JP2006172056A - Medical information management system and medical information management server - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To improve securities in medical data management by providing a system capable of collectively managing access logs and restricting an access to the medical data. <P>SOLUTION: Medical data and a user list are transmitted to a medical information management server 2 from a client terminal 9a. The medical data are recorded in a medical data recording part 4, and the user list is recorded in a user list recording part 5. When there is an access from the client terminal 9b to the medical information management server 2, user information is transmitted to the medical information management server 2 from the client terminal 9b. A judgement part 8 judges whether there is an access right based on the user information and the user list. When there is an access right, a control part 3 transmits the medical data recorded in the medical data recording part 4 to the client terminal 9b. A write part 7 records the access from the client terminal 9b in an access log recording part 6. <P>COPYRIGHT: (C)2006,JPO&NCIPI

Description

  The present invention relates to a technique for storing and managing a history (access log) of access to a server or a recording medium in which medical data such as patient information and diagnostic image data is recorded, and further determining whether there is access authority.

  Conventionally, hospitals have established a hospital information system called HIS (Hospital Information System) between departments in hospitals in order to automate medical accounting, prescription ordering, diagnosis support, etc. ing. Also, among the departments, for example, in the radiology department, an RIS (Radiology Information System) or PACS (Picture Archiving and Communication System) is established, and in the examination department, an LIS, etc. is established. Thus, an information system tailored to each department has been constructed, and online information transmission is being promoted (for example, Patent Document 1).

  In such a medical information management system, test results can be stored in HIS, RIS, and PACS servers, and information can be shared within the hospital.

  The HIS includes a server and terminal devices such as an accounting department, a medicine department, a medical examination department (an internal medicine department, a surgical department, an orthopedic department, etc.). The server stores data such as patient information (information such as ID, name, date of birth, etc.), accounting information, and prescription information.

  The RIS includes a server, a radiation department terminal device, and an examination system in an examination room. The inspection system is provided with a diagnostic apparatus such as an X-ray imaging apparatus. The server includes a database of inspection parameters for performing inspections with the inspection system and information on past performance.

  The diagnostic imaging system PACS includes a server and a terminal device. The server stores diagnostic image data acquired by the inspection system.

  In such a medical information management system, for example, a radiologist acquires patient information to be examined from a HIS server using a RIS terminal device, sets the obtained patient information, imaging conditions, etc. Inspection request information, which is information on the information, is transmitted to the inspection system.

  The examination system acquires a diagnostic image of the patient according to the obtained imaging conditions, and transmits the number of imaging images, imaging conditions, etc. to the RIS server as examination execution information at the end of the examination, and the obtained diagnostic image data to the PACS server Send to.

  Upon receiving the examination execution information, the RIS server stores the examination execution information and transmits accounting information such as the number of shots to the HIS server. The RIS server records the examination execution information in the storage, the HIS server records the accounting information in the storage, and the PACS server records the image information in the storage.

  Since medical data such as patient information and image information includes security information, a history of accessing the medical data (access log) needs to be recorded and stored. Conventionally, management of access history (access log) to a server or recording device that records medical data such as examination request information, examination execution information, and image information and confirmation of access authority are recorded in the server or recording device. It is performed by a terminal device for referring to medical data. In the above RIS, HIS, PACS, etc., an access history (access log) is recorded and managed in each terminal device.

  For example, when referring to diagnostic image data stored in a PACS server on a terminal device, the access authority is confirmed on the terminal device, and the access history is recorded and managed.

JP 2004-171386 A

  However, when confirmation of access authority to medical data stored in a server or recording medium and management of access history (access log) are performed by a terminal device for referring to medical data, a plurality of terminal devices When the medical data recorded on the server or the recording medium is referred to, the access log (history) is managed in each terminal device, so that the access history (access log) cannot be managed collectively. is there.

  In addition, since management of access history (access log) depends on a terminal device for referring to medical data, depending on the terminal device, access history (access log) to medical data stored in a server or a recording medium. ) May not be recorded.

