KR20220059201A - Method for personal data management - Google Patents

Abstract

The present invention relates to a personal information management method to resolve medical malpractice disputes. According to some embodiments of the present invention, the personal information management method comprises the following steps: receiving a first signal for searching for medical information of a first user from an external device; transmitting a search signal for searching for the medical information to at least one node included in a blockchain network to search for the medical information, wherein the at least one node stores a first transaction including first information representing whether provision of personal information for the first user is agreed and the medical information of the first user in a blockchain form; receiving the first transaction corresponding to the search signal from the at least one node; and using the first information included in the first transaction to determine whether to provide the medical information included in the first transaction to the external device when the first transaction is received.

Description

How to manage personal information {METHOD FOR PERSONAL DATA MANAGEMENT}

To a personal information management method, and more specifically, to a personal information management method for managing the processing of personal information including medical information.

In general, in order for a patient to provide his/her medical information to another institution, it is possible to directly visit a medical institution, etc. and receive the medical information and then deliver it.

Various relay system technologies that enable this when exchanging personal information data between medical institutions have been proposed, but in this case, it is difficult to check whether the laws related to personal information protection have been complied with.

Failure to explain to the patient or obtain written consent in violation of Article 24-2 Paragraph 1 of the Personal Information Protection Act In this case, a fine for negligence shall be imposed pursuant to Article 92 (1) 1-3 of the Act.

In addition, there is a problem that it is complicated and expensive because it is necessary to establish various procedures such as a consent form for providing personal information and to change the existing interface for each institution to perform this.

Republic of Korea Patent Registration No. 10-2167736 (Registered on October 13, 2020)

The present disclosure has been devised in response to the background art described above, and is intended to provide a method for managing personal information.

The technical problems of the present disclosure are not limited to the technical problems mentioned above, and other technical problems not mentioned will be clearly understood by those skilled in the art from the following description.

In order to solve the above problem, the personal information management method includes: receiving a first signal for searching for medical information of a first user from an external device; Transmitting a search signal for retrieving the medical information to at least one node included in a block chain network to retrieve the medical information - Whether the at least one node agrees to provide personal information to the first user Storing in the form of a block chain as a first transaction including first information indicating and the medical information of the first user; receiving the first transaction corresponding to the search signal from the at least one node; and determining whether the medical information included in the first transaction may be provided to the external device by using the first information included in the first transaction when the first transaction is received. can

alternatively, when transmitting the search signal to the at least one node, generating a second transaction related to the search; and by transmitting the second transaction to at least one node included in the blockchain network, the second transaction is recorded in the blockchain network based on a consensus algorithm by a plurality of nodes constituting the blockchain network. It may further include a step of causing it to be.

Alternatively, the second transaction may include at least one of information on a time when the search signal is transmitted, information on the external device, information on a time at which the first signal is received, and information on the first user. may include

Alternatively, when the first transaction is received, the step of determining whether to provide the medical information to the external device using first information included in the first transaction may include: based on the first information and determining to provide the medical information to the external device when it is recognized that the first user's consent to provide the personal information exists.

Alternatively, when the first transaction is received, the step of determining whether to provide the medical information to the external device using first information included in the first transaction may include: based on the first information and determining not to provide the medical information to the external device when it is recognized that the first user's consent to provide the personal information does not exist.

Alternatively, when it is determined not to provide the medical information to the external device, transmitting a second signal for confirming whether medical information may be provided to the user terminal of the first user; and when receiving a third signal from the user terminal in response to the second signal, determining whether to provide the medical information included in the first transaction to the external device based on the third signal ; may be further included.

Alternatively, when receiving a third signal from the user terminal in response to the second signal, it is determined whether the medical information included in the first transaction may be provided to the external device based on the third signal The determining may include a step of finally determining to provide the medical information to the external device when the first response indicating that the medical information may be provided is included in the third signal.

Alternatively, when receiving a third signal from the user terminal in response to the second signal, it is determined whether the medical information included in the first transaction may be provided to the external device based on the third signal The determining may include a final decision not to provide the medical information to the external device when a second response indicating that the medical information should not be provided is included in the third signal.

Alternatively, when recognizing that the first user's consent to provide information on the personal information exists based on the first information, determining to provide the medical information to the external device may include: determining the legal validity of the first information by comparing and analyzing the first information and preset legal data in conjunction with recognizing whether there is; and determining to provide the medical information to the external device when it is recognized that the legal validity exists.

Alternatively, when recognizing that the first user's consent to provide information on the personal information exists based on the first information, determining to provide the medical information to the external device may include: determining the legal validity of the first information by comparing and analyzing the first information and preset legal data in conjunction with recognizing whether there is; and determining not to provide the medical information to the external device when it is recognized that the legal justification does not exist.

Alternatively, when it is determined not to provide the medical information to the external device, transmitting a fourth signal for confirming whether medical information may be provided to the user terminal of the first user; and when receiving a fifth signal from the user terminal in response to the fourth signal, determining whether to provide the medical information included in the first transaction to the external device based on the fifth signal ; may be further included.

Alternatively, when receiving a fifth signal from the user terminal in response to the fourth signal, it is determined whether the medical information included in the first transaction may be provided to the external device based on the fifth signal The determining may include determining to provide the medical information to the external device when a third response indicating that the medical information may be provided is included in the fifth signal.

Alternatively, when receiving a fifth signal from the user terminal in response to the fourth signal, it is determined whether the medical information included in the first transaction may be provided to the external device based on the fifth signal The determining may include a final decision not to provide the medical information to the external device when a fourth response indicating that the medical information should not be provided is included in the fifth signal.

Alternatively, upon receiving the activity record for the medical information, generating a third transaction including the activity record; and by transmitting the third transaction to at least one node included in the blockchain network, the third transaction is recorded in the blockchain network based on a consensus algorithm by a plurality of nodes constituting the blockchain network. It may further include a step of causing it to be.

Alternatively, the activity record may include an action of correcting the first information or the medical information and an action of destroying the first information or the medical information.

A computer program stored in a computer-readable storage medium for solving the above-mentioned problems, wherein the computer program performs an operation for personal information management by a processor of a management server, the operation comprising: medical information of a first user receiving a first signal for searching for from an external device; Transmitting a search signal for retrieving the medical information to at least one node included in a block chain network to retrieve the medical information - Whether the at least one node agrees to provide personal information to the first user Storing in the form of a block chain as a first transaction including first information indicating and the medical information of the first user; receiving the first transaction corresponding to the search signal from the at least one node; and determining whether the medical information included in the first transaction may be provided to the external device by using the first information included in the first transaction when the first transaction is received. can

As a management server for performing an operation for managing personal information, for solving the above-described problem, the processor; a storage unit for storing a computer program executable by the processor; and a communication unit for receiving a first signal for retrieving the first user's medical information from an external device, wherein the processor includes: a search signal for retrieving the medical information to retrieve the medical information in a block chain network control the communication unit to transmit to at least one node that has been used, the at least one node includes first information indicating whether to consent to the provision of personal information for the first user and the medical information of the first user stored in the form of a block chain as the first transaction that has been made -, receiving the first transaction corresponding to the search signal from the at least one node through the communication unit, Whether to provide the medical information included in the first transaction to the external device may be determined using the first information included in the .

The technical solutions obtainable in the present disclosure are not limited to the above-mentioned solutions, and other solutions not mentioned are clearly to those of ordinary skill in the art to which the present disclosure belongs from the description below. can be understood

The present disclosure can provide a personal information management method that can record the processing of personal information including medical information in a block chain network to secure integrity, and resolve medical accident disputes based on the recorded contents.

