JP2002366551A - Method, device, system for managing personal information, program for realizing them and recording medium with the program recorded thereon - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide a personal information management system to manage personal information without burdening a registrant, a referrer of the personal information, a device to manage the personal information and its operator. SOLUTION: A personal information management server 11 previously receives the referrer S to whom the registrant T allows acquisition of the personal information from a terminal 12 of the registrant T and stores the referrer in an entry table which is not illustrated. The personal information management server 11 specifies the registrant T to allow the acquisition of the personal information to the referrer S by referring to the entry table and transmits only a piece of the personal information of the registrant T when an inquiry is made from a terminal 13 of the referrer S.

Description

DETAILED DESCRIPTION OF THE INVENTION

[0001]

BACKGROUND OF THE INVENTION 1. Field of the Invention The present invention relates to a personal information registrant and a reference person, an apparatus for managing personal information, and personal information capable of providing personal information online without burdening the operator. Management method, personal information management device,
The present invention relates to a personal information management system, a program for realizing the system, and a recording medium on which the program is recorded.

[0002]

2. Description of the Related Art For example, in Japanese Patent Application Laid-Open No. H11-149504, personal information such as a resident card is digitized and stored in a server called a personal information management device, and a request of the person who registered the personal information is stored. Has disclosed a system for delivering the personal information.

In this system, the registrant of personal information is:
By operating its own terminal, it requests the server to issue an inquiry code and receives the inquiry code from the server. Further, the registrant writes the inquiry code in a contract document or the like and sends it to a reference person who wants to provide personal information.

[0004] On the other hand, the viewer operates his own terminal,
The inquiry code notified by the registrant is transmitted to the server. Further, the server, if the inquiry code received from the terminal of the referrer can be confirmed to be the legitimate inquiry code transmitted to the terminal of the registrant in the above-described process, the server will The personal information of the registrant who has transmitted the information is transmitted to the terminal of the referrer.

[0005] According to the above configuration, only a specific referrer designated by a registrant can acquire personal information online, and the convenience at the time of acquiring personal information can be improved. Further, in the above, personal information can be transmitted without the terminal of the registrant and the terminal of the referrer communicating directly.

[0006]

However, in the method of the above-mentioned conventional system, an inquiry code is acquired from a server and sent to a referrer every time personal information is desired to be provided. As described above, if the frequency of the provision is low, there is no problem. However, for example, when notifying a plurality of viewers of personal information, a problem arises that the procedure becomes complicated.

[0007] For example, in the case of applying the system when requesting a catalog from a plurality of manufacturers, the registrant obtains inquiry codes corresponding to the number of manufacturers, and
It is necessary to allocate the obtained inquiry codes to each manufacturer without duplication or shortage, and further, it is necessary to notify each manufacturer without fail of each inquiry code, which increases the burden on the registrant.

[0008] In addition, since the referrer cannot acquire personal information from the server until the inquiry code is obtained from the registrant, the registrant notifies the referrer even if the server issues the inquiry code. Until this time, personal information cannot be obtained, and it takes time to obtain it.

Further, when managing an inquiry code, such as issuing, notifying, validity / invalidity, etc., an inquiry code, it is necessary for the server to store the issued inquiry code until receiving an inquiry from a referrer. , The management becomes complicated.

More specifically, the server needs to store the inquiry code after issuing the inquiry code until receiving the inquiry, while reducing the storage capacity required for managing the inquiry. Therefore, after receiving the inquiry, it is desirable to delete the data. However,
Since the inquiry is a proactive action of the referrer, the time of the inquiry cannot be specified, and the inquiry itself may not be performed.

[0011] As a result, in response to the inquiry, apart from the normal processing of deleting the inquiry code of the case, the server, if a predetermined period has elapsed since the issuance,
It is necessary to delete the inquiry code assuming that the referrer does not intend to make an inquiry.Until the unnecessary inquiry code is erased, the capacity for storing the code and the unnecessary Operational capability for searching and deleting the inquiry code is required.

The present invention has been made in view of the above problems, and has as its object to manage personal information registered by a registrant and provide personal information that can be provided to a referrer in a quick and simple procedure. An object of the present invention is to provide a management method, a personal information management device, a personal information management system, a program for realizing the same, and a recording medium on which the program is recorded.

[0013]

According to the personal information management method of the present invention, in order to solve the above-mentioned problems, a personal information reference requester specifies personal information as a personal information output request. A step in which the computer receives the information, and the computer searches an entry table in which each registrant of personal information is allowed to obtain a reference person who is allowed to obtain his / her own personal information. A registrant specifying step of specifying a registrant permitted to acquire information, and a personal information transmitting step of transmitting the information related to the specified registrant's personal information to the referrer who sent the output request, by the computer. It is characterized by containing. In addition, the information regarding personal information may be the personal information of the specified registrant itself or may be a part thereof. Further, the search result may be processed such as information obtained by summing up the search results of the personal information of the specified registrant. Further, the computer can specify the referrer who has requested the output by receiving information unique to each referrer from the referrer.

In the above configuration, regardless of the necessity of transmission of personal information, each registrant stores a referrer capable of acquiring his / her personal information in an entry table, and the computer
When there is an output request from the referrer, the information relating to the personal information of the registrant permitted to acquire the personal information is transmitted to the referrer by referring to the entry table.

[0015] Therefore, the registrant acquires the inquiry code from the server and notifies the referrer, and the referrer transmits the inquiry code to the server to acquire the registrant's personal information. In comparison, the labor of the registrant can be reduced. In addition, since the information can be registered in advance regardless of whether the information is actually transmitted, the registrant can easily register a plurality of referrers collectively.

Also, unlike the above-mentioned prior art, the referrer accesses the computer without transmitting the inquiry code that cannot be determined without mistake, and the registered person is allowed to obtain personal information by himself / herself. Since it is possible to receive information regarding the personal information of the person, the trouble of the referrer can also be reduced.

In other words, in each of the above steps, if the registrant is the subject and the referrer is passive, and if the registrant permits the referrer to acquire personal information, the referrer will need the following troubles. In other words, if you want to obtain the personal information of a specific registrant, you do not have to enter the identification information for identifying the registrant or take the trouble of recognizing it. Personal information can be obtained simply by transmitting it as a request to output personal information. Here, the above trouble increases as the number of personal information of registrants who wish to obtain information increases, so an unspecified number of registrants allow the referrers to obtain personal information. For example, the trouble of the referrer can be greatly reduced.

Furthermore, since the registrant can register the referrer regardless of whether or not it is actually transmitted, the registrant can register the referrer at an earlier point in time than in the prior art, and the referrer can register himself / herself. If personal information acquisition is permitted, information on personal information can be acquired from that point. Therefore,
The referring person can acquire the information faster.

Also, unlike the above-described conventional technology, the computer does not need to manage an inquiry code for determining whether or not erasure is possible according to the action of the referrer, so that the load on the computer can be reduced. Specifically, in the related art, the server issues an inquiry code in response to a request of a registrant, stores the inquiry code until there is an inquiry from the referrer, and erases the data when the inquiry is made. There is a case where there is no inquiry itself because of the independent operation of the user. Therefore, in this configuration, in addition to the normal processing for deleting in response to an inquiry, whether or not a predetermined time has elapsed since issuance is monitored, and after the elapse of the processing, the processing for erasing on the assumption that there is no intention of the inquiry is performed. You will need it.
However, according to the configuration of the present invention, since the referrer is registered irrespective of the referrer's inquiry, there is no need to erase the inquiry code at the time of the inquiry, so that the load on the computer can be reduced.

Further, in addition to the above configuration, the personal information itself may be transmitted as information relating to the personal information of the registrant. According to this configuration, since the personal information itself is transmitted, the referrer can acquire the personal information for which the registrant has permitted the acquisition by himself / herself with little trouble.

Further, instead of the personal information itself, the number of registrants who have been permitted to obtain the personal information may be transmitted to the referrer who sent the output request as information on the personal information of the registrant. . According to this configuration, before transmitting the personal information itself, the referrer can reconsider whether or not to acquire the personal information, so that the referrer can avoid acquiring unnecessary personal information. .

Further, irrespective of the type of information relating to personal information, in each of the above configurations, before the personal information transmitting step, the computer causes the registrant identified in the registrant identifying step to acquire personal information. The method may include a step of notifying that the request has been made and, if not permitted by the registrant, blocking the execution of the personal information transmitting step.

According to this configuration, the registrant is responsible for the referrer who has permitted the acquisition of personal information in advance.
The validity at the time of reference can be determined. As a result, even if the referrer is authorized in advance, it is possible to avoid acquiring information from a referrer whose acquisition of personal information is not appropriate at the time of reference, and to more reliably protect the registrant's personal information. It should be noted that the computer refuses to provide the registrant's personal information to the unauthorized registrant without notifying the registrant, thereby reducing the trouble of the registrant responding to the notification.

Further, in addition to each of the above configurations, before the personal information transmitting step, the computer accesses a database storing personal information of the registrant specified in the registrant specifying step, and The method may include a step of acquiring personal information from a database.

According to this configuration, the computer accesses the database different from the computer and acquires the personal information. Therefore, if the database already exists, the personal information is newly stored in the computer. No need. In addition, since it is possible to avoid the unique construction of the personal information database, it is possible to reduce the trouble of eliminating the difference in the contents of the personal information between the databases. Therefore, the operator of the computer can focus on the management and updating of each table described above, and can reduce the burden on the operator. Thereby, the computer operator can pursue the provision of more comfortable services to the registrant and the referrer.

[0026] In addition to the above components, the computer associates information indicating the personal information transmitted in the personal information transmitting step with information indicating a referrer who transmitted the personal information, and associates the information with a history table. A step of storing may be included. According to this configuration, by referring to the history table, the personal information output to each of the viewers can be specified. Therefore, charging according to the output personal information becomes possible.

