CN113707256A - Medical data encryption method, system and storage medium - Google Patents
Medical data encryption method, system and storage medium Download PDFInfo
- Publication number
- CN113707256A CN113707256A CN202111017306.4A CN202111017306A CN113707256A CN 113707256 A CN113707256 A CN 113707256A CN 202111017306 A CN202111017306 A CN 202111017306A CN 113707256 A CN113707256 A CN 113707256A
- Authority
- CN
- China
- Prior art keywords
- medical data
- patient
- visitor
- plaintext
- database
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- General Health & Medical Sciences (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- Medical Informatics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Public Health (AREA)
- Primary Health Care (AREA)
- Databases & Information Systems (AREA)
- Epidemiology (AREA)
- Storage Device Security (AREA)
Abstract
The application is applicable to the fields of artificial intelligence technology and digital medical treatment, and provides an encryption method, an encryption system and a storage medium for medical data. According to the method, the medical data plaintext of the patient is encrypted to obtain the medical data ciphertext of the patient, the identity information of the visitor is verified to judge whether the visitor can decrypt the medical data plaintext corresponding to the reading instruction sent by the visitor, the risk of disclosure of the medical data plaintext can be reduced on the premise that the medical data plaintext can be written freely by a doctor, and the decryption authority can be flexibly distributed through setting the visitor, so that the medical data plaintext can be shared in a user-defined range.
Description
Technical Field
The application belongs to the field of artificial intelligence technology and digital medical treatment, and particularly relates to an encryption method, system and storage medium for medical data.
Background
With the rapid development of database platforms, more and more hospitals are trying to abandon traditional paper Medical records (Case History) and start using Electronic Medical Records (EMR) based on the database platforms. The electronic medical record stores, manages, transmits and reproduces the digitized medical record through the electronic equipment, has the remarkable advantages of convenient query, difficult loss, large storage capacity, clear record and the like, reflects the current major trend of medical digitization, and is widely accepted by hospitals and patients.
Compared with paper medical records, the existing electronic medical records also have the advantage of good sharing property, and doctors can call the electronic medical records of patients to look up according to actual needs. The electronic medical record of the patient usually stores personal privacy information such as a home address, a telephone, an identification number, an existing medical history and the like, and people except the patient can easily acquire the personal privacy information of the patient by looking up the electronic medical record or cracking a database platform, so that the privacy protection capability of the electronic medical record is poor.
Disclosure of Invention
In view of this, embodiments of the present application provide an encryption method, system and storage medium for medical data, so as to solve the problem that people other than a patient easily obtain personal privacy information of the patient by looking up an electronic medical record or cracking a database platform, which results in poor privacy protection capability of the electronic medical record.
A first aspect of an embodiment of the present application provides a method for encrypting medical data, which is applied to an encryption system for medical data, and the method includes:
when receiving a medical data plaintext of a patient, encrypting the medical data plaintext to obtain a medical data ciphertext of the patient;
storing the medical data ciphertext to a first database;
when a reading instruction sent by an accessor is received, verifying the identity information of the accessor, wherein the reading instruction is used for acquiring the plaintext of the medical data;
when the identity information of the visitor is successfully verified, the decryption authority of the medical data ciphertext is obtained, and the medical data ciphertext stored in the first database is read according to the reading instruction;
and decrypting the medical data ciphertext according to the decryption authority to obtain the medical data plaintext.
A first aspect of the embodiments of the present application provides a method for encrypting medical data, where a medical data plaintext of a patient is encrypted to obtain a medical data ciphertext of the patient, and identity information of an accessor is verified to determine whether the accessor can decrypt the medical data plaintext corresponding to a reading instruction sent by the accessor, on the premise that the medical data plaintext can be written freely by a doctor, a risk of disclosure of the medical data plaintext can be reduced, and by setting the accessor, decryption permissions can be flexibly distributed, so that the medical data plaintext can be shared within a user-defined range.
A second aspect of the embodiments of the present application provides a system for encrypting medical data, including at least one memory, a processor, and a computer program stored in the at least one memory and executable on the processor, where the processor implements the steps of the method for encrypting medical data provided by the first aspect of the embodiments of the present application when executing the computer program.
A third aspect of embodiments of the present application provides a computer-readable storage medium storing a computer program which, when executed by at least one processor, implements the steps of the encryption method of medical data provided by the first aspect of embodiments of the present application.
It is understood that, the beneficial effects of the second aspect and the third aspect may be referred to the related description of the first aspect, and are not described herein again.
Drawings
In order to more clearly illustrate the technical solutions in the embodiments of the present application, the drawings needed to be used in the embodiments or the prior art descriptions will be briefly described below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
Fig. 1 is a schematic application scenario diagram of an encryption method for medical data provided in an embodiment of the present application;
FIG. 2 is a schematic diagram of a processor of an encryption system for medical data for encryption and decryption according to an embodiment of the present application;
fig. 3 is a schematic structural diagram of an encryption system for medical data provided by an embodiment of the present application;
fig. 4 is a first flowchart of an encryption method for medical data according to an embodiment of the present application;
fig. 5 is a second flowchart of an encryption method for medical data according to an embodiment of the present application;
fig. 6 is a third flowchart of an encryption method for medical data according to an embodiment of the present application.
