CN110838349A - Novel medical information storage system - Google Patents
Novel medical information storage system Download PDFInfo
- Publication number
- CN110838349A CN110838349A CN201911113765.5A CN201911113765A CN110838349A CN 110838349 A CN110838349 A CN 110838349A CN 201911113765 A CN201911113765 A CN 201911113765A CN 110838349 A CN110838349 A CN 110838349A
- Authority
- CN
- China
- Prior art keywords
- module
- intranet
- data information
- personal data
- terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Abstract
The invention discloses a novel medical information storage system, which is characterized by comprising a storage chip and an intranet system configured in a hospital, wherein the intranet system comprises: intranet buffer memory server, intranet terminal and intranet unit. The desensitization module is arranged in the intranet cache server, desensitization processing is carried out on the personal medical information uploaded to the intranet cache server, the medical information of a patient cannot be leaked even if the information is leaked, when a doctor is diagnosing, the desensitized personal data information in the intranet cache server is read through the intranet computer, and the desensitization information is decrypted through the built-in intranet unit decryption module.
Description
Technical Field
The invention relates to a novel medical information storage system.
Background
In healthcare systems, patient medical records (including prescriptions, laboratory reports, pathology results, magnetic resonance images, etc.) are valuable data assets, and relate to personal privacy and security issues, ownership of which is personal, and only authorized users can access the relevant medical records. Protecting the privacy of personal medical records is not only a moral responsibility, but also a mandatory requirement of law. Data anonymity may be used to secure personal medical record data. But at present, leakage of medical information sometimes occurs.
Disclosure of Invention
The invention aims to provide a medical information storage system capable of effectively reducing medical information leakage.
In order to solve the above problems, the present invention provides a novel medical information storage system, which is characterized in that,
the system comprises a memory chip and an intranet system configured in a hospital, wherein the memory chip has a read-write function and is configured to store personal data information, and the personal data information comprises personal identity information and personal medical information corresponding to the personal identity information, and the intranet system comprises:
the intranet cache server is provided with a cache server communication module, a cache server information storage module and an intranet desensitization module, the cache server communication module is used for receiving externally input personal data information, the intranet desensitization module is used for desensitizing personal medical information in the personal data information input by the cache server communication module, and the cache server information storage module is used for storing the desensitized personal data information;
the intranet terminal comprises a terminal identification module, a terminal communication module, a terminal decryption module and a terminal display module, wherein the terminal identification module is configured to be capable of identifying personal information in the storage chip, the terminal communication module is configured to be capable of reading the corresponding personal data information in the cache server information storage module according to the personal information identified by the identification module, the terminal decryption module is configured to decrypt the read personal data information, and the terminal display module is configured to display the decrypted personal data information;
the intranet unit, the intranet unit includes a plurality of intranet computers and places in place intranet unit decryption module in the intranet computer, the intranet computer is configured as and can read in the cache server information storage module the personal data information passes through intranet unit decryption module deciphers, right the personal data information is edited, is communicated with cache server communication module.
As a further improvement of the present invention, the intranet terminal further includes a terminal writing module, and the terminal writing module is configured to write the personal data information decrypted by the terminal decryption module into the storage chip.
As a further improvement of the present invention, the present invention further comprises an extranet system, wherein the extranet system comprises a cloud database and an extranet terminal, wherein:
the external network terminal is arranged in a hospital and at least comprises
-an extranet reading module configured to be able to read personal data information stored in the memory chip;
-an extranet communication module configured to communicate with the cloud database and the cache server communication module;
an extranet desensitization module configured to desensitize personal medical information in the personal data information prior to the extranet communication module transmitting the personal data information to the cloud database,
-an extranet decryption module configured to obtain the personal data information for decryption after the extranet communication module communicates with the cache server communication module;
an extranet desensitization module configured to desensitize personal medical information in the personal data information prior to the extranet communication module transmitting the personal data information to the cloud database,
an extranet write module configured to be able to store the personal data information decrypted by the extranet decryption module into the memory chip,
the cloud database is configured to store the desensitized personal data information.