Further, in addition to the above components, the computer receives, from the registrant of personal information, information indicating a referrer who is permitted to acquire his / her own personal information. The computer receives the information as a referrer corresponding to the registrant. A step of registering in an entry table may be included. According to this configuration, the registrant can register the referrer who is permitted to acquire personal information online, so that the entry table can be updated without any trouble for the computer operator and the registrant.

On the other hand, the personal information management device according to the present invention
In order to solve the above-mentioned problem, each registrant of personal information has an entry table in which a reference person who is permitted to obtain his / her own personal information is stored in advance, and a request for output of personal information is made from the reference person of personal information. Receiving means for receiving specific information identifying a user, and a registrant who searches the entry table using the information indicating the referrer as a search key and permits the referrer who sent the output request to acquire personal information And a transmitting means for transmitting information about the personal information of the specified registrant to the reference person who sent the output request.

In the personal information management apparatus having the above configuration, regardless of the necessity of transmitting personal information, each registrant stores in the entry table a referrer who can acquire his / her own personal information.
When the receiving means receives the specific information of the referrer as an output request from the referrer, the receiving means refers to the entry table and provides the referrer with information on the personal information of the registrant who has permitted the acquisition of the personal information. Send. This allows
As with the above-described personal information management method, the labor of the registrant and the reference person can be reduced and the load on the personal information management device can be reduced as compared with the related art using the inquiry code.

Further, in addition to the above configuration, information indicating a referrer who is permitted to acquire his / her personal information is received from a registrant of personal information, and registered in the entry table as a referrer corresponding to the registrant. Registration means for performing registration. According to this configuration, the registrant can online register a referrer who is permitted to acquire personal information, so that the registrant can update the entry table without any trouble for the operator and the registrant of the personal information management device.

Further, in order to solve the above-mentioned problems, the personal information management system according to the present invention is connected to the personal information management device via a network, and connected to the personal information management device via a network. A terminal for transmitting the output request. According to this configuration, when the terminal transmits the output request, the personal information management device returns information about the personal information with reference to the entry table, so that the inquiry code is used similarly to the personal information management device described above. Compared with the related art, the labor of the registrant and the reference person can be reduced, and the burden on the personal information management device can be reduced.

Further, in order to solve the above-mentioned problems, the personal information management system according to the present invention is arranged such that the personal information management device having registration means is connected to the personal information management device via a network, A terminal for transmitting information indicating a reference person permitted to obtain the personal information to the management device. According to this configuration, the registrant can use the terminal to online register the referrer who is permitted to acquire his / her personal information in the personal information management device. Therefore, without trouble for the operator and the registrant of the personal information management device,
While being able to update the entry table, as well as the personal information management device described above, reducing the trouble of the registrant and the reference person,
The burden on the personal information management device can be reduced.

The personal information management device may be realized only by hardware, or may be realized by a computer executing a program. Specifically, the program according to the present invention is characterized in that it is a program that causes a computer to execute the personal information management method according to any of the above configurations. Also,
The program is recorded on a recording medium according to the present invention. When the program is executed by a computer, the computer executes the above-described personal information management method. This can reduce the burden on the registrant and the referrer, and also reduce the burden on the personal information management device.

[0034]

DESCRIPTION OF THE PREFERRED EMBODIMENTS [First Embodiment] An embodiment of the present invention will be described below with reference to FIGS. That is, the personal information management network system according to the present embodiment (personal information management system)
1 is a system for managing personal information registered by a registrant T and providing it to a referrer S by a quick and simple procedure,
As shown in FIG. 1, a personal information management server (personal information management device) 11 that manages personal information, and a terminal 12 that is operated by a registrant T and a referrer S, respectively, and that can communicate with the personal information management server 11 And a terminal 13. In this configuration, the personal information management server 11 functions as a centralized management device, and basically no direct communication between the terminal 12 and the terminal 13 occurs.

It should be noted that the registrant T, among the users of the present system 1, transmits his or her personal information to the third party, the referrer S.
Is a user who attempts to set a notification-enabled state in a simple and easy way. Further, in the personal information management network system 1 according to the present embodiment, which is a user who can acquire the personal information of the registrant T when permitted by the registrant T, A1 “personal” in FIG. Information Destination Entry "
As shown by, the registrant T operates the terminal 12 to enter the personal information transmission destination entry table (entry table) 21 of the personal information management server 11 shown in FIG. S is registered in advance.

Thereafter, as shown in A2 “Inquiry of registrant of personal information”, when the referrer S operates the terminal 13 to access the personal information management server 11 and requests that the registrant of personal information be transmitted, Personal information management server 11
Refers to the entry table 21 and specifies the personal information permitted to the referrer S from among the personal information managed by itself, and as shown in A3 “Personal information transmission”, Send only personal information.

As described above, in the personal information management network system 1, the registrant T sends to the personal information management server 11 a referrer S who can acquire his / her personal information, regardless of the necessity of transmitting the personal information. Registered in advance, the personal information management server 11 prepares to output the personal information to the referrer S, and if there is an inquiry from the referrer S, determines that the referrer S can acquire the information. The registered personal information is transmitted to the reference person S.

Therefore, the registrant T can register the referrers S who may transmit the personal information regardless of whether the referrers S need the personal information at that time, and collectively register the plurality of referrers S. Easy to register. Also, even after registration, by instructing the personal information management server 11 to delete or additionally register, the number of referrers S who can acquire personal information can be increased or decreased as necessary. In addition, even if the registrant T transmits personal information to a plurality of referrers S, the registrant T need only register the plurality of referrers S in the personal information management server 11, and for each referrer S,
Since there is no need to repeat the input of personal information, the trouble of inputting personal information can be omitted.

Also, unlike the prior art in which the server requests the server to issue an inquiry code for each case and transmits the inquiry code to the reference person S, the registrant T designates the reference person S who may obtain personal information as an individual. Since it is only registered in the information management server 11, the trouble of acquiring the inquiry code and sending it to the referrer S can be reduced. Furthermore, in the above-mentioned conventional technology,
In particular, when transmitting personal information to a plurality of referrers S, it is necessary to acquire a plurality of inquiry codes from a server and allocate and send the inquiring codes to each referrer S, which is cumbersome. Can be reduced, and the registrant T can transmit the personal information to the plurality of referrers S by a simple procedure.

On the other hand, unlike the prior art, the referrer S does not need to transmit the inquiry code to the server,
Simply by accessing the personal information management server 11,
You can get the personal information that you have been granted. As a result, there is no need to obtain the inquiry code from the registrant T and to notify the personal information management server 11 without fail, so that it is possible to reduce the labor and time when acquiring personal information.

It should be noted that the personal information management server 11 makes the referrer S
In order to identify the personal information management server 1,
1, it is necessary to transmit data for authentication (such as a password) to the personal information management server 11 unlike the inquiry code notified from the registrant T.
And the reference person S can be determined. Further, even if the acquired personal information is different, if the referrer S is the same, the data for authentication is common. As a result, the burden on the referring person S at the time of inputting is smaller than when inputting an inquiry code. In particular, when the personal information management server 11 allows the referrer S to determine authentication data such as a password, data that can be easily stored can be set, thereby greatly reducing the burden on the referrer S.

Further, the personal information management server 11 can reduce the storage capacity and computational capacity required for processing.
Specifically, in the configuration of the related art described above, the server needs to store the inquiry code from issuing the inquiry code to receiving the inquiry, while storing the necessary information for managing the inquiry. After receiving the inquiry, it is preferable to delete the data to reduce the capacity. However, since the inquiry is an independent operation of the referrer S, the time of the inquiry cannot be specified, and the inquiry itself may not be performed. As a result, the server, in response to the inquiry, separates from the normal process of deleting the inquiry code of the case, and if a predetermined period has elapsed since the issuance, the server considers that the referrer S has no intention to inquire. Need to erase the inquiry code,
Until an unnecessary inquiry code is erased, a capacity for storing the code and a calculation capability for searching and erasing the unnecessary inquiry code separately from normal processing are required. In contrast, in the present embodiment,
Since these storage capacities and calculation capacities are not required, the storage capacities and calculation capacities can be reduced.

In the following, as an example of the configuration of the personal information management server 11, the personal information management server 11 includes not only the entry table 21 but also a registrant personal information table 22 for storing the registrant T's personal information itself. This will be described as an example.

That is, the personal information management server 11 according to the present embodiment identifies each registrant T and each referrer S by ID numbers as unique information, respectively.
As shown in FIG. 7, in addition to the entry table 21 and the registrant's personal information table 22, a referrer information table 23 for storing information of the referrer S for billing and communication, etc. There are provided registrant and referencer ID management tables 24 and 25 for storing ID numbers and the like for authenticating the persons S respectively.

The registrant personal information table 22 includes
As shown in FIG. 3, for each registrant T, a combination of the registrant T's ID number (registrant ID 1) and the registrant T's personal information is stored. As shown in FIG. 4, a combination of the ID number of the referrer S (referrer ID2) and the information of the referrer S is stored in the referrer ID management table 25 as shown in FIG. ing.

The personal information is stored in the personal information management server 11
For example, when the registrant T is an individual, the registrant such as name, address, postal code, contact information (for example, telephone, facsimile number, e-mail address, etc.) and account information, etc. T includes items for which notification is desired to the referrers S in an appropriate range. When the registrant T is a company, the personal information includes items such as a company name (name) and a location, instead of the items of the name and the address. Further, if necessary, items such as a department name and an extension number may be included. Furthermore, when the registrant T is an individual, the registrant T may include items such as gender, age, occupation, annual income, family structure, and residence type. In the case of a company,
It may include items such as business establishment size. Since the personal information is information that the registrant T wants to notify a third party, an item that can improve the usability of the personal information is selected according to the use of the personal information management network system 1.

