JP2021189868A - Medical information storage program, and medical information storage management device - Google Patents

Abstract

To enable improvement in security of medical data on a medical facility, and improvement in a degree of freedom of a user management.SOLUTION: A server device 10, which is accessible from client terminals 30 of a plurality of medical facilities and can communicate with a database server 20 storing medical information on the plurality of medical facilities in a different region for each medical facility and keeping the stored medical information, and comprises: acquisition means that acquires facility identification information transmitted from the client terminal 30 and determined for each facility; collation means that collates authentication information transmitted from the client terminal 30 with the facility identification information on the basis of a request; and access means that permits access to a data region allocated to the medical facility of the database server 20 on the basis of the facility identification information when the collation of the authentification information with the facility identification information is approved.SELECTED DRAWING: Figure 1

Description

The present invention relates to a medical information storage program and a medical information storage management device.

Conventionally, when storing medical data of multiple medical institutions, the service provider manages the user, and each medical data is saved with information on which medical facility data is added, and medical data related to the logged-in user. A system that manages access so that it can be referred to has been proposed.

As such a system, for example, in order to refer to medical data stored in a database of an external server, a system that performs user authentication using an IC card and enables access control of medical data of a plurality of medical facilities is available. It has been proposed (see Patent Document 1).

Japanese Unexamined Patent Publication No. 10-31430

By the way, when storing medical data of a plurality of medical facilities, there is a request that the data area for storing medical data be separated for each medical facility from the viewpoint of security.
In addition, there is a desire to manage users who are staff members of medical facilities that refer to medical data for each medical facility.
However, the above requirements cannot be solved by conventional systems.

The present invention has been made in view of the above-mentioned problems in the prior art, and an object thereof is to improve the security of medical data in a medical facility and to improve the degree of freedom in user management.

In order to solve the above problems, the medical information storage program of the invention according to claim 1 is used.
A computer of a server device that can be accessed from client terminals of multiple medical facilities and can communicate with a database that stores and stores medical information of the multiple medical facilities in different areas for each medical facility.
Acquisition step to acquire facility specific information specified for each facility transmitted from the client terminal,
A request step that requests the authentication information specified for each facility from the client terminal that has transmitted the facility specific information.
A collation step for collating the authentication information transmitted from the client terminal with the facility specific information based on the request.
In the collation step, when the collation between the authentication information and the facility-specific information is approved, an access step for permitting access to the data area assigned to the medical facility in the database based on the facility-specific information. ,
Is characterized by executing.

Further, the invention according to claim 2 is the medical information storage program according to claim 1.
The facility identification information includes a URL for specifying a storage area of the database, and the facility identification information includes a URL.
The authentication information includes unique information corresponding to the encrypted URL.
The collation step is characterized in that the URL included in the facility specific information is collated with the unique information included in the authentication information.

Further, the medical information storage program of the invention according to claim 3 is
It can be accessed from client terminals of a plurality of medical facilities, and can communicate with a database that stores and stores medical information of the plurality of medical facilities in different areas for each medical facility, and links the identification information of the client terminals with the medical facility information. To the computer of the server device that stores information
Acquisition step to acquire facility specific information specified for each facility transmitted from the client terminal,
A request step for requesting the client terminal identification information from the client terminal,
A collation step for collating the medical facility information stored in association with the identification information of the client terminal transmitted from the client terminal based on the request and the facility specific information.
In the collation step, when the collation between the medical facility information and the facility specific information is approved, the access permitting the access to the data area assigned to the medical facility in the database based on the facility specific information is permitted. Step,
Is characterized by executing.

Further, the invention according to claim 4 is the medical information storage program according to claim 3.
The facility identification information includes a URL for specifying a storage area of the database, and the facility identification information includes a URL.
The medical facility information includes unique information corresponding to the URL, and the medical facility information includes unique information.
The collation step is characterized in that the URL included in the facility specific information is collated with the unique information included in the medical facility information.