Effects obtainable in the present disclosure are not limited to the above-mentioned effects, and other effects not mentioned will be clearly understood by those of ordinary skill in the art to which the present disclosure belongs from the description below. .

Various aspects are now described with reference to the drawings, wherein like reference numbers are used to refer to like elements throughout. In the following example, for purposes of explanation, numerous specific details are set forth in order to provide a thorough understanding of one or more aspects. It will be evident, however, that such aspect(s) may be practiced without these specific details.
1 is a schematic diagram of an exemplary personal information management system for managing personal information according to some embodiments of the present disclosure.
2 is a block diagram of a user terminal according to some embodiments of the present disclosure.
3 is a block diagram of an external device according to some embodiments of the present disclosure.
4 is a block diagram of a management server according to some embodiments of the present disclosure.
5 is a diagram exemplarily illustrating data types stored in blocks according to some embodiments of the present disclosure.
6 and 7 are flowcharts illustrating personal information management performed in an exemplary personal information management system for personal information management according to some embodiments of the present disclosure.
8 to 11 are flowcharts illustrating a determination of providing medical information performed in a management server according to some embodiments of the present disclosure.
12 is a flowchart illustrating a process of generating and recording a third transaction performed in an exemplary personal information management system for managing personal information according to some embodiments of the present disclosure;
13 is a general schematic diagram of an example computing environment in which embodiments of the present disclosure may be implemented.

Various embodiments and/or aspects are now disclosed with reference to the drawings. In the following description, for purposes of explanation, numerous specific details are set forth to provide a thorough understanding of one or more aspects. However, it will also be appreciated by one of ordinary skill in the art that such aspect(s) may be practiced without these specific details. The following description and accompanying drawings set forth in detail certain illustrative aspects of one or more aspects. These aspects are illustrative, however, and some of various methods may be employed in the principles of the various aspects, and the descriptions set forth are intended to include all such aspects and their equivalents. Specifically, as used herein, “embodiment”, “example”, “aspect”, “exemplary”, etc. are not to be construed as advantageous or advantageous over any aspect or design described herein. It may not be.

Hereinafter, the same or similar components are assigned the same reference numerals regardless of reference numerals, and overlapping descriptions thereof will be omitted. In addition, in describing the embodiments disclosed in the present specification, if it is determined that detailed descriptions of related known technologies may obscure the gist of the embodiments disclosed in the present specification, the detailed description thereof will be omitted. In addition, the accompanying drawings are only for easy understanding of the embodiments disclosed in the present specification, and the technical ideas disclosed in the present specification are not limited by the accompanying drawings.

Unless otherwise defined, all terms (including technical and scientific terms) used herein may be used with the meaning commonly understood by those of ordinary skill in the art to which the present invention belongs. In addition, terms defined in a commonly used dictionary are not to be interpreted ideally or excessively unless clearly defined in particular.

In addition, the term “or” is intended to mean an inclusive “or” rather than an exclusive “or.” That is, unless otherwise specified or clear from context, "X employs A or B" is intended to mean one of the natural implicit substitutions. That is, X employs A; X employs B; or when X employs both A and B, "X employs A or B" may apply to either of these cases. It should also be understood that the term “and/or” as used herein refers to and includes all possible combinations of one or more of the listed related items.

Also, the terms "comprises" and/or "comprising" mean that the feature and/or element is present, but excludes the presence or addition of one or more other features, elements, and/or groups thereof. should be understood as not Also, unless otherwise specified or unless it is clear from context to refer to a singular form, the singular in the specification and claims should generally be construed to mean “one or more”.

In addition, the term "at least one of A or B" should be interpreted as meaning "when including only A", "when including only B", and "when combined with the configuration of A and B".

When a component is referred to as being “connected” or “connected” to another component, it is understood that it may be directly connected or connected to the other component, but other components may exist in between. it should be On the other hand, when it is said that a certain element is "directly connected" or "directly connected" to another element, it should be understood that the other element does not exist in the middle.

The suffixes "module" and "part" for the components used in the following description are given or used in consideration of only the ease of writing the specification, and do not have distinct meanings or roles by themselves.

Objects and effects of the present disclosure, and technical configurations for achieving them will become clear with reference to the embodiments described below in detail in conjunction with the accompanying drawings. In describing the present disclosure, if it is determined that a detailed description of a well-known function or configuration may unnecessarily obscure the subject matter of the present disclosure, the detailed description thereof will be omitted. In addition, the terms described below are terms defined in consideration of functions in the present disclosure, which may vary according to intentions or customs of users and operators.

However, the present disclosure is not limited to the embodiments disclosed below and may be implemented in various different forms. Only the present embodiments are provided so that the present disclosure is complete, and to fully inform those of ordinary skill in the art to which the present disclosure belongs, the scope of the disclosure, and the present disclosure is only defined by the scope of the claims . Therefore, the definition should be made based on the content throughout this specification.

The personal information management method according to some embodiments of the present disclosure may refer to a personal information management method that determines whether personal information including medical information is provided, and leaves a record when provided. However, the present invention is not limited thereto.

1 is a schematic diagram of an exemplary personal information management system for managing personal information according to some embodiments of the present disclosure. 2 is a block diagram of a user terminal according to some embodiments of the present disclosure. 3 is a block diagram of an external device according to some embodiments of the present disclosure. 4 is a block diagram of a management server according to some embodiments of the present disclosure. 5 is a diagram exemplarily illustrating data types stored in blocks according to some embodiments of the present disclosure.

Referring to FIG. 1 , the personal information management system may include a user terminal 100 , an external device 200 , a management server 300 , a block chain network 400 , and a communication network 500 . However, the above-described components are not essential in implementing the personal information management system, and the personal information management system may have more or fewer components than those listed above.

The user terminal 100 may have a mechanism for communicating with the management server 300 through the communication network 500 .

Here, the user terminal 100 may transmit a signal to the management server 300 . Also, the user terminal 100 may receive a signal from the management server 300 .

In addition, the user terminal 100 may exist as a separate terminal different from at least one node included in the block chain network 400 .

In addition, the user terminal 100 may include a PC, a laptop computer, a workstation, and any electronic device. And, the user terminal 100 may include an application source and/or a client application.

Referring to FIG. 2 , the user terminal 100 may include a processor 101 , a storage unit 102 , a communication unit 103 , and a display unit 104 . However, since the above-described components are not essential in implementing the user terminal 100 , the user terminal 100 may have more or fewer components than those listed above. Here, each component may be configured as a separate chip, module, or device, or may be included in one device.

The processor 101 may typically process the overall operation of the user terminal 100 . The processor 101 may provide or process appropriate information or functions to the user by processing signals, data, information, etc. input or output through the above-described components or driving an application program stored in the storage unit 102 . .

In addition, the processor 101 may include one or more cores, a central processing unit (CPU), a general purpose graphics processing unit (GPGPU), and a tensor processing unit of the user terminal 100 . The processor 101 may include any form of executing instructions stored on the storage unit 102 , such as a tensor processing unit (TPU). The processor 101 may read the computer program stored in the storage unit 102 and perform an operation for managing personal information according to some embodiments of the present disclosure.

In addition, the processor 101 may control the communication unit 103 to transmit information indicating whether the user agrees to provide information on personal information to the management server 300 . For example, the processor 101 may control the communication unit 103 to transmit, to the management server 300 , first information indicating whether to consent to the provision of personal information for the first user.