In the present embodiment, the registrant T is not required to input all the prepared items. For example, items that are somewhat versatile from the perspective of usability of information, such as names and names, and addresses and whereabouts, are required to be entered. The registrant T can use the personal information management server 11 without inputting information that he does not want to provide to a third party, such as information (for example, annual income and family composition).

On the other hand, the information of the referrer S is obtained by using the personal information management service by the personal information management server 11.
The personal information of the registrant T is stored in the referrer information table 23 in order to prevent the personal information of the registrant T from illegally leaking to an unknown third party. Therefore, the information of the referrer S includes, for example, an item (such as a name and a name) that can specify the referrer S and an item (such as an address and a residence) that can confirm the existence and the actual state.
And other items that can impose some degree of credit. It may also include an item for charging, such as an account number.

As described above, the personal information of the registrant T is intended to be referred to by the referrer S. On the other hand, the information of the referrer S includes, for example, contact to the referrer S and billing. For the purpose, the items provided in both pieces of information may be different from each other, or may be partially or entirely overlapped.

Here, the two information tables 22 and 23 may have different formats according to the items provided therein, but the user who has used the personal information management server 11 as the referrer S is registered. 3 and FIG. 4, both tables 22 and 23 are set in the same format (number of items and item type). On the other hand, it is desirable to leave it blank. For example, in the personal information of the registrant T, items such as family structure and age are provided, and these items are not provided in the information of the referrer S. It will be blank.

As described above, when the formats of both information tables 22 and 23 are unified, when a user who has been registered as a referrer S in the referrer information table 23 is newly registered as a registrant T, personal information management is performed. The server 11 registers a record having the same content as that of the record of the referrer information table 23 in the registrant personal information table 22 and, among the blanks of the record, stores only the mandatory items as the registrant T in the terminal 12. The registrant T can be registered only by acquiring and adding from the user (registrant T). As a result, the amount of calculation required for the personal information management server 11 can be reduced, and registration can be performed with fewer operations.

Each ID management table 24 (2
5), as shown in FIG. 5 (FIG. 6), a combination of a registrant ID 1 (referrer ID 2) and a password is stored for each registrant T (referrer S).

On the other hand, in the entry table 21,
As shown in FIG. 7, for each registrant T, a registrant ID 1
The combination with the list of the referrer IDs 2 of the referrers S for which the registrant T has permitted the acquisition of the personal information is stored.
In the example of FIG. 7, only the entry table 21 is used.
The name of the referrer S is added to each referrer ID 2 and stored so that specific information on the referrer S can be obtained to some extent. However, the present invention is not limited to this. May be stored. In this case, by referring to the referrer information table 23, the information of the referrer S corresponding to the referrer ID 2 can be acquired.

As described above, since only the information of the referrers S whose acquisition is permitted by the registrant T is stored, by referring to the entry table 21, the registrants T and the referents S in any combination can be obtained. It can be determined whether or not the registrant T permits the referrer S to acquire personal information.

For example, in the example of FIG. 7, the registrant ID 1 “T
The registrant T identified by “000001” is A Corporation,
It can be understood that it has been declared that the provision of personal information is permitted to abc Co., Ltd. and the C division of B Co., Ltd.
In the example of the figure, the registrant ID 1 is “T000002”.
Registrant T has permitted only A Corporation to provide personal information.

The entry table 21 in the example of FIG.
Stores a list of the referrers S permitted by the registrant T for each registrant T. For example, as shown in FIG. Data indicating whether or not the registrant T has permitted the reference person S to acquire personal information may be stored. In this case, a storage area is required for each combination of the registrant T and the referrer S, regardless of whether the registrant T actually permits or not. Increase. However, in this configuration, all the referrers S are arranged in the column information formed in the matrix, and it is checked whether or not an entry for output permission has been made.
Can be instantaneously determined with a smaller amount of calculation than in the configuration of. Therefore, when an inquiry is made from a certain reference person S, the personal information permitted to the reference person S can be specified more quickly,
Response time can be reduced. Also, unlike the configuration of FIG. 7, even if the number of referrers S already entered increases, there is no possibility that the referrers S may be duplicated.

In any case, by referring to the entry table 21, it can be determined whether or not the registrant T of the personal information permits the referrer S to obtain the information.

On the other hand, the personal information management server 11 according to the present embodiment has the terminals 12 and 13 shown in FIG.
(HyperText Markup Language) file,
A web server for displaying personal information and displaying a screen for prompting the user to input personal information and information of the referrer S. As shown in FIG. 2, a WEB server for receiving access from the browser of the terminal 12 or the terminal 13 (Receiving unit) 31 and the ID management table 24 (25) while referring to the W
An authentication processing unit 32 that authenticates a user of each terminal 12 (13) based on a communication result between the EB server 31 and each terminal 12 (13), and an instruction from each terminal 12 (13).
An information registration processing unit 33 for registering the personal information of the registrant T (information of the referrer S) in each of the information tables 22 (23). As will be described later, the information registration processing unit 33 registers (updates) the information only after the ID number is issued, and only when the authentication of the authentication processing unit 32 succeeds. If the ID number has not been issued, no authentication is performed.

Further, in the personal information management server 11, when the authentication is successful, an entry registration processing unit (registration) for registering the referrer S in the entry table 21 based on the instruction from the terminal 12 of the registrant T Means) and a search processing unit (registered) that searches for a registrant T whose acquisition is permitted by the referrer S by referring to the entry table 21 when the terminal 13 of the referrer S is successfully authenticated. An output processing unit (transmitter) for acquiring the personal information of the registrant T extracted by the search processing unit 35 and transmitting the personal information to the WEB server 31 with reference to the registrant specifying means) 35 and the registrant personal information table 22. 36) are provided.

Although a specific hardware configuration will be described later, in this embodiment, each of the members 21 to 36
An arithmetic unit such as U is realized as a functional block realized by executing a program stored in a recording medium such as a ROM, a RAM, or a hard disk. These functional blocks are provided in the personal information management server 11.
For example, when the WEB server 31 detects a registration instruction to the entry table 21, it calls and executes an information transmission destination entry program to execute the authentication processing unit 32 and the entry registration processing unit. It may be formed at a required point in time, such as when forming 34. Further, each of the members 21 to 36 may be realized by a single computer, or some of the functional blocks such as the WEB server 31 may be realized by a separate computer which can communicate with each other.

In the above configuration, the personal information management server 1
The first WEB server 31 is waiting for access from the terminal 12 or the terminal 13, and upon receiving the access, transmits an HTML file for displaying an initial screen to the accessed terminal 12 (13). As shown in FIG. 9, the initial screen includes A1 “Personal information transmission destination entry”, A2 “Personal information registrant inquiry”, or A
4. A6 "User registration", a button for selecting each is provided, the user of the terminal 12 (13),
An operation such as clicking the button on the browser can notify the personal information management server 11 of the selection.

For example, a URL (Uniform
The fact that the user (registrant T) of the terminal 12 has selected A1 "entry of personal information destination" by, for example, detecting access to the Resource Locator) indicates that the web server 31
Is detected, the authentication processing unit 32 displays the screen shown in FIG. 11 on the screen of the terminal 12 in S1 of FIG. 10, and prompts the user of the terminal 12 to input the registrant ID1 and the password (step S1). Prompt to registrant T).

Each member of the personal information management server 11 sends an HTML file for displaying a desired screen to the terminal 12 (13) by, for example, instructing the WEB server 31 to transmit the HTML file to the terminal 12 (13). A desired screen is displayed on (13). Each member is made of these HTMs.
The L file itself (or the procedure for creating an HTML file) is stored, and the acquired (created) HTML file is transmitted.

The registrant T operates the terminal 12 so that the registrant I
When D1 and the password are input and the “login” button is clicked, terminal 12 transmits registrant ID1 and the password to personal information management server 11. On the other hand, W
When the EB server 31 receives the combination of the registrant ID 1 and the password, the authentication processing unit 32
The registrant T is authenticated by referring to the management table 24 to check whether or not the combination is registered.

In step S1, if the combination is confirmed, for example, and the authentication is successful, the entry registration processing unit 34 transmits the information to the terminal 12 in step S2, for example, as shown in FIG. 12 or FIG. , A list of information indicating the selectable reference persons S is displayed. In addition, from the viewpoint of the registrant T, the referrer S is also the transmission destination of the personal information, and thus is displayed as the transmission destination in the screen example of FIG.

More specifically, the entry registration processing section 34
Refers to the information table 23 for the referrer, and among the items in the information table 23 for the referrer, for example, items such as a name (name) necessary for the registrant T to identify or specify the referrer S An HTML file for extracting and displaying the contents of the item is created. The HTML file also includes data for displaying a check box for selecting each referrer S (transmission destination). In the examples of FIGS. 12 and 13, the data extracted from the information table for referrers 23 is rearranged so as to be displayed in a list in alphabetical order and alphabetical order. They may be arranged in order or may not be rearranged.

Further, in the example of FIG. 13, a transmission destination code for specifying the referrer S is also displayed in case that it cannot be specified by the name (name). In addition,
Since the referrer ID2 is harmless even if stolen by a third party, the referrer ID2 may be diverted as the transmission destination code.

If the number of referrers S registered in the personal information management server 11 is large, the entry registration processing unit 34 displays a screen for prompting the user to input search conditions on the terminal 12 before displaying the list. A list of the referrers S matching the search condition may be displayed. In this case, the registrant T becomes the referrer S
Even if the number is large, the desired reference person S can be quickly found.

In S2, after the list of the referrers S is displayed on the terminal 12, the registrant T operates the terminal 12 to
The user selects the check box of the referrer S who determines that the personal information may be transmitted among the referrers S displayed on the screen, and clicks the “Next” button. In response to this, the terminal 12 transmits to the personal information management server 11 data capable of determining whether or not each of the listed viewers S has been selected.