Further, the invention according to claim 5 is the medical information storage program according to any one of claims 1 to 4.
The access step is characterized in that, when the collation is not recognized in the collation step, the communication from the client terminal is rejected.

Further, the medical information storage management device according to claim 6 is the medical information storage management device.
A medical information storage management device that can be accessed from client terminals of a plurality of medical facilities and can communicate with a database that stores and stores medical information of the plurality of medical facilities in a different area for each medical facility.
Acquisition means for acquiring facility-specific information specified for each facility transmitted from the client terminal, and
A requesting means for requesting the authentication information specified for each facility from the client terminal that has transmitted the facility specific information, and
A collation means for collating the authentication information transmitted from the client terminal based on the request with the facility-specific information.
When the collation means approves the collation of the authentication information with the facility-specific information, the access means for permitting access to the data area assigned to the medical facility of the database based on the facility-specific information. When,
It is characterized by having.

Further, the invention according to claim 7 is the medical information storage management device according to claim 6.
The client terminal is provided with a transmission means for transmitting installation information for installing the identification information.

Further, the medical information storage management device according to claim 8 is the medical information storage management device.
A medical information storage management device that can be accessed from client terminals of a plurality of medical facilities and can communicate with a database that stores and stores medical information of the plurality of medical facilities in a different area for each medical facility.
A storage means for storing the identification information of the client terminal in association with the medical facility in which the client terminal is installed, an acquisition means for acquiring the facility specific information specified for each facility transmitted from the client terminal, and an acquisition means.
A requesting means for requesting the client terminal identification information from the client terminal, and
A collation means for collating the medical facility information stored in association with the identification information of the client terminal transmitted from the client terminal based on the request and the facility specific information.
When the collation means approves the collation between the medical facility information and the facility-specific information, the access permitting access to the data area assigned to the medical facility in the database based on the facility-specific information. Means and
It is characterized by having.

According to the present invention, it is possible to improve the security of medical data in medical facilities and the degree of freedom in user management.

It is a system block diagram of the medical information storage system in embodiment of this invention. It is a block diagram which shows the functional configuration of a server apparatus. It is a block diagram which shows the functional configuration of a database server. It is a block diagram which shows the functional configuration of a client terminal. It is a ladder chart which shows the access / login permission processing in embodiment. It is a ladder chart which shows the access / login permission processing in the modification of embodiment.

[Embodiment]
First, an embodiment of the medical information storage system according to the present invention will be described with reference to FIG. The present invention is not limited to the illustrated examples.

FIG. 1 shows the system configuration of the medical information storage system 100 according to the embodiment.
As shown in FIG. 1, the medical information storage system 100 is installed in a server device 10 and a database server 20 as medical information storage management devices, client terminals 30A1 and 30A2 installed in medical facility A, and medical facility B. It is configured to include client terminals 30B1 and 30B2, and ... The client terminals 30A1, 30A2, 30B1, 30B2 ... Are connected to the server device 10 via the network N1 so as to be capable of data communication. Further, the server device 10 and the database server 20 are connected to each other via the network N2 so that data communication is possible.
The number of client terminals 30A1, 30A2, 30B1, 30B2 ... Installed in each medical facility is not particularly limited.
Hereinafter, when each medical facility is not particularly distinguished, the client terminals 30A1, 30A2, 30B1, 30B2 ... Are simply referred to as client terminals 30.

The database server 20 is a device that provides an image storage service that stores and manages medical images generated in each medical facility for the purpose of backup, and provides medical images in response to a request from an external device.
In addition, the registration information of the staff who is the user who uses the client terminal 30 of each medical facility is stored.

The server device 10 is a device that manages medical information of a plurality of medical facilities and access from a client terminal 30.

The client terminals 30A1 and 30A2 are computers used by staff such as doctors in medical facility A. The client terminals 30A1 and 30A2 are used when accessing the server device 10 via the network N1 and viewing the medical image of the own facility stored in the database server 20. Further, the client terminals 30A1 and 30A2 are used when accessing the server device 10 via the Internet N1 and managing the user information of the own facility stored in the database server 20.

