JP2004192060A - Secret information disclosure system, secret information disclosure device, secret information disclosure method and secret information disclosure program - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide a secret information disclosure system, secret information disclosure device, secret information disclosure method and secret information disclosure program capable of displaying an administration group to a test subject in an emergency to a doctor in charge, in a double blind test, and also fulfilling the reporting obligation to a requester side. <P>SOLUTION: In this system for an examination executer 2 receiving the disclosure of the administration group in emergency in a test executed while keeping the secret for the administration group to the test subject, a server computer transmits test subject specification information received from the communication device of the test executer 2 and a disclosure permission request of the administration group to the subject to the communication device 31 of the test requester. When the administration group disclosure permission information of the test subject is received from the communication device 31 of the test requester, it is registered in a test subject information storage means and also transmitted to the communication device of the test executer 2. When the disclosure of the administration group for the test subject with the permission information is requested, the administration group is transmitted to the communication device of the test executer 2. <P>COPYRIGHT: (C)2004,JPO&NCIPI

Description

[0001]
TECHNICAL FIELD OF THE INVENTION
The present invention relates to a confidential information disclosure system, a confidential information disclosure device, a confidential information disclosure method, and a confidential information disclosure program. Particularly, in a test performed in a state where the administration group is kept secret, the test performer knows the administration group in an emergency and The present invention relates to a confidential information disclosure system, a confidential information disclosure device, a confidential information disclosure method, and a confidential information disclosure program that can report the knowledge of an administration group to a test client.
[0002]
[Prior art]
In the process of new drug development, we conduct basic research to select compounds with high potential from new drug candidates, and then conduct non-clinical tests to examine pharmacological effects using animals. After that, clinical trials are conducted, and the results of the clinical trials are submitted to the Ministry of Health, Labor and Welfare, where they are reviewed for approval.
In clinical trials, in response to a request from a client company such as a pharmaceutical company that developed a new drug, a practitioner such as a medical institution administers the new drug to healthy adults or patients with a disease to which the new drug is applied. The results of the study are submitted to the Ministry of Health, Labor and Welfare, where they are reviewed for approval.
[0003]
In clinical trials, double-blind studies are generally performed.
In a double-blind study, subjects were divided into study drug and placebo groups by assignment, and drug numbers were assigned to subjects so that they could not know which subjects were given which drugs. It is managed with this medicine number.
The allocation table showing the correspondence between the drug number and the administered drug, that is, the administration group, is sealed and stored with the seal. The administration group of each sealed subject is called an emergency key code.
In addition, a paper describing the correspondence between the drug number and the administered drug, that is, the administration group, is created for each subject and put in an envelope for each subject, and is opened except in an emergency such as when the condition of the subject changes. Stored so as not to be carried out.
[0004]
The envelope for each subject is opened in the event of an emergency such as a change in the condition of the subject, but the method of opening is roughly divided into the following three patterns depending on the clinical test.
The first pattern is a pattern in which an envelope for each subject is stored by a client of a clinical test and opened by the client at his / her discretion. In other words, in this pattern, when an emergency such as a change in the condition of the subject occurs, the responsible doctor contacts the pharmaceutical company or the like as the client and hears the administration group from the pharmaceutical company.
[0005]
The second pattern is a pattern in which the responsible doctor in charge of the clinical test of each subject stores the envelope for each subject, and the responsible doctor opens the envelope at the discretion of the pharmaceutical company or the like who is the client of the clinical test. In other words, in this pattern, when an emergency such as a change in the condition of the subject occurs, the responsible doctor contacts the pharmaceutical company or the like as the client and receives permission to open the envelope, whereby the envelope can be opened.
The third pattern is a pattern in which an envelope for each subject is stored by a doctor in charge of a medical institution in charge of a clinical test of each subject, and the envelope is opened at the discretion of the responsible doctor.
[0006]
In this third pattern, the medical doctor opens the package at the discretion of each investigator, but the GCP (Good Clinical Practice), which was established for the purpose of ensuring the scientific quality of the clinical trial and the reliability of the results, The subject physician is obliged to contact the client at the time of opening, as the subject is obliged to contact the client in the event of a serious condition.
[0007]
In this way, in the double-blind study, it is possible to keep the administration group of the subjects confidential except in an emergency, and the subjects to whom the placebo is administered to each medical institution and the pharmaceutical company as the client are By not knowing who you are, it is possible to maintain objective fairness in clinical trials.
[0008]
However, in the double-blind study, regardless of which of the first to third patterns is adopted, when the subject's administration group is known, the responsible physician calls the pharmaceutical company, etc. Contact must be made by e-mail, facsimile, etc., and the task of emergency communication when the condition of the subject is changing is a burden on the responsible doctor.
In particular, it is difficult to contact the person in charge of the pharmaceutical company etc. outside the business hours of the pharmaceutical company etc., such as early morning and nighttime, the burden of the communication work is large, and a system that can automatically perform emergency communication work Is desired.
[0009]
Although a system for automatically contacting a medical institution when a patient becomes serious is known (for example, see Patent Document 1), it is required to disclose a treatment group in a clinical trial and There is no known system for automatically contacting the client from the responsible physician for the purpose of reporting that the situation has changed, and it is desired to construct a system for automatically contacting the client from the responsible physician. I have.
[0010]
[Patent Document 1]
JP 2002-34940 A
[0011]
[Problems to be solved by the invention]
[0012]
An object of the present invention is to solve the above-mentioned problems. In a double-blind test, it is possible to easily disclose the administration group of the subject to the responsible doctor in an emergency and at the same time An object of the present invention is to provide a confidential information disclosure system, a confidential information disclosure device, a confidential information disclosure method, and a confidential information disclosure program capable of fulfilling a duty of contacting a confidential information.
[0013]
[Means for Solving the Problems]
According to the first aspect of the present invention, in a test performed by dividing a subject into administration groups and keeping the administration group concealed, a tester of the test discloses the administration group in an emergency. A secret information disclosure system used for receiving a subject, wherein a server storing subject information storage means for registering the administration group in association with subject specific information of the subject in a state where external browsing is prohibited. A communication device of the test performer capable of transmitting and receiving information between the computer and the server computer, and a test requester capable of transmitting and receiving information between the server computer and requesting the test performer to perform the test The communication device of the tester, the server computer transmits the subject identification information to the administration group of the subject according to the identification information. Means for receiving together with the disclosure permission request for permission, the received subject identification information and the disclosure permission request, the disclosure permission request means for transmitting to the test requester communication device, and the test requester communication device, Receiving disclosure permission information for permitting disclosure of the administration group of the subject, registering the disclosure permission information with the subject identification information in the subject information storage unit, and communicating with the test performer. A disclosure permission registration / transmission means for transmitting to the apparatus, and when a request for disclosure of the administration group is made by specifying a subject to which the permission information has been added, the administration group requested to be disclosed is sent to the test performer. And a disclosing means for transmitting to the communication device.
[0014]
According to the fourth aspect of the present invention, a test is performed in a state where subjects are divided into administration groups and the administration groups are kept concealed. Subject information storage means for registering the administration group in association with subject identification information of the subject in a state in which browsing from outside is prohibited; and Means for receiving, from the communication device of the subject, the subject identification information, together with a disclosure permission request for disclosure permission of the administration group of the subject according to the specific information, and the received subject identification information and the disclosure permission request, Disclosure permission requesting means for transmitting to the test requester's communication device requesting the test performer to perform the test, and permitting disclosure of the administration group of the subject from the test requester's communication device. Disclosure permission information, the disclosure permission information is attached to the subject identification information and registered in the subject information storage means, and the disclosure permission registration / transmission means is transmitted to the communication device of the test performer. And a disclosure unit that, when a subject to which the permission information is attached is requested to disclose the administration group and the administration group requested to be disclosed is transmitted to the communication device of the test performer, It is solved by having.
[0015]
According to the invention according to claim 7, the above problem is disclosed in a test in which a subject is divided into administration groups and the administration group is concealed, and the tester of the test discloses the administration group in an emergency. A method of registering the administration group in subject information storage means in association with subject identification information of the subject in a state in which browsing from outside is prohibited; and A procedure for receiving, from the communication device, the subject identification information together with a disclosure permission request for permission to disclose the administration group of the subject according to the specific information, and the received subject identification information and the disclosure permission request received from the test device. A disclosure permission requesting procedure for transmitting to the test requester's communication device requesting the test to be performed by the test requester, and a disclosure permission for permitting disclosure of the administration group of the subject from the test requester's communication device; Receiving the information, registering the disclosure permission information with the subject identification information in the subject information storage means, and transmitting the disclosure permission information to a communication device of the test performer; When a disclosure request for the administration group is made by specifying the subject to which the information is attached, the disclosure procedure of transmitting the disclosed administration group to the communication device of the test performer is performed by performing the disclosure procedure. Will be resolved.
