The content of the invention
In view of this, the present invention provides a kind of family health care data managing method and system.
A kind of family health care data managing method, it comprises the following steps:
S1, it is pre-configured with personally identifiable information, medical treatment information;The medical treatment information includes medical treatment conjunction
Method authorized person information, conflict rule information;According to family relationship mapping table by the personally identifiable information of all users in family, doctor
Treatment disposal information configuration is into family in the user terminal of each user;
S2, each user by respective first private key for user to stored in user terminal personally identifiable information, Division of Medical Care
Confidence breath is encrypted;The wearable information of identification code corresponding with user is generated according to each first private key for user;
S3, configuration user's medical data form, user's medical data form include user basic information and user
Information is extended, the user basic information includes user's unique identifier, sex;User's extension information includes physical signs
Data, historical medical data;
S4, the open authority that each item data in information is extended to user according to the selection of user carry out authority configuration, including
Full public data and limitation public data, and the corresponding open object information of limitation public data is set;Set by wearable
Standby, Medical Devices, medical server collection user's extension information, and it is sent to together with acquisition time the user of user in real time in the lump
On end;User terminal is encrypted to limitation public data in user's extension information according to second user private key and obtained by encryption
User's extension information of reason;
It is full that the user of user basic information and the process encryption collected is extended information configuration by S5, user terminal
The user health data of sufficient user's medical data form;Breathed out by the corresponding public key of the 3rd private key for user of user by SHA256
Uncommon processing obtains primary treatment value, then primary treatment value is handled by message digest algorithm RIPEMD160 Hash, obtains multiple
The Hash result value of byte, obtains readable character by BASE58CHECK codings to Hash result value and plough location;Utilize readable word
Symbol location of ploughing is encrypted to user health data and obtains Hash character string information;By Hash character string information by presetting piecemeal
Rule carries out piecemeal and one of piecemeal is sent to the piecemeal that transmission is deleted after every other user terminal;3rd user is private
Key off-line arrangement is to other users end, and other users end is set up according to terminal address, the private key of user the 3rd of the user terminal of transmission
Block data and the user's corresponding relation for sending data user end;
S6, acquisition server judge whether access is that user initiates to the medical formatted data access request of user,
When being initiated for user, step S7 is jumped to;Otherwise step S10 is jumped to;
S7, user terminal checking user identity after to other users end broadcast piecemeal solicited message, other users end according to
The terminal address for sending the user terminal of request sends piecemeal to the user terminal of request;
All piecemeals are combined by S8, the user terminal of request obtains Hash character string information and by the of correspondence user
Three private key for user are decrypted to Hash character string information and obtain user health data;
S9, the open selection information for limitation public data for receiving user, in user's selection to limitation public data
When carrying out open, it is sent to server after limitation public data is decrypted by second user private key and terminates;
S10, when non-user is initiated, server obtains the first private key for user by information of identification code, and according to the
One private key for user obtains the corresponding personally identifiable information of user, medical treatment information;Server and obtain authorization message after,
To corresponding 3rd private key for user of the corresponding user terminal request user of legitimate authority;And jump to step S11;
S11, server send piecemeal to the user terminal of user and other users end simultaneously and obtain request, the piecemeal
Obtaining request includes the 3rd private key for user;The user terminal of user and other users end are according to the 3rd private key for user to service
Device sends piecemeal;All piecemeals are combined by server obtains Hash character string information and by the 3rd user of correspondence user
Private key is decrypted to Hash character string information and obtains user health data, and terminates.
In family health care data managing method of the present invention,
The step S1 includes:
Intelligent contract is pre-configured with, intelligent contract is used for the electronic contract set up between medical institutions and user;Intelligence is closed
About include personally identifiable information, medical treatment information, medical treatment information includes medical treatment legitimate authority information, punching
Prominent Rule Information;
The medical treatment legitimate authority information is corresponding including legitimate authority's object information, and legitimate authority
Authorization privilege grade;
The legitimate authority that the conflict rule information includes different authorization privilege grades determines regular, identical authorization privilege
The legitimate authority of grade determines rule;
And configure the quantity that legitimate authority confirms under various different therapeutic schemes;
For legitimate authority's information, licensing term interval value is set;
Intelligent contract is sent to server, and intelligent contract is sent to third-party institution's progress electronic notarization.