Since the client terminals 30B1 and 30B2 provided in the medical facility B are the same as the client terminals 30A1 and 30A2 provided in the medical facility A, the description thereof will be omitted.

FIG. 2 shows the functional configuration of the server device 10.
As shown in FIG. 2, the server device 10 includes a control unit 11, a RAM 12, a communication unit 13, and a storage unit 14, and each unit is connected by a bus 15.

The control unit 11 is a control circuit composed of a CPU or the like and comprehensively controls the processing operation of each unit of the server device 10. The control unit 11 reads various programs stored in the storage unit 14 and develops them in the RAM 12, and executes various processes in cooperation with the programs.

The RAM 12 forms a work area for temporarily storing various programs, input or output data, parameters, etc. read from the storage unit 14 in various processes executed and controlled by the control unit 11.

The communication unit 13 is a communication circuit configured by a network interface or the like and transmitting / receiving data to / from external devices such as a client terminal 30 and a database server 20 connected via a network N1 and a network N2.

The storage unit 14 is a storage device composed of an HDD, a non-volatile semiconductor memory, or the like. The storage unit 14 stores various programs executed by the control unit 11, as well as parameters and data necessary for executing the various programs.

The control unit 11 acquires the medical facility specific information set for each medical facility transmitted from the client terminal 30 via the communication unit 13. The medical facility specific information is, for example, a predetermined URL (Uniform Resource Locator) specified on a Web browser for accessing the server device 10 from the client terminal 30.
That is, the control unit 11 and the communication unit 13 function as acquisition means.

The control unit 11 requests the client terminal 30 for the authentication information set for each medical facility via the communication unit 13. The authentication information is, for example, a client certificate pre-installed on the client terminal 30.
That is, the control unit 11 and the communication unit 13 function as requesting means.
In the client certificate, information for collating the URL included in the medical facility specific information is encrypted and stored. Specifically, the information is unique information corresponding to the URL, and may be the URL itself, but may not be the URL itself as long as the information can specify the URL.

The control unit 11 collates the unique information stored in the client certificate, which is the authentication information transmitted from the client terminal 30, with the predetermined URL, which is the medical facility specific information.
That is, the control unit 11 functions as a collation means.

When the collation means approves the collation between the unique information stored in the client certificate which is the authentication information and the predetermined URL which is the medical facility specific information, the control unit 11 determines the medical facility specific information. Based on the URL, access to the storage area 25 (see FIG. 3) allocated to the target medical facility in the database server 20 is permitted.
That is, the control unit 11 functions as an access means.

As shown in FIG. 3, the database server 20 includes a control unit 21, a RAM 22, a communication unit 23, and a storage unit 24, and each unit is connected by a bus 26.

The control unit 21 is a control circuit composed of a CPU (Central Processing Unit) or the like and comprehensively controls the processing operation of each unit of the database server 20. The control unit 21 reads out various programs stored in the storage unit 24, develops them in the RAM 22, and executes various processes in cooperation with the programs.

The RAM 22 forms a work area for temporarily storing various programs, input or output data, parameters, etc. read from the storage unit 24 in various processes executed and controlled by the control unit 21.

The communication unit 23 is a communication circuit configured by a network interface or the like and transmitting / receiving data to / from an external device such as a server device 10 connected via the network N2.

The storage unit 24 is a storage device composed of an HDD (Hard Disk Drive), a non-volatile semiconductor memory, or the like. The storage unit 24 stores various programs executed by the control unit 21, as well as parameters and data necessary for executing the various programs.
Specifically, the storage unit 24 is divided into areas where information is stored for each medical facility, such as medical facility A storage area 25a, medical facility B storage area 25b, and so on. The user management tables T25a, T25b ... Of each medical facility and medical data D25a, D25b ... Such as medical images generated in each medical facility are stored in each storage area 25a, 25b .... ..
Hereinafter, when each medical facility is not particularly distinguished, the storage areas 25a, 25b ..., User management tables T25a, T25b ..., Medical data D25a, D25b ... Are simply stored areas 25, user management table. It is described as T25 and medical data D25.