Here, the personal information may include medical information, name, resident registration number and address. However, the present invention is not limited thereto.

In addition, the processor 101 may control the communication unit 103 to transmit an activity record for personal information including medical information to the management server 300 .

Here, the activity record may include first information indicating whether to consent to the provision of personal information or an act of correcting medical information, and first information indicating whether or not consent to the provision of personal information or an act of destroying the medical information. .

Here, the medical information may include records related to personal medical care. For example, medical information may include an individual's disease, treatment date, surgery date, and prescription. However, medical information is not limited thereto.

The storage unit 102 may store any type of information generated or determined by the processor 101 and any type of information received by the communication unit 103 .

Also, the storage unit 102 may include a memory or a permanent storage medium. Here, the memory is a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (eg SD or XD memory, etc.), Random Access Memory (RAM), Static Random Access Memory (SRAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), Magnetic Memory, It may include at least one type of storage medium among a magnetic disk and an optical disk.

The communication unit 103 may include any wired/wireless communication network capable of transmitting and receiving any type of data and signals for network connection.

The display unit 104 may display information processed by the user terminal 100 . For example, the display unit 104 may display execution screen information of an application program driven in the user terminal 100 or UI (User Interface) and GUI (Graphic User Interface) information according to the execution screen information.

In addition, the display unit 104 may include a liquid crystal display (LCD), a thin film transistor-liquid crystal display (TFT LCD), an organic light-emitting diode (OLED), and a flexible display. (a flexible display), a three-dimensional display (3D display), and may include at least one of an e-ink display (e-ink display).

Referring back to FIG. 1 , the external device 200 may have a mechanism for communicating with the management server 300 through the communication network 500 . Here, the external device 200 may be a medical institution server or computing device different from the medical institution server to be described later with reference to FIG. 6 .

Here, the external device 200 may transmit a signal to the management server 300 . Also, the external device 200 may receive a signal from the management server 300 .

Also, the external device 200 may include an arbitrary server implemented by at least one of an agent, an application programming interface (API), and a plug-in.

Referring to FIG. 3 , the external device 200 may include a processor 201 , a storage 202 , and a communication unit 203 . However, since the above-described components are not essential in implementing the external device 200 , the external device 200 may have more or fewer components than those listed above. Here, each component may be configured as a separate chip, module, or device, or may be included in one device.

The processor 201 may typically process the overall operation of the external device 200 . The processor 201 may provide or process appropriate information or functions to the user by processing signals, data, information, etc. input or output through the above-described components or driving an application program stored in the storage unit 202 . .

In addition, the processor 201 may include one or more cores, and a central processing unit (CPU), a general purpose graphics processing unit (GPGPU), and a tensor processing unit of the user terminal 100 . It may include any type of processor 201 that executes instructions stored in the storage 202, such as a tensor processing unit (TPU). The processor 201 may read a computer program stored in the storage 202 and perform an operation for managing personal information according to some embodiments of the present disclosure.

In addition, the processor 201 may control the communication unit 203 to transmit a signal for searching the user's medical information to the management server 300 . For example, the processor 201 may control the communication unit 203 to transmit a first signal for searching for medical information of the first user.

The storage unit 202 may store any type of information generated or determined by the processor 201 and any type of information received by the communication unit 203 .

In addition, the storage unit 202 may include a memory or a permanent storage medium. Here, the memory is a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (eg SD or XD memory, etc.), Random Access Memory (RAM), Static Random Access Memory (SRAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), Magnetic Memory, It may include at least one type of storage medium among a magnetic disk and an optical disk.

The communication unit 203 may include any wired/wireless communication network capable of transmitting and receiving any type of data and signals for network connection.

Referring back to FIG. 1 , the management server 300 may have a mechanism for communicating with the user terminal 100 , the external device 200 , and the block chain network 400 through the communication network 500 .

Here, the management server 300 may exist as a separate server different from at least one node included in the block chain network 400 . That is, since the management server 300 is not at least one node constituting the blockchain network 400 , transactions may not be recorded in the storage unit 302 of the management server 300 . Therefore, the management server 300 must be a server of a trusted organization. However, the present invention is not limited thereto.

Referring to FIG. 4 , the management server 300 may include a processor 301 , a storage 302 , and a communication unit 303 .

The processor 301 may typically process the overall operation of the management server 300 . The processor 101 may provide or process appropriate information or functions to the user by processing signals, data, information, etc. input or output through the above-described components or driving an application program stored in the storage unit 302 . .

In addition, the processor 301 may include one or more cores, and may include a central processing unit (CPU), a general purpose graphics processing unit (GPGPU), and a tensor processing unit of the user terminal 100 . The processor 301 may include any form of executing instructions stored in the storage unit 302 , such as a tensor processing unit (TPU). The processor 301 may read a computer program stored in the storage 302 and perform an operation for managing personal information according to some embodiments of the present disclosure.

In addition, the processor 301 may generate a first transaction including information indicating whether the user consents to the provision of personal information for the user and the user's medical information. For example, the processor 301 may generate a first transaction including information indicating whether to consent to information provision of personal information for the first user and medical information of the first user.

In addition, the processor 301 may control the communication unit 303 to transmit the generated first transaction to at least one node included in the block chain network 400 . Here, the processor 301 may cause the first transaction to be recorded in the blockchain network 400 based on a consensus algorithm by a plurality of nodes constituting the blockchain network 400 .

Then, when the processor 301 receives a signal for searching the user's medical information from the external device 200 , the processor 301 transmits a search signal for searching the medical information to at least one node included in the block chain network 400 . It is possible to control the communication unit 303 to do so. For example, when the processor 301 receives a first signal for retrieving the first user's medical information from the external device 200, the block chain network 400 includes a search signal for retrieving the medical information. The communication unit 303 may be controlled to transmit to at least one node.

In addition, when the processor 301 transmits a search signal to at least one node, the communication unit generates a second transaction related to the search and transmits the second transaction to at least one node included in the block chain network 400 . (303) can be controlled. Here, the processor 301 may cause the second transaction to be recorded in the blockchain network 400 based on a consensus algorithm by a plurality of nodes constituting the blockchain network 400 .

The second transaction may include at least one of information about a time when a search signal is transmitted, information about the external device 200, information about a time when a signal for searching for medical information of a user is received, or information about a user there is. For example, information about a time when a search signal is transmitted, information about the external device 200, information about a time when a first signal for searching for medical information of the first user is received, or information about the first user It may include at least one.

Also, upon receiving the first transaction, the processor 301 may determine whether medical information included in the first transaction may be provided to an external device by using information included in the first transaction. For example, the processor 301 may determine whether medical information included in the first transaction may be provided to an external device by using the first information included in the first transaction.

Specifically, when recognizing that the first user's consent to provide personal information exists based on the first information, the processor 301 may determine to provide the medical information to the external device 200 .

According to some embodiments of the present invention, the processor 301 determines the legal validity of the first information by comparing and analyzing the first information and preset legal data in conjunction with recognizing whether or not consent to provide information of personal information exists. and, when it is recognized that there is legal validity, it is determined to provide medical information to the external device 200 , and the communication unit 303 may be controlled to transmit the medical information to the external device 200 . Here, legal validity may mean checking whether the external device 200 requesting medical information receives medical information in accordance with laws related to the provision of medical information, and the consent form for providing personal information is legally written It can also mean checking to see if For example, if the provision of medical information is not described in the information provision agreement, it may be judged to have no legal validity. However, the statutory validity as described above is not limited thereto.