As a further improvement of the invention, the internal network desensitization module and the external network desensitization module convert part or all of the personal data information into specific identification according to a set desensitization rule.
As a further improvement of the invention, the terminal decryption module and the intranet unit decryption module restore the specific identifier in the data information to the original information according to the desensitization rule.
As a further improvement of the present invention, before the personal data information is input to the cache server communication module, the intranet computer firstly makes a trusted timestamp request to a trusted third-party timestamp service authority, and the trusted third-party timestamp service authority generates a trusted timestamp corresponding to the personal data information.
As a further improvement of the present invention, the intranet system further includes a Hash processing module, a timestamp request module, and a timestamp receiving module, wherein:
the Hash processing module is configured to carry out Hash abstract processing on the personal data information;
the timestamp request module is configured to make a timestamp request to a trusted third-party timestamp service authority and provide the Hash value;
the timestamp receiving module is configured to receive data information returned by the trusted third-party timestamp service authority, and the data information is bound with timestamp data.
The invention has the advantages that the desensitization module is arranged in the intranet cache server, desensitization processing is carried out on the personal medical information uploaded to the intranet cache server, the medical information of a patient cannot be leaked even if the information is leaked, when a doctor is in diagnosis and treatment, the desensitized personal data information in the intranet cache server is read through the intranet computer, and the desensitization information is decrypted through the built-in intranet unit decryption module.
Drawings
Fig. 1 is a schematic structural view of the present invention.
In the figure: 1000-memory chip; 2000-intranet system; 2100-intranet cache server; 2102-cache server communication module; 2104-cache server information storage module; 2106-intranet desensitization module; 2200-an intranet terminal; 2204-terminal communication module; 2206-terminal decryption module; 2208-terminal display module; 2210-terminal write module; 2400-intranet unit; 2402-intranet computers; 3000-extranet system; 3100-an extranet terminal; 3102 an outer net reading module, 3104 an outer net communication module, and 3106 an outer net desensitization module.
Detailed Description
The technical scheme of the invention is further explained by the specific implementation mode in combination with the attached drawings.
As shown in fig. 1, the present invention includes a memory chip 1000 and an intranet system 2000 configured in a hospital, wherein the memory chip 1000 has a read-write function and is configured to store personal data information, and the personal data information includes personal identification information and personal medical information corresponding to the personal identification information, and the intranet system 2000 includes:
an intranet cache server 2100, which has a cache server communication module 2102, a cache server information storage module 2104 and an intranet desensitization module 2106, wherein the cache server communication module 2102 is configured to receive externally input personal data information, the intranet desensitization module 2106 is configured to desensitize personal medical information in the personal data information input by the cache server communication module 2102, and the cache server information storage module 2104 is configured to store the desensitized personal data information;
an intranet terminal 2200, wherein the intranet terminal 2200 comprises a terminal identification module, a terminal communication module 2204, a terminal decryption module 2206 and a terminal display module 2208, the terminal identification module is configured to identify the personal information in the storage chip, the terminal communication module 2204 is configured to read the corresponding personal data information in the cache server information storage module 2104 according to the personal information identified by the identification module, the terminal decryption module 2206 is configured to decrypt the read personal data information, and the terminal display module 2208 is configured to display the decrypted personal data information;
an intranet unit 2400, where the intranet unit 2400 includes a plurality of intranet computers 2402 and an intranet unit 2400 decryption module built in the intranet computers 2402, and the intranet computers 2402 are configured to be able to read the personal data information in the cache server information storage module 2104, decrypt the personal data information through the intranet unit 2400 decryption module, edit the personal data information, and communicate with the cache server communication module 2102.
As a further improvement of the present invention, the intranet terminal 2200 further includes a terminal writing module 2210, and the terminal writing module 2210 is configured to write the personal data information decrypted by the terminal decryption module 2206 into the storage chip.