Here, in the above example, a check box is displayed on the screen, and when the registrant T selects a plurality of check boxes, the terminal 12 transmits the personal information to the plurality of viewers S. It is possible to collectively notify the personal information management server 11 that the acquisition has been permitted.

When the web server 31 receives the notification from the terminal 12, the entry registration processing unit 34
It is determined whether or not (transmission destination) is selected. If none of the referrers S is selected (NO in S3), the list of referrers S is displayed again, for example.
The registrant T is prompted to select the referrer S. At this time, an error may be displayed on the terminal 12.

If at least one referrer S has been selected (YES in S3), the entry registration processor 34 determines in S4 the referrer ID 2 of the referrer S selected by the registrant T. Acquisition, in S5, registrant I
Obtain D1. The referrer ID 2 may be extracted from the data transmitted from the terminal 12 or may be acquired by referring to the referrer information table 23 based on the data. Also, the registrant ID 1 may be stored in the RAM or the like at the time of authentication in S1 and may be diverted by referring to the storage, or may be input to the user (registrant T) of the terminal 12 again. You may use what was made.

Further, the entry registration processing unit 34
6, the referrer ID acquired in S4 and S5 above
2 and the registrant ID 1, the entry table 21 is updated.

Specifically, the entry registration processing section 34
Specifies the record corresponding to the registrant ID 1 acquired in S5 with reference to the entry table 21. If the entry table 21 does not exist, the entry table 21 is newly created. If the record of the registrant ID 1 does not exist in the entry table 21, the entry table 21 is newly created. Further, the user operates the record to register a referrer S who is newly permitted to acquire personal information.

For example, as shown in FIG. 7, when a record provided for each registrant ID 1 in the entry table 21 includes a list of permitted reference IDs 2, the list is added to the list in S4. Obtained referrer ID
Add 2. Further, for example, when the list does not include any of the referrer IDs 2, the entry registration processing unit 34 inputs the referrer IDs 2 in the “1” column of the “information destination entry name”. On the other hand, already
If D2 is included in the above list, in the next column:
Enter a new referrer ID2. For example, if only the entry is made in the column “1”, the new reference ID 2 is entered in the column “2”. Note that, in the example of FIG.
In addition to 2, since the name (name) of the referrer S is also included in the record, the entry registration processing unit 34 also inputs the name (name).

For example, as shown in FIG. 8, in the entry table 21, the registrant ID 1 and the
In the case where data indicating permission / non-permission is stored for each combination with No.2, the entry registration processing unit 34 sets the data corresponding to the combination of both ID1 and ID2 acquired in S4 and S5 to permission. Set to the value shown.

Here, in the present embodiment, as described above, since a plurality of referrers S are configured to be collectively registered, the entry registration processing unit 34 has not yet registered in the entry table 21. While there is no referrer S (while YES in S7), the processing from S4 is repeated. Note that, for example, a process common to the above repetitions, such as a process for specifying the registrant ID1 and a process for specifying the record corresponding to the registrant ID1, may be executed only once before the repetition.

Further, when the registrant T registers all of the selected referrers S, the entry registration processing section 34 proceeds to step S8 where, as shown in FIG. S who permitted the acquisition of
Is displayed on the terminal 12, and then, for example, the initial screen shown in FIG. 9 is displayed on the terminal 12, and the entry process of the referrer S ends. The list is
It is generated with reference to the updated entry table 21.

Thus, the registrant T can confirm the referrer S who has permitted (entered) the information acquisition.
It is possible to take measures such as deleting an unnecessary referrer S or adding a missing referrer S. In particular, as shown in FIG. 15, when the presence or absence of information provision is also displayed in the list of the referrers S, the registrant T determines whether the registration is valid or not, and whether the use of the personal information management server 11 is valid. It is easy to judge. For example, if a certain referrer S does not acquire personal information forever, the registration of the referrer S is deleted from the entry table 21 or if the number of referrers S who have acquired the personal information is small, the personal information management server 11 It is determined that there are few referrers S who want to acquire their own personal information among the referrers S who access the personal information, and countermeasures such as using another personal information management server 11 can be taken.

In the above description, the entry registration processing unit 3
4 makes the terminal 12 display the list of the referrers S, and the registrant T
Has been described, but the present invention is not limited to this. For example, as shown in FIG. 16, a screen for prompting the user to input information that can specify the referrer S such as a name (name) is displayed on the terminal 12, and the registrant T operates a key, for example. The entry registration processing unit 34 may update the entry table 21 based on the input information.

However, in this configuration, even if the same referrer S (for example, A Co., Ltd.) is designated, the registrant T will be, for example, "A Co., Ltd." ,
There is a risk that information specifying the referrer S may be input using different rules. Therefore, the entry registration processing unit 3
Reference numeral 4 refers to, for example, a management file that manages the identity of information input according to mutually different rules, so that the identity of each piece of information can be separately determined, and processing can be performed only when not identical. If they are the same, it is necessary to perform processing such as unifying and registering the information in a certain rule.

On the other hand, when a list is displayed as shown in FIGS. 12 and 13, the registrant T only selects the referrer S, so that key entry by the registrant T is not required. This not only simplifies the operation when the registrant T selects the referrer S, but also allows the personal information management server 11 to uniformly manage information for specifying the referrer S, and describes the information using a plurality of rules. Mixed information can be prevented. Therefore, computer processing in the personal information management server 11 can be facilitated, and the burden on the personal information management server 11 can be reduced.

When the registrant T is notified in advance by the referrer S of a transmission destination code capable of specifying the referrer ID 2, the entry registration processing unit 34 executes, for example, the process shown in FIG.
, A screen prompting the input of the destination code may be displayed on the terminal 12, and the entry table 21 may be registered based on the destination code input by the registrant T.
In this case, since the list display / selection operation of the referrer S is not required, the burden on the personal information management server 11 and the registrant T can be reduced, and the time when the referrer S to whom personal information can be transmitted is set in advance. Can be shortened.

Further, in addition to the screen displays of FIGS. 12, 13, 16 and 17, the entry registration processing unit 34
May display the screen shown in FIG. 18 on the terminal 12 and input the case number. The case number is information managed not by the personal information management server 11 but by the registrant T and the referrer S, and is used when confirming which case personal information has been transmitted / received. The registrant T
If there is no need for the referrer S to confirm which case the personal information is to be transmitted, there is no need to input the case number.

In any case, as shown in A1 “Personal information transmission destination entry” in FIG.
Information indicating a reference person S who determines that the registrant T may provide his or her personal information is stored.

On the other hand, when the terminal 13 of the referrer S accesses the personal information management server 11, the personal information management server 11
Displays the initial screen shown in FIG. 9 as described above.
Here, since the referrer S wants to acquire personal information, he presses an “inquiry” button among the buttons in the figure, and sends A2 “inquiry of personal information registrant” to the personal information management server 11. Notify what to do.

In this case, in the personal information management server 11, the authentication processing unit 32 shown in FIG.
In the same manner as in the case where the registrant T is authenticated, an authentication screen shown in FIG. 11 is displayed on the terminal 13 to prompt the input of the ID number and the password. However, in this case, since the referrer S is authenticated, the authentication processing unit 32 refers to the referrer ID management table 25 and refers to the ID received from the terminal 13.
The reference person S is authenticated by comparing the combination of the number and the password with the combination stored in the reference person ID management table 25, for example.

When the authentication is successful, the authentication processing unit 32
When the ID number (referrer ID2) of the user (referrer S) of the terminal 13 that has accessed the personal information management server 11 is specified, the search processing unit 35 sets the referrer ID2 as a search key in S12. Entry table 21
In step S13, a registrant ID1 that is permitted to acquire personal information is specified for the referrer ID2. Further, in S14, the output processing unit 36 reads the personal information corresponding to the specified registrant ID 1 from the registrant personal information table 22, and in S15, for example, as shown in FIG. 12 is displayed. If there is a plurality of the corresponding personal information, the output processing unit 36 instructs the WEB server 31 to
An HTML file for displaying a plurality of personal information is transmitted to the terminal 12, and the information is displayed.

Thus, the referrer S operates the terminal 12 and inquires the personal information management server 11 about the personal information, so that the registrant T can access the personal information that the registrant T has permitted to acquire. Can be obtained.

In the following, in order to use the personal information management service provided by the personal information management server 11, the operation when the registrant T or the referrer S pre-registers information as a user in the personal information management server 11 will be described. Will be described. The information is information that associates the registrant T and the referrer S with the personal information management server 11 and is registered for improving the security of the personal information management network system 1. The information registered by the registrant T as a user may be the same as the personal information managed for transmission to the reference person S, may be completely different, or may partially overlap. You may.

The operation at the time of the above-mentioned registration is the same as that of A4 shown in FIG.
"User registration by registrant T", A5 "Notification of registrant ID1", A6 "User registration by referrer S", and A7
It consists of issuing, notifying, and managing operations of each ID, such as “notification of referrer ID2”.

More specifically, as described above, the terminal 12 (1
If 3) detects that the “user registration” button is clicked while the initial screen shown in FIG. 9 is displayed, the information registration processing unit 33 determines whether the registrant T or the reference The terminal 12 (13) displays a screen for inquiring which of the users S to register as a user, and prompts the user to input. Further, the personal information management server 11
2 (13), data according to the user's selection (for example,
Upon receiving a request to read each URL, the information registration processing unit 33 determines, based on the data, that the user of the terminal 12 (13) that is currently accessing wishes to register as a registrant T. Is determined, or whether registration as a referrer S is desired.

Here, since the user of the terminal 12 desires to register as the registrant T, the user clicks the “for registrant” button. Therefore, the information registration processing unit 33 determines that the registrant process is selected in S21 of FIG. 23, and registers the registrant T in S22, for example, by activating a registrant registration program. .