On the other hand, the processor 301 compares and analyzes the first information and preset legal data in conjunction with recognizing whether there is consent to provide information of personal information to determine the legal validity of the first information, and if there is no legal validity If it is recognized that no medical information is provided to the external device 200 , it may be determined not to provide the medical information to the external device 200 .

And, when it is determined that the medical information is not provided to the external device 200 , the processor 301 transmits a fourth signal for confirming whether medical information may be provided to the user terminal 100 of the first user, and When receiving the fifth signal from the user terminal 100 in response to the fourth signal, the processor 301 determines whether medical information included in the first transaction may be provided to the external device 200 based on the fifth signal. can decide

Specifically, when a third response indicating that medical information may be provided is included in the fifth signal, the processor 301 determines to provide the medical information to the external device 200 , and provides the medical information to the external device 200 . ) can control the communication unit 303 to transmit. Alternatively, when the fourth response indicating that medical information should not be provided is included in the fifth signal, the processor 301 may finally determine not to provide the medical information to the external device 200 .

Meanwhile, when recognizing that the first user's consent to provide personal information does not exist based on the first information, the processor 301 may determine not to provide the medical information to the external device 200 . Here, when it is determined not to provide the medical information to the external device 200 , the processor 301 may transmit a second signal for confirming whether the medical information may be provided to the user terminal 100 of the first user. . In addition, when the third signal is received from the user terminal 100 responding to the second signal, it may be determined whether medical information included in the first transaction may be provided to the external device based on the third signal.

Specifically, when the third signal includes a first response indicating that medical information may be provided, the processor 301 finally determines to provide the medical information to the external device 200 , and provides the medical information to the external device 200 . It is possible to control the communication unit 303 to transmit to. Also, when the third signal includes a second response indicating that medical information should not be provided, the processor 301 may finally determine not to provide the medical information to the external device 200 .

On the other hand, when the processor 301 receives an activity record for medical information from the user terminal 100 or the medical institution server 700 , the processor 301 generates a third transaction including the activity record, and the blockchain network 400 ) may control the communication unit 303 to transmit the third transaction to at least one node included in the . Here, the processor 301 may cause the third transaction to be recorded in the blockchain network 400 based on a consensus algorithm by a plurality of nodes constituting the blockchain network 400 .

Here, the medical institution server 700 exists as a separate server different from the external device 200 , and may include a processor, a storage unit, and a communication unit. In addition, the processor may control the communication unit to transmit the user's medical information previously stored in the storage unit to the management server 300 . For example, the processor may control the communication unit to transmit the medical information of the first user pre-stored in the storage unit to the management server 300 .

Here, the activity record may include an act of correcting the first information or medical information and an act of destroying the first degree or medical information.

The storage unit 302 may store any type of information generated or determined by the processor 301 and any type of information received by the communication unit 203 .

In addition, the storage unit 302 may include a memory or a permanent storage medium. Here, the memory is a flash memory type, a hard disk type, a multimedia card micro type, a card type memory (eg SD or XD memory, etc.), Random Access Memory (RAM), Static Random Access Memory (SRAM), Read-Only Memory (ROM), Electrically Erasable Programmable Read-Only Memory (EEPROM), Programmable Read-Only Memory (PROM), Magnetic Memory, It may include at least one type of storage medium among a magnetic disk and an optical disk.

The communication unit 303 may include any wired/wireless communication network capable of transmitting and receiving any type of data and signals for network connection.

Here, the communication unit 303 may receive a signal for searching for the user's medical information from an external device. For example, the communication unit 303 may receive a first signal for searching for the first user's medical information from an external device.

Also, the communication unit 303 may receive the first transaction corresponding to the search signal from at least one node included in the block chain network 400 .

In addition, the communication unit 303 may receive, from the user terminal 100 , information indicating whether or not to consent to the provision of personal information for the user.

Also, the communication unit 303 may receive the user's medical information from the medical institution server 700 .

Here, the communication unit 303 may receive a third signal in response to the second signal from the user terminal 100 .

Also, the communication unit 303 may receive a fifth signal in response to the fourth signal from the user terminal 100 .

Here, the communication unit 303 may receive an activity record for medical information from the user terminal 100 or the medical institution server 700 .

Referring back to FIG. 1 , the blockchain network 400 may have a mechanism for communicating with the management server 300 through the communication network 500 .

Here, the block chain network 400 according to some embodiments of the present disclosure may include a plurality of nodes operating based on block chain technology. Blockchain technology is any form of distributed ledger technology that distributes and stores data to be managed in a plurality of nodes using a storage structure in which blocks or events are connected or a storage structure in which transactions are connected to each other. am. The blockchain network 400 may operate according to any form of distributed ledger technologies based on a Directed Acyclic Graph (DAG) technology.

Here, nodes in the blockchain network 400 may operate by a blockchain core package according to a hierarchical structure. The hierarchical structure defines the structure of the data handled in the blockchain network and can validate the data layer, block, event or transaction that manages the data. If necessary, implement a consensus layer responsible for performing mining and processing fees paid to miners during the mining process, an execution layer for processing and executing smart contracts, P2P network protocols, hash functions, digital signatures, encoding, and common storage and a common layer to manage, and an application layer in which various applications are created, processed, and managed.

In addition, the blockchain network 400 is a public blockchain network in which arbitrary nodes can perform a consensus operation, or a private, in which only predetermined nodes can perform a consensus operation, depending on the implementation type. Consortium may include a blockchain network.

And, the consensus algorithm performed in the blockchain network 400 is a PoW (Proof of Work) algorithm, PoS (Proof of Stake) algorithm, DPoS (Delegated Proof of Stake) algorithm, PBFT (Practical Byzantine Fault Tolerance) algorithm, DBFT (Delegated Byzantine Fault Tolerance) Algorithm, RBFT (Redundant Byzantine Fault Tolerance) Algorithm, Sieve Algorithm, Tendermint Algorithm, Paxos Algorithm, Raft Algorithm, PoA (Proof of Authority) Algorithm, PoET (Proof of Elapsed Time) Algorithm, Tangle Network Consensus Algorithm and/or a Hedera Hashgraph consensus algorithm.

Referring to FIG. 5 , according to some embodiments of the present disclosure, blocks 610 , 620 and 630 that are storage units in the block chain network 400 may be connected to each other in a chain form to constitute a block chain.

Blocks 610 , 620 , and 630 may include a block header and a payload in which a transaction is recorded. The block header may include a hash value of a previous block header, a nonce value, and a hash value of a transaction. The nonce value is a value that a node in the blockchain network 400 changes to generate a block, and may be used as an input value of a specific hash function together with other values of the block header. When a specific nonce value is used and the hash value of the block header is smaller than a predetermined difficulty value (which may be stored in the block header), the hash value for the block header may be determined. The hash value of a transaction may mean a root hash value of data included in the transaction.

Block 201 (610) may include a first block header 611 and a first payload 612 in which a first transaction is recorded. Here, the first transaction may include at least one piece of data, and may include first information 613 indicating whether to consent to information provision of personal information to the first user, and medical information 614 of the first user. .

Block 202 (620) may consist of a second block header 621 and a second payload 622 in which a second transaction is recorded. Here, the second transaction includes at least one piece of data, information 623 about the time when the search signal is transmitted, information 624 about the external device 200, and information about the time when the first signal is received 625 and information 626 about the first user.