Detailed Description
In the following description, for purposes of explanation and not limitation, specific details are set forth, such as particular system structures, techniques, etc. in order to provide a thorough understanding of the embodiments of the present application. It will be apparent, however, to one skilled in the art that the present application may be practiced in other embodiments that depart from these specific details. In other instances, detailed descriptions of well-known systems, devices, circuits, and methods are omitted so as not to obscure the description of the present application with unnecessary detail.
It will be understood that the terms "comprises" and/or "comprising," when used in this specification and the appended claims, specify the presence of stated features, integers, steps, operations, elements, and/or components, but do not preclude the presence or addition of one or more other features, integers, steps, operations, elements, components, and/or groups thereof.
It should also be understood that the term "and/or" as used in this specification and the appended claims refers to and includes any and all possible combinations of one or more of the associated listed items.
As used in this specification and the appended claims, the term "if" may be interpreted contextually as "when", "upon" or "in response to" determining "or" in response to detecting ". Similarly, the phrase "if it is determined" or "if a [ described condition or event ] is detected" may be interpreted contextually to mean "upon determining" or "in response to determining" or "upon detecting [ described condition or event ]" or "in response to detecting [ described condition or event ]".
Furthermore, in the description of the present application and the appended claims, the terms "first," "second," "third," and the like are used for distinguishing between descriptions and not necessarily for describing or implying relative importance.
Reference throughout this specification to "one embodiment" or "some embodiments," or the like, means that a particular feature, structure, or characteristic described in connection with the embodiment is included in one or more embodiments of the present application. Thus, appearances of the phrases "in one embodiment," "in some embodiments," "in other embodiments," or the like, in various places throughout this specification are not necessarily all referring to the same embodiment, but rather "one or more but not all embodiments" unless specifically stated otherwise. The terms "comprising," "including," "having," and variations thereof mean "including, but not limited to," unless expressly specified otherwise.
In application, personal privacy information is stored in an electronic medical record of a patient, a doctor or a database administrator with an access right of the electronic medical record, and a hacker who breaks a database is easy to read the personal privacy information of the patient by looking up the electronic medical record, so that the privacy protection capability of the database is poor.
In order to solve the technical problem, an embodiment of the present application provides an encryption method for medical data, which obtains a medical data ciphertext by encrypting a medical data plaintext of a patient, verifies identity information of an accessor, and determines whether the accessor can decrypt the medical data ciphertext, so that decryption rights are flexibly distributed while risk of disclosure of the medical data plaintext is reduced.
The encryption method of the medical data provided by the embodiment of the application can be applied to any terminal equipment capable of processing the medical data. The terminal device may be a mobile phone, a tablet computer, a wearable device, an in-vehicle device, an Augmented Reality (AR)/Virtual Reality (VR) device, a notebook computer, an ultra-mobile personal computer (UMPC), a netbook, a Personal Digital Assistant (PDA), and the like, and the specific type of the terminal device is not limited in this embodiment.
The embodiment of the application can acquire and process related medical data based on an artificial intelligence technology. Among them, Artificial Intelligence (AI) is a theory, method, technique and application system that simulates, extends and expands human Intelligence using a digital computer or a machine controlled by a digital computer, senses the environment, acquires knowledge and uses the knowledge to obtain the best result.
Fig. 1 is a schematic view schematically illustrating an application scenario of an encryption method of medical data, where a processor 110 of an encryption system 100 of medical data is connected to at least one memory 120, a second processor 110 is configured to receive a medical data plaintext 131 sent by a patient 130, encrypt the medical data plaintext 131, and send a medical data ciphertext 132 obtained by encryption to a first database 140, where the memory 120 is configured to build the first database 140, a second database 150, and a third database 160;
when receiving the medical data plaintext 131, the processor 110 calls the system public key 151 stored in the second database 150 to encrypt the medical data plaintext 131 to obtain a medical data ciphertext 132;
in addition, the visitor 170 may send the reading instruction 171 according to actual needs, and the server 110 may verify the identity information of the visitor 170, and after the verification is successful, call the private key 161 of the patient stored in the third database 160, decrypt the medical data ciphertext 132, so as to obtain the medical data plaintext 131, and send the medical data plaintext 131 to the visitor 170; the private key 161 of the patient is generated when the patient creates an account and is stored in the third database 160.
Fig. 2 exemplarily shows a schematic diagram that the processor 110 encrypts the medical data plaintext 131 through the system public key 151 to obtain the medical data ciphertext 132, and decrypts the medical data ciphertext 132 through the patient private key 161 to obtain the medical data plaintext 131.
In the application, the encryption and decryption method of the plaintext information of the patient account is consistent with the encryption and decryption method of the plaintext of the medical data, and the detailed description is omitted here.