[0016]
The above object is achieved according to the invention of claim 10 in which a test is performed in a state where subjects are divided into administration groups and the administration groups are concealed. A procedure for registering the administration group in the subject information storage means in association with the subject identification information of the subject in a state where external viewing is prohibited on the secret information disclosure computer used to receive the test, From the communication device of the person, a procedure for receiving the subject identification information together with a disclosure permission request for permission to disclose the administration group of the subject according to the specific information, and the received subject identification information and the disclosure permission request, A disclosure permission requesting procedure for transmitting to a test requester's communication device requesting the test performer to perform a test, and disclosing an administration group of the subject from the test requester's communication device Receiving the disclosure permission information indicating permission, registers the disclosure permission information with the subject identification information in the subject information storage unit, and transmits the disclosure permission information to the communication device of the test performer. A transmission procedure, and a disclosure procedure of, when a subject to which the permission information is attached is specified and a disclosure request for the administration group is made, transmitting the administration group requested to be disclosed to a communication device of the test performer. Are solved by a confidential information disclosure program for executing
[0017]
In this manner, the server computer transmits the received subject identification information and the disclosure permission request to the communication device of the test requester by the disclosure permission requesting means, and the administration of the test subject from the communication device of the test requester. Receiving the disclosure permission information to permit disclosure of the group, registering the disclosure permission information in the subject information storage means with the subject identification information, and transmitting the information to the communication device of the test executor. Disclosure permission registration / transmission means, and when a subject to which the permission information is assigned is specified and a request for disclosure of the administration group is made, the administration group requested to be disclosed is transmitted to the communication device of the test performer. If the test sponsor has authority to open the administration group information of the subject that is concealed during the test, the test performer transmits a disclosure permission request to the server computer. Can inform the test sponsor that the subject has become serious and receive information from the server computer on whether the test sponsor has permitted disclosure of the administration group. It becomes.
[0018]
In addition, since the server computer automatically transmits the disclosure permission request received from the communication device of the test requester to the communication device of the test requester, the test tester can perform the request even outside of the business hours of the test requester. It is possible to make a disclosure permission request for permitting disclosure of the administration group to the test sponsor, and it is possible to perform communication work and disclosure permission request work without being restricted by the work hours of the test sponsor.
[0019]
According to the second aspect of the present invention, a test is performed in a state where subjects are divided into administration groups and the administration groups are kept concealed. A confidential information disclosure system that is used to open itself in an emergency, wherein a server computer storing subject information storage means for registering information of the subject in association with subject identification information of the subject, and the server A communication device of the test performer that can transmit and receive information to and from a computer, and a communication device of a test requester that requests the test performer to perform the test, which can transmit and receive information to and from the server computer, The server computer requests the subject identification information from the communication device of the test performer to open the administration group of the subject according to the identification information. Means for receiving together with the sealing permission request, opening requesting means for transmitting the received subject identification information and the opening permission request to the communication device of the test requester, and a communication device of the test requester, Receiving opening permission information to permit opening of the administration group, registering the opening permission information with the subject identification information in the subject information storage means, and transmitting the information to the communication device of the test performer. And an opening permission information registering / transmitting means.
[0020]
According to the fifth aspect of the present invention, the test is performed in a state in which the subject is divided into administration groups and the administration group is kept secret. A secret information disclosure device used to open itself in an emergency, a subject information storage means for registering the subject information in association with subject specific information of the subject, and a communication device of the test performer Means for receiving the subject identification information, together with an opening permission request for opening permission of the administration group of the subject according to the identification information, and receiving the subject identification information and the opening permission request, performing the test. Opening permission requesting means for transmitting to the test requester's communication device requesting the test performer, and opening permission information indicating permission of opening of the administration group of the subject from the test requester's communication device. Receiving the opening permission information, adding the opening permission information to the test subject information storage means in association with the subject identification information, and transmitting the opening permission information to the communication device of the test performer. It is solved by.
[0021]
According to the invention described in claim 8, the above-mentioned problem is solved in a test in which a subject is divided into administration groups and the administration group is kept concealed. A secret information disclosure method that obtains permission to open when opening itself in an emergency, a step of linking the information of the subject with subject identification information of the subject and registering the information in subject information storage means, and performing the test. From the communication device of the person, a procedure of receiving the subject identification information together with an opening permission request for opening permission of the administration group of the subject according to the identification information, and the received subject identification information and the opening permission request, An open permission requesting procedure for transmitting to the test requester's communication device requesting the test performer to perform the test, and permitting opening of the test subject's administration group from the test requester's communication device. Receiving the opening permission information, registering the opening permission information with the subject identification information in the subject information storage means, and transmitting the opening permission information to the communication device of the tester; , Is solved.
[0022]
According to the invention according to claim 11, the test is performed by classifying the subject into administration groups and performing the test in a state where the administration group is kept secret. A procedure for registering the information of the subject in the subject information storage means in association with the subject identification information of the subject in a confidential information disclosure computer used for self-opening in an emergency, and from the communication device of the test performer. Receiving the subject identification information together with an opening permission request for opening permission of the administration group of the subject according to the identification information, and receiving the subject identification information and the opening permission request, performing the test, An opening permission requesting procedure to be transmitted to the communication device of the test requester requesting the test performer, and a request to open the administration group of the subject from the communication device of the test requester; Receiving the opening permission information, registering the opening permission information with the subject identification information in the subject information storage means, and transmitting the opening permission information to the communication device of the test performer. Is executed by a confidential information disclosure program for executing the program.
[0023]
In this manner, the received subject identification information and the opening permission request are transmitted to the test requester's communication device, and the opening permission requesting unit transmits the test subject's administration group from the test requester's communication device. Receiving the opening permission information indicating permission, adding the opening permission information to the subject information storage means by attaching the opening permission information to the subject identification information, and registering the opening permission information to be transmitted to the communication device of the test executor. Transmission means, so that the test requester has permission to open the administration group information of the subject who is kept confidential during the test, but if the test is performed by the test implementer, the test implementer transmits the information to the server computer. By simply sending an open permission request to the test sponsor, the test sponsor can be notified that the subject has become serious, and information on whether or not the test sponsor has permitted the administration group to be opened is sent to the server computer. It is possible to receive from Yuta side.
[0024]
In addition, since the server computer automatically transmits the opening permission request received from the tester's communication device to the test requester's communication device, the test performer can operate even outside of the test requester's business hours. A request for opening permission requesting permission of disclosure of the administration group can be made to the test client, and it is possible to perform communication and opening permission requests without being restricted by the work hours of the test client.
[0025]
According to the third aspect of the present invention, a test is performed in a state where subjects are divided into administration groups and the administration groups are kept secret. A confidential information disclosure system that is used to open itself in an emergency, wherein a server computer storing subject information storage means for registering information of the subject in association with subject identification information of the subject, and the server A communication device of the test performer that can transmit and receive information to and from a computer, and a communication device of a test requester that requests the test performer to perform the test, which can transmit and receive information to and from the server computer, The server computer includes an authentication unit that authenticates that the tester's access from the communication device is performed by the tester himself, and an authentication unit that authenticates the tester. With the access, from the communication device of the test performer, means for receiving the subject identification information together with a report of opening the administration group of the subject according to the identification information, the received subject identification information and the It is possible to solve the problem by providing an opening report / registration unit that transmits a report to the communication device of the test requester and adds the report to the subject information storage unit with the report attached to the subject identification information.
[0026]
The above object is achieved according to the invention of claim 6, wherein the test is performed in a state in which the subject is divided into administration groups and the administration group is kept concealed. A secret information disclosure device used for opening itself in an emergency, a subject information storage means for registering the subject information in association with subject specific information of the subject, and a communication device of the test performer The authentication means for authenticating that the access of the test performer is performed by the test performer, and the access authenticated by the authentication means, the test subject identification information is transmitted from the test implementer's communication device to the subject according to the specific information. Means for receiving a report indicating that the administration group is to be opened, and transmitting the received subject identification information and the report to a communication device of a test requester who requests the test performer to perform the test. Rutotomoni, the report, and the opening reporting and registering means for registering in said subject information storage means attached to the subject specific information is solved by providing a.
[0027]
According to the invention according to claim 9, the test is performed by dividing a test subject into administration groups and performing the test in a state where the administration group is kept secret. Is a secret information disclosure method for reporting that the subject is to be opened in an emergency, a procedure for associating the information of the subject with subject identification information of the subject and registering the subject information in subject information storage means, and a communication of the test performer. An authentication procedure for authenticating that the access from the device is performed by the test performer itself, and the access authenticated by the authentication means, the test subject identifying information from the test implementer's communication device, A procedure for receiving the report together with the report of opening the administration group of the test subject, and the received test subject identification information and the report to the test requester's communication device requesting the test performer to perform the test. While signal, the report, the procedure opened report and registration to be registered in the subject information storage unit is subjected to said subject specifying information, it is solved by performing.