Block 203 (630) may include a third block header 631 and a third payload 632 in which a third transaction is recorded. Here, the third transaction may include at least one data and may include an activity record 633 .

In FIG. 5 , it is assumed that the first transaction 612 , the second transaction 622 , and the third transaction 632 are recorded in payloads of different blocks for convenience of explanation, but the present invention is not limited thereto. , at least one of the first transaction 612 , the second transaction 622 , or the third transaction 632 may be recorded in the payload of one block.

Since the block hash value of block 201 ( 610 ) is used as an input value to obtain the block hash value of the block header of block 202 ( 620 ), block 202 ( 620 ) and block 201 ( 610 ) may be connected to each other. Also, since the block hash value of block 202 ( 620 ) is used as an input value to obtain the block hash value of the block header of block 203 ( 630 ), block 203 ( 630 ) and block 202 ( 620 ) can be connected to each other. .

In addition, in obtaining the block hash value, since the hash value of the transaction is used as an input value, when any forgery or tampering with the data of the transaction occurs, the hash value of the transaction is changed. In this way, adjacent blocks can be linked to each other, and information of transactions within the block can be stored in integrity. In other words, it is possible to prevent forgery and falsification of data in advance.

And, according to some other embodiments of the present disclosure, the block headers of the blocks 610 , 620 and 630 include a hash value (ParentHash) of a parent block (previous block), and an uncle block (the difficulty of the block is relatively difficult) of the current block. The hash value (UncleHash) of the blocks that were not adopted as a block because of the low level), the account address to receive the transaction fee after mining (Coinbase), the hash value of the root node of the Merkle Patricia tree where account status information is gathered (Root), the block’s The hash value of the root node of the Merkle tree for all transactions (TxHash), the hash value of the root node of the Merkle tree of receipts for all transactions in the block (ReceiptHash), 32-byte bloom filter information used to use log information (Bloom) , the block difficulty calculated from the difficulty of the previous block and timestamp, the current block number (Number), and the maximum gas payable per block (concept of cost (token) used to process a transaction or smart contract) ( GasLimit), the total amount of gas used for transactions in the block (GasUsed), the initial creation time of the block (Time), other information of the block (Extra), or the number of calculations used to ensure sufficient number of calculations to calculate the hash value in the proof of work It may contain values (MixDigest, Nonce). Meanwhile, although not shown in FIG. 5 , identification information of the first user may be included in the first transaction together with the first information and medical information of the first user. In this case, the blockchain network can easily retrieve the first transaction related to the first user.

Referring back to FIG. 1 , the communication network 500 may include any wired/wireless communication network capable of transmitting and receiving any type of data and signals.

6 is a flowchart illustrating a process of generating and recording a first transaction performed in an exemplary personal information management system for managing personal information according to some embodiments of the present disclosure;

Referring to FIG. 6 , medical information of the first user may be transmitted from the medical institution server 700 to the management server 300 (step S110 ).

Here, the medical institution server 700 exists as a separate server different from the external device 200 , and may include a processor, a storage unit, and a communication unit. In addition, the processor may control the communication unit to transmit the user's medical information previously stored in the storage unit to the management server 300 . For example, the processor may control the communication unit to transmit the medical information of the first user pre-stored in the storage unit to the management server 300 .

Meanwhile, the user terminal 100 may transmit the first information indicating whether to consent to the provision of personal information for the first user to the management server 300 (step S120).

The order in which steps S110 and S120 are performed is not limited to the example shown in FIG. 6 , and steps S110 and S120 may be performed simultaneously, and step S120 is higher than step S110. It may be performed first.

The management server 300 includes first information indicating whether to consent to the provision of personal information for the first user received from the user terminal 100 and medical information of the first user received from the medical institution server 700 . A first transaction may be generated, and the first transaction may be transmitted to the blockchain network 400 (step S200). The management server 300 may cause the first transaction to be recorded in the blockchain network 400 based on a consensus algorithm by a plurality of nodes constituting the blockchain network 400 by sending the first transaction. .

The block chain network 400 may record the first transaction received from the management server 300 in the block chain network 400 based on a consensus algorithm by a plurality of nodes constituting the block chain network 400 . (Step S300).

When searching or inquiring medical information recorded on the blockchain network from institutions other than those that have recorded medical information on the blockchain network, you must comply with the Personal Information Protection Act. Therefore, as described above, if the first information indicating whether to consent to the provision of personal information to the first user and the medical information of the first user are recorded in the blockchain network together as one transaction, whether or not the Personal Information Protection Act is complied with can be easily checked.

7 is a flowchart illustrating a medical information processing process according to a medical information search signal performed in an exemplary personal information management system for managing personal information according to some embodiments of the present disclosure.

The external device 200 may transmit a first signal for searching for the first user's medical information (step S400 ). Here, the external device 200 may be an external device 200 different from the medical institution server 700 that has transmitted medical information to the management server 300 in FIG. 6 . Here, the first signal may include identification information of the first user.

The management server 300 receives a first signal for retrieving the first user's medical information from the external device 200, and transmits a search signal for retrieving the medical information of the first user to the block chain network ( 400) may be transmitted to at least one node included in (step S500). Here, the search signal may include identification information of the first user required to search for the medical information of the first user. That is, the management server 300 may generate a search signal by using the identification information included in the first signal.

On the other hand, when the management server 300 transmits a search signal to at least one node included in the block chain network 400 in step S500 , it generates a second transaction related to the search, and the block chain network 400 . can be transmitted to (step S600). In this case, the second transaction may be recorded in the blockchain network 400 based on a consensus algorithm by a plurality of nodes constituting the blockchain network 400 (step S800).

As the second transaction is recorded, information about the search is recorded, and when a dispute occurs between a patient and a hospital when a medical accident occurs, who and when checked the patient information based on the second transaction recorded in the block chain network 400 can be known

On the other hand, when the block chain network 400 receives the search signal from the management server 300 , it may transmit a first transaction corresponding to the search signal to the management server 300 (step S700 ).

Specifically, at least one node included in the block chain network 400 may search for a first transaction corresponding to the identification information of the first user in at least one transaction recorded in the payload of at least one block. Here, the first transaction may include medical information of the first user and first information indicating whether to consent to the provision of personal information for the first user. Accordingly, at least one node included in the blockchain network 400 can easily search for the first user's medical information and the first transaction including the first information by using the first user's identification information. In addition, at least one node included in the blockchain network 400 may transmit a first transaction including the retrieved first information and the first user's medical information to the management server 300 .

Meanwhile, when the management server 300 receives the first transaction, the management server 300 may determine whether to provide the medical information included in the first transaction to the external device 200 by using the first information included in the first transaction. There is (step S900).

The above-described step S900 will be described in detail below with reference to FIGS. 8 to 11 .

8 to 11 are flowcharts illustrating a determination of providing medical information performed in a management server according to some embodiments of the present disclosure.

Referring to FIG. 8 , the management server 300 may determine whether there is an information provision agreement of the first user based on the first information (step S910 ).

When it is recognized that the first user's consent to provide information on the personal information exists based on the first information in step S910 ( S910 , yes), the management server 300 transmits the medical information to the external device 200 . It may be determined to provide (step S920).