In application, the patient and the visitor can communicate with the server through any electronic device, and the specific type of the electronic device is consistent with that of the terminal device, which is not described herein again. The patient and the visitor can communicate with the server through Wireless connection or wired connection, and specifically, Wireless connection can be formed through Wireless Communication modes such as bluetooth, ZigBee (ZigBee), Optical Wireless Communication (Optical Wireless), Wireless Local Area Network (WLAN), Near Field Communication (NFC), and the like; wired connection may be formed through different types of Serial interfaces (Serial interfaces) such as a USB (Universal Serial Bus) Type-a Interface, a USB Type-C Interface, a UART (Universal Asynchronous Receiver/Transmitter) Interface, a HCI (Host Controller Interface), a Lightning Interface, or the like, or through different types of Parallel interfaces (Parallel interfaces).
In application, at least one memory can be used for building any number of databases, specifically three databases, namely a first database, a second database and a third database. The types of the databases may include Oracle, MySQL, MongoDB, SQL Server, IBM Db2, dreaming database, and the like, the types of the three databases may be the same or different, and the processor may be compatible with the types of the three databases and perform data processing.
Fig. 3 schematically shows a structure of an encryption system 100 for medical data, the encryption system 100 for medical data includes at least one memory 120, a processor 110, and a computer program 121 stored in the segment at least one memory 120 and operable on the segment processor 110, and the processor 110 implements the following encryption method for medical data shown in fig. 3 when executing the computer program 121;
the at least one memory 120 is further configured to build a first database 140, a second database 150, and a third database 160;
the encryption system 100 for medical data may further include a wired communication module 180, a wireless communication module 190, and a memory security module 200, specifically, the wired communication module may include different types of serial interfaces and parallel interfaces, and the wireless communication module may include wireless communication units such as bluetooth, optical wireless communication, ZigBee, Wlan, and NFC.
In application, the first database is used for storing ciphertext information of a patient account and medical data ciphertext; the second database is used for storing the system public key; the third database is used for storing the private key of the patient; the memory security module is used for providing security protection when the three databases are attacked, so that the risk of data leakage of the three databases is reduced, the memory security module can be external equipment externally connected with an encryption system of the medical data or software internally arranged in the encryption system of the medical data, and the memory security module can be provided with security protection mechanisms such as a database firewall system, a database vulnerability scanning system and a database safe box.
In an Application, the Processor may be a Central Processing Unit (CPU), and the Processor may also be other general purpose processors, Digital Signal Processors (DSPs), Application Specific Integrated Circuits (ASICs), Field-Programmable Gate arrays (FPGAs) or other Programmable logic devices, discrete Gate or transistor logic devices, discrete hardware components, and the like. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
In some embodiments, the storage may be an internal storage unit of the terminal device, such as a hard disk or a memory of the terminal device. The memory may also be an external storage device of the terminal device in other embodiments, such as a plug-in hard disk, a Smart Media Card (SMC), a Secure Digital (SD) Card, a Flash memory Card (Flash Card), and the like provided on the terminal device. Further, the memory may also include both an internal storage unit of the terminal device and an external storage device. The memory is used for storing an operating system, application programs, a BootLoader (BootLoader), data, and other programs, such as program codes of computer programs. The memory may also be used to temporarily store data that has been output or is to be output.
It should be noted that, because the contents of information interaction, execution process, and the like between the modules are based on the same concept as the method embodiment of the present application, specific functions and technical effects thereof can be found in the method embodiment section.
As shown in fig. 4, the encryption method for medical data provided in the embodiment of the present application is applied to an encryption system for medical data, and includes the following steps S401 to S405:
step S401, when the medical data plaintext of the patient is received, the medical data plaintext is encrypted to obtain the medical data ciphertext of the patient.
In application, the medical data may include medical record data, and the medical record data may specifically include data such as personal health records, prescriptions, examination reports, and the like. Plain Text (Plain Text) refers to unencrypted original medical data that a medical institution presents to a patient and can be directly read; the medical data ciphertext (Cipher Text) refers to a Message or a signal obtained by encrypting a medical data plaintext by an Encryption Algorithm (Encryption Algorithm), and cannot be directly read; the process of converting the medical data plaintext into the medical data ciphertext is called encryption (Encrypt), and the process of converting the medical data ciphertext into the medical data plaintext is called decryption (Decrypt).
In the application, the Encryption Algorithm may be a Symmetric Encryption Algorithm (symmet Encryption Algorithm) or an Asymmetric Encryption Algorithm (Asymmetric Cryptographic Algorithm), the Encryption system of the medical Data may specifically select a Symmetric Encryption Algorithm such as RC4(Rivest Cipher 4, a stream Encryption Algorithm), RC2(Rivest Cipher2, another stream Encryption Algorithm), DES (Data Encryption Standard), AES (Advanced Encryption Standard), and the like to encrypt the plaintext of the medical Data, and specifically, the plaintext of the medical Data may be encrypted by a key of the Symmetric Encryption Algorithm; the medical data plaintext may also be encrypted by using asymmetric encryption algorithms such as RSA (Ron Rivest-Adi Shamir-Leonard Adleman), ECC (Elliptic Curve Cryptography), DSA (Digital Signature Algorithm), and the like, and the medical data ciphertext may be decrypted by using a public key of the asymmetric encryption algorithms.