[0028]
According to the invention according to claim 12, the subject is divided into administration groups, and in a test performed in a state where the administration group is kept concealed, a test executor of the test is performed by the sealed administration group. A procedure for registering the information of the subject in the subject information storage means in association with the subject identification information of the subject in a confidential information disclosure computer used for self-opening in an emergency, and from the communication device of the test performer. An authentication procedure for authenticating that the access of the test performer is performed by the test performer itself, and the access authenticated by the authentication means, the test subject specifying information from the communication device of the test performer, A procedure for receiving a report indicating that the administration group is to be opened, and communication of a test sponsor who requests the test performer to perform the test on the received subject identification information and the report. And transmits to the location, the reporting is solved by confidential disclosure program for executing a procedure opening report and registration to be registered in the subject information storage unit is subjected to said subject specific information.
[0029]
In this way, the access authenticated by the authentication means, from the communication device of the test performer, the means for receiving the subject identification information, together with a report of opening the administration group of the subject according to the identification information, Opening report / registration means for transmitting the received subject identification information and the report to the communication device of the test sponsor, and attaching the report to the subject information storage means in association with the subject identification information. By providing this, if the tester has permission to open the administration group information of the subject who is kept confidential during the test, the test performer only needs to send a report to the server computer to open it, On the other hand, the subject can be informed of the serious situation.
[0030]
In addition, since the server computer automatically transmits the report of opening received from the communication device of the test submitter to the communication device of the test requester, the test submitter is out of business hours of the test requester. In addition, it is possible to report to the test requester that the package is to be opened, and it is possible to perform a communication operation without being restricted by the business hours of the test requester.
[0031]
BEST MODE FOR CARRYING OUT THE INVENTION
Hereinafter, an embodiment of the present invention will be described with reference to the drawings. The configuration described below does not limit the present invention, and can be variously modified within the scope of the present invention.
In the confidential information disclosure system of the present embodiment, in the event of an emergency such as a change in the condition of a subject during the execution of a clinical test, the responsible doctor 2 knows the administration group of the subject, and This is a system that promptly informs the pharmaceutical company 3 that is the client of the clinical trial that the situation has changed.
[0032]
In the present embodiment, an example in which the confidential information disclosure system is used in a clinical trial of a new drug is shown. However, the subjects and the subjects are divided into administration groups, and investigations and tests conducted in a situation where each subject is concealed which administration group is performed. If so, it can be used for any surveys and tests. Specifically, bioequivalence tests, bioavailability tests, post-marketing surveillance of generic drugs, and confirmation of the effects of health foods, specified health foods, functional foods, cosmetics, etc. It can be used for tests, other epidemiological surveys classified by administration groups, research by physicians, clinical research, QOL (Quality of Life) research, and the like.
[0033]
The present invention is not limited to the case where a substance is administered, and may be used for a test for confirming the effect of a therapeutic device and a medical device and a test for confirming the effect of a therapeutic method such as regenerative medicine. The clinical test of the new drug may be any of the first to third phases, and may be any of a clinical pharmacology test, an exploratory test, a confirmatory test, and a therapeutic test.
[0034]
In this specification, “computer” is meant to include all information terminals provided with a computing device. For example, in addition to a supercomputer, a general-purpose computer, an office computer, a control computer, a workstation, and a personal computer, a mobile information terminal, a mobile phone equipped with an arithmetic device, and the like are also included.
In addition, a clinical test is used synonymously with a clinical trial.
[0035]
The term “administration” refers to giving a drug, and includes taking a drug, applying, spraying, instilling, injecting, and suctioning.
The subject's administration group is used synonymously with the emergency key code of the clinical test.
In the present embodiment, the communication from the server computer 11 to the pharmaceutical company 3 is performed using the mobile phone 31 and the facsimile 32. However, the communication may be performed by e-mail addressed to the computer or the mobile terminal.
[0036]
In the present specification, the `` seal '' means a sheet in which information is described in an envelope, a box, etc. The electronic file in which the information is input is stored, and also includes a situation where the contents of the electronic file cannot be viewed except for a special situation. The situation in which the contents of the electronic file cannot be viewed includes an encrypted situation, a situation in which the file has a read password, and the like.
Further, "opening" means that the sealed contents can be viewed, and includes opening an envelope, opening a lid of a box, opening an electronic file, and the like.
[0037]
As shown in FIG. 1, the confidential information disclosure system according to the present embodiment includes a management center 1 that supervises and manages the confidential information disclosure system, a responsible doctor 2 who belongs to a medical institution as a tester who performs a clinical test, It is set up with a pharmaceutical company 3 as a test sponsor who requests a clinical trial.
The management center 1 is an organization that operates the confidential information disclosure system of the present embodiment in response to a request from the pharmaceutical company 3 without directly engaging in the execution of a clinical trial. The medical institution to which the responsible doctor 2 belongs and an organization different from the pharmaceutical company 3 are configured.
The management center 1 is provided with a server computer 11 that controls the secret information disclosure system.
[0038]
The pharmaceutical company 3 is an organization that develops a new drug, and requests a clinical institution to which the responsible doctor 2 belongs for a clinical trial of the developed new drug. When the confidential information disclosure system according to the present embodiment is applied to a test for confirming the effects of food, a treatment device, and a medical device, a food company, a medical device manufacturer, or the like is used instead of the pharmaceutical company 3. When the confidential information disclosure system according to the present embodiment is applied to a test for confirming the effect of a treatment method such as regenerative medicine, or when applied to a test for confirming a result of a doctor's research, Become a doctor in place of the pharmaceutical company 3.
Further, when the confidential information disclosure system according to the present embodiment is applied to a QOL survey or the like, a survey is conducted from a public organization or a public organization aiming at promoting the health of the nation instead of the pharmaceutical company 3. In some cases.
[0039]
Pharmaceutical company 3 has staff members for clinical trials. This person in charge has a mobile phone 31 as a communication device of the test client. In addition, a facsimile 32 as a communication device of the test requester is installed in the department of the person in charge.
[0040]
The investigator 2 is a physician of a medical institution and refers to a person specified as the investigator in the clinical trial protocol. Responsible for requested clinical trials.
The medical institution to which the responsible doctor 2 belongs is requested by the pharmaceutical company 3 to carry out a clinical test. The medical institution may be any of a hospital, a clinic, a clinic, and the like. The present embodiment is an example in which a clinical test is performed in the medical institution 2. However, the medical institution 2 is not a medical institution but a dental clinic, an osteogenesis clinic, an orthodontic clinic, an emergency center, a health center, an aesthetic salon, a beauty salon, and a geriatric health facility. A clinical test or a test for confirming the effect of a food, a medical device, or the like may be performed.
The responsible doctor 2 has a mobile phone 21 as a communication device of the test executor.
[0041]
Next, each computer will be described.
The server computer 11 is a computer that is installed in the management center 1 and controls the confidential information disclosure system of the present embodiment.
FIG. 2 shows a hardware configuration of the server computer 11.
The server computer 11 includes a CPU 72 as a data calculation / control processing device (central processing unit), a RAM 73, a ROM 74, an HDD 75, and a storage medium device 76 as storage devices. Further, a communication device 77, a keyboard 78, a mouse 79, a display device 80, and a printer 81 are provided.
[0042]
The CPU 72 performs a calculation using information received from the storage device or the input device, and serves to pass a result of the calculation to the storage device or the output device. Execute the processing.
[0043]
The storage device stores programs and the like for executing various processes. Among the storage devices, a storage medium device 76 is configured by an external HDD, a media device such as an MO, a CD-RW, a DVD, and the like. Various kinds of input data can be appropriately stored and read out.
[0044]
The RAM 73 stores data and the like necessary for the CPU 72 to execute various processes as appropriate. The keyboard 78 and the mouse 79 are appropriately operated when various commands are input to the CPU 72.
[0045]
The display device 80 is a device that displays an image or the like created by the CPU 72 according to a program stored in the ROM 74, the HDD 75, or the like. The printer 81 outputs predetermined information from each computer on paper.
[0046]
The communication device 77 transmits data to the Internet or another computer, and receives data from the Internet or another computer.
In this embodiment, since data transmission and reception are also performed by voice, the communication device 77 is provided with a converter 77a, and the converter 77a is configured to convert a voice signal and a digital signal.