As a further improvement of the present invention, the present invention further includes an extranet system 3000, where the extranet system 3000 includes a cloud database and an extranet terminal 3100, where:
the extranet terminal 3100 is provided in a hospital, and includes at least
An extranet read module 3102, said extranet read module 3102 being configured to be able to read personal data information stored in said memory chip 1000;
an extranet communication module 3104 configured to communicate with the cloud database and the cache server communication module 2102;
an extranet desensitization module 3106 configured to desensitize personal medical information in the personal data information prior to the extranet communication module 3104 transmitting the personal data information to the cloud database,
an extranet decryption module configured to obtain the personal data information for decryption after the extranet communication module 3104 communicates with the cache server communication module 2102;
an extranet desensitization module 3106 configured to desensitize personal medical information in the personal data information prior to the extranet communication module 3104 transmitting the personal data information to the cloud database,
an extranet write module configured to be able to store the personal data information decrypted by the extranet decryption module into the memory chip 1000,
the cloud database is configured to store the desensitized personal data information.
As a further improvement of the present invention, the internal network desensitization module 2106 and the external network desensitization module 3106 convert part or all of the personal data information into specific identifiers according to a set desensitization rule.
As a further improvement of the present invention, the terminal decryption module 2206 and the decryption module of the internal network unit 2400 restore the specific identifier in the data message to the original message according to the desensitization rule.
As a further improvement of the present invention, before the personal data information is input to the cache server communication module 2102, the intranet computer 2402 first makes a trusted timestamp request to a trusted third-party timestamp service authority, and the trusted third-party timestamp service authority generates a trusted timestamp corresponding to the personal data information.
As a further improvement of the present invention, the intranet system 2000 further includes a Hash processing module, a timestamp request module, and a timestamp receiving module, wherein:
the Hash processing module is configured to carry out Hash abstract processing on the personal data information;
the timestamp request module is configured to make a timestamp request to a trusted third-party timestamp service authority and provide the Hash value;
the timestamp receiving module is configured to receive data information returned by the trusted third-party timestamp service authority, and the data information is bound with timestamp data.
In the invention, a desensitization module is arranged in an intranet cache server 2100, desensitization processing is carried out on individual medical information uploaded to the intranet cache server, and the patient medical information cannot be leaked even if the information is leaked, when a doctor is in diagnosis and treatment, desensitized individual data information in the intranet cache server 2100 is read through an intranet computer 2402, and the desensitization information is decrypted through a built-in intranet unit 2400 decryption module.
After diagnosis and treatment, a doctor can edit medical information in personal data information of a patient through the intranet computer 2402, and then store the intranet cache server 2100, and the intranet cache server 2100 can perform desensitization processing on the personal medical information through the intranet desensitization module 2106.
After the patient inserts the memory chip 1000 into the intranet terminal 2200, the relevant medical information in the memory chip 1000 can be displayed through the terminal display module 2208, and the patient can also access the personal data information stored in the intranet buffer server through the intranet terminal 2200, and certainly, after the access, the decryption operation is required. In addition, the intranet terminal 2200 may also write the personal data information in the storage chip into the intranet buffer server.
The extranet terminal 3100 functions to enable a patient to acquire personal medical information from the intranet cache server 2100 and write the information into the memory chip when the patient inserts the memory chip. Sharing of medical resources of multiple hospitals can be realized by cooperation of the intranet terminal 2200 and the extranet terminal 3100 (after a patient sees a disease, the patient writes personal data information into a storage chip through the extranet terminal 3100, and then, before the patient arrives at the B hospital to see a disease, the patient imports the personal data information after seeing a disease into the intranet cache server 2100 of the B hospital through the intranet terminal 2200 of the B hospital).
The technical principle of the present invention is described above in connection with specific embodiments. The description is made for the purpose of illustrating the principles of the invention and should not be construed in any way as limiting the scope of the invention. Based on the explanations herein, those skilled in the art will be able to conceive of other embodiments of the present invention without inventive effort, which would fall within the scope of the present invention.