And S402, storing the medical data ciphertext into a first database.
In application, the medical data encryption system encrypts the received medical data plaintext of the patient to obtain a medical data ciphertext, and then the medical data ciphertext can be stored in the first database. During the process of receiving and encrypting the medical data plaintext, the encryption system of the medical data does not perform operations such as storage or transfer of the medical data plaintext, and refuses a third party to read the medical data plaintext during the process of receiving the medical data plaintext and encrypting the medical data plaintext, so that the risk of leakage of the medical data plaintext is reduced, wherein the third party can be a doctor, an administrator of the encryption system of the medical data, a hacker who invades into the encryption system of the medical data, and the like.
In application, after the encryption system of the medical data stores the medical data ciphertext into the first database, the memory can be traversed to judge whether the temporary file of the medical data plaintext is loaded in the memory, and if so, the temporary file of the medical data plaintext is deleted; the memory can be traversed to judge whether the medical data plaintext is stored in the memory, and if so, the medical data plaintext is deleted, so that the medical data plaintext leakage caused by temporary files or legacy files in an encryption system of the medical data is avoided, and the risk of leakage is further reduced.
And S403, when a reading instruction sent by the visitor is received, verifying the identity information of the visitor, wherein the reading instruction is used for acquiring the plaintext of the medical data.
In application, the reading instruction comprises a target patient and target medical data plaintext, and the encryption system of the medical data can read one or more patient accounts corresponding to the target patient and read the target medical data plaintext of each patient by reading the target patient and the target medical data plaintext. The target medical data plaintext can be any one or more medical record data, such as one or more of personal health record data, prescription or examination report; or any one or more pieces of medical record data, such as a prescription or a plurality of prescriptions, and the specific type of target medical data read for each patient may be different.
In an application, visitors may include patients, doctors, encrypted system administrators of medical data, and the like, each visitor may have a corresponding ID (Identity Document) code. The identity information of the visitor can comprise an ID code of the visitor, the patient can set a preset ID code list, when the encryption system of the medical data receives a reading instruction sent by the visitor, the ID code of the visitor is read, whether the ID code of the visitor is located in the preset ID code list is verified, and if yes, the identity information of the visitor is judged to be successfully verified; if not, the identity information verification of the visitor is judged to fail.
And S404, when the identity information of the visitor is successfully verified, obtaining the decryption authority of the medical data ciphertext, and reading the medical data ciphertext stored in the first database according to the reading instruction.
In application, when the identity information of the visitor is successfully verified, the medical data encryption system obtains the decryption authority of the medical data ciphertext corresponding to the reading instruction, and specifically, when the symmetric encryption algorithm is selected as the encryption algorithm, the decryption authority can be a key of the symmetric encryption algorithm; when the asymmetric encryption algorithm is selected as the encryption algorithm, the decryption authority can be a private key of the asymmetric encryption algorithm; in addition, the encryption system of the medical data can also read the medical data ciphertext corresponding to the reading instruction from the first database.
In one embodiment, step S404 further comprises:
and when the identity information of the visitor is successfully verified, giving access authority to the visitor, wherein the access authority is used for viewing the plaintext of the medical data.
In application, the encryption system of the medical data can give the visitor access right when the identity information of the visitor is successfully verified. After the encryption system of the medical data obtains the plaintext of the target medical data, whether the visitor can check the plaintext of the target medical data is judged by detecting the access authority of the visitor. Specifically, when detecting that the visitor has the access right, allowing the visitor to view the plaintext of the target medical data; and when the visitor is detected not to have the access right, the visitor is refused to view the plaintext of the target medical data.
And S405, decrypting the medical data ciphertext through the decryption authority to obtain a medical data plaintext.
In application, the medical data ciphertext corresponding to the reading instruction can be decrypted through the decryption authority to obtain a corresponding medical data plaintext, namely a target medical data plaintext of the reading instruction is obtained, the medical data encryption system can temporarily store the target medical data plaintext and serve as a medical record viewing platform to provide viewing service of the target medical data plaintext for an accessor, and can also temporarily send the target medical data plaintext to an online platform with an online reading function, such as an email box and a terminal of the accessor, and it needs to be explained that the target medical data plaintext does not support downloading and copying, so that the accessor is prevented from stealing the target medical data plaintext, and the leakage probability of the medical data plaintext is reduced.
In one embodiment, step S405 further comprises:
when the number of times that the visitor views the medical data plaintext exceeds a preset number of times, revoking the access authority of the visitor;
or calculating the decryption duration after the medical data plaintext is obtained;
and when the decryption duration exceeds the preset decryption duration, revoking the access authority of the visitor.