The user management table T25 stores information about users belonging to a plurality of medical facilities in the medical information storage system 100. In the user management table T25, a user ID, an affiliated facility ID, a name, an e-mail address, a password, an access authority, and the like are stored in association with each other.
The user ID is identification information for identifying the user.
The affiliation facility ID is the facility ID of the medical facility to which the user belongs.
The name is the user's name.
The email address is the user's email address.
The password is a password for user authentication when the user logs in.
The access authority is for limiting the medical data that can be viewed in the storage area 25.

The user information in the user management table T25 is registered from the client terminal 30 installed in the medical facility to which the user corresponding to the user information belongs.
Therefore, each medical facility can freely set and manage users, authority, and the like who can access its own storage area.

The medical data D25 is a medical image or the like generated in a medical facility. The medical image is transmitted from the client terminal 30 installed in the medical facility and stored in the storage area 25.

FIG. 4 shows the functional configuration of the client terminal 30.
As shown in FIG. 4, the client terminal 30 includes a control unit 31, a RAM 32, a communication unit 33, an operation unit 34, a display unit 35, a storage unit 36, and the like, and each unit is connected by a bus 37 or the like. ..

The control unit 31 is a control circuit composed of a CPU or the like and comprehensively controls the processing operation of each unit of the client terminal 30. The control unit 31 reads out various programs stored in the storage unit 36, develops them in the RAM 32, and executes various processes in cooperation with the programs.

The RAM 32 forms a work area for temporarily storing various programs, input or output data, parameters, etc. read from the storage unit 36 in various processes executed and controlled by the control unit 31.

The communication unit 33 is a communication circuit configured by a network interface or the like and transmitting / receiving data to / from an external device such as a server device 10 connected via the network N1.

The operation unit 34 is an operation device including a keyboard having a cursor key, a character input key, various function keys, and a pointing device such as a mouse, and an operation signal input by a key operation or a mouse operation on the keyboard. Is output to the control unit 31.

The display unit 35 is a display device provided with a monitor such as an LCD (Liquid Crystal Display), and displays various screens according to instructions of display signals input from the control unit 31.

The storage unit 36 is a storage device composed of an HDD, a non-volatile semiconductor memory, or the like. The storage unit 36 stores various programs executed by the control unit 31, as well as parameters and data necessary for executing the various programs.
Further, the storage unit 36 stores the client certificate which is the authentication information transmitted from the server device 10 and installed.

Next, the operation in the embodiment will be described.
The processing in the server device 10 is realized by the cooperation between the control unit 11 and the program stored in the storage unit 14, and the processing in the database server 20 is the program stored in the control unit 21 and the storage unit 24. It is realized by cooperation, and the processing in the client terminal 30 is realized by cooperation between the control unit 31 and the program stored in the storage unit 36.

FIG. 5 is a ladder chart showing access / login permission processing performed in the medical information storage system 100. In the access / login permission process, the client terminal 30 requests the server device 10 to refer to a medical image or the like stored in the storage area 25 of the database server 20, and the server device 10 permits the request. This is a process that makes it possible to refer to a medical image or the like.
It is assumed that the client certificate is pre-installed in the client terminal 30 before the access / login permission process is executed.

First, in the client terminal 30, when the user inputs a predetermined URL on the Web browser using the operation unit 34, the control unit 31 makes an access request to the server device 10 (step S11).
Next, the control unit 11 of the server device 10 acquires the access request from the client terminal 30 via the communication unit 13 and requests the client terminal 30 that has sent the access request to present the client certificate (step). S12).
Next, the control unit 31 of the client terminal 30 acquires the client certificate presentation request from the server device 10 via the communication unit 33, and presents the client certificate to the server device 10 (step S13).

