JP2014044685A - Information processing apparatus, and information processing method - Google Patents

Abstract

PROBLEM TO BE SOLVED: To provide an information processing apparatus in which a browsable range of information can be dynamically changed in accordance with a situation.SOLUTION: An information processing apparatus, which receives, from a remote browsing terminal connected to a network, a browsing request for an electronic medical chart stored in a medical database so as to process it, includes: user identification means for identifying a log-in user who logs in a browsing terminal; location identification means for identifying a location where the log-in user exists; discrimination means for discriminating whether or not the identified location is a prescribed location; accompanying person identification means for identifying an accompanying person existing at the identified location; determination means for determining, when the identified location is the prescribed location, and existence of an accompanying person at the identified location is identified, a browsing allowable range with respect to an electronic medical chart on the basis of both of browsing authorities allocated to the log-in user and the accompanying person.

Description

  The present invention relates to a technology for browsing information, and particularly to a technology for controlling a browseable range.

  2. Description of the Related Art There is a system in which electronic medical records that are one type of medical information are converted into a database and electronic medical records are viewed from a browsing terminal. At this time, from the viewpoint of convenience, there may be a case where all parties (patients and hospital doctors and staff) who can access the browsing terminal can browse the electronic medical record. However, in that case, a person who can access the viewing terminal can view all the information included in the electronic medical record, regardless of the attributes (such as job type) of the viewer. That is, as a result of being able to browse information that does not need to be browsed, there is a possibility that personal information of the patient may be leaked. Therefore, for example, Patent Document 1 discloses a configuration that restricts records that can be searched according to the attribute (job type or the like) of a user who has logged into the system. Patent Document 1 also proposes a method for separating the medical record information and the basic patient information and specifying the basic patient information corresponding to the medical record information using a secret key generated for each user attribute. Has been.

JP-A-2005-182108

  However, in Patent Document 1, since the viewing authority is fixedly set according to the attribute (job type or the like) of the user who has logged into the system, the convenience may be lowered depending on the situation. For example, when performing emergency medical care or surgery with a small number of people, hospital staff (such as nurses) log in to the system and request to view electronic medical record information that cannot be viewed with normal authority (for example, finding information) It is not possible to deal with it. In other words, a doctor who has the authority to view the findings information needs to log in to the system.

  The present invention has been made in view of the above-described problems, and an object of the present invention is to provide a technology that can dynamically change the information browsing range according to the situation.

  In order to solve the above-described problems, the apparatus of the present invention has the following configuration. That is, in an information processing apparatus that accepts and processes an electronic medical chart viewing request stored in a medical database from a remote viewing terminal connected to a network, a user identifying means that identifies a logged-in user who is logged in to the viewing terminal; , A place specifying means for specifying the place where the logged-in user exists, a determination means for determining whether or not the specified place specified by the place specifying means is a predetermined place, and a seat at the specified place The attendee specifying means for specifying the person and the determining means determine that the specified place is the predetermined place, and the attendee specifying means specifies that the attendee exists at the specified place The electronic medical record can be viewed based on both the login user and the viewing authority assigned to the attendant. Comprising a determining means for determining a circumference, a.

  ADVANTAGE OF THE INVENTION According to this invention, the technique which can change the browsing range of information dynamically according to a condition can be provided.

It is a figure which shows the whole structure of an electronic medical chart browsing system. It is a figure which shows an example of the information contained in an electronic medical record. It is a figure which shows the example of an entrance list. It is a figure which shows the example of ID list. It is a figure which shows the example of a place list. It is a figure which shows the example of a browsing authority order | rank list | wrist. It is a figure which shows the example of a browsing range list. It is a figure which shows the structure of the browsing range management part which concerns on 1st Embodiment. It is a figure which shows the example of a display of an electronic medical chart. It is a flowchart which shows the update process of an entrance list. It is a flowchart of an ID addition process to the ID list. It is a flowchart of the addition process of the place to a place list. It is a flowchart of the browsing range determination process in the server which concerns on 1st Embodiment. It is a figure which shows the structure of the browsing range management part which concerns on the modification 2. FIG.