In an application, the access right may set a preset revocation mechanism, and the preset revocation mechanism may include: the method comprises the steps that when the number of times that an accessor views the plaintext of target medical data exceeds a preset number of times, the access authority of the accessor is cancelled, specifically, the encryption system of the medical data can detect the number of times that the accessor views the plaintext of the target medical data in the encryption system or the online platform of the medical data, when the number of times exceeds the preset number of times, the access authority of the accessor is cancelled, and when the number of times does not exceed the preset number of times, the access authority of the accessor is kept;
the preset revocation mechanism may further include: after the medical data plaintext is obtained, clearing the timer and starting the timer to calculate the decryption duration, and revoking the access authority of the visitor when the decryption duration exceeds the preset decryption duration; and when the decryption time length does not exceed the preset decryption time length, the access authority of the visitor is reserved. The decryption time may specifically be 5 minutes, 10 minutes, 20 minutes, and the like, and the decryption time may also be equal to a preset period for updating the following preset access token.
In application, when the access authority of an accessor is revoked, the encryption system of the medical data can delete the target medical data plaintext temporarily stored and delete the target medical data plaintext stored in the online platform, so that the risk of disclosure of the target medical data plaintext is further reduced.
In the application, the medical data plaintext of the patient is encrypted to obtain the medical data ciphertext of the patient, the identity information of the visitor is verified to judge whether the visitor can decrypt the medical data plaintext corresponding to the reading instruction sent by the visitor, the risk of disclosure of the medical data plaintext can be reduced on the premise that the medical data plaintext can be written freely by a doctor, the decryption authority can be flexibly distributed through setting the visitor, and the medical data plaintext can be shared in a user-defined range.
As shown in fig. 5, in one embodiment, based on the embodiment corresponding to fig. 4, the method includes the following steps S501 to S507:
step S501, when a patient account is newly created, a private key of a patient is generated, and each patient account has a corresponding private key of the patient.
In application, each patient has a corresponding patient account and medical data plaintext, the patient account can include plaintext information (personal information of the patient) such as the name, sex, age, occupation, native place, work unit (reading school), address, current medical history, past medical history and physical signs of the patient, and the medical data plaintext can be stored in the patient account or can be stored independently. In addition, when a patient account is created for a patient, the medical data encryption system can generate a patient private key corresponding to the patient account, and the patient private key can be used for decrypting ciphertext information of the patient account and a medical data ciphertext of the corresponding patient.
And step S502, calling a system public key, encrypting the plaintext information of the patient account to obtain the ciphertext information of the patient account, and storing the system public key in a second database.
In application, when the medical data encryption system adopts asymmetric encryption to protect the medical data of a patient, the medical data encryption system is provided with a system public key, and after a patient account is newly built for each patient, the same system public key can be called to encrypt plaintext information of the patient account to obtain ciphertext information of the patient account, so that leakage of personal information of the patient is avoided. It should be noted that the encryption system of the medical data only has one system public key, each patient account has one corresponding private key of the patient, the system public key can be stored in the second database, and when the system public key is leaked due to attack on the second database, an attacker cannot decrypt the ciphertext information of the patient account or the medical data ciphertext through the system public key, so that the security of the personal information of the patient and the medical data ciphertext is improved.
And S503, when the medical data plaintext of the patient is received, calling the system public key, and encrypting the medical data plaintext to obtain the medical data ciphertext of the patient.
In application, after the new creation of the patient account is completed, the encryption system for the medical data can receive the medical data plaintext and encrypt the medical data plaintext by calling the system public key, so as to obtain the medical data ciphertext of the patient, and the technical effect of encrypting through the system public key is consistent with that of the step S502, which is not described herein again.
And S504, storing the ciphertext information of the patient account and the medical data ciphertext into a first database, and storing the private key of the patient into a third database.
In application, the medical data encryption system can store three important information, namely ciphertext information of a patient account, a medical data ciphertext, a system public key and a patient private key, in three different databases respectively, specifically, the ciphertext information of the patient account and the medical data ciphertext can be stored in a first database, the system public key can be stored in a second database, and the patient private key can be stored in a third database. In addition, the medical management system can also establish an encryption communication protocol with the first database to the third database respectively, realize independent encryption communication when exchanging data with any one database, and in combination with distributed storage of the three important information, when data leakage occurs in any one database, data leakage of other databases can be avoided, so that an attacker can not decrypt ciphertext information and medical data ciphertext of a patient account under the condition of cracking any one database, and the safety of personal information and medical data ciphertext of the patient is greatly improved.
And step S505, when a reading instruction sent by the visitor is received, verifying the identity information of the visitor, wherein the reading instruction is used for acquiring the plaintext of the medical data.
In application, the method provided in step S505 is the same as that provided in step S403, and is not described herein again.
And S506, when the identity information of the visitor is successfully verified, reading the private key of the patient stored in the third database, and reading the medical data ciphertext of the patient stored in the first database according to the reading instruction.
In application, when the medical data encryption system adopts asymmetric encryption to protect the medical data of the patient, and the identity information of the visitor is successfully verified, the medical data encryption system can respectively read the medical data ciphertext corresponding to the reading instruction and stored in the first database and the private key of the patient stored in the third database in an encryption communication mode, and the technical effects of distributed storage and encryption communication are consistent with the step S504, which is not described herein again.