Meanwhile, referring to FIG. 9 , the management server 300 may determine the legal validity of the first information by comparing and analyzing the first information and preset legal data in conjunction with recognizing whether there is consent to provide information. (Step S921). Here, the preset law data may include law information and terminology information. Here, the statute information is the content of each provision related to the statute, and the term information may include terms written in the statute. Pre-set legal data may be added or modified when the law is amended. In addition, the comparison of the first information with the preset statute data may be performed by comparing the words described in the first information. Specifically, the law corresponding to the content to be written in the first information is searched for in the preset law data, the words written in the law are scanned, and the scanned words are checked and compared in the first information. can And, if the first information contains more than a certain level (eg, 95% of all scanned words), it may be determined that the word is legally valid. According to some embodiments of the present disclosure, in the comparison of the first information and the preset statute data, the comparison of words described in the first information may only compare important words appearing with high frequency in the corresponding statute.

And, when it is recognized that legal validity exists (S922, yes), the management server 300 may determine to provide medical information to the external device (step S923).

Here, the management server 300 may transmit the medical information determined to be provided to the external device 200 .

Here, legal validity may mean checking whether the external device 200 requesting medical information receives medical information in accordance with laws related to the provision of medical information, and the consent form for providing personal information is legally written It could also mean checking to see if For example, if the provision of medical information is not described in the information provision agreement, it may be judged to have no legal validity. However, the statutory validity as described above is not limited thereto.

When it is recognized that there is no legal validity in step S922 (S922, no), it may be determined not to provide medical information to the external device 200 (step S924).

Here, when it is determined not to provide the medical information to the external device, the management server 300 may transmit a fourth signal confirming whether the medical information may be provided to the user terminal 100 of the first user.

In addition, when the management server 300 receives a fifth signal in response to the fourth signal from the user terminal, based on the fifth signal, the management server 300 may determine whether to provide the medical information included in the first transaction to the external device. there is.

Specifically, when the third response indicating that medical information may be provided is included in the fifth signal, it may be determined to provide the medical information to the external device. In addition, the management server 300 may transmit the medical information determined to be provided to the external device 200 .

Also, according to some embodiments of the present invention, when the third response indicating that the medical information may be provided is not included in the fifth signal, it may be finally determined not to provide the medical information to the external device. More specifically, when the third response indicating that medical information may be provided is not included in the fifth signal, a fourth response indicating that medical information should not be provided may be included.

When searching or inquiring medical information recorded on the blockchain network from institutions other than those that have recorded medical information on the blockchain network, you must comply with the Personal Information Protection Act. Therefore, as described above, if it is checked whether there is legal validity and selectively provided medical information, medical information can be provided while complying with the Personal Information Protection Act.

Referring back to FIG. 8 , when it is recognized that the first user's consent to provide information on the personal information does not exist based on the first information in step S910 ( S910 , no), the management server 300 performs medical treatment It may be determined not to provide information to the external device 200 (step S930).

Referring to FIG. 10 , when it is determined not to provide medical information to an external device, the management server 300 may transmit a second signal to determine whether medical information may be provided to the user terminal 100 of the first user. There is (step S931).

When the management server 300 receives the third signal from the user terminal 100 in response to the second signal, the management server 300 determines whether to provide the medical information included in the first transaction to the external device based on the third signal. It can be done (step S932).

Referring to FIG. 11 , the management server 300 may check whether a first response indicating that medical information may be provided is included in the third signal (step S932a).

If it is recognized in step S932a that the first response that medical information may be provided is included in the third signal (S932a, yes), the management server 300 finally determines that the medical information is provided to the external device 200 . possible (step S932b).

Here, the management server 300 may transmit the medical information determined to be provided to the external device 200 .

If it is recognized in step S932a that the first response that medical information may be provided is not included in the third signal (S932a, no), the management server 300 says that the medical information is not provided to the external device 200 . A final decision may be made (step S932c).

More specifically, when it is recognized that the first response that medical information may be provided is not included in the third signal, a second response indicating that medical information should not be provided may be included in the third signal.

Depending on the circumstances, the hospital may urgently need consent to provide personal information. Even if there is no consent form to provide personal information or there is no legal validity, if you directly check whether medical information is provided to the user, you can immediately check if consent to provide personal information is urgently needed.

12 is a flowchart illustrating a process of generating and recording a third transaction performed in an exemplary personal information management system for managing personal information according to some embodiments of the present disclosure;

Referring to FIG. 12 , when the management server 300 receives an activity record for medical information, it generates a third transaction including a third transaction including the activity record, and transmits the third transaction to the blockchain network. It can be transmitted to 400 (step S1200).

More specifically, the management server 300 may receive an activity record for medical information from a user terminal or a medical institution server.

Here, the activity record may include information indicating whether to consent to the provision of personal information, correction of medical information, information indicating whether to consent to provision of personal information, or destruction of the medical information. For example, the activity record includes first information indicating whether to consent to the provision of personal information to the first user, or correction of medical information and first information indicating whether to consent to provision of personal information to the first user, or It may include the destruction of medical information.

In addition, the management server 300 transmits the third transaction, thereby causing the third transaction to be recorded in the blockchain network 400 based on a consensus algorithm by a plurality of nodes constituting the blockchain network 400 . can

The block chain network 400 may record the third transaction received from the management server 300 in the block chain network 400 based on a consensus algorithm by a plurality of nodes constituting the block chain network 400 . (Step S1300).

As the third transaction is recorded, the activity record is recorded, and when a dispute occurs between the patient and the hospital when a medical accident occurs, who and when correct the patient information based on the third transaction recorded in the block chain network 400 Or you can know if it has been destroyed.

It will also be apparent to those skilled in the art that the steps shown in FIGS. 6 to 12 are exemplary steps, and some of the steps of FIGS. 6 to 12 may be omitted or additional steps may be present without departing from the scope of the present disclosure. will be. In addition, specific details regarding the components 100 to 700 described in FIGS. 6 to 12 may be replaced with those described above with reference to FIGS. 1 to 5 .

13 is a general schematic diagram of an example computing environment in which embodiments of the present disclosure may be implemented.

Although the present disclosure has been described above as being generally capable of being implemented by a computing device, those skilled in the art will appreciate that the present disclosure may be implemented in hardware and software in combination with computer-executable instructions and/or other program modules and/or in combination with computer-executable instructions and/or other program modules that may be executed on one or more computers. It will be appreciated that it can be implemented as a combination.

Generally, program modules include routines, programs, components, data structures, etc. that perform particular tasks or implement particular abstract data types. In addition, those skilled in the art will appreciate that the methods of the present disclosure can be applied to single-processor or multiprocessor computer systems, minicomputers, mainframe computers as well as personal computers, handheld computing devices, microprocessor-based or programmable consumer electronics, and the like. It will be appreciated that each of these may be implemented in other computer system configurations, including those capable of operating in connection with one or more associated devices.

The described embodiments of the present disclosure may also be practiced in distributed computing environments where certain tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.

Computers typically include a variety of computer-readable media. Any medium accessible by a computer can be a computer-readable medium, and such computer-readable media includes volatile and nonvolatile media, transitory and non-transitory media, removable and non-transitory media. including removable media. By way of example, and not limitation, computer-readable media may include computer-readable storage media and computer-readable transmission media. Computer readable storage media includes volatile and nonvolatile media, temporary and non-transitory media, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. includes media. A computer-readable storage medium may be RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital video disk (DVD) or other optical disk storage device, magnetic cassette, magnetic tape, magnetic disk storage device, or other magnetic storage device. device, or any other medium that can be accessed by a computer and used to store the desired information.

Computer readable transmission media typically embodies computer readable instructions, data structures, program modules or other data, etc. in a modulated data signal such as a carrier wave or other transport mechanism, and Includes all information delivery media. The term modulated data signal means a signal in which one or more of the characteristics of the signal is set or changed so as to encode information in the signal. By way of example, and not limitation, computer-readable transmission media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared, and other wireless media. Combinations of any of the above are also intended to be included within the scope of computer-readable transmission media.