  Hereinafter, preferred embodiments of the present invention will be described in detail with reference to the drawings. The following embodiments are merely examples, and are not intended to limit the scope of the present invention.

(First embodiment)
As a first embodiment of the information processing apparatus according to the present invention, description will be given below with reference to browsing content control in an electronic medical chart browsing system as an example.

<Overall configuration of browsing system>
FIG. 1 is a diagram illustrating an overall configuration of an electronic medical chart browsing system according to the first embodiment. This browsing system is roughly divided into a server 601 for managing a medical database, a remote IC chip reading unit 607, and a remote browsing terminal 608. Each is connected to a network and can communicate with each other.

  The server 601 is a personal computer (PC), for example, and includes a CPU, a hard disk (HDD), a memory, and the like. The HDD stores an operating system (OS) and various programs. As will be described below, the server 601 stores patient chart information as electronic data (electronic chart). For example, the server 601 responds to a browsing request from a browsing terminal 608 that is communicably connected via a network. In response, the electronic medical record information is transmitted to the browsing terminal 608.

  The IC chip reading unit 607 reads personal identification information (ID) of an IC chip included in an IC card or an IC tag owned by a patient or a doctor, and transmits the read information to the server 601. Here, it is assumed that the IC chip reading unit 607 is installed near the entrance / exit of each place in the hospital. Further, the information read by the IC chip reading unit 607 is transmitted to the server 601 via wired or wireless communication. In particular, in the following description, it is assumed that information is transmitted and received using the Internet protocol (IP).

  In the following description, it is assumed that the common IC chip reading unit 607 is used when entering and leaving the room, but different reading units may be used when entering and leaving the room. In this case, for example, the reading unit 607a for entering the room may be installed at the entrance of the room (outside the room), and the reading unit 607b for leaving the room may be installed at the exit of the room (inside the room). Regarding the entrance / exit management itself, existing technologies can be used.

  The browsing terminal 608 is a personal computer (PC), for example, and includes an input unit 609 and a display unit 610. The browsing terminal 608 is connected to the server 601 via a network so as to be communicable. The input unit 609 is configured with, for example, a keyboard and a mouse. The display unit 610 is a display, for example, and displays an electronic medical record transmitted from the server 601. In addition, the browsing terminal 608 is installed in each place of the hospital similarly to the IC chip reading unit 607.

<Detailed Configuration of Server 601>
The server 601 includes a medical record database (DB) 602, an entrance list management unit 603, an ID list management unit 604, a location list management unit 605, and a browsing range management unit 606 as functional blocks.

  The medical record DB 602 stores an electronic medical record, a room entry list, an ID list, a place list, a browsing authority ranking list, a browsing range list, and the like. Then, it communicates with the IC chip reading unit 607 and the browsing terminal 608 to update and transmit / receive these information.

  FIG. 2 is a diagram illustrating an example of information included in the electronic medical record. As shown in FIG. 2, the electronic medical record is, for example, information such as patient personal identification information (ID), treatment status, treatment location, basic information, X-ray image, and doctor's findings information. The treatment status indicates the state of medical practice for the target patient and describes, for example, “surgery” or “diagnosis”. The treatment place indicates the treatment place of the subject patient, and for example, “operating room” is described. The basic information describes general information about the body of the subject patient such as height and weight.

  FIG. 3 is a diagram showing an example of a room entry list. The room entry list is a list for managing the room entry status of personnel who are currently in a place to be managed (such as a hospital room or an operating room). The room entry list is managed by the room entry list management unit 603. For example, the entrance list management unit 603 receives the IC chip personal identification information (ID) read from the IC chip reading unit 607 (entrance / exit recording device) installed in each place in the hospital, and sequentially updates the entrance list. To do. The process of updating the room entry list by the room entry list management unit 603 will be described later with reference to FIG.