  Furthermore, since each terminal device confirms whether or not there is an access authority, if it is authenticated by the terminal device, it becomes possible to access medical data stored in a server or a recording medium. When it is desired to limit the users who can access the medical data stored in the server or the recording medium, if it is authenticated by each terminal device and the medical data can be accessed, it becomes impossible to limit the accessible users. End up. That is, as long as authentication of each terminal device is obtained, it is possible to access medical data stored in a server or a recording medium.

  As described above, conventionally, there has been a problem regarding security with respect to management of access to medical data stored in a server or a recording medium and authentication of access authority.

  The present invention solves the above problem, and does not store the access history (access log) in each terminal device, and does not store the access history (access log) in a recording medium or server in which medical data is stored. It is an object of the present invention to provide a system that can collectively manage access histories (access logs) by storing data.

  Further, a system capable of limiting the users who can access the medical data by confirming the access authority on the recording medium or server on which the medical data is stored without confirming the access authority on each terminal device The purpose is to provide.

  An object of the present invention is to provide a system capable of enhancing the security of medical data management by collectively managing access histories (access logs) or confirming access authority.

  The invention according to claim 1 is a medical information management system in which a server, a first terminal device, and a second terminal device are connected via a network, wherein the server is the first terminal. When there is an access for acquiring medical data recorded in the medical data recording means from the second terminal device and medical data recording means for recording medical data transmitted from the apparatus, the access history is recorded. And an access log recording means for recording. The invention according to claim 2 is a medical information management system in which a server, a first terminal device, and a second terminal device are connected via a network, wherein the first terminal device When transmitting the medical data to the server, the server has means for transmitting to the server user list data indicating users who can access the medical data together with the medical data, and the server receives the data from the first terminal device. Medical data recording means for recording the transmitted medical data, user list recording means for recording the user list data transmitted from the first terminal device, and medical data recording means from the second terminal device When there is an access to obtain the recorded medical data, the access is made based on the user list data recorded in the user list recording means. Access authority determining means for determining whether or not there is a right to access the medical data recorded in the medical data recording means when the access authority determining means determines that there is an access authority. A medical information management system comprising: a transmission unit configured to transmit to the apparatus. The invention according to claim 3 is a medical information management server connected to the first terminal device and the second terminal device via a network, wherein the medical data transmitted from the first terminal device is received. Medical data recording means for recording, and access log recording means for recording the access history when there is access for acquiring medical data recorded in the medical data recording means from the second terminal device; It is a medical information management server characterized by having. The invention according to claim 4 is a medical information management server connected to the first terminal device and the second terminal device via a network, wherein the medical data transmitted from the first terminal device is received. Medical data recording means for recording, user list recording means for recording user list data indicating users who can access the medical data transmitted from the first terminal device together with the medical data, and the second terminal device When there is an access for acquiring medical data recorded in the medical data recording means from the access authority to determine the presence or absence of the access authority based on the user list data recorded in the user list recording means When it is determined that the access authority is determined by the determination means and the access authority determination means, it is recorded in the medical data recording means. And transmitting means for transmitting the medical data to the second terminal device is a medical-information management server characterized in that it comprises a.

  According to the present invention, the access history (access log) is recorded on the same server or the same recording medium together with the medical data, so that the access history can be collectively collected without depending on the terminal device for referring to the medical data. And can be managed. In addition, the user list indicating the users who can access the medical data together with the medical data is recorded on the same server or the same recording medium, and the terminal device is used to determine whether the user has access authority by referring to the user list. It becomes easy to limit the users who can access the medical data without depending on it. By managing the access history (access log) and confirming the access authority in this manner, it is possible to improve the security of medical data management as compared with the conventional system.

  The medical information management system according to the embodiment of the present invention records a history of access to medical data (access log) on a recording medium or server for recording and storing medical data. In addition, a user list indicating users who can access medical data is recorded on a recording medium or server for recording and storing medical data, and the presence or absence of access authority is determined by referring to the user list. That is, the medical data and the access history (access log) for the medical data are recorded on the same recording medium or the same server. Further, medical data and a user list indicating users who can access the medical data are recorded on the same recording medium or the same server.