[0047]
The HDD 75 includes an authentication table 75a for authenticating that the call is from two responsible doctors, information for uniquely identifying a subject in a clinical test, and a key as subject information storage means for storing a subject's administration group and the like. An information table 75b is registered.
[0048]
The authentication table 75a stores information for authenticating that the telephone is from the two responsible doctors, and the device identification code of the mobile phone 21 and the mobile phone assigned to the responsible doctor 2 of the clinical trial at the time of manufacture. 21 telephone numbers, voice data of the voice of the responsible doctor 2, clinical trial numbers specifying the clinical trials in charge of the responsible doctor 2, doctor numbers specifying the responsible doctor 2, medical institution numbers specifying the medical institutions, etc. are registered. ing.
The voice of the responsible doctor 2 is obtained by recording a predetermined word such as the name of the responsible doctor 2 in advance by the responsible doctor 2.
[0049]
The administration group of the subject is registered in the key information table 75b together with the identification information of the subject, and is used by the responsible doctor 2 and the person in charge of the pharmaceutical company 3 to know the administration group of the subject in an emergency.
The key information table 75b includes a clinical trial number identifying a clinical trial, a medical institution number identifying a medical institution where the subject undergoes the clinical trial, a patient number identifying the subject during the clinical trial, and a drug administered to the subject. A drug number specified during a clinical test, a doctor number specifying a responsible physician in charge of a subject, a dose group code indicating a dose group, and a disclosure flag indicating whether the dose group has been disclosed are stored.
[0050]
In the present embodiment, a combination of a clinical trial number, a patient number, and a drug number is referred to as a subject identification code. This subject identification code corresponds to subject identification information in the claims.
The disclosure flag is 1 when the request for permission of disclosure of the administration group is made by the responsible doctor 2, 2 when the disclosure of the administration group to the responsible doctor 2 is permitted by the person in charge of the pharmaceutical company 3, and 2 when the administration group is the responsible doctor 2. Is set to 3 when the request has been disclosed, and 0 when none of the request for disclosure permission, disclosure permission, and disclosure has been made.
[0051]
The administration group code is registered as, for example, 1 for the high concentration administration group, 2 for the low concentration administration group, 3 for the placebo administration group, and the like.
The medication group code does not need to be registered in the key information table 75b in a first pattern and a second pattern clinical test described later. This is because the responsible doctor 2 can open the envelope and know the administration group by himself.
The hardware configuration of the mobile phones 21 and 31 and the hardware configuration of the facsimile 32 are well-known mobile phones and facsimile devices, and thus description thereof is omitted.
[0052]
Next, an outline of a business flow of the confidential information disclosure system of the present embodiment will be described with reference to FIGS.
First, the present embodiment is applied to a double-blind clinical trial. In a double-blind study, a strip of paper describing the subject's clinical trial number, patient number, and drug number, and the subject's administration group is written in advance, and the subject's clinical trial number, patient number, and drug number are described. It is put in an envelope for each subject and sealed.
This envelope is stored during the clinical trial and opened as needed.
[0053]
For example, when a serious adverse event such as a change in the condition of a subject occurs at a medical institution, the medical institution needs to determine whether the symptom is related to the test drug. In other words, if the test drug is an active drug, it is possible to make a decision to stop the administration of the test drug, and if the test drug is a placebo, it is possible to judge other causes of the test subject's symptoms, etc. is there.
[0054]
The envelope opening method has the following first to third patterns, and is selected for each clinical test at the request of the pharmaceutical company 3 as the client.
The first pattern is a pattern in which the envelope for each subject is stored by the pharmaceutical company 3 and opened by the pharmaceutical company 3 at the discretion of the pharmaceutical company 3. In this case, the pharmaceutical company 3 notifies the administration doctor 2 of the administration group of the subject.
[0055]
The second pattern is a pattern in which the responsible doctor 2 keeps an envelope for each subject and opens it at the discretion of the pharmaceutical company 3. In this case, the responsible doctor 2 obtains permission of the pharmaceutical company 3 to open the package.
The third pattern is a pattern in which the responsible doctor 2 keeps an envelope for each subject and opens the envelope at the discretion of the responsible doctor 2. In this case, the responsible doctor 2 does not need to obtain the permission of opening from the pharmaceutical company 3, but the responsible doctor 2 has an obligation to contact the pharmaceutical company 3 at the time of opening according to a GCP request.
[0056]
First, the first pattern will be described with reference to FIGS.
The responsible doctor 2 performs the pre-registration processing 41 of FIG. 4 for registering a voice in the authentication table 75a when first becoming the responsible doctor for the clinical trial or replacing the mobile phone 21 with a new device.
In the pre-registration process 41, first, the responsible doctor 2 makes a telephone call to the telephone number of the server computer 11 so that the telephone number of the mobile phone 21 can be notified.
Upon receiving the call, the server computer 11 starts communication, and first acquires the device identification code originally attached to the mobile phone 21 at the time of manufacture and the telephone number of the mobile phone 21.
[0057]
Next, the server computer 11 briefly describes the pre-registration processing 41 by voice guidance, and then instructs to input a medical institution number and a doctor number with push buttons, and acquires the input numbers. Then announce "Please say your name" and start recording.
[0058]
When the name is spoken, the recording is stopped, and the recorded data of the voice of the responsible doctor 2 is stored in the authentication table 75a together with the device identification code, telephone number, medical institution number, and doctor number.
Then, after the completion of the pre-registration process 41 is described with voice guidance, the communication is terminated.
[0059]
When an adverse event occurs, such as a change in the condition of the subject in charge after the start of the clinical trial, the responsible doctor 2 calls the server computer 11 from the mobile phone 21 in a process 31 to notify that the adverse event has occurred, Inform the subject that they would like to receive disclosure of the subject administration group.
[0060]
Upon receiving the process 31, the server computer 11 calls the mobile phone 31 of the person in charge of the pharmaceutical company 3 in the process 32, and notifies the responsible doctor 2 of the occurrence of the adverse event and discloses the subject administration group. Open request processing is performed to automatically notify that the intention notification has been received and to report the result of consultation as to whether or not to permit disclosure of the subject administration group.
At this time, the same contents are automatically notified to the facsimile 32 of the pharmaceutical company 3 at the same time.
[0061]
When the pharmaceutical company 3 receives the telephone or the facsimile by the open request process of the process 32, the process proceeds to a process 33 to negotiate with the client as to whether to permit disclosure of the subject administration group.
This client consultation is usually performed during the business hours of the pharmaceutical company 3, but the processes 31, 32 can be executed at any time 24 hours. Therefore, conventionally, when the adverse event of the subject occurred at midnight, the responsible doctor 2 had to wait for the start-up time of the pharmaceutical company 3 to contact or to contact by e-mail, facsimile, or other document. According to the disclosure system, the process 31 can be performed from the mobile phone 21 even in the middle of the night, and the communication work of the responsible doctor 2 to the pharmaceutical company 3 is not restricted by the business hours of the pharmaceutical company 3.
[0062]
Next, in a process 34, the client consultation result of the process 33 is reported to the responsible doctor 2 via the server computer 11 from the mobile phone 31 of the pharmaceutical company 3.
At this time, if the result of the consultation indicates that the administration group of the subject is permitted to be disclosed, the user is notified that the administration group of the subject can be disclosed at the same time.
[0063]
When receiving the consultation result report of the content permitting the subject's administration group disclosure in the process 34, the responsible doctor 2 calls the server computer 11 again from the mobile phone 21, and in the process 35, releases the subject's administration group disclosure. Make a request.
Upon receiving the request to disclose the administration group in the process 35, the server computer 11 performs an open process for disclosing the administration group of the subject permitted to disclose in the process 36.
In this open processing, the administration group of the subject is acquired from the key information table 75b and disclosed to the responsible doctor 2. Also, the pharmaceutical company 3 is automatically notified that the administration group has been disclosed.
[0064]
Next, an outline of the open request process of the process 32 of FIG. 3 will be described based on FIG.
FIG. 4 is a block diagram showing the processes 31 to 34 of FIG.
When an adverse event occurs, the responsible doctor 2 calls the server computer 11 from the mobile phone 21 in process 42.
In the process 43, the server computer 11 uses the device identification code and the telephone number of the mobile phone 21 and the voice data of the name of the responsible doctor 2 spoken by the responsible doctor 2 to generate the information of the responsible doctor 2 corresponding to the authentication table 75a. Judge whether the record exists and perform the authentication process.
[0065]
If the authentication is not successful in the process 43, a message "authentication failed" is issued, and then in the process 44, the failure of the authentication of the responsible doctor 2 is notified to the mobile phone 31 and the facsimile 32. In the automatic communication, the device identification code and the telephone number of the mobile phone 21 that made the call are also notified.