  FIG. 4 is a diagram illustrating an example of an ID list. The ID list is a list for managing a set of a login ID given to each person concerned and a password corresponding to the login ID. The server 601 can be accessed by inputting the login ID and password managed in the ID list to the browsing terminal 608. The ID list also manages the job types of users corresponding to the IDs. Here, any of the occupations registered in the browsing range list (FIG. 7) described later is designated as the occupation for the ID issued to the hospital staff. Further, “patient” is designated as the occupation type for the ID issued to the patient. The ID list is managed by the ID list management unit 604. For example, when a new patient is hospitalized or a new doctor arrives at the hospital, the ID list management unit 604 accepts addition of an ID via the input unit (keyboard) of the server 601 and updates the ID list. The ID list update processing by the ID list management unit 604 will be described later with reference to FIG.

  FIG. 5 is a diagram illustrating an example of a place list. The place list is a list for designating a place where a change process of the viewable range described later is permitted. The location list also manages identification information corresponding to each location. For example, as the identification information, the IP address of the browsing terminal 608 installed at the location is specified. That is, here, the location list is a given list that associates terminal identification information with a location. The place list is managed by the place list management unit 605. For example, when a new operating room is newly established, the location list management unit 605 accepts addition of a location via the input unit (keyboard) of the server 601 and updates the location list. The location list update processing by the location list management unit 605 will be described later with reference to FIG.

  FIG. 6 is a diagram showing an example of a browsing authority ranking list, and FIG. 7 is a diagram showing an example of a browsing range list. The browsing authority ranking list is a list arranged in the order of wide viewing range of electronic medical records by job type. The browsing range list is a list indicating whether or not browsing is possible for each piece of information in the electronic medical record by job type. In FIG. 7, “◯” indicates that browsing is possible, and “×” indicates that browsing is not possible.

  FIG. 8 is a diagram illustrating a configuration of the browsing range management unit according to the first embodiment. The browsing range management unit 606 includes a user authentication unit 701, a chart identification unit 702, a location identification unit 703, a fellow identification unit 704, and a browsing range determination unit 705.

  The user authentication unit 701 (user specifying unit) performs user authentication by checking a set of login ID and password input via the browsing terminal 608 with an ID list. The medical chart identifying unit 702 is a functional unit that identifies the electronic medical record to be browsed. For example, the electronic medical record to be browsed is specified by the patient ID input via the browsing terminal 608.

  The location specifying unit 703 is a functional unit that specifies a location where the browsing terminal 608 that requests browsing of the electronic medical record exists. For example, the location is specified based on the terminal identification information (such as an IP address) of the browsing terminal 608 that has transmitted the login ID and password and the above-described location list (FIG. 5). The attendee identification unit 704 (same person identifying means) identifies the person (seat attendant) in the place (specific place) specified by the place specifying unit 703 with reference to the above-described room entry list (FIG. 3). Further, the attendee identification unit 704 refers to the browse authority ranking list to identify the attendees with broader viewing authority among the attendees.

  The browsing range determination unit 705 is a functional unit that determines the browsing possible range of the electronic medical chart displayed via the browsing terminal 608. Although details will be described later with reference to FIG. 13, the chart is specified based on the browsing range of the user who has logged in via the browsing terminal 608 and the browsing range of the coexisting person present at the location specified by the location specifying unit 703. The viewing range of the electronic medical record of the patient specified in the unit 702 is determined.

  FIG. 9 is a diagram illustrating a display example of the electronic medical record on the display unit 610 of the browsing terminal 608. A screen 901 is a display example within a viewing range based on the authority of a doctor, 901a is a patient ID, 901b is a treatment location, 901c is basic information, 901d is an X-ray image, and 901e is observation information by a doctor. Show. On the other hand, the screen 902 shows an example in which the electronic medical record of the same patient is displayed based on the viewing range based on the authority of the nurse or engineer. In FIG. 9, the “treatment status” shown in FIG. 2 is not displayed, but may be configured to be displayed.

<Renewal process for room entry list>
FIG. 10 is a flowchart showing the update process of the room entry list. The IC chip reading unit 607 at the entrance of the room is always in a standby state for IC chip reading. For example, when an IC card owned by a patient or a doctor is held over, the personal identification information (from the IC chip in the IC card ( User identification information (ID) is read. Then, the read personal identification information (ID) is transmitted to the server 601 together with the identification information of the IC chip reading unit 607. In addition, the update process of the entrance list shown below is performed with respect to each of the places (operating room, examination room, etc.) illustrated in FIG.

