information.

For example, by sending a pre-information URL that delivers guidance information about the information provision consent process to the patient's mobile phone number transmitted from the medical institution system 200, the patient's mobile phone number can be confirmed through the patient's response results.

The patient accesses the information provision URL sent to the patient terminal 400, performs identity verification, and performs a medical information provision consent process.

If the patient agrees to provide medical information, the DTx App authentication/linking system 100 connects the DTx one-time code and the DTx prescription data that the patient agreed to provide medical information, and activates the DTx one-time code and DTx prescription data. Follow the steps. (S330)

In the activation step (S330), DTx prescription data corresponding to the DTx one-time code is connected, DTx prescription data is activated, and DTx is used to authenticate the digital treatment delivered to the patient in a 1:1 correspondence with the DTx one-time code. An authentication code is generated, and the personal authentication results collected in the information provision consent collection stage (S320) are reflected in the patient information.

Here, the identity authentication result may include CI (Connecting Information) and DI (Dupplication Information) information, and the CI and DI are added and managed as patient information, and are used as information to identify the patient when the patient's mobile phone number changes in the future. You can use it.

By linking the DTx prescription data with the DTx one-time code that is linked to patient information and can identify the prescription information prescribed to the patient, the DTx prescription data linked through the DTx one-time code can be searched and used.

After performing the activation step (S330), the DTx App authentication/linking system 100 may perform a DTx authentication code transmission step of transmitting DTx connection information and DTx authentication code to the patient terminal 400. (S340)

DTx provided to the patient is provided in the form of an application and can be installed and used on the patient terminal 400. For this, the DTx App authentication/linking system 100 provides the installation URL of the DTx App and the DTx authentication code for use of DTx to the patient. It can be transmitted to the terminal 400.

The patient can use DTx by installing and executing the DTx App through the DTx connection information transmitted to the patient terminal 400 and entering the DTx authentication code.

Here, the DTx App is installed on the patient terminal 400, communicates with the DTx server 300, and can request DTx prescribed to the patient or transmit the results of the used DTx.

More specifically, when the patient enters the DTx authentication code into the DTx App, the DTx App transmits the entered DTx authentication code to the DTx server 300.

The DTx server 300, which has received this, transmits the DTx authentication code and patient information (name, mobile phone number) received from the DTx App to the DTx App authentication/linking system 100.

The DTx App authentication/linking system 100 receives the DTx authentication code from the DTx server 300 and transmits the corresponding DTx one-time code to the DTx server 300. (S350)

As a result, the DTx server 300 can request the patient's prescription data using the DTx one-time code.

The DTx server 300 may request and obtain a DTx one-time code only once for security reasons.

The DTx server 300, which has acquired the DTx one-time code, can request DTx prescription data corresponding to the DTx authentication code from the DTx App authentication/linking system 100.

The DTx App authentication/linking system 100 receives a DTx prescription data request from the DTx server 300, searches for DTx prescription data corresponding to the DTx authentication code included in the request, and determines whether or not there is consent to provide information on the searched prescription data. Only if there is consent, the DTx prescription data provision step of providing the corresponding prescription information to the DTx server 300 is performed. (S360)

The DTx authentication code corresponds 1:1 to the DTx one-time code, and prescription data can be searched with the DTx one-time code, and prescription information can be transmitted without transmitting patient information to the DTx server 300.

The DTx server 300 can check the received DTx prescription data and provide the prescribed DTx to the patient terminal 400 through the DTx App.

In the above, the configuration and features of the present invention have been described based on the embodiments according to the present invention, but the present invention is not limited thereto, and various changes or modifications may be made within the spirit and scope of the present invention. It is instructed to those skilled in the art, and therefore, it is stated that such changes or modifications fall within the scope of the appended patent claims.

100: DTx App authentication/linking system
110: Interface module
111: Interchange API module 112: Authentication API module
120: Authentication module
121: Institutional authentication module 122: Personal authentication module
123: DTx user authentication module
130: Data management module
131: Information provision consent processing module 132: Prescription data processing module
133: Prescription history module
140: FHIR module
200: Medical institution system
300: DTxserver
400: Patient terminal

Claims (14)