By automatically contacting the pharmaceutical company 3 in the process 44, the person in charge of the pharmaceutical company 3 can know that the responsible doctor 2 wants to disclose the administration group, and if necessary, the person in charge of the pharmaceutical company 3 , Etc., the doctor can contact the responsible doctor 2.
[0066]
If the authentication is made in the process 43, the responsible doctor 3 inputs the subject identification code of the subject who wants to receive the disclosure of the administration group in accordance with the voice guidance, that is, the clinical test number, the patient number, and the drug number in the process 45 by push buttons. Designate the subject.
[0067]
Next, in a process 46, the server computer 11 searches the key information table 75b using the subject identification code input in the process 45 as a key to specify the subject. The subject identification code of the subject is announced by voice, and the subject is reconfirmed for errors. When confirmed by the responsible doctor 2, in a process 47, the pharmaceutical company 3 is automatically notified that the administration group disclosure request of the subject has been made.
[0068]
When the pharmaceutical company 3 receives the automatic notification of the process 47, it consults the client as to whether to permit the subject to disclose the administration group. As a result of the client's consultation, if it is determined that the administration group disclosure is permitted, at step 48, the administration doctor 2 is notified that the administration group can be disclosed.
[0069]
In this process 48, first, the person in charge of the pharmaceutical company 3 calls the server computer 11 from the mobile phone 31. According to the voice guidance of the server computer 11, the identification code of the subject disclosing the administration group is specified. Next, the voice guidance of the server computer 11 asks whether or not to permit the administration group disclosure. Therefore, information indicating that the administration group disclosure is permitted is input from the mobile phone 31.
Upon receiving this input information, the server computer 11 sets the disclosure flag of the subject in the key information table 75b to "2" indicating that the disclosure of the administration group is permitted. This process corresponds to the disclosure permission registration procedure of the claims.
[0070]
Thereafter, the server computer 11 automatically makes a telephone call to the responsible doctor 2 to clearly indicate the clinical test name, the patient number, and the drug number of the subject, and to notify by voice that the disclosure of the administration group has been permitted.
The above is the outline of the open request processing of the processing 32 in FIG.
[0071]
Next, an outline of the open process of the process 36 in FIG. 3 will be described with reference to FIG.
After receiving the notice that the administration group can be disclosed in the processing 48 of FIG. 4, the responsible doctor 2 performs the open processing procedure of FIG. 5 if the necessity of receiving the administration group disclosure still exists.
[0072]
In step 52, the responsible doctor 2 calls the server computer 11 from the mobile phone 21.
In the process 53, the server computer 11 uses the device identification code and the telephone number of the mobile phone 21 and the voice data of the name of the responsible doctor 2 spoken by the responsible doctor 2 to the corresponding responsible doctor 2 in the authentication table 75a. It is determined whether or not a record exists, and an authentication process is performed.
[0073]
If not authenticated in the process 53, a message "authentication failed" is issued, and in the process 54, the failure of the authentication of the responsible doctor 2 is automatically notified to the mobile phone 31 and the facsimile 32 of the pharmaceutical company 3. In the automatic communication, the device identification code and the telephone number of the mobile phone 21 that made the call are also notified.
By automatically contacting the pharmaceutical company 3 in the process 54, the person in charge of the pharmaceutical company 3 can know that the responsible doctor 2 failed to receive the disclosure of the administration group, and if necessary, the person in charge of the pharmaceutical company 3 Such as contacting the responsible doctor 2 from the patient.
[0074]
If the authentication is made in the process 53, in the process 55, the responsible doctor 3 specifies the subject identification code of the subject who wants to receive the disclosure of the administration group according to the voice guidance. That is, a clinical test number, a patient number, and a drug number are input with a push button.
[0075]
Next, in a process 56, the server computer 11 searches the key information table 75b using the subject identification code input in the process 55 as a key. When the subject is specified, the subject identification code of the subject is announced by voice, and the subject is reconfirmed for errors. If confirmed by the responsible physician 2, the administration group is disclosed to the responsible physician 2 side in a process 57. In step 58, the pharmaceutical company 3 is automatically notified that the administration group of the subject has been disclosed.
The above is the outline of the open processing of the processing 36 of FIG. 3 in the first pattern.
[0076]
In the case of the second pattern in which the responsible doctor 2 keeps the envelope for each subject and the responsible doctor 2 opens the bag at the discretion of the pharmaceutical company 3, the processing in FIG. 4 is exactly the same as the case of the first pattern. 5 are not performed.
In the process 48 of FIG. 4, at the stage where the administration group can be disclosed from the pharmaceutical company 3, the responsible doctor 2 can open the envelope stored by himself to know the administration group.
[0077]
In the case of the third pattern in which the responsible doctor 2 stores the envelope for each subject and the envelope is opened according to the determination of the responsible doctor 2, the processing 42 to 47 in the processing of FIG. Same as the case, except that the processing 48 of FIG. 4 and the processing of FIG. 5 are not performed.
The responsible doctor 2 opens the envelope at his / her own risk, and thus does not require permission from the pharmaceutical company 3 to open the envelope.
Note that, in the second pattern and the third pattern, the processing of the processing 42 to the processing 47 is executed, thereby notifying the pharmaceutical company 3 as the client that the subject has become serious. , Also fulfills GCP communication obligations.
[0078]
Next, processing executed by the server computer 11 when the responsible doctor 2 knows the administration group of the subject will be described based on the flowcharts of FIGS. 6 and 7 are controlled by the CPU 72 of the server computer 11.
When a call is made to the server computer 11, communication is started, and the device identification code and telephone number of the telephone are obtained. In addition, after giving a brief explanation about the subject's administration group disclosure in the voice guidance and announcing the message "Please say your name", the flowchart of FIG. 6 starts.
[0079]
In step S1, it is determined whether a voice has been input from the mobile phone 21 side.
If no voice has been input (step S1: NO), it is determined in step S2 whether a predetermined time, for example, 5 seconds, has elapsed.
If the predetermined time has elapsed (step S2: YES), it is determined that the person who is talking on the mobile phone 21 does not intend to proceed with the processing any more or the communication state is not good, and the communication is disconnected in step S3. , And the process ends.
[0080]
If the predetermined time has not elapsed (step S2: NO), the process returns to step S1 to determine whether a voice has been input from the mobile phone 21 side.
That is, steps S1 and S2 are repeated until a predetermined time has elapsed or a voice is input.
[0081]
If a voice is input (step S1: YES), the authentication table 75a is searched in step S4 to determine whether a record registered in the authentication table 75a matches a voiceprint or the like.
In step S4, first, the authentication table 75a is searched using the device identification code and the telephone number of the mobile phone 21 as keys.
If a hit is found, the voice data of the record is obtained, and the voiceprint of this voice data is compared with the voiceprint of the voice input in step S1 by a known method.
[0082]
If the record registered in the authentication table 75a does not match the voiceprint or the like (step S4: NO), that is, if the device identification code and telephone number of the mobile phone 21 do not exist in the authentication table 75a, or are registered in the authentication table 75a. If the voice data and the voiceprint of the voice of the responsible doctor 2 entered in step S1 do not match, in step S5, an error message stating "Could not be authenticated for access. Communication will be disconnected." Is announced, the communication is cut off, and the fact that the authentication has failed is notified to the mobile phone 31 or the facsimile 32 of the pharmaceutical company 3.
After that, the process ends.
[0083]
When the record registered in the authentication table 75a matches the voiceprint or the like (step S4: YES), that is, the device identification code and the telephone number of the mobile phone 21 exist in the authentication table 75a and are registered in the authentication table 75a. If the voice data matches the voiceprint of the voice of the responsible doctor 2 input in step S1, an input instruction of the processing content is issued in step S6.
[0084]
In this step, in the voice guidance, "Please input the content of the processing you want to execute with the push button. If you want to receive permission for the disclosure of the emergency key code from the sponsor, please enter" 0 "and I want to know the emergency key code In that case, please input "1". "
If the clinical test is the first or second pattern, the responsible physician 2 inputs “0” to request permission for disclosure of the administration group.
When the clinical test is the third pattern, the physician 2 inputs either “0” for requesting permission to disclose the administration group and “1” for requesting disclosure of the administration group. I do.
[0085]
It should be noted that, in the authentication table 75a, which of the first to third patterns is the clinical test in charge of the responsible doctor 2 is registered, and the responsible doctor 2 in charge of the first and second patterns is registered. When "1" is input, an error message may be announced and the input may be invalidated.
[0086]
Next, in step S7, it is determined whether the emergency key code, that is, “0” for requesting disclosure permission of the administration group of the subject has been input, and whether a disclosure permission request has been designated. When the emergency key code, that is, “0” for permitting disclosure of the administration group of the subject is input and the disclosure permission request is specified (step S7: YES), in step S8, the identification code of the subject who wants to know the administration group is determined. Specify input.