And step S507, decrypting the medical data ciphertext through the private key of the patient to obtain the medical data plaintext.
In application, when the medical data encryption system adopts asymmetric encryption to protect the medical data of a patient, the target medical data ciphertext can be decrypted according to the private key of the patient corresponding to the reading instruction, the asymmetric encryption can enable each patient to have the corresponding private key, the independence of protecting the medical data plaintext of each patient can be improved, and therefore the safety of the medical data plaintext is improved.
As shown in fig. 6, in one embodiment, based on the embodiment corresponding to fig. 5, the method includes the following steps S601 to S610:
step S601, when a patient account is newly created, generating a private key of a patient, wherein each patient account has a corresponding private key of the patient;
step S602, calling a system public key, encrypting plaintext information of the patient account to obtain ciphertext information of the patient account, and storing the system public key in a second database;
step S603, when the medical data plaintext of the patient is received, calling a system public key, and encrypting the medical data plaintext to obtain the medical data ciphertext of the patient;
and S604, storing the ciphertext information of the patient account and the medical data ciphertext into a first database, and storing the private key of the patient into a third database.
Step S605, sending a preset access token to the patient, wherein the preset access token is updated according to a preset period;
step S606, receiving a reading instruction sent by an accessor;
step S607, verifying the pre-acquired visitor' S access token;
and step S608, when the access token of the visitor is the same as the preset access token, judging that the identity information of the visitor is successfully verified.
Step S609, when the identity information of the visitor is successfully verified, reading the private key of the patient stored in the third database, and reading the medical data ciphertext of the patient stored in the first database according to the reading instruction;
and S610, decrypting the medical data ciphertext through the private key of the patient to obtain the medical data plaintext.
In application, steps S601 to S604 are consistent with the encryption method of the medical data provided in steps S501 to S504, and steps S609 and S610 are consistent with the encryption method of the medical data provided in steps S506 and S507, which will not be described herein again. The difference is that step S505 includes step S605 to step S608.
In application, regarding step S605, the encryption system of the medical data may generate a preset access token, where the preset access token may be a string of numbers, letters or words, a string of any two of a plurality of numbers, a plurality of letters and a plurality of words, or a string of a combination of a plurality of numbers, a plurality of letters and a plurality of words. The preset access token may be updated according to a preset period, where the preset period may be 10 seconds, 15 seconds, 30 seconds, 1 minute, and the like, for example, in a first preset period, the preset access token is 123456, at the beginning of a second preset period, the preset access token is updated to 165324, at the beginning of a third preset period, the preset access token is updated to 980012, and the subsequent preset access tokens continue to be updated irregularly according to the preset period. The preset access token can be generated through any verification code (character string) generation algorithm, and the specific characters and the generation mode of the preset access token and the specific duration of the pre-sale period are not limited in any way in the embodiment of the application.
In application, the encryption system of the medical data may send the generated preset access token to the patient in any one or more transmission modes, where the transmission mode may include network transmission, telephone transmission, short message transmission, or mail transmission. Wherein, the network transmission can be to send the preset access token to an APP (Application, mobile phone software) account or a computer software account designated by the patient; the telephone transmission may be to report the preset access token to the patient in the form of a telephone call; the short message transmission can be in a form of short message to send a preset access token to the patient; the mail transmission may be in the form of a mail to send the preset access token to the patient. The embodiment of the application does not limit the transmission mode of the preset access token.
In the application, regarding step S606 and step S607, the identity information of the visitor may further include an access token, and when the management system receives a reading instruction sent by the visitor, the pre-acquired access token of the visitor is verified, and the pre-acquired timing may be acquired when the encryption system of the medical data displays an access token acquisition window after the visitor sends the reading instruction to prompt the visitor to input; or by integrating the access token in the read instruction, so as to be obtained when the read instruction is received; it is also possible that the visitor enters in advance in the encryption system of the medical data before the visitor sends the reading instruction. The embodiment of the present application does not set any limit to the acquisition timing of the access token of the visitor.
In the application, regarding step S608, the access token of the visitor may be verified by determining whether the access token of the visitor is the same as the preset access token, and if the access token of the visitor is the same as the preset access token, it is determined that the authentication of the identity information of the visitor is successful, and the process proceeds to step S609; if not, the authentication of the identity information of the visitor is judged to fail, and the encryption system of the medical data stops responding to the reading instruction of the visitor.
In application, the preset access token is sent to a patient, the patient can forward the preset access token to an accessor (such as a doctor or an encryption system administrator of medical data) according to actual diagnosis needs, the preset access token is updated according to a preset period, the accessor receiving the preset access token can only use the preset access token in the current preset period, and cannot continuously have decryption authority through the preset access token in the preset period.