  FIG. 10A is a flowchart when a person enters the room. In step S <b> 201, the room entry list management unit 603 receives the personal identification information (ID) transmitted from the IC chip reading unit 607. And the identification information of the IC chip reading part 607 transmitted with the said ID is received. In step S202, the room entry list management unit 603 adds the user name corresponding to the personal identification information received in S201 to the location corresponding to the identification information of the IC chip reading unit 607 received in S201, and updates the room entry list. .

  FIG. 10B is a flowchart when the staff leaves. In step S301, the room entry list management unit 603 receives the personal identification information (ID) transmitted from the IC chip reading unit 607. And the identification information of the IC chip reading part 607 transmitted with the said ID is received. In step S302, the room entry list management unit 603 deletes the user name corresponding to the personal identification information received in S301 from the location corresponding to the identification information of the IC chip reading unit 607 received in S201, and updates the room entry list. .

<User ID list and location list generation / addition processing>
FIG. 11 is a flowchart showing processing for adding an ID to the ID list. In addition, although the input reception in the following steps is described as being received through the input unit of the server 601, it may be configured to be received through the input unit 609 of the browsing terminal 608.

  In step S401, upon receiving the input of the ID addition request, the ID list management unit 604 generates a new ID in the ID list that is different from the existing ID.

  In step S402, the ID list management unit 604 inputs a user name for the new ID generated in step S401, inputs a password corresponding to the new ID in step S403, and inputs a job type corresponding to the new ID in step S404. Are accepted. For security reasons, it is preferable to accept the input of a pre-distributed job type registration password for job type registration.

  In step S405, the information received in steps S402 to S404 is set as information corresponding to the new ID generated in step S401, and the ID list is updated.

  FIG. 12 is a flowchart showing a process for adding a place to the place list. The input reception in the following steps will be described as being received via the input unit 609 of the browsing terminal 608 installed at the place to be added, but may be configured to be received via the input unit of the server 601.

  In step S501, the location list management unit 605 accepts input of a location name to be added. In step S502, an IP address is referred to as terminal identification information associated with the viewing terminal 608 that transmitted the input in S501. In step S503, the combination of the location name input in S501 and the IP address referenced in S502 is added to the location list, and the location list is updated.

<Processing to determine electronic medical chart viewing range>
FIG. 13 is a flowchart showing browsing range determination processing in the server 601 according to the first embodiment. Here, an example in which the “user A” shown in FIG. 4 operates the browsing terminal 608 installed in the “operating room” and browses the electronic medical record will be described. That is, “User A” inputs his / her login ID “101” and the corresponding password via the input unit 609 of the browsing terminal 608.

  In step S <b> 101, the user authentication unit 701 performs user authentication based on the ID and password input via the input unit 609 of the browsing terminal 608. Then, the user authentication unit 701 checks whether the input ID and password combination is included in the ID list, and if included, performs a login process. On the other hand, when the set of input ID and password is not included in the ID list, the display unit 610 of the browsing terminal 608 is controlled to display a display prompting the user to input the ID and password again.

  In step S102, the user authentication unit 701 determines a job type corresponding to the login ID logged in in S101 with reference to the ID list. Here, since “user A” is logged in with the login ID “101”, the occupation type is determined as “nurse”.

  In step S103, the chart specifying unit 702 specifies the chart of the patient to be browsed. Specifically, input of the patient ID of the target patient is accepted via the input unit 609 of the browsing terminal 608. For example, when viewing an electronic medical record of a patient whose patient ID is “200”, an input of “200” is accepted as the ID. And the electronic medical chart which has the same patient ID is specified from the electronic medical charts stored in the database 602.

  In step S104, the location specifying unit 703 determines whether the location list includes the installation location of the browsing terminal 608 used for input by the user who logged in in S101. Here, for example, it is realized by checking whether or not the IP address of the browsing terminal 608 used by the user who has logged in in S101 is included in the location list (FIG. 5). If the location specifying unit 703 determines that the IP address of the browsing terminal 608 is included in the location list, the process proceeds to step S105. Here, since the IP address of the browsing terminal 608 is determined to be “192.168..XXX.YYY”, it matches the IP address corresponding to “operating room” in FIG. 5, and thus the process proceeds to step S105.