[0087]
In this step, the voice guidance announces "Please enter the clinical trial number, patient number, and drug number of the subject for whom you want to know the emergency key code in order."
Next, in step S9, it is determined whether the identification code of the subject has been input.
If the identification code has not been input (step S9: NO), it is determined in step S10 whether a predetermined time, for example, 10 seconds, has elapsed.
If the predetermined time has not elapsed (step S10: NO), the responsible doctor 2 determines that there is a possibility that the identification code input is being prepared, and returns to step S9 again to determine whether the identification code of the subject has been input. .
[0088]
If the predetermined time has elapsed (step S10: YES), it is determined in step S11 whether the number of times the instruction to input the identification code in step S8 is less than three.
If the number of times the instruction for inputting the identification code in step S8 is less than three times (step S11: YES), it is determined that the responsible doctor 2 may have missed the instruction for inputting the identification code, and the process returns to step S8 and the administration group. To input the identification code of the subject who wants to know.
[0089]
If the number of times the instruction to input the identification code in step S8 is not less than three (step S11: NO), that is, the responsible doctor 2 does not input the identification code despite the instruction to input the identification code three times. In this case, it is assumed that the doctor in charge 2 does not intend to input the identification code, and in step S12, an error message “Communication is disconnected because the identification code of the subject is not input” is announced and the communication is disconnected. I do. Further, the fact that the processing was interrupted because the identification code of the subject was not input is notified to the mobile phone 31 and the facsimile 32 of the pharmaceutical company 3, and the processing is terminated.
[0090]
If the identification code is input (step S9: YES), the process proceeds from A to step S13 via A of FIG. 7, and the key is set by using the clinical test number, the patient number, and the drug number of the subject which is the input identification code as a key. The information table 75b is searched to determine whether the input identification code is in the key information table 75b.
If the identification code is not in the key information table 75b (step S13: NO), it is determined in step S14 whether the number of times of input of the identification code is less than three.
[0091]
If the number of times of input of the identification code is less than three (step S14: YES), it is determined that the identification code may have been mistakenly made, and in step S15, "the identification code is not registered. Please enter "error message. From B through B of FIG. 6, it is determined in step S9 whether the identification code of the subject has been input.
[0092]
If the number of times of input of the identification code is not less than three (step S14: NO), it is determined that the input of the identification code has been made three times and that the user has forgotten or did not know the identification code. Since the number of input operations has reached 3 times, the communication will be disconnected.If you want to obtain permission to disclose the emergency key code, confirm the identification code and call here again. " And disconnect the communication. The mobile phone 31 and the facsimile machine 32 of the pharmaceutical company 3 are notified that the input of the identification code has been made three times and the processing has been interrupted, and the processing is terminated.
[0093]
If the identification code is in the key information table 75b (step S13: YES), the identification code is presented in step S17.
In this step, "Confirm the identification code of the subject who discloses the emergency key code. The clinical trial number is 0123345, the patient number is 054, and the drug number is 0302. Enter 0 if it is correct, or 1 if you want to correct it. , Please enter. ", And wait for push button input. The name of the clinical test may be announced instead of the clinical test number.
[0094]
Next, in step S18, it is determined whether or not a value “0” indicating the confirmation has been input.
When the value “0” indicating the confirmation is input (step S18: YES), in step S19, the subject is specified, and the request of the disclosure permission of the subject administration group is given to the mobile phone of the person in charge of the pharmaceutical company 3 in step S19. Contact the telephone 31 and facsimile 32. In addition, “1” indicating that disclosure permission has been requested from the responsible doctor 2 is set in the disclosure flag of the subject in the key information table 75b.
[0095]
Next, in step S20, the completion message of "the processing of the subject's emergency key code disclosure permission request has been completed. Please wait until there is a notification of the disclosure permission" is announced to the responsible doctor 2, and the processing ends. .
If the value “0” indicating the confirmation has not been input (step S18: NO), it is determined in step S21 whether the value “1” indicating the desire to correct the identification code has been input.
If the value "1" indicating that correction is desired is input (step S21: YES), a re-input message "correct the subject's identification code" is announced in step S22, and then a diagram from C is displayed. The process returns to step S8 via C of step 6 to input an identification code of a subject who wants to know the administration group.
[0096]
If the value “1” indicating that correction is desired is not input (step S21: NO), the process proceeds to step S23, and it is determined whether a predetermined time, for example, 5 seconds has elapsed.
If the predetermined time has not elapsed (step S23: NO), it is determined that the responsible doctor 2 is still checking, and the process returns to step S18 to determine whether a value "0" indicating the check has been input.
[0097]
If the predetermined time has elapsed (step S23: YES), it is determined in step S24 whether the number of times the identification code is presented in step S17 is less than three.
If the number of times of presentation of the identification code is less than three (step S24: YES), it is determined that the responsible doctor 2 may have missed the identification code, and it is confirmed in step S17 that the identification code is present in the key information table 75b. Present the identification code.
[0098]
If the number of times of presentation of the identification code is not less than three times (step S24: NO), the value "0" indicating that the responsible doctor 2 has confirmed despite the fact that the identification code has been presented three times and that the correction is desired. If none of the indicated values "1" has been entered and there is no intention to confirm, the communication is cut off in step S25 because the identification code is not confirmed. In this case, please call here again to operate. "And announce that the processing was interrupted because the identification code was not confirmed. 32, and terminates the process.
[0099]
When the emergency key code, that is, “0” for requesting disclosure permission of the administration group of the subject is not input and the disclosure permission request is not designated (step S7: NO), in step S26, the emergency key code, that is, administration of the subject It is determined whether "1" for requesting disclosure of the group has been input.
[0100]
When the emergency key code, that is, “1” for requesting disclosure of the administration group of the subject is not input (step S26: NO), it is determined in step S27 whether a predetermined time, for example, 5 seconds has elapsed.
If the predetermined time has not elapsed (step S27: NO), it is determined that the responsible doctor 2 is still examining which of the administration group disclosure permission request and the disclosure request is to be performed, and in step S7, the emergency key code, that is, It is determined whether "0" for permitting disclosure of the administration group of the subject has been input and a disclosure permission request has been designated.
[0101]
If the predetermined time has elapsed (step S27: YES), it is determined in step S28 whether the number of processing content input instructions in step S6 is less than three.
If the number of input instructions is less than three (step S28: YES), it is determined that the responsible doctor 2 may have missed the input instruction, and the process returns to step S6 to instruct input of processing contents.
[0102]
If the number of input instructions is not less than three (step S28: NO), the responsible doctor 2 specifies whether to issue a disclosure permission request or a disclosure request for the administration group despite the three times input instruction. In step S29, it is determined that neither the disclosure permission request nor the disclosure request has been specified. The processing is interrupted. If you want to know the administration group of the subject, click here again. Please perform an operation by calling the telephone number. ", And the mobile phone 31 and facsimile 32 of the person in charge of the pharmaceutical company 3 informed that the processing was interrupted because the disclosure permission request and the disclosure request were not specified. Contact After that, the process ends.
[0103]
When the emergency key code, that is, “1” for requesting disclosure of the administration group of the subject is input (step S26: YES), the process proceeds from D to step S30 via D in FIG. 8, and the identification code of the subject who wants to know the administration group Is input.
Next, in step S31, it is determined whether the identification code of the subject has been input.
If the identification code has not been input (step S31: NO), it is determined in step S32 whether a predetermined time, for example, 10 seconds, has elapsed.
[0104]
If the predetermined time has not elapsed (step S32: NO), the responsible doctor 2 determines that there is a possibility that the identification code input is being prepared, returns to step S31 again, and determines whether the identification code of the subject has been input. .
If the predetermined time has elapsed (step S32: YES), it is determined in step S33 whether the number of times the instruction to input the identification code in step S30 is less than three. If the number of times the instruction to input the identification code in step S30 is less than three (step S33: YES), it is determined that the responsible doctor 2 may have missed the instruction to input the identification code, and the process returns to step S30, and the administration group. To input the identification code of the subject who wants to know.
[0105]
If the number of times the instruction to input the identification code in step S30 is not less than three (step S33: NO), that is, the responsible doctor 2 does not input the identification code despite the instruction to input the identification code three times. In this case, the responsible doctor 2 determines that he / she does not intend to input the identification code, and in step S34, announces an error message stating that the subject's identification code has not been input and the communication will be cut off, and the communication will be cut off. I do. The fact that the processing was interrupted because the identification code of the subject was not input is notified to the mobile phone 31 and the facsimile 32 of the pharmaceutical company 3, and the processing is terminated.