In family health care data managing method of the present invention,
The server is unified third-party server, and configures the data of third-party server and medical institution server
Connecting interface;
Obtain grade, the qualification information of different medical mechanism;According to the grade of different medical mechanism, qualification information the 3rd
The Datalink Interface open hour of different medical mechanism, open authority are set in square server;It is corresponding,
Server is received to the medical formatted data access request of user in the step S6, is judged to the medical form number of user
Whether meet the Datalink Interface open hour of different medical mechanism, open authority according to the corresponding medical institutions of access request;
When meeting, continuation judges whether access is that user initiates.
In family health care data managing method of the present invention,
The medical formatted data form of the user is as follows:Body field+generation time field+survival time field+user
Essential information field+user's extended info field+disclosure identification field+disclosure rights field+check code field;
The body field is used for the main body for recording data acquisition;The generation time field is used to record data acquisition
Time;The storage time field is used for the time cycle for recording data storage;The user basic information field is used to record
User basic information;User's extended info field is used to record user's extension information;The open identification field is used to remember
Carry whether data disclose;The check code field is used to verify data format.
In family health care data managing method of the present invention,
It is additionally included in after the step S9 in server and sets data using rule, acquisition user utilizes according to data and advised
Then one or more of data in the medical formatted data of disclosed user;
Disclosed one or more of data are classified according to different characteristic type;
Data are added in intelligent contract using rule, and the intelligent contract after renewal is sent to the third-party institution
Row electronic notarization;
Obtain access request of the other users for disclosed one or more of data;Data are sent to other users to utilize
Rule, and the selection information of other users is obtained, when other users selection receives, according to data using regular from other users
Account in draw take corresponding cost to provide data user account in.
In family health care data managing method of the present invention,
The step S10 includes following sub-step:
S101, when non-user is initiated, server by information of identification code obtain the first private key for user, and, according to
First private key for user obtains the corresponding personally identifiable information of user, medical treatment information;
S102, medical treatment legitimate authority information, conflict rule information are parsed from medical treatment information;According to doctor
Treat processing legitimate authority's information and determine corresponding legitimate authority;The corresponding legitimate authority carries out broadcast notice
Including determining the quantity of legitimate authority and the corresponding authorization privilege grade of legitimate authority according to different therapeutic schemes;It is legal
Authorized person is part or all of user in family;
S103, to legitimate authority's broadcast acknowledgements solicited message with corresponding authorization privilege grade;
S104, the confirmation feedback information of the legitimate authority of the corresponding authorization privilege grade of acquisition;
S105, judge whether the confirmation feedback information of legitimate authority clashes, when clashing, jump to step
S106;Otherwise step S107 is jumped to;
S106, according to conflict rule information the confirmation feedback information of legitimate authority is screened, and jump to step
S107;
S107, judge the legitimate authority after screening confirmation feedback information whether meet legitimate authority confirmation
Quantity, step S108 is jumped to when meeting;Otherwise termination process;
S108, server ask corresponding 3rd private key for user of user to legitimate authority at random, and jump to step
S11。
In family health care data managing method of the present invention,
Also include before the step S1:
S01, server is linked into government system;The wedding of user is set in government system according to user's unique identifier
Relation by marriage relation, close relative's relation information;
S02, in government system according to current specifications configure user's medical treatment pressure authorization message and according to user
Selection encryption storage user's second user private key, the 3rd private key for user, and second user private key, the use of the 3rd private key for user
Rule Information;
S03, selected according to user, the medical account information of configuration individual subscriber freezes rule;
The step S107 also includes:
S1071, the confirmation feedback information for judging the legitimate authority after screening be unsatisfactory for legitimate authority confirm
Quantity when, server to government system initiate access request, the access request include user's unique identifier;
User's unique identifier that S1072, government system are sent according to server obtains the marital relations of user, close relative
Relation information, and according to the marital relations of user, close relative's relation information broadcast acknowledgements solicited message;
S1073, government system judge confirmation feedback information whether is received in preset time, are receiving confirmation feedback information
When, jump to step S1074;Otherwise step S1075 is jumped to;
S1074, the second user private key stored in advance in government system according to user, the use rule of the 3rd private key for user
Then second user private key or second user private key, the use Rule Information of the 3rd private key for user are sent to server by information, and
Jump to step S11;When the step S11 is additionally included in acquisition second user private key, by second user private key to limitation
Public data is decrypted and terminated;
S1075, the pressure authorization message according to user's medical treatment and freeze rule in the medical account of individual subscriber
Freeze the fund of default number in advance, and jump to step S1074.