Claims (7)
1. A novel medical information storage system is characterized in that,
the internal network system (2000) is configured in a hospital, wherein the memory chip has a read-write function and is configured to store personal data information, and the personal data information comprises personal identity information and personal medical information corresponding to the personal identity information, and the internal network system (2000) comprises:
an intranet cache server (2100) having a cache server communication module (2102), a cache server information storage module (2104) and an intranet desensitization module (2106), wherein the cache server communication module (2102) is used for receiving externally input personal data information, the intranet desensitization module (2106) is used for desensitizing personal medical information in the personal data information input by the cache server communication module (2102), and the cache server information storage module (2104) is used for storing the desensitized personal data information;
an intranet terminal (2200), wherein the intranet terminal (2200) comprises a terminal identification module (2202), a terminal communication module (2204), a terminal decryption module (2206) and a terminal display module (2208), the terminal identification module (2202) is configured to be capable of identifying personal information in the storage chip, the terminal communication module (2204) is configured to be capable of reading the corresponding personal data information in the cache server information storage module according to the personal information identified by the identification module, the terminal decryption module (2206) is configured to decrypt the read personal data information, and the terminal display module (2208) is configured to display the decrypted personal data information;
the intranet unit (2400), the intranet unit (2400) includes a plurality of intranet computers (2402) and an intranet unit decryption module built in the intranet computers (2402), and the intranet computers (2402) are configured to be able to read the personal data information in the cache server information storage module, decrypt the personal data information through the intranet unit decryption module, edit the personal data information, and communicate with the cache server communication module (2102).
2. The system of claim 1, wherein the intranet terminal (2200) further comprises a terminal write module (2210), and the terminal write module (2210) is configured to write the personal data information decrypted by the terminal decryption module (2206) into the storage chip (1000).
3. The novel medical information storage system according to claim 2, further comprising an extranet system (3000) including a cloud database (3200) and an extranet terminal (3100), wherein:
the extranet terminal (3100) is arranged in a hospital and at least comprises
-an extranet reading module (3102), the extranet reading module (3102) being configured to be able to read personal data information stored in the memory chip (1000);
-an extranet communication module (3104) configured to communicate with the cloud database (3200) and the cache server communication module (2102);
-an extranet decryption module configured to retrieve the personal data information for decryption after the extranet communication module (3104) communicates with the cache server communication module (2102);
-an extranet desensitization module (3106) configured to desensitize personal medical information in personal data information prior to the extranet communication module (3104) transmitting the personal data information to the cloud database (3200),
an extranet write module configured to be able to store the personal data information decrypted by the extranet decryption module into the memory chip,
the cloud database (3200) is configured to store the personal data information after desensitization.
4. The novel medical information storage system according to claim 3, wherein the internal desensitization module (2106) and the external desensitization module (3106) convert part or all of the personal data information into specific identification according to a set desensitization rule.
5. The system of claim 4, wherein the terminal decryption module (2206), the intranet unit decryption module and the intranet unit decryption module restore the specific identifier in the data message to the original message according to the desensitization rule.
6. The system of claim 5, wherein the intranet computer (2402) first sends a trusted timestamp request to the trusted third party timestamp authority before inputting the personal data information into the cache server communication module (2102), and the trusted third party timestamp authority generates a trusted timestamp corresponding to the personal data information.