  In the medical information management system according to this embodiment, the medical data corresponds to patient information, accounting information, examination execution information, diagnostic image data, and the like. The recording medium is a writable recording medium, for example, a CD, a DVD, an HDD, or the like. In addition, a terminal device that transmits medical data and a terminal device that refers to medical data are connected to the recording medium and the server. In particular, for the servers, these terminal devices are connected via a network. When connected via a network, an information management system such as RIS, HIS, and PACS is established.

  As in the medical information management system according to this embodiment, the access history (access log) is recorded by recording the access history (access log) on the same recording medium or the same server where medical data is stored. Batch management is possible. In addition, the user list is recorded on the same recording medium or the same server in which the medical data is stored, and the user list is referred to and the presence / absence of the authority to access the medical data is determined. It is possible to limit users who can access medical data without depending on the connected terminal device. As described above, it is possible to improve the security of medical data management by managing the access history (access log) and determining the presence or absence of access authority.

  Hereinafter, a medical information management system and a medical information management server according to an embodiment of the present invention will be described with reference to FIGS. 1 and 2.

(Constitution)
The configuration of the medical information management system and the medical information management server according to the embodiment of the present invention will be described with reference to FIG. FIG. 1 is a block diagram showing a schematic configuration of a medical information management system according to an embodiment of the present invention.

  In the medical information management system 1, a medical information management server 2 and terminal devices 9a and 9b are connected via a network. The medical information management server 2 includes a control unit 3, a medical data recording unit 4, a user list recording unit 5, an access log recording unit 6, a writing unit 7, and a determination unit 8. The medical information management system 1 functions as a system such as HIS, RIS, or PACS.

  The medical information management server 2 corresponds to, for example, a server installed in the HIS, a server installed in the RIS, or a diagnostic image server installed in the PACS.

  Medical data is recorded in the medical data recording unit 4, user list data indicating users who can access the medical data is recorded in the user list recording unit 5, and medical data is accessed from the outside in the access log recording unit 7. History (access log) is recorded.

  The medical data recorded in the medical data recording unit 4 corresponds to information managed by HIS, RIS, PACS or the like, for example. When the medical information management server 2 corresponds to, for example, a diagnostic image server installed in the PACS, diagnostic image data is recorded as medical data in the medical data recording unit 4. Further, when the medical information management server 2 corresponds to, for example, a server installed in the HIS, patient information (information such as ID, name, date of birth, etc.), accounting information as medical data is stored in the medical data recording unit 4. Prescription information or the like (hereinafter referred to as patient information or the like) is recorded. When the medical information management server 2 corresponds to a server installed in the RIS, examination execution information as medical data is recorded in the medical data recording unit 4.

  The writing unit 7 in the medical information management server 2 writes the medical data transmitted from the terminal device 9 a to the medical information management server 2 in the medical data recording unit 4. The writing unit 7 writes data of a user list indicating users who can access the medical data transmitted together with the medical data to the user list recording unit 5. Furthermore, when there is an access for acquiring medical data from the terminal device 9b, the writing unit 7 writes the access history (access log) in the access log recording unit 6.

  Further, when there is an access for acquiring medical data from the terminal device 9b, the determination unit 8 in the medical information management server 2 determines whether or not there is an authority to access the medical data, and the determination result Is output to the control unit 3. If the determination unit 8 determines that there is an access right, the control unit 3 acquires the target medical data from the medical data recording unit 4 and transmits it to the terminal device 9b. That is, the determination unit 8 determines whether to permit access to medical data. The determination unit 8 corresponds to “access authority determination means” of the present invention.

  The terminal device 9 a is a terminal device for transmitting medical data and a user list indicating users who can access the medical data to the medical information management server 2. The terminal device 9 b is a terminal device for accessing the medical information management server 2 and acquiring medical data from the medical information management server 2. The terminal device 9a corresponds to the “first terminal device” of the present invention, and the terminal device 9b corresponds to the “second terminal device” of the present invention.