The present invention also provides a kind of family health care data management system, and it includes such as lower unit:
Identification information dispensing unit, for being pre-configured with personally identifiable information, medical treatment information;Division of Medical Care's confidence
Breath includes medical treatment legitimate authority information, conflict rule information;It is according to family relationship mapping table that institute in family is useful
The personally identifiable information at family, medical treatment information configuration are into family in the user terminal of each user;
First key ciphering unit, it is individual to what is stored in user terminal by respective first private key for user for each user
People's identification information, medical treatment information are encrypted;Generated according to each first private key for user corresponding with user wearable
Information of identification code;
Medical data form dispensing unit, for configuring user's medical data form, user's medical data form bag
User basic information and user's extension information are included, the user basic information includes user's unique identifier, sex;It is described to use
Family extension information includes data of physiological index, historical medical data;
Open authority configuration unit, the open authority of each item data in information is extended for the selection according to user to user
Authority configuration, including full public data and limitation public data are carried out, and the corresponding open object of limitation public data is set
Information;User is gathered by wearable device, Medical Devices, medical server and extends information, and it is real in the lump together with acquisition time
When be sent on the user terminal of user;User terminal extends limitation public data in information to user according to second user private key to be carried out
Encryption obtains user's extension information by encryption;
Layered encryption blocking unit, for by user terminal by user basic information and the process encryption collected
User extension information configuration be the user health data for meeting user's medical data form;Pass through the 3rd private key for user of user
Corresponding public key is handled by SHA256 Hash and obtains primary treatment value, then passes through message digest algorithm to primary treatment value
The processing of RIPEMD160 Hash, obtains the Hash result value of multiple bytes, Hash result value is encoded by BASE58CHECK
Ploughed location to readable character;User health data are encrypted obtain Hash character string information using readable character location of ploughing;
Hash character string information is subjected to piecemeal by default piecemeal rule and one of piecemeal is sent to every other user terminal
The piecemeal of transmission is deleted afterwards;By the 3rd private key for user off-line arrangement to other users end, other users end according to transmission user
Terminal address, the private key of user the 3rd at end set up block data with sending user's corresponding relation at data user end;
Access request acquiring unit, for obtaining server to the medical formatted data access request of user, judges that access is
It is no to be initiated for user, when being initiated for user, jump to piecemeal request unit;Otherwise key request list is jumped to
Member;
Piecemeal request unit, piecemeal solicited message is broadcasted for user terminal after checking user identity to other users end,
Other users end sends piecemeal according to the terminal address for the user terminal for sending request to the user terminal of request;
All piecemeals, are combined and obtain Hash character string information by the first decryption unit for the user terminal by request
And Hash character string information is decrypted obtains user health data by the 3rd private key for user of correspondence user;
Second decryption unit, the open selection information for limitation public data for receiving user, in user's selection
When carrying out open to limitation public data, server is sent to after limitation public data is decrypted by second user private key
And terminate;
Key requesting unit, for when being initiated in non-user, server to obtain first by information of identification code and used
Family private key, and the corresponding personally identifiable information of user, medical treatment information are obtained according to the first private key for user;Server is simultaneously being obtained
Take after authorization message, corresponding 3rd private key for user of user is asked to the corresponding user terminal of legitimate authority;And jump to
Three decryption units;
3rd decryption unit, for sending piecemeal to the user terminal of user and other users end simultaneously by server
Request is obtained, the piecemeal, which obtains request, includes the 3rd private key for user;The user terminal of user and other users end are according to
Three private key for user send piecemeal to server;All piecemeals are combined by server obtains Hash character string information and by right
Hash character string information is decrypted using the 3rd private key for user at family and obtains user health data, and is terminated.
In family health care data management system of the present invention,
The identification information dispensing unit includes:
Intelligent contract is pre-configured with, intelligent contract is used for the electronic contract set up between medical institutions and user;Intelligence is closed
About include personally identifiable information, medical treatment information, medical treatment information includes medical treatment legitimate authority information, punching
Prominent Rule Information;
The medical treatment legitimate authority information is corresponding including legitimate authority's object information, and legitimate authority
Authorization privilege grade;
The legitimate authority that the conflict rule information includes different authorization privilege grades determines regular, identical authorization privilege
The legitimate authority of grade determines rule;
And configure the quantity that legitimate authority confirms under various different therapeutic schemes;
For legitimate authority's information, licensing term interval value is set;
Intelligent contract is sent to server, and intelligent contract is sent to third-party institution's progress electronic notarization.