Next, the control unit 11 of the server device 10 acquires the client certificate presented by the client terminal 30 via the communication unit 13, and the predetermined URL and the client certificate transmitted by the client terminal 30 in the access request of step S11. The unique information stored in is collated (step S14).
When the collation is approved (step S14; YES), the control unit 11 of the server device 10 gives the client terminal 30 access to the storage area 25 in which the data of the target medical facility of the database server 20 is stored. Allow (step S15).

Next, the control unit 11 of the server device 10 requests the user ID and password of the user from the client terminal 30 that has been permitted to access via the communication unit 13 (step S16).
When the control unit 31 of the client terminal 30 acquires the user ID and password request of the user from the server device 10 via the communication unit 33, the control unit 31 logs in. A login screen is provided from the server device 10 to the client terminal 30. In the client terminal 30, the user ID and password are input by the operation from the operation unit 34. The control unit 31 transmits the entered user ID and password to the server device 10 (step S17).

The control unit 11 of the server device 10 acquires the user ID and password transmitted from the client terminal 30 via the communication unit 13 and performs user authentication (step S18). Specifically, when the combination of the entered user ID and password matches the combination of the user ID and password registered in advance in the user management table T25 of the database server 20, it is determined that the user authentication is OK. Will be done.
When the user authentication is OK (step S18; YES), the control unit 11 of the server device 10 permits the login of the client terminal 30 (step S19), and ends the process. When the client terminal 30 is permitted to log in, the client terminal 30 can refer to a medical image or the like stored in the storage area 25 of the database server 20.

When the matching of the predetermined URL transmitted by the client terminal 30 and the unique information stored in the client certificate is not recognized in the access request in step S11 (step S14; NO), the control unit 11 connects with the client terminal 30. Communication is rejected (step S20), and the process ends.
Alternatively, if the user authentication is NG (step S18; NO), the control unit 11 rejects the communication with the client terminal 30 (step S21), and ends the process.

As described above, according to the above embodiment, the medical information storage system 100 can be accessed from the client terminals 30 of a plurality of medical facilities, and the medical data D25 of the plurality of medical facilities can be stored in different areas for each medical facility. A predetermined URL which is medical facility specific information determined for each medical facility transmitted from the client terminal 30 to the control unit 11 which is a computer of the server device 10 capable of communicating with the database server 20 stored in the storage area 25. A request step for requesting the client terminal 30 that has transmitted a predetermined URL that is medical facility specific information, and a request step that requests the client certificate, which is authentication information defined for each medical facility, from the client terminal 30. In the collation step of collating the client certificate which is the authentication information with the predetermined URL which is the medical facility specific information, and the collation step, the client certificate which is the authentication information and the predetermined URL which is the medical facility specific information are collated. Is approved, an access step for permitting access to the storage area 25, which is a data area allocated to the target medical facility of the database server 20, is executed based on a predetermined URL which is the medical facility specific information. Let me.
Therefore, since the medical data of each medical facility can be stored in a storage area different for each medical facility, the medical data security of the medical facility can be improved.
In addition, each medical facility can set and manage users and privileges that can access its own storage area, so that the degree of freedom in user management can be improved.

(Modification example)
Next, a modified example of the above embodiment will be described.
Since the medical information storage system in the modified example has the same configuration as the medical information storage system 100 shown in the embodiment, FIGS. 1 to 4 are incorporated, and illustration and description of the configuration are omitted. Hereinafter, the configuration and processing characteristic of the modified example will be described.

In the medical information storage system 100 in the modified example, the identification information of the client terminal 30 is used instead of the client certificate which is the authentication information defined for each medical facility in the above embodiment.
The identification information of the client terminal 30 is information generated from the unique terminal name of the client terminal 30, the unique identification ID of the client terminal 30, or the unique information of the hardware of the client terminal 30.
The identification information of the client terminal 30 is stored in advance in the storage unit 14 of the server device 10.
Further, unique information corresponding to a URL that identifies a predetermined storage area 25 of the database server 20, which is medical facility information, is stored in the storage unit 14 of the server device 10 in association with the identification information of the client terminal 30. .. Here, the storage unit 14 functions as a storage means.