According to the encryption method of the medical data, the medical data ciphertext of the patient is obtained by encrypting the medical data plaintext of the patient, whether the visitor can decrypt the medical data plaintext corresponding to the reading instruction sent by the visitor is judged by verifying the identity information of the visitor, the risk of disclosure of the medical data plaintext can be reduced on the premise that the medical data plaintext can be written freely by a doctor, the decryption authority can be flexibly distributed by setting the visitor, and the medical data plaintext can be shared in a user-defined range.
It should be understood that, the sequence numbers of the steps in the foregoing embodiments do not imply an execution sequence, and the execution sequence of each process should be determined by its function and inherent logic, and should not constitute any limitation to the implementation process of the embodiments of the present application.
The embodiment of the present application further provides a computer-readable storage medium, which stores a computer program, and when the computer program is executed by a processor, the computer program implements the steps in the above-mentioned various embodiments of the encryption method for medical data.
The integrated module, if implemented in the form of a software functional module and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, all or part of the processes in the methods of the embodiments described above can be implemented by a computer program, which can be stored in a computer-readable storage medium and can implement the steps of the embodiments of the methods described above when the computer program is executed by a processor. Wherein the computer program comprises computer program code, which may be in the form of source code, object code, an executable file or some intermediate form, etc. The computer readable medium may include at least: any entity or apparatus capable of carrying computer program code to a photographing terminal device, recording medium, computer Memory, Read-Only Memory (ROM), Random Access Memory (RAM), electrical carrier wave signals, telecommunications signals, and software distribution medium. Such as a usb-disk, a removable hard disk, a magnetic or optical disk, etc.
In the above embodiments, the descriptions of the respective embodiments have respective emphasis, and reference may be made to the related descriptions of other embodiments for parts that are not described or illustrated in a certain embodiment.
Those of ordinary skill in the art will appreciate that the various illustrative modules and algorithm steps described in connection with the embodiments disclosed herein may be implemented as electronic hardware or combinations of computer software and electronic hardware. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the implementation. Skilled artisans may implement the described functionality in varying ways for each particular application, but such implementation decisions should not be interpreted as causing a departure from the scope of the present application.
In the embodiments provided in the present application, it should be understood that the disclosed terminal device and method may be implemented in other ways. For example, the above-described terminal device embodiments are merely illustrative, and for example, the division of the modules is only one logical functional division, and there may be other divisions when actually implementing, for example, a plurality of modules or components may be combined or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or modules, and may be in an electrical, mechanical or other form.
The above-mentioned embodiments are only used for illustrating the technical solutions of the present application, and not for limiting the same; although the present application has been described in detail with reference to the foregoing embodiments, it should be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; such modifications and substitutions do not substantially depart from the spirit and scope of the embodiments of the present application and are intended to be included within the scope of the present application.
Claims (10)
1. A method for encrypting medical data, the method being applied to an encryption system for medical data, the method comprising:
when receiving a medical data plaintext of a patient, encrypting the medical data plaintext to obtain a medical data ciphertext of the patient;
storing the medical data ciphertext to a first database;
when a reading instruction sent by an accessor is received, verifying the identity information of the accessor, wherein the reading instruction is used for acquiring the plaintext of the medical data;
when the identity information of the visitor is successfully verified, the decryption authority of the medical data ciphertext is obtained, and the medical data ciphertext stored in the first database is read according to the reading instruction;
and decrypting the medical data ciphertext according to the decryption authority to obtain the medical data plaintext.
2. The method for encrypting medical data according to claim 1, further comprising:
when a patient account is newly created, generating a private key of the patient, wherein each patient account has a corresponding private key of the patient;
calling a system public key, encrypting plaintext information of the patient account to obtain ciphertext information of the patient account, and storing the system public key in a second database;
when medical data plaintext of a patient is received, calling a system public key, and encrypting the medical data plaintext to obtain a medical data ciphertext of the patient;
and storing the ciphertext information of the patient account and the medical data ciphertext into a first database, and storing the private key of the patient into a third database.
3. The method for encrypting medical data according to claim 1, wherein the verifying the identity information of the visitor upon receiving a reading instruction sent by the visitor comprises:
sending a preset access token to the patient, wherein the preset access token is updated according to a preset period;
receiving a reading instruction sent by an accessor;
verifying a pre-acquired access token of the visitor;
and when the access token of the visitor is the same as the preset access token, judging that the identity information of the visitor is successfully verified.
4. The method for encrypting medical data according to claim 1, further comprising:
when the identity information of the visitor is successfully verified, reading the private key of the patient stored in a third database, and reading the medical data ciphertext of the patient stored in the first database according to a reading instruction;
and decrypting the medical data ciphertext through the private key of the patient to obtain the medical data plaintext.
5. The method for encrypting medical data according to any one of claims 1 to 4, further comprising:
and when the identity information of the visitor is successfully verified, giving access authority to the visitor, wherein the access authority is used for viewing the medical data plaintext.
6. The method for encrypting medical data according to claim 5, further comprising:
and when the number of times of the visitor viewing the medical data plaintext exceeds a preset number of times, revoking the access authority of the visitor.