More specifically, in S31 shown in FIG. 24, the information registration processing section 33 causes the terminal 12 to display a screen for prompting entry of items necessary for registration as the registrant T. When the user (registrant T) of the terminal 12 inputs the item and instructs the terminal 12 to transmit the content of the item, for example, by pressing a “send” button, the terminal 12 The data indicating the content of the item is transmitted to the personal information management server 11. On the other hand, the information registration processing unit 33
In S32, based on the data, an error check is performed to determine whether a necessary item (predetermined required item) has been input, and an error such as one of the required items has not been input. If you find, for example, S
The user is prompted to input again, for example, by repeating the process from step 31 onward.

When all necessary items are input (S3
(NO in 2), the information registration processing unit 33 issues a new registrant ID 1 (S33), and notifies the terminal 12 (S34). In the present embodiment, as the registrant ID 1, for example, a combination of alphabetic characters and numerals such as “T102611” is used, but unique data (for each registrant T in the personal information management server 11, Any data may be used as long as each registrant T can be distinguished. Thus, the registrant I
Table 2 related to registrant T using D1 as a search key
By searching 1, 22, and 24, the record corresponding to the registrant T can be searched without duplication. In addition, as the unique data, for example, the data issued last time is stored,
It may be generated by incrementing it (+1 or the like), or data that does not overlap with already issued data may be generated by a random value generation program.

[0096] With the issuance of the registrant ID 1 in S32, the information registration processing section 33 proceeds to S35.
The record corresponding to the registrant ID 1 is stored in the registrant personal information table 22 and the registrant ID management table 24.
In step S32, the received information of the registrant T is stored in each record. In the case where the password of the registrant T is not input at the time of inputting the items in S31 and S32, the information registration processing unit 33 determines the initial value, stores the initial value in the registrant ID management table 24, and May be notified to the terminal 12.

As a result, in the records corresponding to the registrant T in both tables 22 and 24, for example, the contents shown in FIGS. 3 and 5 are set. In this example, in the personal information management network system 1 according to the present embodiment, the account number of the registrant T is set as an optional registration item, and is allowed to be blank.

On the other hand, when the referrer S operates the terminal 13 to access the personal information management server 11, the "for referrer" button is clicked on the initial screen shown in FIG. In this case, the information registration processing unit 33 determines in S21 and S23 in FIG.
In 4, the referrer S is registered by, for example, activating a referrer registration program.

In this case, the information registration processing unit 33
In S41 to S45 shown in FIG. 24, S31 to S3 in FIG.
5. Perform the same processing as in step 5, issue the referrer ID2, and notify the terminal 13. Also, with the issuance of the referrer ID 2,
The record corresponding to the referrer ID 2 is added to the referrer information table 23 and the referrer ID management table 25, and the information of the referrer S received from the terminal 13 is stored in each record.

In this embodiment, the personal information management server 11
When the information registration processing unit 33 issues each ID number, it is easy to distinguish whether the process is a process for the registrant T or a process for the referrer S. ), Data indicating that the user is a registrant T (for example, “T”) or data indicating that the user is a referrer S (for example, “S”) is added.

Further, when the referrer S and the registrant T are the same, for example, as "S10261"
If the referrer ID 2 of “1” is given, the registrant ID
For example, “T102611” is issued as I
In the D number, data other than the data indicating the registrant T or the referrer S is common.

In this case, the personal information management server 11 changes the head “T” of the registrant ID 1 to “S” without separately creating and managing a management file in which the registrant ID 1 and the referrer ID 2 are associated. The registrant ID1 of a certain user can be changed to the referrer ID2 only by the above. Therefore, it is possible to search with a simple data operation whether or not the registrant T has been issued the referrer ID 2 or whether or not the registrant S has been issued the registrant ID 1. Further, in this case, the user is given the same number only for the first character difference, rather than giving two completely different ID numbers,
It is easy to manage each ID number.

In the above description, the registrant T and the referrer S
The following describes a case where online registration is performed via a network via the terminals 12 and 13. The registrant T (referrer S) sends a document in which necessary items are described, for example, by mail. When the operator of the personal information management server 11 operates the input unit 54 of the personal information management server 11, which will be described later, the registrant personal information table 22 and the registrant ID management are performed based on the contents of the document. Table 24 (referrer information table 23)
And the registrant T in the ID management table 25).
A record for (reference person S) may be created, and each registrant T (reference person S) may be notified of the registrant ID 1 (reference person ID 2). Also, the method of notification is not limited to online, and may be notified by mail, facsimile, or the like. In any case, if a record of each registrant T and reference person S is created in each of the tables 23 to 25 and the registrant T and reference person S are notified of their respective ID numbers, substantially the same effect is obtained. Is obtained. However, in the case of online registration, the trouble of inputting data by the operator of the personal information management server 11 can be reduced.

In any case, if a registrant ID 1 (referrer ID 2) is issued to the registrant T (referrer S), the registrant T and the referrer S will receive A1 “A1” shown in FIG. Services such as "Personal information transmission destination entry", A2 "Personal information registrant inquiry", and A3 "Personal information transmission" can be used.

[Second Embodiment] By the way, A2
The services of “Personal information registrant inquiry” and A3 “Personal information transmission” may be free or may be paid. In the present embodiment, a configuration in which the personal information management server 11 charges the referrer S when the A3 “personal information transmission” is performed will be described.

As shown in FIG. 26, the personal information management server 11a according to the present embodiment includes a billing table 26 in addition to the configuration of the personal information management server 11 shown in FIG. In the charging table 26, as shown in FIG.
Charging information is stored for each referrer ID2. In the present embodiment, the billing information stores the billed date information (the date information on which the personal information was transmitted) and the registrant ID 1 of the personal information acquired by the referrer S at that time. 36 updates the record of the user (referrer S) of the terminal 13 according to the personal information transmitted to the terminal 13.

Thus, the personal information management server 11a
Can refer to the charging table 26 to calculate a service charge corresponding to the output of the personal information for the personal information referrer S. The operator of the personal information management server 11a You can charge a fee.

The charging table 26 according to the present embodiment
Has a referrer ID capable of specifying the referrer S as described above.
2 and the registrant ID 1 that can specify personal information, the personal information management server 11a
It is possible to calculate a service charge according to personal information instead of merely the number of times of output, and the operator of the personal information management server 11a can charge the service charge, thereby preventing the occurrence of duplicate charging for the same personal information output. Furthermore, in the present embodiment, since the date information is also stored, for example, when the personal information management server 11a calculates the service charge, even if the same personal information is output, the personal information management server 11a sets the interval longer than the preset interval. In the case of output with a space between the two, the service charge may be calculated by treating both as separate cases, and both may be charged.

If account information (such as after an account number) for automatic debit is stored in the referrer information table 23, and if the referrer S agrees with the automatic debit, personal information management is performed. The server 11a can automatically deduct the amount to be charged to the referrer S from the account of the account information by referring to the charging table 26.

When the accounting process is performed regardless of the presence or absence of the automatic debit, the referrer S who unnecessarily requests the provision of the personal information can be excluded from the personal information management network system 1. Safety can be improved. In addition, the personal information management server 11a returns at least a portion of the money collected from the referrer S to the registrant T, so that the registrant T can receive compensation for providing his / her personal information. It is possible to prompt the management server 11a to register as the registrant T.

[Third Embodiment] In the present embodiment, FIG.
A configuration for transmitting simple information before transmitting personal information to the referrer S in A3 “Personal information transmission” will be described with reference to FIGS. Note that the personal information management server 11c according to the present embodiment has the same configuration as that of FIG. 2 or FIG. 26 except for the operation of the output processing unit 36. The description is omitted by attaching the reference numerals.

That is, as shown in FIG. 28, in the personal information management network system 1c according to the present embodiment, the personal information management server 11c transmits the A11 “personal information registrant's simple Information transmission "
When A12 “Personal information transmission request” is received from the terminal 12, A3 “Personal information transmission” is performed.

Here, the simple information is information for determining whether or not the reference person S acquires personal information.
Information that is not substantially the same as personal information (information that cannot reproduce the entire personal information).

Examples of the simple information include information obtained by extracting only a part of personal information, information obtained by processing personal information, and information generated by combining extraction and processing of part of personal information.

As an example of extracting a part of the personal information, for example, extraction of a part of items such as an item of a name (name) or a case number can be cited. Further, as a part of the personal information, a part of the items such as only the last name or only the prefecture may be extracted.

An example involving processing includes, for example, the number of personal information that can be obtained by the referrer S. Alternatively, only gender information may be extracted from the personal information that can be acquired by the referrer S, and information indicating the number of hits by gender may be used. Further, the information may be information of a corresponding number such as age, occupation, and place of origin.

Regardless of the simple information, substantially the same effect can be obtained as long as the information is created from personal information and serves as an index when the referrer S determines whether to acquire personal information. .

However, as the amount of personal information that can be obtained by the referrer S increases, the amount of data transmitted from the personal information management server 11 to the terminal 13 increases. If you want to charge,
The billing amount increases. Therefore, it is desirable that the simple information includes information indicating the number of personal information transmitted from the personal information management server 11c when it is determined to acquire the personal information.

In this case, the referrer S can select whether to output personal information or to interrupt the processing and output again, based on the number of hits. For example, even if the number of hits is large and personal information is output, if the referrer S does not have time to use and utilize the personal information, the processing is interrupted, so that useless output of personal information can be prevented. In addition, it is also effective when a task using personal information is scheduled based on the number of hits and personal information is acquired when the scheduling is determined. Further, in the case of a configuration in which a charge is made for the output of personal information, the referrer S can avoid an undesired charge by interrupting the process when the number of hits is large and the charge amount becomes high, for example. Note that the processing is interrupted by the terminal 13 based on the instruction of the viewer S
Instead of the “personal information transmission request”, the personal information management server 11c is notified by transmitting an information transmission stop request (not shown).