7. The medical information storage system according to claim 6, wherein the intranet system (2000) further comprises a Hash processing module, a timestamp request module, and a timestamp receiving module, wherein:
the Hash processing module is configured to carry out Hash abstract processing on the personal data information;
the timestamp request module is configured to make a timestamp request to a trusted third-party timestamp service authority and provide the Hash value;
the timestamp receiving module is configured to receive data information returned by the trusted third-party timestamp service authority, and the data information is bound with timestamp data.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911113765.5A CN110838349A (en) | 2019-11-14 | 2019-11-14 | Novel medical information storage system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911113765.5A CN110838349A (en) | 2019-11-14 | 2019-11-14 | Novel medical information storage system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN110838349A true CN110838349A (en) | 2020-02-25 |
Family
ID=69574987
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911113765.5A Pending CN110838349A (en) | 2019-11-14 | 2019-11-14 | Novel medical information storage system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110838349A (en) |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050223222A1 (en) * | 2004-03-31 | 2005-10-06 | Graves Alan F | Systems and methods for preserving confidentiality of sensitive information in a point-of-care communications environment |
| CN102779285A (en) * | 2012-02-24 | 2012-11-14 | 王畅 | Portable electronic health medical record card |
| CN103338196A (en) * | 2013-06-17 | 2013-10-02 | 上海华和得易信息技术发展有限公司 | Information certificate authority and safety use method and system |
| CN103489101A (en) * | 2012-06-14 | 2014-01-01 | 海瑞斯信息科技(苏州)有限公司 | Safe electronic payment system and payment method based on converged communication technology |
| CN107330299A (en) * | 2017-08-14 | 2017-11-07 | 佛山科学技术学院 | A kind of medical information management system |
| CN109961832A (en) * | 2019-04-02 | 2019-07-02 | 中国人民解放军东部战区总医院 | A kind of health and fitness information sharing method and system |
-
2019
- 2019-11-14 CN CN201911113765.5A patent/CN110838349A/en active Pending
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050223222A1 (en) * | 2004-03-31 | 2005-10-06 | Graves Alan F | Systems and methods for preserving confidentiality of sensitive information in a point-of-care communications environment |
| CN102779285A (en) * | 2012-02-24 | 2012-11-14 | 王畅 | Portable electronic health medical record card |
| CN103489101A (en) * | 2012-06-14 | 2014-01-01 | 海瑞斯信息科技(苏州)有限公司 | Safe electronic payment system and payment method based on converged communication technology |
| CN103338196A (en) * | 2013-06-17 | 2013-10-02 | 上海华和得易信息技术发展有限公司 | Information certificate authority and safety use method and system |
| CN107330299A (en) * | 2017-08-14 | 2017-11-07 | 佛山科学技术学院 | A kind of medical information management system |
| CN109961832A (en) * | 2019-04-02 | 2019-07-02 | 中国人民解放军东部战区总医院 | A kind of health and fitness information sharing method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3788533B1 (en) | Protecting personally identifiable information (pii) using tagging and persistence of pii | |
| US9390228B2 (en) | System and method for securely storing and sharing information | |
| US10673824B2 (en) | Electronic authorization system and method | |
| CN110909073B (en) | Method and system for sharing private data based on intelligent contract | |
| US11075754B2 (en) | Universal personal medical database access control | |
| US9378380B1 (en) | System and method for securely storing and sharing information | |
| US20050268094A1 (en) | Multi-source longitudinal patient-level data encryption process | |
| US11907199B2 (en) | Blockchain based distributed file systems | |
| US20150026462A1 (en) | Method and system for access-controlled decryption in big data stores | |
| Bazel et al. | Blockchain technology in healthcare big data management: Benefits, applications and challenges | |
| US20200184099A1 (en) | Access system, access device and access method for accessing health information | |
| JP2015515659A (en) | Method for processing patient-related data records | |
| CN109726575B (en) | Data encryption method and device | |
| US9009075B2 (en) | Transfer system for security-critical medical image contents | |
| CN111324901A (en) | Method for creating and decrypting enterprise security encrypted file | |
| US20130145479A1 (en) | Systems and Methods for Clinical Study Management | |
| US9721118B2 (en) | Securing access to distributed data in an unsecure data network | |
| Aboelfotoh et al. | A mobile-based architecture for integrating personal health record data | |
| WO2016077219A1 (en) | System and method for securely storing and sharing information | |
| US11868339B2 (en) | Blockchain based distributed file systems | |
| JP2005524168A (en) | Storage of confidential information | |
| CN110867227A (en) | Medical information storage system | |
| Sauermann et al. | Preservation of individuals’ privacy in shared COVID-19 related data | |
| CN110838349A (en) | Novel medical information storage system | |
| CN108765615B (en) | Block chain-based card punching information storage method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200225 |
|
| RJ01 | Rejection of invention patent application after publication |