WO2020250375A1 - Control method, control program, information processing device, and information processing system - Google Patents

Control method, control program, information processing device, and information processing system Download PDF

Info

Publication number
WO2020250375A1
WO2020250375A1 PCT/JP2019/023450 JP2019023450W WO2020250375A1 WO 2020250375 A1 WO2020250375 A1 WO 2020250375A1 JP 2019023450 W JP2019023450 W JP 2019023450W WO 2020250375 A1 WO2020250375 A1 WO 2020250375A1
Authority
WO
WIPO (PCT)
Prior art keywords
patient
receipt information
insurance company
information
terminal
Prior art date
Application number
PCT/JP2019/023450
Other languages
French (fr)
Japanese (ja)
Inventor
慧 山岡
石原 俊
郁弥 小林
淳也 平松
雄介 口脇
恭也 立岩
Original Assignee
富士通株式会社
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 富士通株式会社 filed Critical 富士通株式会社
Priority to PCT/JP2019/023450 priority Critical patent/WO2020250375A1/en
Publication of WO2020250375A1 publication Critical patent/WO2020250375A1/en

Links

Images

Classifications

    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H40/00ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
    • G16H40/20ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the management or administration of healthcare resources or facilities, e.g. managing hospital staff or surgery rooms

Definitions

  • the present invention relates to a control method, a control program, an information processing device, and an information processing system.
  • the insurance company pays benefits to the insured when the insured is in the state (medical condition, etc.) specified in the contract. ..
  • the insured In order for the insured to receive the benefits, the insured must contact the insurance company and perform procedures such as application. Such a procedure may require a large number of documents such as a medical certificate by a doctor, which imposes a heavy burden on the insured.
  • the receipt information submitted by the medical institution to the health insurance association is automatically transferred to the insurance company, and the insurance company can determine whether or not the person is eligible for the payment of benefits based on the receipt information, it will be covered. It is thought that the burden on the insurer can be reduced.
  • the control method executed in the information processing device detects that the patient's receipt information is stored in the blockchain
  • the patient's receipt information is sent to the destination according to the insurance company contracted by the patient.
  • the computer performs the process of sending to the destination according to the patient before sending to.
  • FIG. 10 It is a figure which shows the structural example of the information processing system in embodiment of this invention. It is a figure which shows the hardware configuration example of each node of the blockchain 10 in embodiment of this invention. It is a figure which shows the functional structure example of the information processing system in embodiment of this invention. It is a figure for demonstrating the registration process of account information. It is a figure for demonstrating the registration process of a matching condition. It is a figure for demonstrating the process which a medical institution terminal 40 executes after the medical treatment of the insured person a. It is a sequence diagram for demonstrating an example of the processing procedure executed in response to the input of the receipt information to the health insurance terminal 50. It is a figure which shows the state of the registration process of the insured person ID and the receipt information in a blockchain 10.
  • FIG. 1 is a diagram showing a configuration example of an information processing system according to an embodiment of the present invention.
  • the information processing system 1 includes an insured person terminal 20, a medical institution terminal 40, a health insurance terminal 50, an insurance company terminal 30, a blockchain 10, and the like.
  • the blockchain 10 can communicate with the insured person terminal 20, the insurance company terminal 30, and the health insurance terminal 50 via a network such as the Internet.
  • the insured terminal 20 can communicate with the insurance company terminal 30 via a network such as the Internet.
  • the health insurance terminal 50 can communicate with the medical institution terminal 40 via a network such as the Internet.
  • the insured terminal 20 is provided by an insured person (hereinafter referred to as "insured person a") who has a contract for insurance provided by a certain insurance company (hereinafter referred to as "insurance company A"). It is a terminal to use.
  • a PC a PC, a smartphone, a tablet terminal, or the like may be used as the insured terminal 20.
  • the medical institution terminal 40 is one or more computers used at the medical institution (hereinafter referred to as "medical institution B") to which the insured person a goes to the hospital.
  • the health insurance terminal 50 is one or more computers used by the health insurance association.