In family health care data management system of the present invention,
The server is unified third-party server, and configures the data of third-party server and medical institution server
Connecting interface;
Obtain grade, the qualification information of different medical mechanism;According to the grade of different medical mechanism, qualification information the 3rd
The Datalink Interface open hour of different medical mechanism, open authority are set in square server;It is corresponding,
Server is received to the medical formatted data access request of user in the access request acquiring unit, is judged to user
The corresponding medical institutions of medical formatted data access request whether meet different medical mechanism the Datalink Interface open hour,
Open authority;When meeting, continuation judges whether access is that user initiates.
Advantageous effects:The present invention relative to prior art, the unified utilization of medical information can be realized;By inciting somebody to action
Information encryption storage is with authorizing using separating, it is to avoid the risk of information leakage and be not present what is illegally used without user's agreement
Situation;The health data of core is subjected to piecemeal storage, it is to avoid loss of data in the case that unique user terminal is cracked
Risk;In case of emergency, when user can not provide mandate operation or other treatment schemes it can carry out other people and authorize,
Hold therapic opportunity.
Embodiment
In embodiments of the present invention, a kind of family health care data managing method, it comprises the following steps:
S1, it is pre-configured with personally identifiable information, medical treatment information;The medical treatment information includes medical treatment conjunction
Method authorized person information, conflict rule information;According to family relationship mapping table by the personally identifiable information of all users in family, doctor
Treatment disposal information configuration is into family in the user terminal of each user.
Personally identifiable information, medical treatment information are the information for recognizing user and the basic medical treatment of progress,
Information sensitivity is not high.Specifically can flexibly it set.Alternatively, personally identifiable information is string number code, does not show user
Real name.
S2, each user by respective first private key for user to stored in user terminal personally identifiable information, Division of Medical Care
Confidence breath is encrypted;The wearable information of identification code corresponding with user is generated according to each first private key for user.
The wearable information of identification code can be Intelligent bracelet or Quick Response Code etc., other people can be facilitated to recognize, or
Can be NFC identification informations.Wearable information of identification code is generated, can be facilitated when user can not authorize, by sweeping
Information of identification code is retouched to obtain customer identification information and carry out the information of basic medical treatment, and due to this kind of information sensing
Degree is not high therefore safely controllable.
S3, configuration user's medical data form, user's medical data form include user basic information and user
Information is extended, the user basic information includes user's unique identifier, sex;User's extension information includes physical signs
Data, historical medical data.
In this step, it is preferable that the character string forms for being set to generate at random by user's unique identifier, and have
Uniqueness so that can either be corresponded with the information of user, will not reveal the name codominance information of individual, really again
Realize anonymous profile, information anonymity to utilize, safe coefficient is high.
User's extension information, which includes data of physiological index, historical medical data, can pass through individual mobile terminal, all kinds of biographies
Prescription information, medication information, recovery information etc. are produced in sensor or medical procedure, user's big data is formed, and
The isolated of information between each medical institutions has been got through, unified Information Pull resource is formed.
S4, the open authority that each item data in information is extended to user according to the selection of user carry out authority configuration, including
Full public data and limitation public data, and the corresponding open object information of limitation public data is set;Set by wearable
Standby, Medical Devices, medical server collection user's extension information, and it is sent to together with acquisition time the user of user in real time in the lump
On end;User terminal is encrypted to limitation public data in user's extension information according to second user private key and obtained by encryption
User's extension information of reason.
In data of physiological index, historical medical data in user, some data are that degree of privacy is higher, and simultaneously
The treatment of not all is required for using all data, carries out authority configuration by the open authority to each item data, sets limit
The corresponding open object information of public data processed, enables to whom data are disclosed to by user's selection, and which kind of journey openly arrived
Degree, personalization level is higher, and is to be required for obtaining user's permission every time, therefore safe coefficient is high.
Such as, therefore in treatment-related disease, all data and information will not be exposed to doctor and therapeutic machine
Structure;In current all technical schemes, inventor also only occur some technical schemes to doctor deploying authority, but doctor
Life is there is also risk of leakage, and the autonomy for not utilizing data gives user completely.