Regardless of whether or not the simple information indicating the number is transmitted, before the A3 “transmission of personal information”, a part of the personal information that can be acquired by the referrer S as the simple information is obtained. May be sent to urge the referrer S to select whether or not to acquire the personal information.

In this case, since the referrer S determines whether or not to acquire the personal information based on a part of the personal information, only a part of the personal information determined not to be acquired is stored in the terminal 13. And the rest are not sent. As a result, the amount of data sent to the terminal 13 can be reduced. In addition, when sending only a part of the personal information, the billing amount can be set lower than when sending all of the personal information, or if it is set free, the billing amount can be reduced by selecting the personal information to be acquired .

In the following, A2 "Personal information registrant inquiry" will be described as an example in which both the simple information indicating the number and the simple information to be selected based on a part of the personal information are transmitted.
The subsequent processing will be described. That is, similarly to the first embodiment, when receiving the inquiry of the personal information registrant from the terminal 13 of the referrer S, the search processing unit 35 refers to the entry table 21 using the referrer ID 2 as a search key, and The registrant ID1 that permits the acquisition of personal information is specified for the referrer ID2.

Further, the output processing section 36 tallies up the search results, and displays the number of registrants ID1 permitted to acquire personal information (the number of registrants T) on the screen of the terminal 13 as shown in FIG. ) Is displayed and an inquiry is made as to whether or not to obtain personal information. When the referrer S instructs acquisition, for example, by clicking an “acquisition” button, the output processing unit 36
Detects the acquisition request based on the data from the terminal 13.

In this case, the output processing section 36 refers to the registrant's personal information table 22 using the registrant ID 1 searched as a search key, and a part of each registrant ID 1 (in this case, the case number). Is extracted. Further, in the present embodiment, the output processing unit 36 performs the registrant personal information table 22.
, The registration date information of personal information is also extracted as additional information. Thereby, the referring person S can grasp the registration time of the personal information and can judge the freshness. The registration date information is different from the personal information, and is information automatically added by the information registration processing unit 33. The registration date information is added by the information registration processing unit 33 when the personal information of the registrant T is registered, and is stored together with the personal information. Is done.

Further, based on the above extraction result, the output processing section 36 displays a list of case numbers and registration date information on the terminal 12 for personal information that can be taken out by the referrer S, as shown in FIG. The user is prompted to select whether or not to acquire each piece of personal information. On the other hand, the referrer S specifies the personal information desired to be acquired by associating the case management table (not shown) managed by the referrer with the above-mentioned list and, for example, after clicking the check box of the personal information, Click the "Execute" button to specify the personal information to be acquired. In this case, for example, the terminal 13
Registrant ID1, data indicating whether or not to acquire, and referrer ID2
By transmitting data that can specify the registrant ID1 desired to be acquired, such as a combination with the above, the personal information management server 11c is notified. On the other hand, the output processing unit 36 specifies the registrant ID 1 of the personal information desired to be acquired based on the data from the terminal 13, and uses the registrant ID 1 of the personal information for which the desired acquisition is detected as a search key, and Referring to the information table 22, the personal information is displayed on the terminal 13 as shown in FIG.

The output processing unit 36 according to the present embodiment
When the personal information is displayed on the terminal 13, the “return” button is also displayed. When the click of the button is detected, the personal information already acquired is displayed on the screen of the terminal 13 as shown in FIG. Display the list without information. In addition, the list removes the personal information transmitted from the previously displayed list, or transmits the data indicating the personal information acquired so far from the terminal 13 when the "return" button is clicked. It can be obtained by removing the personal information indicated by the data from the obtainable personal information.

As described above, in the present embodiment, once the personal information is displayed, it is removed from the list to prohibit the same referrer S from acquiring the same personal information again. As a result, it is assumed that a third party other than the referrer S having the authority to acquire the personal information illegally attempts to acquire the personal information by, for example, observing the access by the referrer S and accessing in the same manner. Also, since the personal information cannot be obtained, the possibility of illegal leakage of personal information can be reduced. Furthermore, if it remains in the list forever, even the referrer S may use it inadvertently for a purpose different from the time when the personal information of the registrant T was first obtained. Therefore, improper use can be prevented by prohibiting reacquisition.

In the above, as a part of the personal information,
Although the case number has been described as an example, the case number may be used. However, in any case, it is preferable that the registration date of the personal information is also displayed as a list as the additional information so that the referrer S can determine the freshness of the personal information.

[Fourth Embodiment] In the present embodiment, FIG.
With reference to FIG. 3, a configuration will be described in which the referrer S inquires of the registrant T when acquiring the personal information, just in case.
It is to be noted that the present invention can be applied to any of the above-described embodiments, but hereinafter, a case where the present invention is applied to the third embodiment will be described.

That is, in the personal information management network system 1d according to the present embodiment, after the terminal 13 of the referrer S makes a "personal information transmission request" A12, the personal information management server 11d sends the request to the terminal 12 of the registrant T A21 “Personal information permission request” is transmitted, and A22 from terminal 12 of registrant T is transmitted.
Only in the case where the “personal information transmission response” is permitted, A3 “personal information transmission” similar to the above is performed.

More specifically, as shown in FIG. 34, the personal information management server 11d according to the present embodiment is provided with a confirmation processing unit 37, and before the output processing unit 36 transmits the personal information, For example, the personal information permission request is transmitted by a communication method capable of notifying the personal information permission request even when the terminal 12 of the registrant T is not always connected to the network, such as an electronic mail. Note that the confirmation processing unit 37 only needs to be able to communicate with the terminal 12 of the registrant T by a communication method used in A21 “Personal information permission request” and A22 “Personal information transmission reply”. It can be realized by a combination with The e-mail address can be obtained by referring to the registrant personal information table 22, for example.

On the other hand, upon receiving the personal information permission request, the terminal 12 of the registrant T notifies the personal information management server 11d of output permission or non-permission according to the instruction of the registrant T. Further, the output processing unit 36 transmits the personal information to the terminal 13 of the referrer S only when the confirmation processing unit 37 receives the notification of the output permission.

According to the above configuration, A22 from registrant T
Whether the personal information management server 11d sends personal information is controlled by the content of the "personal information transmission response". Therefore, the registrant T can reconfirm the transmission permission of the personal information, and can register the personal information with more security. Further, the registrant T can grasp whether or not the requester for outputting his / her personal information has been issued by the referrer S by the A21 “Personal information permission request”. For example, the personal information management service by the personal information management server 11d can be used. It can be accurately determined whether or not to continue to use.

In the above description, the case where the present invention is applied to the third embodiment is described as an example. However, when the present invention is applied to the first or second embodiment, after A2 “Personal information registrant inquiry”, Before the A3 "Personal information transmission", each of the above operations A
21.A22 is performed, and substantially the same effect can be obtained.

Here, the personal information permission request only needs to include at least data indicating that there has been a request to output personal information. For example, the name (name) of the referrer S may be included.
It is desirable that data that can specify the referrer S is also included. Thereby, the registrant T can recognize not only the occurrence or non-occurrence but also the referrer S, and can more accurately determine whether to permit or disallow the output of personal information.

It is to be noted that, depending on a change in the situation, a certain referrer S
If the output of personal information to A
1. In order to prevent the occurrence of the “personal information permission request” itself,
The contents of the entry table 21 are updated, and the
It is desirable to revoke permission to obtain

In the first to fourth embodiments, the personal information management server 11 (11a to 11d) stores the personal information table 22 for registrants as an example. It is not limited. For example,
Like the personal information management server 11e shown in FIG. 35, the personal information management server 11e may acquire personal information by inquiring of the personal information storage database 14 in which personal information is stored. Although FIG. 35 illustrates a case where the present invention is applied to the first embodiment, the present invention can be applied to any of the embodiments.

[0138] Even in this case, the registrant T registers in advance the referrer S who may obtain his / her personal information in the personal information management server 11e, and registers the reference information in the personal information management server 11e.
Does not transmit the personal information of the registrant T even if the personal information of the registrant T is received from another referrer S, so that the same effects as those of the above embodiments can be obtained.

Further, in this configuration, even if the personal information is not registered in the registrant's personal information table 22, if there is a database storing the personal information, the database is replaced with the personal information storage database. Since the personal information management server 11e can be used as the server 14, the personal information management server 11e can concentrate on management and updating of the entry table 21. Thereby, the manager can pursue the provision of more comfortable services to the registrant T and the reference person S. In addition, since the database that is built independently can be abolished or minimized, the database that stores personal information can be prevented from becoming inconsistent, and the effort to eliminate differences in the content of personal information between databases can be prevented. Can be reduced.

The other personal information storage database 14
When acquiring specific personal information from a personal information storage database 14, for example, it acquires the unique information issued and used according to the management rule of the personal information storage database 14, and prepares a management table for associating the unique information with the registrant ID 1. Then, the personal information management server 11e may notify the personal information storage database 14 of the unique information corresponding to the desired registrant ID1. In this case, if the unique information can be integrated, it is preferable to use the unique information as the registrant ID1. This eliminates the need for the management table described above, and allows the same unique information to be used across a plurality of systems, such as the personal information management server 11e and personal information storage database 14.

In the following, a hardware configuration for realizing the personal information management network systems 1 according to the first to fourth embodiments will be described. In the following, for convenience of explanation, the system and server according to any of the embodiments will be referred to as the personal information management network system 1 and the personal information management server 11.

As shown in FIG. 36, the personal information management server 11 and the terminals 12 and 13 constituting the personal information management network system 1 are interconnected by a network 15 so as to be able to communicate with each other. When the personal information management network system 1 includes the personal information storage database 14, the personal information storage database 14 and the personal information management server 11 can communicate with each other through the network 15 or another communication line. Connected.

Although the network 15 and the communication line may be local area networks, the personal information management network system 1 according to the present embodiment refers to the personal information of the registrant T from the referrer S in a simple manner. The purpose is to make it possible, and it is desirable that third parties can refer to personal information. Therefore, for example, a wide area communication network such as the Internet is preferable.