An example environment 1100 implementing various aspects of the disclosure is shown including a computer 1102 , the computer 1102 including a processing unit 1104 , a system memory 1106 , and a system bus 1108 . do. A system bus 1108 couples system components, including but not limited to system memory 1106 , to the processing device 1104 . The processing device 1104 may be any of a variety of commercially available processors. Dual processor and other multiprocessor architectures may also be used as processing unit 1104 .

The system bus 1108 may be any of several types of bus structures that may further interconnect a memory bus, a peripheral bus, and a local bus using any of a variety of commercial bus architectures. System memory 1106 includes read only memory (ROM) 1110 and random access memory (RAM) 1112 . A basic input/output system (BIOS) is stored in non-volatile memory 1110, such as ROM, EPROM, EEPROM, etc., the BIOS is the basic input/output system (BIOS) that helps transfer information between components within computer 1102, such as during startup. contains routines. RAM 1112 may also include high-speed RAM, such as static RAM, for caching data.

The computer 1102 may also include an internal hard disk drive (HDD) 1114 (eg, EIDE, SATA) - this internal hard disk drive 1114 may also be configured for external use within a suitable chassis (not shown). Yes—a magnetic floppy disk drive (FDD) 1116 (eg, for reading from or writing to removable diskette 1118), and an optical disk drive 1120 (eg, a CD-ROM) for reading from, or writing to, disk 1122, or other high capacity optical media, such as DVD. The hard disk drive 1114 , the magnetic disk drive 1116 , and the optical disk drive 1120 are connected to the system bus 1108 by the hard disk drive interface 1124 , the magnetic disk drive interface 1126 , and the optical drive interface 1128 , respectively. ) can be connected to The interface 1124 for implementing an external drive includes at least one or both of Universal Serial Bus (USB) and IEEE 1394 interface technologies.

These drives and their associated computer-readable media provide non-volatile storage of data, data structures, computer-executable instructions, and the like. In the case of computer 1102, drives and media correspond to storing any data in a suitable digital format. Although the description of computer readable media above refers to HDDs, removable magnetic disks, and removable optical media such as CDs or DVDs, those skilled in the art will use zip drives, magnetic cassettes, flash memory cards, cartridges, etc. It will be appreciated that other tangible computer-readable media such as etc. may also be used in the exemplary operating environment and any such media may include computer-executable instructions for performing the methods of the present disclosure.

A number of program modules may be stored in the drive and RAM 1112 , including an operating system 1130 , one or more application programs 1132 , other program modules 1134 , and program data 1136 . All or portions of the operating system, applications, modules, and/or data may also be cached in RAM 1112 . It will be appreciated that the present disclosure may be implemented in various commercially available operating systems or combinations of operating systems.

A user may enter commands and information into the computer 1102 via one or more wired/wireless input devices, for example, a pointing device such as a keyboard 1138 and a mouse 1140 . Other input devices (not shown) may include a microphone, IR remote control, joystick, game pad, stylus pen, touch screen, and the like. Although these and other input devices are connected to the processing unit 1104 through an input device interface 1142 that is often connected to the system bus 1108, parallel ports, IEEE 1394 serial ports, game ports, USB ports, IR interfaces, It may be connected by other interfaces, etc.

A monitor 1144 or other type of display device is also coupled to the system bus 1108 via an interface, such as a video adapter 1146 . In addition to the monitor 1144, the computer typically includes other peripheral output devices (not shown), such as speakers, printers, and the like.

Computer 1102 may operate in a networked environment using logical connections to one or more remote computers, such as remote computer(s) 1148 via wired and/or wireless communications. Remote computer(s) 1148 may be workstations, computing device computers, routers, personal computers, portable computers, microprocessor-based entertainment devices, peer devices, or other common network nodes, and are typically connected to computer 1102 . Although it includes many or all of the components described for it, only memory storage device 1150 is shown for simplicity. The logical connections shown include wired/wireless connections to a local area network (LAN) 1152 and/or a larger network, eg, a wide area network (WAN) 1154 . Such LAN and WAN networking environments are common in offices and companies, and facilitate enterprise-wide computer networks, such as intranets, all of which can be connected to a worldwide computer network, for example, the Internet.

When used in a LAN networking environment, the computer 1102 is coupled to the local network 1152 through a wired and/or wireless communication network interface or adapter 1156 . Adapter 1156 may facilitate wired or wireless communication to LAN 1152 , which LAN 1152 also includes a wireless access point installed therein for communicating with wireless adapter 1156 . When used in a WAN networking environment, the computer 1102 may include a modem 1158, be connected to a communication computing device on the WAN 1154, or establish communications over the WAN 1154, such as over the Internet. have other means. A modem 1158 , which may be internal or external and a wired or wireless device, is coupled to the system bus 1108 via a serial port interface 1142 . In a networked environment, program modules described for computer 1102 , or portions thereof, may be stored in remote memory/storage device 1150 . It will be appreciated that the network connections shown are exemplary and other means of establishing a communication link between the computers may be used.

The computer 1102 may be associated with any wireless device or object that is deployed and operates in wireless communication, for example, a printer, scanner, desktop and/or portable computer, portable data assistant (PDA), communication satellite, wireless detectable tag. It operates to communicate with any device or place, and phone. This includes at least Wi-Fi and Bluetooth wireless technologies. Accordingly, the communication may be a predefined structure as in a conventional network or may simply be an ad hoc communication between at least two devices.

Wi-Fi (Wireless Fidelity) makes it possible to connect to the Internet, etc. without a wired connection. Wi-Fi is a wireless technology such as cell phones that allows these devices, eg, computers, to transmit and receive data indoors and outdoors, ie anywhere within range of a base station. Wi-Fi networks use a radio technology called IEEE 802.11 (a, b, g, etc.) to provide secure, reliable, and high-speed wireless connections. Wi-Fi can be used to connect computers to each other, to the Internet, and to wired networks (using IEEE 802.3 or Ethernet). Wi-Fi networks may operate in unlicensed 2.4 and 5 GHz radio bands, for example at 11 Mbps (802.11a) or 54 Mbps (802.11b) data rates, or in products that include both bands (dual band). .

One of ordinary skill in the art of this disclosure will understand that information and signals may be represented using any of a variety of different technologies and techniques. For example, data, instructions, instructions, information, signals, bits, symbols, and chips that may be referenced in the above description are voltages, currents, electromagnetic waves, magnetic fields or particles, optical field particles or particles, or any combination thereof.

Those of ordinary skill in the art of the present disclosure will recognize that the various illustrative logical blocks, modules, processors, means, circuits, and algorithm steps described in connection with the embodiments disclosed herein include electronic hardware, (convenience For this purpose, it will be understood that it may be implemented by various forms of program or design code (referred to herein as software) or a combination of both. To clearly illustrate this interchangeability of hardware and software, various illustrative components, blocks, modules, circuits, and steps have been described above generally in terms of their functionality. Whether such functionality is implemented as hardware or software depends upon the particular application and design constraints imposed on the overall system. A person skilled in the art of the present disclosure may implement the described functionality in various ways for each specific application, but such implementation decisions should not be interpreted as a departure from the scope of the present disclosure.