It is full that the user of user basic information and the process encryption collected is extended information configuration by S5, user terminal
The user health data of sufficient user's medical data form;Breathed out by the corresponding public key of the 3rd private key for user of user by SHA256
Uncommon processing obtains primary treatment value, then primary treatment value is handled by message digest algorithm RIPEMD160 Hash, obtains multiple
The Hash result value of byte, obtains readable character by BASE58CHECK codings to Hash result value and plough location;Utilize readable word
Symbol location of ploughing is encrypted to user health data and obtains Hash character string information;By Hash character string information by presetting piecemeal
Rule carries out piecemeal and one of piecemeal is sent to the piecemeal that transmission is deleted after every other user terminal;3rd user is private
Key off-line arrangement is to other users end, and other users end is set up according to terminal address, the private key of user the 3rd of the user terminal of transmission
Block data and the user's corresponding relation for sending data user end.
By implementing this step, first choice ensure that any trickle change, can not just obtain correct data, and this hair
One big feature of bright embodiment is, by default piecemeal rule Hash character string information is carried out into piecemeal and by one of them point
Block is sent to the piecemeal that transmission is deleted after every other user terminal.
The only a part of Hash character string information piecemeal on the user terminal of user;Also there was only part on other users end
Hash character string information piecemeal and the 3rd key;User terminal or other users of any illegal aggressive behavior to user
The attack at end is only capable of obtaining part piecemeal, it is impossible to obtains complete data, and can not be decrypted.
By SHA256 processing, can realize data a small amount of change can be produced in cryptographic Hash it is unpredictable it is a large amount of more
Change so that crack more difficult.Coding is carried out by BASE58CHECK and carries out dual SHA256 Hash processing, prevents data from going out
It is wrong;RIPEMD160 algorithms implementation method can be as follows:
S6, acquisition server judge whether access is that user initiates to the medical formatted data access request of user,
When being initiated for user, step S7 is jumped to;Otherwise step S10 is jumped to.
S7, user terminal checking user identity after to other users end broadcast piecemeal solicited message, other users end according to
The terminal address for sending the user terminal of request sends piecemeal to the user terminal of request.
The mode of user terminal checking user identity is a lot, is chosen as the fingerprint authentication function in itself by user terminal, or
Other authentication functions are realized.
All piecemeals are combined by S8, the user terminal of request obtains Hash character string information and by the of correspondence user
Three private key for user are decrypted to Hash character string information and obtain user health data.
S9, the open selection information for limitation public data for receiving user, in user's selection to limitation public data
When carrying out open, it is sent to server after limitation public data is decrypted by second user private key and terminates.
S10, when non-user is initiated, server obtains the first private key for user by information of identification code, and according to the
One private key for user obtains the corresponding personally identifiable information of user, medical treatment information;Server and obtain authorization message after,
To corresponding 3rd private key for user of the corresponding user terminal request user of legitimate authority;And jump to step S11.
By this step, when user can not be authorized, authorized by legitimate authority, hand can be carried out rapidly
The mandate of the treatment means such as art, wins rescue opportunity, changes significantly in present medical procedure, it is impossible to find the power of people's signature in time
Limit.Patient is sent to the situation that hospital is rescued especially for stranger.The transmission of request can be wirelessly.
S11, server send piecemeal to the user terminal of user and other users end simultaneously and obtain request, the piecemeal
Obtaining request includes the 3rd private key for user;The user terminal of user and other users end are according to the 3rd private key for user to service
Device sends piecemeal;All piecemeals are combined by server obtains Hash character string information and by the 3rd user of correspondence user
Private key is decrypted to Hash character string information and obtains user health data, and terminates.
It is a feature of the present invention that data storage and purview certification are separated, stored by the way that server is unified.So that with
The data at family can realize unified utilization, and assign user in the access right of data again.Introduce distributed validation
With distinguish grade encryption concept so that user data it is easy-to-use and safe.
In addition, by layered encryption, flexibly using for data can be realized, before multiple authentication not by user,
Data can not be used.
In family health care data managing method of the present invention,
The step S1 includes:
Intelligent contract is pre-configured with, intelligent contract is used for the electronic contract set up between medical institutions and user;Intelligence is closed
About include personally identifiable information, medical treatment information, medical treatment information includes medical treatment legitimate authority information, punching
Prominent Rule Information.
Alternatively, the configuration flow of intelligent contract is as follows:
Configure agreement terms;Agreement terms are written as by intelligent agreement terms code by solidity language;Pass through
The intelligent agreement terms code compilation write is virtual machine bit code by solc compilers;Compiled virtual machine bit code is disposed
Into server, and generate intelligent contract address and call the interface of intelligent contract.Alternatively, it is described to call intelligent contract
Javascript api interfaces that interface is provided by web3.js storehouses call contract.The bit wide of virtual machine can be 256.