7. The method for encrypting medical data according to claim 5, further comprising:
calculating the decryption duration after the medical data plaintext is obtained;
and when the decryption duration exceeds the preset decryption duration, revoking the access authority of the visitor.
8. A system for encrypting medical data, comprising at least one memory, a processor and a computer program stored in said at least one memory and executable on said processor, wherein said processor when executing said computer program implements the steps of the method for encrypting medical data according to any one of claims 1 to 7.
9. The system for encrypting medical data according to claim 8, wherein the at least one memory is configured to build a first database, a second database, and a third database;
the first database is used for storing ciphertext information of the patient account and medical data ciphertext;
the second database is used for storing a system public key;
the third database is used for storing the private key of the patient.
10. A computer-readable storage medium, in which a computer program is stored which, when being executed by a processor, carries out the steps of the method for encrypting medical data according to any one of claims 1 to 7.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111017306.4A CN113707256A (en) | 2021-08-31 | 2021-08-31 | Medical data encryption method, system and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111017306.4A CN113707256A (en) | 2021-08-31 | 2021-08-31 | Medical data encryption method, system and storage medium |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN113707256A true CN113707256A (en) | 2021-11-26 |
Family
ID=78658420
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111017306.4A Pending CN113707256A (en) | 2021-08-31 | 2021-08-31 | Medical data encryption method, system and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN113707256A (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110321721A (en) * | 2019-07-02 | 2019-10-11 | 石家庄铁道大学 | Electronic health record access control method based on block chain |
| CN111901302A (en) * | 2020-06-28 | 2020-11-06 | 石家庄铁道大学 | Medical information attribute encryption access control method based on block chain |
| CN112635009A (en) * | 2020-12-26 | 2021-04-09 | 西安科锐盛创新科技有限公司 | Medical data encryption method based on block chain |
-
2021
- 2021-08-31 CN CN202111017306.4A patent/CN113707256A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110321721A (en) * | 2019-07-02 | 2019-10-11 | 石家庄铁道大学 | Electronic health record access control method based on block chain |
| CN111901302A (en) * | 2020-06-28 | 2020-11-06 | 石家庄铁道大学 | Medical information attribute encryption access control method based on block chain |
| CN112635009A (en) * | 2020-12-26 | 2021-04-09 | 西安科锐盛创新科技有限公司 | Medical data encryption method based on block chain |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110839026B (en) | Data processing method based on block chain and related equipment | |
| US20220191012A1 (en) | Methods For Splitting and Recovering Key, Program Product, Storage Medium, and System | |
| US20210246824A1 (en) | Method and apparatus for securing communications using multiple encryption keys | |
| CN106104562B (en) | System and method for securely storing and recovering confidential data | |
| KR102177848B1 (en) | Method and system for verifying an access request | |
| CA2068488C (en) | Hybrid public key algorithm/data encryption algorithm key distribution method based on control vectors | |
| CN110049016B (en) | Data query method, device, system, equipment and storage medium of block chain | |
| CN109714176B (en) | Password authentication method, device and storage medium | |
| CN111294203B (en) | Information transmission method | |
| CN113849847B (en) | Method, apparatus and medium for encrypting and decrypting sensitive data | |
| CN110597836A (en) | Information query request response method and device based on block chain network | |
| TW201223225A (en) | Method for personal identity authentication utilizing a personal cryptographic device | |
| CN112398920A (en) | Medical privacy data protection method based on block chain technology | |
| CN110519222B (en) | External network access identity authentication method and system based on disposable asymmetric key pair and key fob | |
| CN112003697A (en) | Encryption and decryption method and device for cryptographic module, electronic equipment and computer storage medium | |
| CN112699390B (en) | Data processing method, device, electronic equipment, storage medium and program product | |
| CN111355702B (en) | Method and system for secure transmission of data sets, medical facility and program product | |
| US11868457B2 (en) | Device and method for authenticating user and obtaining user signature using user's biometrics | |
| CN115547441A (en) | Safety acquisition method and system based on personal health medical data | |
| CN115514523A (en) | Data security access system, method, device and medium based on zero trust system | |
| US20220311605A1 (en) | Sensitive Data Management System | |
| CN113707256A (en) | Medical data encryption method, system and storage medium | |
| CN114282254A (en) | Encryption and decryption method and device, and electronic equipment | |
| CN112966280A (en) | Data processing method and device, server and data management system | |
| KR101864213B1 (en) | Apparatus and method for biometric encryption |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| TA01 | Transfer of patent application right | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20220922 Address after: Room 2601 (Unit 07), Qianhai Free Trade Building, No. 3048, Xinghai Avenue, Nanshan Street, Qianhai Shenzhen-Hong Kong Cooperation Zone, Shenzhen, Guangdong 518000 Applicant after: Shenzhen Ping An Smart Healthcare Technology Co.,Ltd. Address before: 1-34 / F, Qianhai free trade building, 3048 Xinghai Avenue, Mawan, Qianhai Shenzhen Hong Kong cooperation zone, Shenzhen, Guangdong 518000 Applicant before: Ping An International Smart City Technology Co.,Ltd. |