The various embodiments presented herein may be implemented as methods, apparatus, or articles of manufacture using standard programming and/or engineering techniques. The term article of manufacture includes a computer program, carrier, or media accessible from any computer-readable storage device. For example, computer-readable storage media include magnetic storage devices (eg, hard disks, floppy disks, magnetic strips, etc.), optical disks (eg, CDs, DVDs, etc.), smart cards, and flash drives. memory devices (eg, EEPROMs, cards, sticks, key drives, etc.). Also, various storage media presented herein include one or more devices and/or other machine-readable media for storing information.

It is to be understood that the specific order or hierarchy of steps in the presented processes is an example of exemplary approaches. Based on design priorities, it is to be understood that the specific order or hierarchy of steps in the processes may be rearranged within the scope of the present disclosure. The appended method claims present elements of the various steps in a sample order, but are not meant to be limited to the specific order or hierarchy presented.

The description of the presented embodiments is provided to enable any person skilled in the art to make or use the present disclosure. Various modifications to these embodiments will be readily apparent to those skilled in the art, and the generic principles defined herein may be applied to other embodiments without departing from the scope of the present disclosure. Thus, the present disclosure is not intended to be limited to the embodiments presented herein, but is to be construed in the widest scope consistent with the principles and novel features presented herein.

Claims (17)

receiving a first signal for retrieving medical information of a first user from an external device;
Transmitting a search signal for retrieving the medical information to at least one node included in a block chain network to retrieve the medical information - Whether the at least one node agrees to provide personal information to the first user Storing in the form of a block chain as a first transaction including first information indicating and the medical information of the first user;
receiving the first transaction corresponding to the search signal from the at least one node; and
determining whether the medical information included in the first transaction may be provided to the external device by using first information included in the first transaction when the first transaction is received;
Personal information management method performed by the processor of the management server.
The method of claim 1,
when transmitting the search signal to the at least one node, generating a second transaction related to the search; and
By transmitting the second transaction to at least one node included in the blockchain network, the second transaction is recorded in the blockchain network based on a consensus algorithm by a plurality of nodes constituting the blockchain network. causing;
further comprising,
Personal information management method performed by the processor of the management server.
3. The method of claim 2,
The second transaction is
Including at least one of information on a time when the search signal is transmitted, information on the external device, information on a time when the first signal is received, or information on the first user,
Personal information management method performed by the processor of the management server.
The method of claim 1,
When the first transaction is received, determining whether to provide the medical information to the external device by using the first information included in the first transaction includes:
determining that the medical information is to be provided to the external device when it is recognized that the first user's consent to provide information on the personal information exists based on the first information;
containing,
Personal information management method performed by the processor of the management server.
The method of claim 1,
When the first transaction is received, determining whether to provide the medical information to the external device by using the first information included in the first transaction includes:
determining not to provide the medical information to the external device when it is recognized that the first user's consent to provide the personal information does not exist based on the first information;
containing,
Personal information management method performed by the processor of the management server.
6. The method of claim 5,
transmitting a second signal to determine whether medical information may be provided to the user terminal of the first user when it is determined not to provide the medical information to the external device; and
when receiving a third signal from the user terminal in response to the second signal, determining whether the medical information included in the first transaction may be provided to the external device based on the third signal;
further comprising,
Personal information management method performed by the processor of the management server.
7. The method of claim 6,
When receiving a third signal from the user terminal in response to the second signal, determining whether to provide the medical information included in the first transaction to the external device based on the third signal ,
a final determination step of providing the medical information to the external device when the third signal includes a first response indicating that the medical information may be provided;
containing,
Personal information management method performed by the processor of the management server.
7. The method of claim 6,
When receiving a third signal from the user terminal in response to the second signal, determining whether to provide the medical information included in the first transaction to the external device based on the third signal ,
final determining not to provide the medical information to the external device when the third signal includes a second response indicating that the medical information should not be provided;
containing,
Personal information management method performed by the processor of the management server.
5. The method of claim 4,
The step of determining to provide the medical information to the external device when recognizing that the first user's consent to provide information on the personal information exists based on the first information,
determining the legal validity of the first information by comparing and analyzing first information and preset legal data in conjunction with recognizing whether the information provision consent exists; and
determining to provide the medical information to the external device when it is recognized that the legal justification exists;
containing,
Personal information management method performed by the processor of the management server.
5. The method of claim 4,
The step of determining to provide the medical information to the external device when recognizing that the first user's consent to provide information on the personal information exists based on the first information,
determining the legal validity of the first information by comparing and analyzing first information and preset legal data in conjunction with recognizing whether the information provision consent exists; and
determining not to provide the medical information to the external device when it is recognized that the legal justification does not exist;
containing,
Personal information management method performed by the processor of the management server.
11. The method of claim 10,
transmitting a fourth signal to determine whether medical information may be provided to the user terminal of the first user when it is determined not to provide the medical information to the external device; and
when receiving a fifth signal from the user terminal in response to the fourth signal, determining whether the medical information included in the first transaction may be provided to the external device based on the fifth signal;
further comprising,
Personal information management method performed by the processor of the management server.
12. The method of claim 11,
When receiving a fifth signal from the user terminal in response to the fourth signal, determining whether to provide the medical information included in the first transaction to the external device based on the fifth signal ,
determining to provide the medical information to the external device when a third response indicating that the medical information may be provided is included in the fifth signal;
containing,
Personal information management method performed by the processor of the management server.
12. The method of claim 11,
When receiving a fifth signal from the user terminal in response to the fourth signal, determining whether to provide the medical information included in the first transaction to the external device based on the fifth signal ,
final determining not to provide the medical information to the external device when the fifth signal includes a fourth response indicating that the medical information should not be provided;
containing,
Personal information management method performed by the processor of the management server.
The method of claim 1,
generating a third transaction including the activity record when receiving the activity record for the medical information; and
By transmitting the third transaction to at least one node included in the blockchain network, the third transaction is recorded in the blockchain network based on a consensus algorithm by a plurality of nodes constituting the blockchain network. causing;
further comprising,
Personal information management method performed by the processor of the management server.
15. The method of claim 14,
The activity record is
Including the act of correcting the first information or the medical information and the act of destroying the first information or the medical information,
Personal information management method performed by the processor of the management server.
A computer program stored in a computer-readable storage medium, wherein the computer program performs an operation for personal information management by a processor of a management server, the operation comprising:
receiving a first signal for retrieving medical information of a first user from an external device;
Transmitting a search signal for retrieving the medical information to at least one node included in a block chain network to retrieve the medical information - Whether the at least one node agrees to provide personal information to the first user Storing in the form of a block chain as a first transaction including first information indicating and the medical information of the first user;
receiving the first transaction corresponding to the search signal from the at least one node; and
determining whether the medical information included in the first transaction may be provided to the external device by using first information included in the first transaction when the first transaction is received;
containing,
A computer program stored on a computer-readable storage medium.
As a management server that performs an operation for managing personal information,
processor;
a storage unit for storing a computer program executable by the processor; and
a communication unit configured to receive a first signal for retrieving medical information of a first user from an external device;
includes,
The processor is:
control the communication unit to transmit a search signal for retrieving the medical information to at least one node included in a blockchain network to retrieve the medical information, wherein the at least one node includes personal information about the first user Stored in the form of a block chain as a first transaction including first information indicating whether to consent to information provision of the first user and the medical information of the first user;
receiving the first transaction corresponding to the search signal from the at least one node through the communication unit; and
determining whether to provide the medical information included in the first transaction to the external device by using first information included in the first transaction when the first transaction is received;
management server.

Images