The medical treatment legitimate authority information is corresponding including legitimate authority's object information, and legitimate authority
Authorization privilege grade.Legitimate authority is part or all of user in family.
By the concept for introducing intelligent contract so that the mandate of authorized person obtains the certification of law, and by matching somebody with somebody in advance
Put medical treatment legitimate authority information, conflict rule information so that user can be selected the authorized person of oneself in advance
And configuration, flexibility is higher.
By introducing the concept of authorization privilege grade, different legal award can be selected for different degrees of therapeutic scheme
Quan Zhe, such as small therapeutic scheme information may only need to common friends and family and authorize, but big therapeutic scheme, then need
Close relative is authorized.
The legitimate authority that the conflict rule information includes different authorization privilege grades determines regular, identical authorization privilege
The legitimate authority of grade determines rule.
And configure the quantity that legitimate authority confirms under various different therapeutic schemes.
For legitimate authority's information, licensing term interval value is set., can be according to not by setting licensing term interval value
Same time phase, is updated to legitimate authority's information.
Intelligent contract is sent to server, and intelligent contract is sent to third-party institution's progress electronic notarization.
By the concept for introducing electronic notarization so that the confidence level of intelligent contract is higher.
In family health care data managing method of the present invention,
The server is unified third-party server, and configures the data of third-party server and medical institution server
Connecting interface.
Obtain grade, the qualification information of different medical mechanism;According to the grade of different medical mechanism, qualification information the 3rd
The Datalink Interface open hour of different medical mechanism, open authority are set in square server;It is corresponding,
Server is received to the medical formatted data access request of user in the step S6, is judged to the medical form number of user
Whether meet the Datalink Interface open hour of different medical mechanism, open authority according to the corresponding medical institutions of access request;
When meeting, continuation judges whether access is that user initiates.
In family health care data managing method of the present invention,
The medical formatted data form of the user is as follows:Body field+generation time field+survival time field+user
Essential information field+user's extended info field+disclosure identification field+disclosure rights field+check code field;
The body field is used for the main body for recording data acquisition;The generation time field is used to record data acquisition
Time;The storage time field is used for the time cycle for recording data storage;The user basic information field is used to record
User basic information;User's extended info field is used to record user's extension information;The open identification field is used to remember
Carry whether data disclose;The check code field is used to verify data format.
It is convenient from the medical form number of user by configuring the medical formatted data form of user so that various data normalizations
According to the information interested to middle acquisition.
In addition, by being used for the time cycle for recording data storage in storage time field, ensure that some specific
Data only retain a period of time, medical demand are both met, while having taken into account privacy again.
In family health care data managing method of the present invention,
It is additionally included in after the step S9 in server and sets data using rule, acquisition user utilizes according to data and advised
Then one or more of data in the medical formatted data of disclosed user;
Disclosed one or more of data are classified according to different characteristic type.
Data are added in intelligent contract using rule, and the intelligent contract after renewal is sent to the third-party institution
Row electronic notarization.
Obtain access request of the other users for disclosed one or more of data;Data are sent to other users to utilize
Rule, and the selection information of other users is obtained, when other users selection receives, according to data using regular from other users
Account in draw take corresponding cost to provide data user account in.
By implementing the present embodiment, user can select to be disclosed the data of oneself, obtain other people and report accordingly
Reward so that the data of user become valuable, as valuable information resources.
The present embodiment, is to be authenticated automatically entirely, real as long as meeting data using rule, it is possible to carry out data publication
Show the automatic of transaction to bring together.
In family health care data managing method of the present invention,
The step S10 includes following sub-step:
S101, when non-user is initiated, server by information of identification code obtain the first private key for user, and, according to
First private key for user obtains the corresponding personally identifiable information of user, medical treatment information.
S102, medical treatment legitimate authority information, conflict rule information are parsed from medical treatment information;According to doctor
Treat processing legitimate authority's information and determine corresponding legitimate authority;The corresponding legitimate authority carries out broadcast notice
Including determining the quantity of legitimate authority and the corresponding authorization privilege grade of legitimate authority according to different therapeutic schemes;It is legal
Authorized person is part or all of user in family.