  On the other hand, if it is determined in step S104 that the IP address of the browsing terminal 608 is not included in the location list, the process proceeds to step S114. In step S114, the browsing authority of the occupation corresponding to the login ID logged in in S101 is set for the browsing terminal 608. Further, in step S115, the browsing range determination unit 705 updates the browsing range based on the browsing range assigned in S114. That is, in the first embodiment, the browsing authority described later is not changed for the browsing terminal 608 installed in a place not included in the place list. In step S <b> 116, the browsing range determination unit 705 determines whether a logout request has been received from the browsing terminal 608. If it is determined that a logout request has been received, the process proceeds to S117. If it is determined that a logout request has not been received, the process returns to step S116.

  In step S105, the browsing range management unit 606 determines whether the electronic medical record identified in S103 is an electronic medical record whose browsing authority can be changed. For example, it is determined whether or not the location specified in the “treatment place” record of the electronic medical record specified in S103 matches the location of the browsing terminal 608 specified in S104. If they match, it is determined that the viewing authority can be changed, and the process proceeds to step S106. Here, since the electronic medical chart (FIG. 2) with the patient ID “200” is browsed by the browsing terminal 608 installed in the “operating room”, the locations match. On the other hand, if they do not match, it is determined that the viewing authority cannot be changed, and the process proceeds to step S114. In step S114, the browsing authority of the occupation corresponding to the login ID logged in in S101 is set for the browsing terminal 608.

  In step S <b> 106, the attendee identification unit 704 refers to the room entry list and determines a room occupant at the location specified in S <b> 104. Here, the person who enters the “operating room” and the job type are determined. In addition, you may comprise so that it may not refer to the occupant whose occupation type is set to "patient".

  In step S107, the attendee identification unit 704 determines whether or not one or more attendees (upper authority attendees) having broader viewing authority than the user who logged in in S101 exist among the occupants determined in S106. To do. Specifically, it is determined by referring to the browsing authority ranking list or the browsing range list whether or not there is a higher authority companion. If there is a person with higher authority, the process proceeds to step S108. On the other hand, if there is no higher-ranking companion, the process proceeds to step S110. In step S110, the browsing authority for the occupation corresponding to the login ID logged in in S101 is set for the browsing terminal 608.

  According to the browsing authority ranking list of FIG. 6, “Nurse” has the second authority ranking, and only the “doctor” having the first authority ranking has the wider browsing authority. Here, since user A is a “nurse” and there is a user C who is a “doctor” in the operating room, it is determined that there is a higher-ranking companion, and the process proceeds to step S108.

  In step S <b> 108, the viewing range determination unit 705 acquires the viewing range of the higher-ranking cohabitant. Here, the browsing range of the user C, that is, the browsing range of the doctor is acquired. In addition, when there are a plurality of high-ranking co-authors, each high-ranking co-author may take the “OR (logical sum)” of the viewing range. In any case, the browsing range determination unit 705 determines the browsing possible range in consideration of both the browsing authority assigned to the logged-in user and the attendee.

  In step S109, the browsing range determination unit 705 assigns the browsing range acquired in S108 to the login user in S101. Here, a wider viewing range (a viewing range of “doctor”) than the viewing range of “user A” itself (a viewing range of “nurse”) is assigned to the logged-in user (or viewing terminal 608) in S101.

  In step S111, the browsing range determination unit 705 updates the browsing range based on the browsing range assigned in S109 or S110. After the update, the display by the display unit 610 of the browsing terminal 608 is also updated. For example, when the logged-in user is the user A, the screen 902 is normally displayed, but when the user A and the user C are in the same place, the screen 901 is displayed. That is, in the browsing terminal 608, it is possible to browse the finding information in the electronic medical record.

  In step S112, the viewing range determination unit 705 determines whether or not the IC chip has been read by the IC chip reading unit 607 at the location determined in S104. If it is determined that it has been read, the process returns to S106, and the browsing range is updated with reference to the updated entry list. If it is determined that it has not been read, the process proceeds to step S113.