[0106]
If the identification code has been input (step S31: YES), the process proceeds to step S35, where the key information table 75b is searched using the clinical test number, patient number, and drug number of the subject, which are the input identification code, as a key, and input. It is determined whether the identified identification code exists in the key information table 75b.
[0107]
If the identification code is not in the key information table 75b (step S35: NO), it is determined in step S36 whether the number of times of input of the identification code is less than three.
If the number of times of input of the identification code is less than three (step S36: YES), it is determined that the identification code may have been accidentally mistaken, and in step S37, "the identification code is not registered. Please enter "error message. In step S31, it is determined whether the identification code of the subject has been input.
[0108]
If the number of times of input of the identification code is not less than three (step S36: NO), it is determined that the input of the identification code has been made three times and that the user has forgotten or did not know the identification code. Since the number of input operations has reached 3 times, the communication will be terminated. If you want to receive the emergency key code, confirm the identification code and call again. " , Disconnect the communication. The mobile phone 31 and the facsimile machine 32 of the pharmaceutical company 3 are informed that the input of the identification code is wrong three times, so that the process is interrupted, and the process is terminated.
[0109]
If the identification code is present in the key information table 75b (step S35: YES), the identification code is presented in step S39.
In this step, "Confirm the identification code of the subject who discloses the emergency key code. The clinical trial number is 0123345, the patient number is 054, and the drug number is 0302. Enter 0 if it is correct, or 1 if you want to correct it. , Please enter. ", And wait for push button input. The name of the clinical test may be announced instead of the clinical test number.
[0110]
Next, in step S40, it is determined whether a value “0” indicating the confirmation has been input.
When the value “0” indicating the confirmation is input (step S40: YES), in step S41, the “administration group of the third set of subjects of the XX Pharmaceutical A test of the inquiry is a high-concentration active drug. The emergency key code will also be sent to the teacher's e-mail, so please check it. "
[0111]
Next, in step S42, the disclosure of the subject administration group was performed, and the clinical test name, drug number, and administration group of the disclosed subject were reported to the mobile phone 31, facsimile 32, responsible doctor of the person in charge of the pharmaceutical company 3. Contact email 2
In step S43, "3" indicating that the administration group has been disclosed to the responsible doctor 2 is set in the disclosure flag of the corresponding subject record in the key information table 75b, and the process ends.
[0112]
If the value “0” indicating the confirmation has not been input (step S40: NO), it is determined in step S44 whether the value “1” indicating the desire to correct the identification code has been input.
If a value “1” indicating that correction is desired is input (step S44: YES), a re-input message “correct the subject's identification code” is announced in step S45, and then via E Then, the process returns to step S30, and an input of the identification code of the subject who wants to know the administration group is instructed.
[0113]
If the value “1” indicating that correction is desired is not input (step S44: NO), the process proceeds to step S46, and it is determined whether a predetermined time, for example, 5 seconds has elapsed.
If the predetermined time has not elapsed (step S46: NO), it is determined that the responsible doctor 2 is still checking, and the process returns to step S40 to determine whether a value “0” indicating the check has been input.
[0114]
If the predetermined time has elapsed (step S46: YES), it is determined in step S47 whether the number of times the identification code is presented in step S39 is less than three.
If the number of times the identification code is presented is less than three (step S47: YES), it is determined that the responsible doctor 2 may have missed the identification code, and it is confirmed in the key information table 75b in step S39. Present the identification code.
[0115]
If the number of times of presentation of the identification code is not less than three (step S47: NO), the value “0” indicating that the responsible doctor 2 has confirmed despite the fact that the identification code has been presented three times and that the correction is desired. If none of the indicated values "1" has been entered and there is no intention to confirm, in step S48 "the communication is disconnected because the identification code is not confirmed. Please call here again to operate. "And announce that the processing was interrupted because the identification code was not confirmed. And ends the processing.
The above is the processing executed by the server computer 11 when the responsible doctor 2 knows the administration group of the subject.
[0116]
Although the identification code of the subject is input in step S8 and step S30, other specific information such as the initial and the chart number of the subject may be input. It is preferable that a plurality of pieces of information that can uniquely identify a subject be input, such as inputting both a patient number and a drug number.
[0117]
6 to 8, steps S1 to S5 are the authentication procedure of the claims, step S19 is the disclosure request procedure of the claims, and steps S41 and S42 are the disclosure procedure of the claims. Corresponds to.
In the present embodiment, the transmission and reception of information between the mobile phone 21 of the responsible doctor 2 and the server computer 11 is performed by voice, but the information is displayed on the screen using an e-mail or a public information communication network such as the Internet. It may be performed by inputting characters.
[0118]
【The invention's effect】
As described above, according to the present invention, a disclosure permission requesting unit that a server computer transmits the received subject identification information and the disclosure permission request to a communication device of the test requester, and a communication device of the test requester Receiving the disclosure permission information to permit disclosure of the administration group of the subject, registering the disclosure permission information with the subject identification information in the subject information storage means, and A disclosure permission registration / transmission means for transmitting to the communication device, and when a request for disclosure of the administration group is made by specifying a subject to which the permission information is attached, the administration group requested to be disclosed is subjected to the test. Since the test requester has the authority to open the administration group information of the subject, which is kept confidential during the test, the test performer opens the server computer. Just by sending a permission request, the test sponsor can be notified that the subject has become serious, and information on whether the test sponsor has permitted the disclosure of the administration group is sent from the server computer. It is possible to receive.
[0119]
In addition, since the server computer automatically transmits the disclosure permission request received from the communication device of the test requester to the communication device of the test requester, the test tester can perform the request even outside of the business hours of the test requester. It is possible to make a disclosure permission request for permitting disclosure of the administration group to the test sponsor, and it is possible to perform communication work and disclosure permission request work without being restricted by the work hours of the test sponsor.
[Brief description of the drawings]
FIG. 1 is an explanatory diagram showing an overall configuration of a secret information disclosure system according to an embodiment of the present invention.
FIG. 2 is an explanatory diagram illustrating a hardware configuration of a server computer of the secret information disclosure system according to the embodiment of the present invention.
FIG. 3 is an explanatory diagram illustrating an outline of a business flow of the secret information disclosure system according to the embodiment of the present invention.
FIG. 4 is an explanatory diagram showing an outline of a business flow of the secret information disclosure system according to one embodiment of the present invention.
FIG. 5 is an explanatory diagram showing an outline of a business flow of the confidential information disclosure system according to one embodiment of the present invention.
FIG. 6 is a flowchart showing a process executed by a server computer when a responsible doctor knows an administration group of a subject.
FIG. 7 is a flowchart showing a process executed by a server computer when a responsible doctor knows an administration group of a subject.
FIG. 8 is a flowchart showing a process executed by a server computer when a doctor in charge knows an administration group of a subject.