  • the insurance company terminal 30 is one or more computers used by the insurance company A.
  • the insured terminal 20 of the insured person other than the insured person a and the insurance company terminal 30 other than the insurance company A may be included in the information processing system.
  • the blockchain 10 is a decentralized network (blockchain 10) including a plurality of nodes that store the receipt information of the insured person a.
  • Each node is one or more computers (information processing devices), and includes a ledger 15 (distributed ledger) for storing the receipt information as a management target in the blockchain 10, and also receives the receipt information to the insurance company terminal 30. Controls whether or not the information can be transmitted.
  • the receipt information refers to information indicating items to be described in the medical fee statement. For example, personal information such as patient name, gender and date of birth, patient health insurance enrollment information, medical institution name of claimant, clinical department, disease name, injection, treatment, surgery, examination, diagnostic imaging performed in the medical treatment month. , Rehabilitation, scores of medicines prescribed in the month of medical treatment, etc. are included in the receipt information.
  • the receipt information may include items described in the dispensing fee statement and items described in the statement of nursing care expenses.
  • FIG. 2 is a diagram showing a hardware configuration example of each node of the blockchain 10 according to the embodiment of the present invention. As shown in FIG. 2, each node has a drive device 100, an auxiliary storage device 102, a memory device 103, a CPU 104, an interface device 105, and the like, which are connected to each other by a bus B.
  • the program that realizes the processing at the node is provided by the recording medium 101.
  • the recording medium 101 on which the program is recorded is set in the drive device 100, the program is installed in the auxiliary storage device 102 from the recording medium 101 via the drive device 100.
  • the program does not necessarily have to be installed from the recording medium 101, and may be downloaded from another computer via the network.
  • the auxiliary storage device 102 stores the installed program and also stores necessary files, data, and the like.
  • the memory device 103 reads and stores the program from the auxiliary storage device 102 when the program is instructed to start.
  • the CPU 104 executes a function related to the node according to a program stored in the memory device 103.
  • the interface device 105 is used as an interface for connecting to a network.
  • An example of the recording medium 101 is a portable recording medium such as a CD-ROM, a DVD disc, or a USB memory. Further, as an example of the auxiliary storage device 102, an HDD (Hard Disk Drive), a flash memory, or the like can be mentioned. Both the recording medium 101 and the auxiliary storage device 102 correspond to computer-readable recording media.
  • FIG. 3 is a diagram showing a functional configuration example of the information processing system according to the embodiment of the present invention.
  • the medical institution terminal 40 has a medical institution processing unit 41.
  • the medical institution processing unit 41 is realized by processing one or more programs installed in the medical institution terminal 40 to be executed by the CPU of the medical institution terminal 40.
  • the medical institution processing unit 41 transmits the receipt information of each insured person regarding the medical practice (medical treatment, etc.) performed in the cycle to the health insurance terminal 50 at a regular cycle such as every month.
  • the health insurance terminal 50 has a health insurance processing unit 51.
  • the health insurance processing unit 51 is realized by processing one or more programs installed in the health insurance terminal 50 to be executed by the CPU of the health insurance terminal 50.
  • the health insurance processing unit 51 associates each receipt information transmitted from the medical institution processing unit 41 with the patient (insured person) identification information (hereinafter, referred to as “insured person ID”) related to each receipt information. Send to blockchain 10.
  • Each node of the blockchain 10 has a receipt information receiving unit 11, a condition determination unit 12, a receipt information notification unit 13, an inquiry response unit 14, and the like. Each of these parts is realized by a process of causing the CPU 104 to execute one or more programs installed on each node. Each node also uses the ledger 15.
  • the ledger 15 can be realized by using, for example, an auxiliary storage device 102, a storage device that can be connected to each node via a network, or the like.
  • the receipt information receiving unit 11 receives the receipt information and the insured person ID transmitted from the health insurance processing unit 51, and stores the received receipt information and the insured person ID in the ledger 15 in association with each other.