  As an example of the terminal device 9a, a diagnostic apparatus such as an X-ray diagnostic apparatus, an X-ray CT apparatus, or an ultrasonic diagnostic apparatus is applicable. The terminal device 9b corresponds to a terminal device that is installed in HIS, RIS, PACS or the like and acquires medical data from a server of each system. Diagnostic image data (medical data) acquired by the terminal device 9a as the diagnostic device is transmitted from the terminal device 9a to the medical information management server 2 and recorded and stored in the medical data recording unit 4. For example, the medical information management server 2 is accessed by the terminal device 9b installed in the interpretation room, and diagnostic image data (medical data) recorded in the medical data recording unit 4 is acquired.

(Operation)
Next, operations of the medical information management system and the medical information management server according to the embodiment of the present invention will be described with reference to FIG. FIG. 2 is a flowchart for sequentially explaining the operation of the medical information management system according to the embodiment of the present invention.

  First, medical data and user list data indicating users who can access the medical data are transmitted from the terminal device 9a to the medical information management server 2 (step S01). For example, the terminal device 9a is a diagnostic device installed in the RIS, the medical information management server 2 is a PACS diagnostic image server, and the terminal device 9b is a radiogram interpretation device installed in the HIS or PACS. In this case, diagnostic image data as medical data and user list data indicating users who can access the diagnostic image data are transmitted from the terminal device 9a as a diagnostic device to the medical information management server 2 as a diagnostic image server of PACS. Is done.

  The medical data and user list data are output to the writing unit 7 via the control unit 3 of the medical information management server 2. The writing unit 7 receives the medical data and the user list data, writes the medical data to the medical data recording unit 4, and writes the user list data to the user list recording unit 5. In this way, medical data and user list data are recorded and stored in the medical information management server 2 (step S02).

  For example, when referring to medical data (for example, diagnostic image data) recorded in the medical data recording unit 4 in the terminal device 9b installed in the HIS or PACS, the medical data is stored from the terminal device 9b. The medical information management server 2 is accessed and a request for medical data (for example, diagnostic image data) is made (step S03).

  When the control unit 3 receives an access from the terminal device 9b, the control unit 3 outputs a write command signal of an access history (access log) to the writing unit 7, and the writing unit 7 receives the signal to the access log recording unit 6 to the terminal device. The access history (access log) from 9b is written (step S04). For example, the name of the person who accessed, the number of the terminal used for access, the date and time of access, etc. are recorded in the access log recording unit 6 as an access log.

  Simultaneously with this access, user information (for example, ID, name, password, etc.) is transmitted from the terminal device 9b to the medical information management server 2. When receiving the access, the control unit 3 outputs the user information transmitted from the terminal device 9b to the determination unit 8. When receiving the user information, the determination unit 8 refers to the user list recorded in the user list recording unit 5 and determines whether or not there is an access right based on the user information and the user list (step S05). ). Further, the determination unit 8 outputs the determination result to the control unit 8. For example, when the user information consists of an ID or name, if the ID or name exists in the user list, it is determined that the user has access authority, and access to medical data is permitted. On the other hand, if there is no ID or name in the user list, it is determined that there is no access authority, and access to medical data is not permitted.

  If the determination unit 8 determines that the user has access authority (step S06, Yes), the control unit 3 receives the determination result and receives medical data (for example, a diagnostic image) recorded in the medical data recording unit 4. Data) is acquired, and the medical data (for example, diagnostic image data) is transmitted to the requesting terminal device 9b (step 07).

  On the other hand, when it is determined by the determination unit 8 that there is no access authority (No in step S06), medical data cannot be acquired with the user information (for example, ID or name), and the process ends.

  As described above, a terminal device for referring to medical data (for example, diagnostic image data) by recording an access history (access log) in the same medical information management server 2 together with medical data (for example, diagnostic image data). Access history (access log) can be collectively managed without depending on 9b or the like.