[Explanation of symbols]
1 management center
2 responsible doctor
3 Pharmaceutical companies
11 Server computer
21, 31 mobile phone
32 facsimile
72 CPU
73 RAM
74 ROM
75 HDD
75a Authentication table
75b key information table
76 Storage media device
77 Communication device
77a converter
78 keyboard
79 mouse
80 Display device
81 Printer

Claims (12)

In a test performed in a state in which the subject is divided into administration groups and the administration group is concealed, a confidential information disclosure system used by a tester of the test to receive the disclosure of the administration group in an emergency,
In a state in which browsing from the outside is prohibited, information can be transmitted and received between a server computer storing subject information storage means for registering the administration group in association with subject identification information of the subject, and the server computer. The test implementer's communication device, and a test requester's communication device capable of transmitting and receiving information between the server computer and requesting the test implementer to perform the test,
The server computer,
From the communication device of the test performer, the means for receiving the subject identification information together with a disclosure permission request for disclosure permission of the administration group of the subject related to the specific information,
Disclosure permission requesting means for transmitting the received subject identification information and the disclosure permission request to the communication device of the test sponsor,
Receiving disclosure permission information to permit disclosure of the administration group of the subject from the communication device of the test sponsor, and registering the disclosure permission information with the subject identification information in the subject information storage means And a disclosure permission registration / transmission means for transmitting to the communication device of the test performer,
A disclosure unit that, when a subject to which the permission information is added is requested to disclose the administration group and transmits the administration group requested to be disclosed, to the communication device of the test performer. A confidential information disclosure system. In a test in which a subject is divided into administration groups and the administration group is kept concealed, confidential information disclosure used by a tester of the test to open the sealed administration group by himself in an emergency in an emergency The system
A server computer storing subject information storage means for registering the subject information in association with subject specific information of the subject, a communication device of the test performer capable of transmitting and receiving information to and from the server computer, A communication device of a test requester that requests the test performer to perform the test, capable of transmitting and receiving information to and from a server computer,
The server computer,
From the communication device of the test performer, the subject identification information, means for receiving an opening permission request for opening permission of the administration group of the subject according to the identification information,
Opening permission requesting means for transmitting the received subject identification information and the opening permission request to the communication device of the test requester,
Receiving opening permission information to permit opening of the administration group of the subject from the communication device of the test sponsor, and registering the opening permission information with the subject identification information in the subject information storage means. And a means for registering and transmitting opening permission information to be transmitted to the communication device of the test executor. In a test in which a subject is divided into administration groups and the administration group is kept concealed, confidential information disclosure used by a tester of the test to open the sealed administration group by himself in an emergency in an emergency The system
A server computer storing subject information storage means for registering the subject information in association with subject specific information of the subject, a communication device of the test performer capable of transmitting and receiving information to and from the server computer, A communication device of a test requester that requests the test performer to perform the test, capable of transmitting and receiving information to and from a server computer,
The server computer,
Authentication means for authenticating that the tester has access from the communication device by the tester himself,
Means for receiving, with the access authenticated by the authentication means, from the communication device of the test performer, the subject identification information, together with a report indicating that the administration group of the subject according to the identification information is to be opened,
Opening report / registration means for transmitting the received subject identification information and the report to the communication device of the test sponsor, and for registering the report in the subject information storage means with the subject identification information attached. A secret information disclosure system, comprising: A test performed in a state in which the subject is divided into administration groups and the administration group is concealed, and a confidential information disclosure device used for a test performer of the test to receive the disclosure of the administration group in an emergency,
Subject information storage means for registering the administration group in association with subject identification information of the subject in a state where viewing from outside is prohibited,
From the communication device of the test performer, the means for receiving the subject identification information together with a disclosure permission request for disclosure permission of the administration group of the subject related to the specific information,
Disclosure permission requesting means for transmitting the received subject identification information and the disclosure permission request to a communication device of a test requester requesting the test performer to perform the test,
Receiving disclosure permission information to permit disclosure of the administration group of the subject from the communication device of the test sponsor, and registering the disclosure permission information with the subject identification information in the subject information storage means And a disclosure permission registration / transmission means for transmitting to the communication device of the test performer,
A disclosure unit that, when a subject to which the permission information is added is requested to disclose the administration group and transmits the administration group requested to be disclosed, to the communication device of the test performer. A confidential information disclosure device characterized by the above-mentioned. In a test in which a subject is divided into administration groups and the administration group is kept concealed, in a test performed by the tester of the test, confidential information disclosure used to open the sealed administration group by himself / herself in an emergency. A device,
Subject information storage means for registering the subject information in association with subject specific information of the subject,
From the communication device of the test performer, the subject identification information, means for receiving an opening permission request for opening permission of the administration group of the subject according to the identification information,
Opening permission requesting means for transmitting the received subject identification information and the opening permission request to a communication device of a test requester requesting the test performer to perform the test,
Receiving opening permission information to permit opening of the administration group of the subject from the communication device of the test sponsor, and registering the opening permission information with the subject identification information in the subject information storage means. And a means for registering and transmitting opening permission information to be transmitted to the communication device of the test executor. In a test in which a subject is divided into administration groups and the administration group is kept concealed, in a test performed by the tester of the test, confidential information disclosure used to open the sealed administration group by himself / herself in an emergency. A device,
Subject information storage means for registering the subject information in association with subject specific information of the subject,
Authentication means for authenticating that the tester has access from the communication device by the tester himself,
Means for receiving, with the access authenticated by the authentication means, from the communication device of the test performer, the subject identification information, together with a report indicating that the administration group of the subject according to the identification information is to be opened,
Transmitting the received subject identification information and the report to a communication device of a test sponsor who requests the test performer to perform the test, and attaching the report to the subject identification information to obtain the subject information storage means And an opening report / registration unit for registering the secret information. In a test performed in a state in which the subject is divided into administration groups and the administration group is concealed, a confidential information disclosure method in which the test performer of the test receives the disclosure of the administration group in an emergency,
In a state in which browsing from the outside is prohibited, a procedure of registering the administration group in subject information storage means in association with subject identification information of the subject,
From the communication device of the test performer, receiving the subject identification information together with a disclosure permission request for permission to disclose the administration group of the subject according to the specific information,
A disclosure permission requesting step of transmitting the received subject identification information and the disclosure permission request to a communication device of a test requester requesting the test performer to perform the test,
Receiving disclosure permission information to permit disclosure of the administration group of the subject from the communication device of the test sponsor, and registering the disclosure permission information with the subject identification information in the subject information storage means And a disclosure permission registration / transmission procedure for transmitting to the communication device of the test performer,
And performing a disclosure procedure of transmitting the requested administration group to the communication device of the test executor when the subject to which the permission information is assigned is requested to disclose the administration group. A confidential information disclosure method, characterized in that: In a test in which the subject is divided into administration groups and the administration group is kept concealed, the tester of the test obtains permission to open the sealed administration group when he / she opens the emergency himself / herself in an emergency. A secret information disclosure method,
Registering the subject information in subject information storage means in association with subject specific information of the subject,
From the communication device of the test performer, receiving the subject identification information together with an opening permission request for opening permission of the administration group of the subject according to the specific information,
An open permission request procedure for transmitting the received subject identification information and the open permission request to a test requester communication device that requests the test performer to perform the test,
Receiving opening permission information to permit opening of the administration group of the subject from the communication device of the test sponsor, and registering the opening permission information with the subject identification information in the subject information storage means. And a procedure for registering and transmitting opening permission information to be transmitted to the communication device of the test executor. In a test in which a subject is divided into administration groups and the administration group is kept concealed, in a test performed by the tester of the test, confidential information disclosure reporting that the sealed administration group is to be opened by himself in an emergency. The method,
Registering the subject information in subject information storage means in association with subject specific information of the subject,
An authentication procedure for authenticating that the tester's access from the communication device is performed by the tester himself,
A step of receiving, by the access authenticated by the authentication unit, the test subject identification information from the communication device of the test performer, together with a report indicating that the administration group of the subject according to the specific information is to be opened; and
The received subject identification information and the report are transmitted to a communication device of a test sponsor who requests the test performer to perform the test, and the report is attached to the subject identification information and the subject information storage means And an open report / registration procedure for registering the secret information. In a test performed in a state in which the subject is divided into administration groups and the administration group is kept concealed, a confidential information disclosure computer used by the tester of the test to receive the disclosure of the administration group in an emergency,
In a state in which browsing from the outside is prohibited, a procedure of registering the administration group in subject information storage means in association with subject identification information of the subject,
From the communication device of the test performer, receiving the subject identification information together with a disclosure permission request for permission to disclose the administration group of the subject according to the specific information,
A disclosure permission requesting step of transmitting the received subject identification information and the disclosure permission request to a communication device of a test requester requesting the test performer to perform the test,
Receiving disclosure permission information to permit disclosure of the administration group of the subject from the communication device of the test sponsor, and registering the disclosure permission information with the subject identification information in the subject information storage means And a disclosure permission registration / transmission procedure for transmitting to the communication device of the test performer,
And performing a disclosure procedure of transmitting the requested administration group to the communication device of the test executor when the subject to which the permission information is assigned is requested to disclose the administration group. Confidential information disclosure program. In a test in which a subject is divided into administration groups and the administration group is kept concealed, in a test performed by the tester of the test, confidential information disclosure used to open the sealed administration group by himself / herself in an emergency. On the computer,
Registering the subject information in subject information storage means in association with subject specific information of the subject,
From the communication device of the test performer, receiving the subject identification information together with an opening permission request for opening permission of the administration group of the subject according to the specific information,
An open permission request procedure for transmitting the received subject identification information and the open permission request to a test requester communication device that requests the test performer to perform the test,
Receiving opening permission information to permit opening of the administration group of the subject from the communication device of the test sponsor, and registering the opening permission information with the subject identification information in the subject information storage means. And a procedure for registering and transmitting opening permission information to be transmitted to the communication device of the test executor. In a test in which a subject is divided into administration groups and the administration group is kept concealed, in a test performed by the tester of the test, confidential information disclosure used to open the sealed administration group by himself / herself in an emergency. On the computer,
Registering the subject information in subject information storage means in association with subject specific information of the subject,
An authentication procedure for authenticating that the tester's access from the communication device is performed by the tester himself,
A step of receiving, by the access authenticated by the authentication unit, the test subject identification information from the communication device of the test performer, together with a report indicating that the administration group of the subject according to the specific information is to be opened; and
Transmitting the received subject identification information and the report to a communication device of a test sponsor who requests the test performer to perform the test, and attaching the report to the subject identification information to obtain the subject information storage means Opening report / registration procedure to be registered in a secret information disclosure program for executing the procedure.

Images