Each of the terminals 12 and 13 is, for example, a personal computer, a workstation, a form information terminal, a mobile phone having an Internet connection function, or a digital television having a two-way communication function.

The personal information management server 11 is a personal computer, a workstation, or the like, and as shown in FIG. 37, implements a communication unit 51 for connecting to the network 15 and the above-described members 21 to 37. A storage unit 52 for storing programs and data for the
An arithmetic processing unit 53 that performs various arithmetic processes while controlling the peripheral circuits such as the communication unit 51 while referring to the storage unit 52 is provided. In addition, the personal information management server 11 according to the present embodiment includes an input unit 54 for inputting data and a data for directly performing maintenance, troubleshooting, or editing a file stored in the storage unit 52. An output unit 55 for displaying and outputting is provided.

The communication section 51 is, for example, a modem when the network 15 is the telephone line itself or when the network 15 is connected to the network 15 via the telephone line.
The telephone line is ISDN (Intergrated Services Dig).
terminal adapter (T
A). Further, a router for connecting to the network 15 may be used. Further, the input unit 5
In a case where the personal information management server 11 does not have the LAN 4 and the output unit 55, the communication unit 51 has a function of connecting to the local area network (LAN) 16 in order to perform the above-described maintenance. It is preferable that the setting is made so that remote control can be performed from a terminal (not shown) via the terminal. The input unit 54
The communication unit 51 may have a function of connecting to the LAN 16 even when the communication unit 51 is provided.

The input unit 54 is, for example, a pointing device such as a keyboard and a mouse, an image scanner, and a barcode scanner. Further, the output unit 55 is a display such as a CRT or a liquid crystal, or a printer, and performs soft copy of information,
You can hard copy.

On the other hand, the storage unit 52 includes, for example, a hard disk, an optical disk, or another non-volatile memory, and stores information input from the communication unit 51 and the input unit 54, a calculation result performed by the calculation processing unit 53, An edited / newly created file can be stored from another terminal or from the input unit 54 via the LAN 16. Further, the arithmetic processing unit 53 includes a CPU and a memory, such as a RAM, for temporarily storing processing results, and calculates data input from the communication unit 51 and the input unit 54. Can be processed.

In the first to fourth embodiments, each member constituting the personal information management server 11, the terminal 12, the terminal 13 and the like is provided with an arithmetic means such as a CPU, and an RO.
It may be a functional block realized by executing a program stored in a recording medium such as M or RAM, or may be realized by hardware performing similar processing.
Further, the present invention can also be realized by combining hardware for performing a part of the processing and the above-described arithmetic means for executing a program for controlling the hardware and performing the remaining processing.
Further, the arithmetic means may be a single unit, or a plurality of arithmetic means connected via a bus or various communication paths inside the apparatus may jointly execute the program.

The program stores the program itself and program data indicating data for creating the program in a recording medium and distributes the recording medium, or transmits the program data by wired or wireless communication. The information is transmitted by means or distributed and executed by the arithmetic means.

Here, it is preferable that the recording medium for distributing the program data is removable, but the recording medium after distributing the program data does not matter whether or not it is removable. Further, as long as the recording medium stores program data, it does not matter whether it is rewritable (writable), whether it is volatile or not, and the recording method and shape. Examples of the recording medium include a tape such as a magnetic tape and a cassette tape, a magnetic disk such as a floppy (registered trademark) disk and a hard disk, and a CD-ROM.
ROM, magneto-optical disk (MO), mini disk (M
D) and a digital video disk (DVD). The recording medium is a card such as an IC card or an optical card, or a mask ROM or an EPR.
A semiconductor memory such as an OM, an EEPROM, or a flash ROM may be used.

The program data may be a code for instructing the arithmetic means in the entire procedure of each of the above processes, or a part or all of the above processes can be executed by calling them in a predetermined procedure. If a basic program (for example, an operating system or a library) already exists, even if all or part of the above procedure is replaced with a code or pointer that instructs the arithmetic unit to call the basic program, Good.

The format in which the program data is stored in the recording medium may be a storage format that can be accessed and executed by the arithmetic means, such as a state where the program data is arranged in a real memory. Before being arranged in the memory, the storage means is installed on a local recording medium (for example, a real memory or a hard disk) which is always accessible by the arithmetic means, or the local recording is performed from a network or a transportable recording medium. The storage format before installation on the medium may be used. Further, the program data is not limited to the compiled object code, but may be stored as a source code or an intermediate code generated during the interpretation or compilation. In either case, decompress, decompress, interpret, compile, link, or
A similar effect can be obtained regardless of the format in which the program data is stored in the recording medium, as long as it can be converted into a format that can be executed by the arithmetic means by a process such as arrangement in a real memory or a combination of the processes. be able to.

In the above embodiments, the case where the personal information management server 11 transmits an HTML file has been described as an example, but the present invention is not limited to this. A similar screen can be displayed on the terminals 12 and 13, and the terminals 12 and 1 can be displayed.
If the selection result can be obtained from No. 3, the same effect can be obtained. In the HTML file, the layout of the screen can be specified to some extent, and the selection result at the terminal 12 (13) can be returned to the personal information management server 11. Also, HTM
Browsers that can display L files are widely used. Therefore, if you send an HTML file,
There is no need to prepare a special program for each of the terminals 12 and 13, and the personal information management network system 1 can be easily realized.

In each of the above embodiments, the case of performing authentication using a password has been described as an example. However, password input may be omitted if the security of the personal information management network system 1 is guaranteed. In this case, at the time of authentication, the user of each terminal 12 (13) inputs the registrant ID 1 (referrer ID 2), and the information table 22
The ID management tables 24 and 25 can be omitted by comparing and authenticating the contents of the items (columns) of the 23 ID numbers (ID1 and ID2) with the input results. Further, in each of the above-described embodiments, the case where the input of the registrant ID 1 (referrer ID 2) is required at the time of authentication has been described as an example. The ID number at the time and the registrant ID 1 (referrer ID 2) may be different. Furthermore, the method of specifying the registrant (referrer) is not limited to the combination of the ID number and the password, and the registrant can be registered using a digital signature, an ID card, or biometric information such as voice recognition or a fingerprint. (Referrer) may be specified.

[0156]

According to the personal information management method of the present invention, as described above, the computer receives, as a request for output of personal information, specific information for specifying the referrer from the referrer of the personal information, The above-mentioned computer searches an entry table in which each registrant of personal information is allowed to acquire personal information in advance, and registers the referrer who has permitted the acquisition of personal information to the referrer who sent the output request. A registrant specifying step of specifying a registrant, and information on the personal information of the specified registrant to the referrer who sent the output request,
And transmitting the personal information transmitted by the computer.

In the above configuration, regardless of the necessity of transmitting personal information, each registrant stores a referrer who can acquire his / her personal information in the entry table, and the computer
When receiving the specific information that specifies the referrer as an output request from the referrer, the referrer refers to the entry table and relates to the referrer the personal information of the registrant who has permitted the acquisition of the personal information. Submit information.

Therefore, the registrant acquires the inquiry code from the server and notifies the referrer, and the referrer transmits the inquiry code to the server to acquire the registrant's personal information. On the other hand, it is possible to reduce the labor of the registrant and the referrer and to reduce the load on the computer.

As described above, the personal information management method according to the present invention has a configuration in which the personal information itself is transmitted as information relating to the personal information of the registrant, in addition to the above configuration. In this configuration, since the personal information itself is transmitted, the referrer has an effect that the registrant can acquire the personal information for which the registrant has permitted the acquisition with a small amount of trouble.

As described above, the personal information management method according to the present invention obtains personal information for the referrer who sent the output request as information on the personal information of the registrant instead of the personal information itself. This is a configuration for transmitting the number of registrants who have been authorized. According to this configuration, before transmitting the personal information itself, the referrer can reconsider whether or not to acquire the personal information, so that the referrer can avoid acquiring unnecessary personal information. This has the effect.

As described above, in the personal information management method according to the present invention, regardless of the type of information related to personal information, in each of the above-described configurations, before the personal information transmitting step, the computer executes the registrant identification. The registrant specified in the process is notified that the acquisition of personal information is requested, and if the registrant is not permitted, the execution of the personal information transmission process is prevented.

According to this configuration, the registrant is responsible for the referrer who has permitted the acquisition of personal information in advance.
The validity at the time of reference can be determined. As a result, even if the referrer is authorized in advance, it is possible to avoid acquiring information from a referrer whose acquisition of personal information is not appropriate at the time of reference, and to more reliably protect the registrant's personal information. It works.

As described above, in the personal information management method according to the present invention, in addition to each of the above-described components, before the personal information transmitting step, the computer is configured to execute the registrant specified in the registrant specifying step. And a step of accessing a database storing personal information and acquiring personal information from the database.

According to this configuration, if a database already exists, there is no need to newly store personal information in the computer. Accordingly, the burden on the computer can be reduced, and the computer operator can pursue the provision of more comfortable services to the registrant and the referrer.

As described above, in the personal information management method according to the present invention, in addition to the above components, the computer transmits the personal information transmitted in the personal information transmitting step and transmits the personal information. And storing the information in the history table in association with the information indicating the referred referrer. According to this configuration, by referring to the history table, the personal information output to each of the viewers can be specified.
Therefore, there is an effect that billing according to the output personal information becomes possible.

In the personal information management method according to the present invention, as described above, in addition to the above components, the computer receives information indicating a referrer who is permitted to obtain own personal information from a registrant of personal information. In addition, the configuration includes a step of registering in the entry table as a reference person corresponding to the registrant. According to this configuration, the registrant can online register a reference person who is permitted to acquire personal information, so that the entry table can be updated without any trouble for the computer operator and the registrant.