  In step S <b> 113, the browsing range determination unit 705 determines whether a logout request has been received from the browsing terminal 608. If it is determined that a logout request has been received, the process proceeds to S117. If it is determined that a logout request has not been received, the process returns to step S112.

  In step S117, the browsing range determination unit 705 executes logout processing for the user who has logged in in S101, and ends the browsing processing. Thereafter, for example, “logged out” may be displayed on the display unit 610 of the browsing terminal 608.

  As described above, according to the first embodiment, the viewing authority of the logged-in user is dynamically changed based on the viewing authority of the person who is present (person in the same place). Thereby, it is possible to realize a browsing system that is more convenient than the conventional one while maintaining the security level.

(Modification 1)
In the first modification, a configuration for suppressing frequent changes in the viewing range will be described. In other words, in the first embodiment, every time a person with higher authority sits away temporarily (rest or transport of tools), the authority is immediately changed. In other words, during the temporary exit of the higher-ranking cohabitant, information that can be browsed due to the above-described change in authority becomes impossible to browse. In that case, even though the security level is high, in some cases, it may be unusable.

  Therefore, it may be configured to suppress a change in the viewing range due to temporary leaving of a higher-ranking companion. Specifically, for a predetermined time (for example, within 5 minutes) after the senior authority cohabitant leaves the office, the authority is not renewed as a grace period, and the upper authority cohabitant waits for re-entry. Then, the authority change is executed only when the higher authority attendant does not re-enter the room within a predetermined time.

  Specifically, the process of the processing step (step S112 in FIG. 13) for determining the viewing range of the electronic medical record is different from the first embodiment. That is, even if it is determined in step S112 that the IC chip of the higher-ranking cohabitant has been read and it has been determined that the higher-ranking cohabitant has left, NO is automatically determined in step S112 for five minutes after the reading. Is determined. Thereby, the process of step S112 and step S113 is repeated for 5 minutes. On the other hand, after the elapse of 5 minutes, if the above-mentioned higher-ranking cohabitant has not entered the room, YES is automatically determined in step S112 and the process returns to step S106.

  With such a configuration, when the higher-ranking authority member re-enters the room within a predetermined time (here, within 5 minutes), the authority update (change) is suppressed. Therefore, even when the higher-ranking companion (user C who is a doctor) has left the room temporarily, the electronic medical chart can be referred to within the range of the authority of the higher-ranking companion at the browsing terminal 608.

  In the case where a third party enters the room while a higher-ranking cohabitant has temporarily left the room, the process may proceed to step S106 in order to prevent information leakage to the third party. good.

(Modification 2)
In the second modification, a description will be given of a configuration that determines whether or not the viewing range can be changed based on other information (such as contents described in the electronic medical record) in addition to the information on the location of the logged-in user. That is, in the first embodiment, the configuration has been described in which whether or not the viewing range can be changed is determined based on the location information of the logged-in user.

  However, even in the same place, depending on the type of medical practice, there is a possibility that the logged-in user who has changed the viewing range can browse unnecessary information. For example, during a normal examination in an examination room, a nurse can browse observation information (such as “degree of cancer progression”) for a patient. Further, for example, when referring to an electronic medical record in a conference presentation, the conference room, which is the presentation place, does not match the treatment place of the electronic medical record, and thus the above viewing authority cannot be changed.

  Therefore, in the second modification, in addition to the configuration of the browsing range management unit of the first embodiment, an example in which the browsing range is controlled according to the browsing user's action (viewing purpose) will be described.

<Control of viewable range according to "user action">
FIG. 14 is a diagram illustrating a configuration of a browsing range management unit according to the second embodiment. Among these, the action specifying unit 1504 is a functional unit that specifies an action of a reader of the electronic medical record. Then, the browsing range determination unit 1506 includes the user authenticated by the user authentication unit 1501, the location specified by the location specifying unit 1503, the user action specified by the action specifying unit 1504, and the attendee identification unit 1505 in the information of the identified seated person. It is a function part which sets a browsing possible range based on it. In addition, since each part other than the action specific | specification part 1504 and the browsing range determination part 1506 is a function part similar to each part of the same name of 1st Embodiment (FIG. 7), description is abbreviate | omitted.