S103, to legitimate authority's broadcast acknowledgements solicited message with corresponding authorization privilege grade.
S104, the confirmation feedback information of the legitimate authority of the corresponding authorization privilege grade of acquisition.
S105, judge whether the confirmation feedback information of legitimate authority clashes, when clashing, jump to step
S106;Otherwise step S107 is jumped to.
S106, according to conflict rule information the confirmation feedback information of legitimate authority is screened, and jump to step
S107。
S107, judge the legitimate authority after screening confirmation feedback information whether meet legitimate authority confirmation
Quantity, step S108 is jumped to when meeting;Otherwise termination process.
S108, server ask corresponding 3rd private key for user of user to legitimate authority at random, and jump to step
S11。
In the present embodiment, even if legitimate authority has grasped the 3rd private key for user, user data can not be also obtained, safety
It can be protected.
In family health care data managing method of the present invention,
Also include before the step S1:
S01, server is linked into government system;The wedding of user is set in government system according to user's unique identifier
Relation by marriage relation, close relative's relation information;
S02, in government system according to current specifications configure user's medical treatment pressure authorization message and according to user
Selection encryption storage user's second user private key, the 3rd private key for user, and second user private key, the use of the 3rd private key for user
Rule Information;
S03, selected according to user, the medical account information of configuration individual subscriber freezes rule;
By introducing government system and forcing the concept that authorizes, it is to avoid when shortage legitimate authority, nobody
It is ready the defect of signature.Contract that current specifications can be signed for existing legal information, user and provider server etc..
And configure the risk freezed rule, also reduce medical institutions of the medical account information of individual subscriber, individual doctor
Treating account information can be bound with the information such as personal bank card information, medical insurance.
User's unique identifier can be non-ID card information, can be character string forms, it is ensured that the anonymity of information.
The step S107 also includes:
S1071, the confirmation feedback information for judging the legitimate authority after screening be unsatisfactory for legitimate authority confirm
Quantity when, server to government system initiate access request, the access request include user's unique identifier;
User's unique identifier that S1072, government system are sent according to server obtains the marital relations of user, close relative
Relation information, and according to the marital relations of user, close relative's relation information broadcast acknowledgements solicited message;
S1073, government system judge confirmation feedback information whether is received in preset time, are receiving confirmation feedback information
When, jump to step S1074;Otherwise step S1075 is jumped to;
S1074, the second user private key stored in advance in government system according to user, the use rule of the 3rd private key for user
Then second user private key or second user private key, the use Rule Information of the 3rd private key for user are sent to server by information, and
Jump to step S11;When the step S11 is additionally included in acquisition second user private key, by second user private key to limitation
Public data is decrypted and terminated;
S1075, the pressure authorization message according to user's medical treatment and freeze rule in the medical account of individual subscriber
Freeze the fund of default number in advance, and jump to step S1074.
As shown in figure 1, the present invention also provides a kind of family health care data management system, it includes such as lower unit:
Identification information dispensing unit, for being pre-configured with personally identifiable information, medical treatment information;Division of Medical Care's confidence
Breath includes medical treatment legitimate authority information, conflict rule information;It is according to family relationship mapping table that institute in family is useful
The personally identifiable information at family, medical treatment information configuration are into family in the user terminal of each user;
First key ciphering unit, it is individual to what is stored in user terminal by respective first private key for user for each user
People's identification information, medical treatment information are encrypted;Generated according to each first private key for user corresponding with user wearable
Information of identification code;
Medical data form dispensing unit, for configuring user's medical data form, user's medical data form bag
User basic information and user's extension information are included, the user basic information includes user's unique identifier, sex;It is described to use
Family extension information includes data of physiological index, historical medical data;
Open authority configuration unit, the open authority of each item data in information is extended for the selection according to user to user
Authority configuration, including full public data and limitation public data are carried out, and the corresponding open object of limitation public data is set
Information;User is gathered by wearable device, Medical Devices, medical server and extends information, and it is real in the lump together with acquisition time
When be sent on the user terminal of user;User terminal extends limitation public data in information to user according to second user private key to be carried out
Encryption obtains user's extension information by encryption;
Layered encryption blocking unit, for by user terminal by user basic information and the process encryption collected
User extension information configuration be the user health data for meeting user's medical data form;Pass through the 3rd private key for user of user
Corresponding public key is handled by SHA256 Hash and obtains primary treatment value, then passes through message digest algorithm to primary treatment value