On the other hand, the personal information management device according to the present invention
As described above, each registrant of personal information identifies the referrer as a request for output of personal information from the entry table in which the referrer who permits the acquisition of his / her personal information is stored in advance and the referrer of personal information. Receiving means for receiving the specific information, and searching the entry table using the information indicating the referrer as a search key, and specifying the registrant who has permitted the referrer who sent the output request to acquire personal information. The configuration includes a registrant specifying unit and a transmitting unit for transmitting information on the personal information of the specified registrant to the reference person who sent the output request.

In the personal information management apparatus having the above configuration, regardless of the necessity of transmitting personal information, each registrant stores in the entry table a referrer who can acquire his / her personal information.
When the receiving means receives the specific information of the referrer as an output request from the referrer, the receiving means refers to the entry table and provides the referrer with information on the personal information of the registrant who has permitted the acquisition of the personal information. Send. This allows
As with the above-described personal information management method, there is an effect that, as compared with the related art using the inquiry code, the labor of the registrant and the reference person can be reduced, and the burden on the personal information management device can be reduced.

As described above, the personal information management device according to the present invention, in addition to the above configuration, receives from a registrant of personal information information indicating a referrer who is permitted to acquire his / her own personal information, And a registration unit for registering in the entry table as a reference person corresponding to the user. According to this configuration, the registrant can register the reference person who permits the acquisition of personal information online, without any trouble for the operator and the registrant of the personal information management device.
This has the effect of updating the entry table.

As described above, the personal information management system according to the present invention is connected to the personal information management device via the network, and transmits the output request to the personal information management device. And a terminal that performs the operation. According to this configuration, when the terminal transmits the output request, the personal information management device returns information about the personal information with reference to the entry table, so that the inquiry code is used similarly to the personal information management device described above. Compared with the related art, there is an effect that the labor of the registrant and the referrer can be reduced and the burden on the personal information management device can be reduced.

As described above, the personal information management system according to the present invention is connected to the personal information management device having the registration means via the network and to the personal information management device. And a terminal for transmitting information indicating a referrer who is permitted to acquire his / her personal information.

According to this configuration, the registrant can use the terminal to online register the referrer who is permitted to acquire his / her personal information in the personal information management device. Therefore, the entry table can be updated without any trouble for the operator and the registrant of the personal information management device, and as in the above-described personal information management device, the labor for the registrant and the reference person can be reduced, and the personal information management device can be updated. This has the effect of reducing the burden.

As described above, the program according to the present invention is a program for causing a computer to execute any one of the personal information management methods having the above-described configurations, and the recording medium according to the present invention stores the program. It is a recording medium. When the program is executed by a computer, the computer executes the above-described personal information management method. As a result, it is possible to reduce the burden on the registrant and the reference person, and to reduce the burden on the personal information management device.

[Brief description of the drawings]

FIG. 1 illustrates one embodiment of the present invention, and is an explanatory diagram illustrating a main configuration and a main operation of a personal information management network system.

FIG. 2 is a block diagram showing a main part configuration of a personal information management server provided in the personal information management network system.

FIG. 3 is an explanatory diagram showing a data structure of a registrant personal information table provided in the personal information management server.

FIG. 4 is an explanatory diagram showing a data structure of a referrer information table provided in the personal information management server.

FIG. 5 is an explanatory diagram showing a data structure of a registrant ID management table provided in the personal information management server.

FIG. 6 is an explanatory diagram showing a data structure of a referrer ID management table provided in the personal information management server.

FIG. 7 is an explanatory diagram showing a data structure of a personal information transmission destination entry table provided in the personal information management server.

FIG. 8 is an explanatory diagram showing another configuration example of the personal information transmission destination entry table.

FIG. 9 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating an initial screen.

FIG. 10 is a flowchart showing an operation of the personal information management server when a registrant registers a referrer.

FIG. 11 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating an authentication screen.

FIG. 12 shows an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram showing an example of a list of referrers that can be registered.

FIG. 13 shows an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram showing another example of a list of referrers that can be registered.

FIG. 14 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating an example of a confirmation screen after registration.

FIG. 15 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating another example of a confirmation screen after registration.

FIG. 16 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating a case where a referrer is directly input.

FIG. 17 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating a case where a destination code is directly input.

FIG. 18 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating a case number input screen.

FIG. 19 is a flowchart showing the operation of the personal information management server when a referrer acquires personal information.

FIG. 20 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating personal information to be output.

FIG. 21 is an explanatory diagram illustrating an operation at the time of user registration in the personal information management network system.

FIG. 22 illustrates an example of a screen displayed on the terminal by the personal information management server, and is an explanatory diagram illustrating an initial screen of user registration.

FIG. 23 is a flowchart showing a schematic operation of the personal information management server when a registrant and a referrer perform user registration in the personal information management server.

FIG. 24 is a flowchart showing the details of the above flowchart, and showing the operation of the personal information management server at the time of registrant registration.

FIG. 25 is a flowchart showing details of the above-mentioned flowchart, and showing an operation of the personal information management server at the time of registering a referrer.

FIG. 26 illustrates another embodiment of the present invention, and is a block diagram illustrating a configuration of a main part of a personal information management server.

FIG. 27 is an explanatory diagram showing a data structure of a billing table provided in the personal information management server.

FIG. 28 illustrates yet another embodiment of the present invention, and is an explanatory diagram illustrating a main configuration and main operations of a personal information management network system.

FIG. 29 shows an example of a screen displayed on a terminal by the personal information management server of the personal information management network system, and is an explanatory diagram showing simple information.

FIG. 30 shows an example of a screen displayed on the terminal by the personal information management server of the personal information management network system, and is an explanatory diagram showing other simple information.

FIG. 31 shows an example of a screen displayed on a terminal by the personal information management server of the personal information management network system, and is an explanatory diagram showing personal information.

FIG. 32 shows an example of a screen displayed on a terminal by the personal information management server of the personal information management network system, and is an explanatory diagram showing simplified information after personal information is output.

FIG. 33 illustrates another embodiment of the present invention, and is an explanatory diagram illustrating a main configuration and main operations of a personal information management network system.

FIG. 34 is a block diagram showing a main configuration of a personal information management server provided in the personal information management network system.

FIG. 35 shows a modification of each of the above embodiments.
FIG. 2 is an explanatory diagram illustrating a main configuration and main operations of the personal information management network system.

FIG. 36 is a connection diagram showing a hardware configuration of each of the above embodiments and showing connections of devices constituting the personal information management network system.

FIG. 37 is a block diagram illustrating a hardware configuration of each of the above embodiments and illustrating a main configuration of a personal information management server.

[Explanation of symbols]

1.1a-1e Personal information management network system (personal information management system) 11.11a-11d Personal information management server (personal information management device; computer) 21 Personal information transmission destination entry table (entry table) 31 WEB server (receiving means) ) 34 Entry registration processing unit (registration means) 35 Search processing unit (registrant specifying means) 36 Output processing unit (transmission means)

Claims (13)

[Claims] Claims: 1. A step in which a computer receives, as a request for output of personal information, a request for output of personal information from a referrer of personal information, and a step of allowing each registrant of personal information to acquire its own personal information. A registrant specifying step in which the computer searches an entry table preliminarily storing a referrer to be performed, and specifies a registrant who has permitted acquisition of personal information to the referrer who sent the output request; Transmitting the personal information to the referrer who sent the output request by the computer. 2. The personal information management method according to claim 1, wherein the personal information itself is transmitted as information on the personal information of the registrant. 3. The information on the personal information of the registrant according to claim 1, wherein the number of registrants permitted to acquire personal information is transmitted to the referrer who sent the output request. Personal information management method. 4. Before the personal information transmitting step, the computer sends the registrant specified in the registrant specifying step to
4. The method according to claim 1, further comprising a step of notifying that the acquisition of personal information is requested and, if not permitted by the registrant, blocking the execution of the personal information transmitting step. Personal information management method. 5. Before the personal information transmitting step, the computer accesses a database storing personal information of the registrant specified in the registrant specifying step, and acquires personal information from the database. 5. The personal information management method according to claim 1, further comprising a step. 6. The method according to claim 1, wherein the computer stores information indicating the personal information transmitted in the personal information transmitting step and information indicating a referrer who transmitted the personal information in a history table in association with each other. The personal information management method according to claim 1, 2, 3, 4, or 5, wherein 7. A step of receiving from a registrant of personal information information indicating a referrer who is permitted to obtain his / her personal information, and registering the information in the entry table as a referrer corresponding to the registrant. 7. The personal information management method according to claim 1, wherein the information is included. 8. An entry table in which each registrant of personal information is permitted to acquire his / her own personal information, and the referrer of the personal information is specified as a request for outputting personal information from the personal information referrer. Receiving means for receiving specific information, and searching the entry table using the information indicating the referrer as a search key, and specifying a registrant who has permitted the referrer who sent the output request to acquire personal information. A personal information management apparatus comprising: a registrant specifying unit; and a transmitting unit configured to transmit information on personal information of the specified registrant to a reference person who has transmitted the output request. 9. A registration means for receiving, from a registrant of personal information, information indicating a reference person who is permitted to acquire his / her personal information, and registering the information in the entry table as a reference person corresponding to the registrant. The personal information management device according to claim 8, wherein 10. A personal information management apparatus according to claim 8, further comprising: a terminal connected to said personal information management apparatus via a network and transmitting said output request to said personal information management apparatus. Characteristic personal information management system. 11. A personal information management apparatus according to claim 9, further comprising: a reference person connected to said personal information management apparatus via a network, and to which said personal information management apparatus is permitted to acquire said personal information. A personal information management system, comprising: a terminal for transmitting information. 12. A program for causing a computer to execute each step included in the personal information management method according to claim 1. 13. A recording medium on which a program for causing a computer to execute each step included in the method for managing personal information according to claim 1 is recorded.