  In the following description, it is assumed that the user's action to browse (eg, “conference announcement”) is designated in advance as the content for the “treatment status” item of the electronic medical record. However, an “action” item may be provided and designated in the electronic medical record.

<Processing to determine electronic medical chart viewing range>
The process for determining the electronic medical chart viewing range is substantially the same as that in the first embodiment (FIG. 13), but the process of step S118 is added between the processes of steps S104 and S105.

  In step S118, the action specifying unit 1504 refers to the content for the item “treatment status” in the electronic medical record to be browsed. When the treatment status is “conference announcement”, step S105 is skipped and the process proceeds to step S106. On the other hand, if the “treatment status” is other than “conference announcement” (such as “surgery”), the process proceeds to step S105 as in the first embodiment. In other words, based on the keyword “conference announcement”, a part of the processing is skipped, so that the viewing range is updated.

  Thus, the convenience can be improved by further considering the information of the “act” intended by the logged-in user. In addition, the example which considered the information of "act" was demonstrated as an example here. However, the configuration may be such that part of the processing is skipped based on other additional information, for example, information on whether or not a predetermined device (eg, an electrocardiograph) is present in the room.

(Other examples)
The present invention can also be realized by executing the following processing. That is, software (program) that realizes the functions of the above-described embodiments is supplied to a system or apparatus via a network or various storage media, and a computer (or CPU, MPU, or the like) of the system or apparatus reads the program. It is a process to be executed.

Claims (10)

An information processing apparatus that accepts and processes an electronic medical chart browsing request stored in a medical database from a remote browsing terminal connected to a network,
User identifying means for identifying a logged-in user who has logged into the viewing terminal;
A location identifying means for identifying a location where the login user exists;
Determining means for determining whether the specific place specified by the place specifying means is a predetermined place;
A fellow identification means for identifying a fellow present at the specific location;
When it is determined by the determination means that the specific place is the predetermined place, and the presence person is specified at the specific place by the attendee specifying means, the logged-in user and the same person are notified. Determining means for determining a viewable range for the electronic medical record based on both of the assigned viewing rights;
An information processing apparatus comprising:   The determining means determines the viewable range based on the viewing authority assigned to the login user when the attendee specifying means specifies that only the logged-in user exists at the specified location, When it is specified by the means that one or more attendees are present at the specified location, the viewable range is determined based on the broadest viewing authority among the viewing authorities assigned to the login user and the one or more attendees. The information processing apparatus according to claim 1,   The determination unit, when the determination unit determines that the specific place is not the predetermined place, determines a viewable range based on a browsing authority assigned to the login user. The information processing apparatus according to 1 or 2.   The information processing apparatus according to claim 1, wherein the user specifying unit specifies the login user based on user identification information input to the browsing terminal.   The information processing apparatus according to any one of claims 1 to 4, wherein the browsing authority is preset for a user's job type.   2. The location specifying unit specifies the location based on terminal identification information associated with the browsing terminal and a given location list associating the terminal identification information with a location. The information processing apparatus according to any one of claims 5 to 6.   The information processing apparatus according to claim 6, wherein the terminal identification information is an IP address assigned to the browsing terminal.   8. The attendant identification means identifies the attendee based on an entrance list generated by an entrance / exit recording device installed at the place. 8. Information processing device. An information processing method for receiving and processing an electronic medical chart browsing request stored in a medical database from a remote browsing terminal connected to a network,
A user identification step for identifying a logged-in user who has logged into the viewing terminal;
A location identifying step for identifying a location where the logged-in user exists;
A determination step of determining whether the specific location specified by the location specification step is a predetermined location;
A person identification process for identifying a person present at the specific place;
If it is determined in the determination step that the specific place is the predetermined place, and the presence of a person in the specific place is specified in the attendee specifying step, the logged-in user and the attendee A determination step of determining a viewable range for the electronic medical record based on both of the assigned viewing authority;
An information processing method comprising:   The program for functioning a computer as each means of the information processing apparatus as described in any one of Claims 1 thru | or 8.

Images