The processing of RIPEMD160 Hash, obtains the Hash result value of multiple bytes, Hash result value is encoded by BASE58CHECK
Ploughed location to readable character;User health data are encrypted obtain Hash character string information using readable character location of ploughing;
Hash character string information is subjected to piecemeal by default piecemeal rule and one of piecemeal is sent to every other user terminal
The piecemeal of transmission is deleted afterwards;By the 3rd private key for user off-line arrangement to other users end, other users end according to transmission user
Terminal address, the private key of user the 3rd at end set up block data with sending user's corresponding relation at data user end;
Access request acquiring unit, for obtaining server to the medical formatted data access request of user, judges that access is
It is no to be initiated for user, when being initiated for user, jump to piecemeal request unit;Otherwise key request list is jumped to
Member;
Piecemeal request unit, piecemeal solicited message is broadcasted for user terminal after checking user identity to other users end,
Other users end sends piecemeal according to the terminal address for the user terminal for sending request to the user terminal of request;
All piecemeals, are combined and obtain Hash character string information by the first decryption unit for the user terminal by request
And Hash character string information is decrypted obtains user health data by the 3rd private key for user of correspondence user;
Second decryption unit, the open selection information for limitation public data for receiving user, in user's selection
When carrying out open to limitation public data, server is sent to after limitation public data is decrypted by second user private key
And terminate;
Key requesting unit, for when being initiated in non-user, server to obtain first by information of identification code and used
Family private key, and the corresponding personally identifiable information of user, medical treatment information are obtained according to the first private key for user;Server is simultaneously being obtained
Take after authorization message, corresponding 3rd private key for user of user is asked to the corresponding user terminal of legitimate authority;And jump to
Three decryption units;
3rd decryption unit, for sending piecemeal to the user terminal of user and other users end simultaneously by server
Request is obtained, the piecemeal, which obtains request, includes the 3rd private key for user;The user terminal of user and other users end are according to
Three private key for user send piecemeal to server;All piecemeals are combined by server obtains Hash character string information and by right
Hash character string information is decrypted using the 3rd private key for user at family and obtains user health data, and is terminated.
In family health care data management system of the present invention,
The identification information dispensing unit includes:
Intelligent contract is pre-configured with, intelligent contract is used for the electronic contract set up between medical institutions and user;Intelligence is closed
About include personally identifiable information, medical treatment information, medical treatment information includes medical treatment legitimate authority information, punching
Prominent Rule Information;
The medical treatment legitimate authority information is corresponding including legitimate authority's object information, and legitimate authority
Authorization privilege grade;
The legitimate authority that the conflict rule information includes different authorization privilege grades determines regular, identical authorization privilege
The legitimate authority of grade determines rule;
And configure the quantity that legitimate authority confirms under various different therapeutic schemes;
For legitimate authority's information, licensing term interval value is set;
Intelligent contract is sent to server, and intelligent contract is sent to third-party institution's progress electronic notarization.
In family health care data management system of the present invention,
The server is unified third-party server, and configures the data of third-party server and medical institution server
Connecting interface;
Obtain grade, the qualification information of different medical mechanism;According to the grade of different medical mechanism, qualification information the 3rd
The Datalink Interface open hour of different medical mechanism, open authority are set in square server;It is corresponding,
Server is received to the medical formatted data access request of user in the access request acquiring unit, is judged to user
The corresponding medical institutions of medical formatted data access request whether meet different medical mechanism the Datalink Interface open hour,
Open authority;When meeting, continuation judges whether access is that user initiates.
Advantageous effects:The present invention relative to prior art, the unified utilization of medical information can be realized;By inciting somebody to action
Information encryption storage is with authorizing using separating, it is to avoid the risk of information leakage and be not present what is illegally used without user's agreement
Situation;The health data of core is subjected to piecemeal storage, it is to avoid loss of data in the case that unique user terminal is cracked
Risk;In case of emergency, when user can not provide mandate operation or other treatment schemes it can carry out other people and authorize,
Hold therapic opportunity.
The simple part of system embodiment may refer to embodiment of the method.
The embodiment of each in this specification is described by the way of progressive, and what each embodiment was stressed is and other
Between the difference of embodiment, each embodiment identical similar portion mutually referring to.
It is understood that for the person of ordinary skill of the art, can be done with technique according to the invention design
Go out other various corresponding changes and deformation, and all these changes and deformation should all belong to the protection model of the claims in the present invention
Enclose.