  Further, a user list indicating users who can access the medical data together with the medical data (for example, diagnostic image data) is recorded in the same medical information management server 2, and the presence or absence of access authority is determined by referring to the user list. Therefore, it becomes possible to limit the users who can access the medical data without determining the access authority depending on the individual terminal device 9b or the like.

  As described above, it is possible to improve the security of medical data management by collectively managing the access log and determining the access authority in the medical information management server 2.

  In the above embodiment, the case where medical data, access logs, and user lists are recorded and stored in the same medical information management server 2 has been described. However, the present invention is not limited thereto. For example, a writable recording medium such as a CD, DVD, or HDD may be used instead of the medical information management server 2. In this case, the writing unit 7 is provided in the terminal device 9a, for example, and medical data and a user list are written and recorded on the recording medium by the writing unit 7 provided in the terminal device 9a. Further, when the terminal device 9b for referring to the medical data accesses the recording medium on which the medical data is recorded, the user list recorded on the recording medium is referred to determine whether there is an access authority, and the access authority is In some cases, access to the medical data is permitted, and the terminal device 9b acquires the medical data recorded on the recording medium. Then, an access history (access log) is written to the recording medium by the terminal device 9b.

  As described above, by recording the access history (access log) together with the medical data on the same recording medium, it becomes possible to collectively manage the access history (access log) to the medical data. Furthermore, since the user list indicating the users who can access the medical data together with the medical data is recorded on the same recording medium and the presence or absence of the access authority is determined with reference to the user list, the access authority is determined for each terminal. It is possible to limit users who can access medical data without depending on the device. Thus, even when the recording medium is used, it is possible to improve the security of medical data management.

It is a block diagram which shows schematic structure of the medical information management system which concerns on embodiment of this invention. It is a flowchart for demonstrating operation | movement of the medical information management system which concerns on embodiment of this invention in order.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Medical information management system 2 Medical information management server 3 Control part 4 Medical data recording part 5 User list recording part 6 Access log recording part 7 Writing part 8 Judgment part 9a, 9b Terminal device

Claims (4)

A medical information management system in which a server, a first terminal device, and a second terminal device are connected via a network,
The server
Medical data recording means for recording medical data transmitted from the first terminal device;
An access log recording means for recording the access history when there is an access for acquiring the medical data recorded in the medical data recording means from the second terminal device;
A medical information management system comprising: A medical information management system in which a server, a first terminal device, and a second terminal device are connected via a network,
The first terminal device includes means for transmitting, to the server, user list data indicating users who can access the medical data together with the medical data when transmitting the medical data to the server.
The server includes medical data recording means for recording medical data transmitted from the first terminal device;
User list recording means for recording the user list data transmitted from the first terminal device;
When there is an access for acquiring medical data recorded in the medical data recording means from the second terminal device, the access authority is determined based on the user list data recorded in the user list recording means. Access authority determination means for determining presence or absence;
Transmission means for transmitting medical data recorded in the medical data recording means to the second terminal device when it is determined that the access authority is determined by the access authority determining means. Medical information management system. A medical information management server connected to the first terminal device and the second terminal device via a network,
Medical data recording means for recording medical data transmitted from the first terminal device;
An access log recording means for recording the access history when there is an access for acquiring the medical data recorded in the medical data recording means from the second terminal device;
A medical information management server characterized by comprising: A medical information management server connected to the first terminal device and the second terminal device via a network,
Medical data recording means for recording medical data transmitted from the first terminal device;
User list recording means for recording user list data indicating users who can access the medical data transmitted from the first terminal device together with the medical data;
When there is an access for acquiring medical data recorded in the medical data recording means from the second terminal device, the access authority is determined based on the user list data recorded in the user list recording means. Access authority determination means for determining presence or absence;
Transmission means for transmitting medical data recorded in the medical data recording means to the second terminal device when it is determined that the access authority is determined by the access authority determining means. Medical information management server.

Images