An interface module that provides an interface to the medical institution system and the digital treatment server to provide at least one service among digital treatment prescription information exchange, digital treatment information exchange, and digital treatment use result information exchange and authentication;
An authentication module that performs at least one of authentication for the medical institution system and the digital treatment server, identity authentication for the patient's consent to provide information, and digital treatment user authentication; and
Data that processes patient information, digital treatment prescription information, and prescribed digital treatment use result information received from the medical institution system and the digital treatment server and stores them as digital treatment prescription data, and provides the digital treatment prescription data upon service request. Equipped with a management module;
The data management module is characterized in that it exchanges the digital treatment prescription data with the digital treatment server using a DTx one-time code that can identify prescription information for the digital treatment prescribed to the patient,
Patient information and digital treatment prescription information received from the medical institution system do not include the patient's unique identification information, and digital treatment prescription data transmitted to the digital treatment server does not contain patient personal information.
The authentication module is,
An institutional authentication module that performs credential authentication for linking with the medical institution system and the digital therapeutics server;
An identity authentication module that requests identity authentication in conjunction with an identity authentication system to manage patient personal information and prescription information and collect consent to provide information, and receives the results; and
It includes a DTx user authentication module that performs patient authentication when using a digital therapeutic delivered to the patient terminal,
The DTx user authentication module,
In order to manage digital treatment prescription information received from the medical institution system, a DTx one-time code that does not contain patient personal information is generated, and a DTx authentication code is sent to the patient terminal and used as an authentication method for the digital treatment prescribed to the patient. It is generated and managed by mapping with the DTx one-time code, and the connection relationship information between the DTx one-time code, DTx authentication code, and patient information is used to exchange digital treatment prescription data between the patient terminal, the digital treatment server, and the medical institution system. And identifying and authenticating digital treatment prescription data, and managing CI (Connecting Information) and DI (Dupplication Information) delivered as a result of an identity authentication request as patient information and using them as patient identification information.
Digital therapeutic app authentication/linking system.
According to clause 1,
The DTx one-time code is,
Characterized in that it includes a medical institution identifier, prescription identifier, patient name, and patient mobile phone number, and generates a non-redundant identification code through one-way encryption.
Digital therapeutic app authentication/linking system.
According to clause 1,
The data management module is,
An information provision consent processing module that requests information provision consent from the patient terminal to manage patient personal information/prescription information and provide third party information, and receives and stores the result;
Verifies the digital treatment prescription information received from the medical institution system, processes it, stores it as digital treatment prescription data, requests the DTx one-time code, maps it with the digital treatment prescription data, and provides consent to provide information obtained from the patient terminal. A prescription data processing module that activates the digital treatment prescription data depending on availability; and
Containing a prescription history module that provides prescription history data for previously prescribed digital treatments,
Digital therapeutic app authentication/linking system.
delete delete delete According to clause 1,
The interface module is,
An interchange API module that provides an interoperable interface for providing at least one of the following functions: inquiry of prescription history information for digital therapeutics, inquiry of prescription information, delivery of prescription and treatment information, and inquiry of prescription result information; and
An authentication API module that provides an interoperable interface for issuing authentication keys, renewing authentication keys, and discarding authentication keys for authentication of the medical institution system and the digital therapeutics server. Including,
Digital therapeutic app authentication/linking system.
According to clause 1,
Patient information and digital treatment prescription information received from the medical institution system do not include the patient's unique identification information, and digital treatment prescription data transmitted to the digital treatment server does not include patient personal information.
Digital therapeutic app authentication/linking system.
A prescription data processing step in which the digital treatment App authentication/linking system processes patient information and digital treatment prescription information received from the medical institution system, stores it as digital treatment prescription data, and generates a DTx one-time code;
An information provision consent collection step in which the digital treatment App authentication/linking system requests consent to provide information from a patient terminal, and receives and stores the result of the request;
If the result collected in the information provision consent collection step is consent, an activation step in which the digital treatment App authentication/linking system activates the digital treatment prescription data;
A DTx authentication code transmission step in which the digital therapy App authentication/linking system transmits a DTx authentication code mapped to digital therapy access information and a DTx one-time code to the patient terminal;
A DTx one-time code transmission step in which the digital therapeutic App authentication/linking system receives a DTx authentication code from the digital therapeutic product server and transmits a DTx one-time code corresponding to the DTx authentication code; and
The digital treatment App authentication/linking system receives a request for digital treatment prescription data from the digital treatment server, searches for digital treatment prescription data corresponding to the DTx one-time code included in the request, and provides information about the searched prescription data. A DTx prescription data provision step of providing the digital treatment prescription data only when consent is provided,
Patient information and digital treatment prescription information received from the medical institution system do not include the patient's unique identification information, and digital treatment prescription data transmitted to the digital treatment server does not contain patient personal information.
The above information provision consent collection step is,
We perform identity verification to confirm the information provider, collect CI (Connecting Information) and DI (Duplicate Information) delivered as a result of identity verification, and manage it as patient information.
The activation step is,
Connects the DTx one-time code generated in the prescription data processing step with patient information and digital treatment prescription data, activates the digital treatment prescription data, and corresponds 1:1 to the DTx one-time code and is used for authentication of the digital treatment. Generates a DTx authentication code and reflects the personal authentication results collected in the information provision consent collection stage in the patient information,
Digital therapeutic app authentication/linking method.
According to clause 9,
The above information provision consent collection step is,
Characterized in verifying the mobile phone number by sending a message to the mobile phone number included in the patient information,
Digital therapeutic app authentication/linking method.
delete delete delete delete