FIG. 6 is a ladder chart showing an access / login permission process performed in the medical information storage system 100 of the modified example.

First, the control unit 31 of the client terminal 30 makes an access request to the server device 10 in the same manner as in step S11 of the embodiment (step S21).
Next, the control unit 11 of the server device 10 acquires the access request from the client terminal 30 via the communication unit 13 and requests the client terminal 30 that has transmitted the access request to present the identification information of the client terminal 30. (Step S22).
Next, the control unit 31 of the client terminal 30 acquires the request for presenting the identification information of the client terminal 30 from the server device 10 via the communication unit 33, and presents the identification information of the client terminal 30 to the server device 10. (Step S23).

The control unit 11 of the server device 10 acquires the medical facility information stored in the storage unit 14 and associated with the identification information of the client terminal 30 (step S24).
Next, the control unit 11 collates the predetermined URL transmitted by the client terminal 30 with the medical facility information acquired in step S24 (step S25).
When the collation is approved (step S25; YES), the control unit 11 of the server device 10 gives the client terminal 30 access to the storage area 25 in which the data of the target medical facility of the database server 20 is stored. Allow (step S26). After that, steps S27 to S30 similar to steps S16 to S19 of the embodiment are performed, and the process is completed. When the client terminal 30 is permitted to log in, the client terminal 30 can refer to a medical image or the like stored in the storage area 25 of the database server 20.

When the collation between the predetermined URL transmitted by the client terminal 30 and the medical facility information acquired in step S24 is not recognized in the access request in step S21 (step S25; NO), the control unit 11 connects with the client terminal 30. Communication is rejected (step S31), and the process ends.
Alternatively, if the user authentication is NG (step S29; NO), the control unit 11 rejects the communication with the client terminal 30 (step S32), and ends the process.

As described above, according to the modification of the above embodiment, the medical information storage system 100 can be accessed from the client terminals 30 of the plurality of medical facilities, and the medical data D25 of the plurality of medical facilities can be obtained for each medical facility. The identification information of the client terminal 30 is stored in the server device 10 in the computer of the server device 10 capable of communicating with the database server 20 stored in the storage area 25, which is a different area, and for each medical facility transmitted from the client terminal 30. An acquisition step of acquiring a predetermined URL which is a predetermined medical facility specific information, a request step of requesting the client terminal 30 which has transmitted the predetermined URL which is the medical facility specific information, and a request for the identification information of the client terminal 30. In the collation step and the collation step of collating the medical facility information of the medical facility stored in association with the identification information of the client terminal 30 transmitted from the client terminal 30 based on the above and the URL which is the medical facility specific information. When the collation of the medical facility is approved, the access step for permitting the access to the storage area 25 which is the data area allocated to the target medical facility of the database server 20 based on the URL which is the medical facility specific information. , Is executed.
Therefore, since the medical data of each medical facility can be stored in a storage area different for each medical facility, the medical data security of the medical facility can be improved.
In addition, each medical facility can set and manage users and privileges that can access its own storage area, so that the degree of freedom in user management can be improved.

The description in the above-described embodiment and modification is an example of the medical information storage system according to the present invention, and is not limited thereto. The detailed configuration and detailed operation of each device constituting the system can be appropriately changed without departing from the spirit of the present invention.

In the above embodiment, the client certificate, which is the authentication information, is pre-installed in the client terminal 30, but it is assumed that the client certificate is installed in the client terminal 30 by the program stored in the storage unit 14 of the server device 10. May be good.

10 Server device 11 Control unit (acquisition means, request means, collation means, access means)
12 RAM
13 Communication unit (acquisition means, request means)
14 Storage unit (memory means)
15 Bus 20 Database server 21 Control unit 22 RAM
23 Communication unit 24 Storage unit 25, 25a, 25b Storage area 26 Bus 30, 30A1, 30A2, 30B1, 30B2 Client terminal 31 Control unit 33 Communication unit 34 Operation unit 35 Display unit 36 Storage unit 100 Medical information storage system N1 Network N2 Network T25, T25a, T25b User management table D25, D25a, D25b Medical data

Claims (8)

A computer of a server device that can be accessed from client terminals of multiple medical facilities and can communicate with a database that stores and stores medical information of the multiple medical facilities in different areas for each medical facility.
Acquisition step to acquire facility specific information specified for each facility transmitted from the client terminal,
A request step that requests the authentication information specified for each facility from the client terminal that has transmitted the facility specific information.
A collation step for collating the authentication information transmitted from the client terminal with the facility specific information based on the request.
In the collation step, when the collation between the authentication information and the facility-specific information is approved, an access step for permitting access to the data area assigned to the medical facility in the database based on the facility-specific information. ,
A medical information storage program characterized by running. The facility identification information includes a URL for specifying a storage area of the database, and the facility identification information includes a URL.
The authentication information includes unique information corresponding to the encrypted URL.
The medical information storage program according to claim 1, wherein the collation step collates a URL included in the facility specific information with the unique information included in the authentication information. It can be accessed from client terminals of a plurality of medical facilities, and can communicate with a database that stores and stores medical information of the plurality of medical facilities in different areas for each medical facility, and links the identification information of the client terminals with the medical facility information. To the computer of the server device that stores information
Acquisition step to acquire facility specific information specified for each facility transmitted from the client terminal,
A request step for requesting the client terminal identification information from the client terminal,
A collation step for collating the medical facility information stored in association with the identification information of the client terminal transmitted from the client terminal based on the request and the facility specific information.
In the collation step, when the collation between the medical facility information and the facility specific information is approved, the access permitting the access to the data area assigned to the medical facility in the database based on the facility specific information is permitted. Step,
A medical information storage program characterized by running. The facility identification information includes a URL for specifying a storage area of the database, and the facility identification information includes a URL.
The medical facility information includes unique information corresponding to the URL, and the medical facility information includes unique information.
The medical information storage program according to claim 3, wherein the collation step collates a URL included in the facility specific information with the unique information included in the medical facility information. The medical information storage program according to any one of claims 1 to 4, wherein the access step rejects communication from the client terminal when the collation is not recognized in the collation step. A medical information storage management device that can be accessed from client terminals of a plurality of medical facilities and can communicate with a database that stores and stores medical information of the plurality of medical facilities in a different area for each medical facility.
Acquisition means for acquiring facility-specific information specified for each facility transmitted from the client terminal, and
A requesting means for requesting the authentication information specified for each facility from the client terminal that has transmitted the facility specific information, and
A collation means for collating the authentication information transmitted from the client terminal based on the request with the facility-specific information.
When the collation means approves the collation of the authentication information with the facility-specific information, the access means for permitting access to the data area assigned to the medical facility of the database based on the facility-specific information. When,
A medical information storage management device characterized by being equipped with. The medical information storage management device according to claim 6, wherein the client terminal is provided with a transmission means for transmitting installation information for installing identification information. A medical information storage management device that can be accessed from client terminals of a plurality of medical facilities and can communicate with a database that stores and stores medical information of the plurality of medical facilities in a different area for each medical facility.
A storage means for storing the identification information of the client terminal in association with the medical facility in which the client terminal is installed, an acquisition means for acquiring the facility specific information specified for each facility transmitted from the client terminal, and an acquisition means.
A requesting means for requesting the client terminal identification information from the client terminal, and
A collation means for collating the medical facility information stored in association with the identification information of the client terminal transmitted from the client terminal based on the request and the facility specific information.
When the collation means approves the collation between the medical facility information and the facility-specific information, the access permitting access to the data area assigned to the medical facility in the database based on the facility-specific information. Means and
A medical information storage management device characterized by being equipped with.

Images