  • the condition determination unit 12 determines whether or not the receipt information stored in the ledger 15 matches the matching condition.
  • the matching condition is a condition for the receipt information registered in advance by each insurance company.
  • the receipt information notification unit 13 When the receipt information notification unit 13 detects that the receipt information that matches the matching condition is stored in the ledger 15, the receipt information notification unit 13 receives the address according to the patient (insured person a) related to the receipt information (insured in the present embodiment). Send to the person terminal 20).
  • the inquiry response unit 14 acquires the receipt information requested from the insurance company terminal 30 from the ledger 15 and transmits it to the insurance company terminal 30.
  • the ledger 15 is a distributed ledger of the blockchain 10 that stores receipt information and the like.
  • the insured terminal 20 has a client unit 21.
  • the client unit 21 is realized by a process of causing the CPU of the insured terminal 20 to execute one or more programs installed on the insured terminal 20.
  • the client unit 21 receives the receipt information transmitted from the receipt information notification unit 13 of the blockchain 10, the client unit 21 outputs the receipt information in a state in which the insured person a can confirm it.
  • the client unit 21 determines the operation to send the receipt information to the insurance company A and accepts the operation to send the receipt information to the insurance company A
  • the client unit 21 sends the receipt information to the destination according to the insurance company A ( In this embodiment, transmission is performed to the insurance company terminal 30).
  • the insurance company terminal 30 has an insurance company processing unit 31.
  • the insurance company processing unit 31 is realized by processing one or more programs installed in the insurance company terminal 30 to be executed by the CPU of the insurance company terminal 30.
  • the insurance company processing unit 31 receives the receipt information transmitted from the client unit 21, it receives the receipt information based on the comparison result between the received receipt information of the patient and the receipt information of the insured person a stored in the blockchain 10. It is determined whether or not the received receipt information has been tampered with.
  • one insured person insured person a
  • one medical institution medical institution B
  • one insurance company insurance company A
  • a plurality of insured persons e.g., Multiple medical institutions and multiple insurance companies may exist.
  • the processing procedure executed in the information processing system 1 will be described below. Before the operation of the information processing system 1, first, the insured person's account information is registered from the insured person's terminal 20 to the health insurance terminal 50 and the insurance company terminal 30.
  • FIG. 4 is a diagram for explaining the account information registration process.
  • the overlapping insurance company public key PKc on the upper right of the client unit 21 has the public key of the insurance company A (hereinafter referred to as “insurance company public key PKc”) set in advance for the client unit 21. Indicates that it is (included).
  • the client unit 21 may be realized by a process in which an application program distributed from the insurance company A to each insured person is executed on the insured person terminal 20.
  • the insurance company A may include the insurance company public key PKc for the application before distribution of the application.
  • the insured person a inputs the attribute information of the insured person a such as the name to the client unit 21 (S101).
  • the input of the name and the like may be performed, for example, via the screen displayed on the insured terminal 20 by the client unit 21.
  • the client unit 21 responds to the input of the name and the like, and receives the insured person's ID, the insured person's public key (hereinafter referred to as "insured person's public key PKi"), and the private key (hereinafter, "" Insured person's private key SKi ") is generated.
  • the client unit 21 transmits the insured person ID, the name, etc., and the insured person public key PKi to each of the health insurance terminal 50 and the insurance company terminal 30 (S102, S103).
  • Each of the health insurance terminal 50 and the insurance company terminal 30 stores the insured person ID, name, etc. and the insured person public key PKi in the storage device as the account information of the insured person a.
  • matching conditions are set in advance for the condition determination unit 12 of each node of the blockchain 10.
  • the matching condition refers to a condition for detecting specific receipt information.
  • FIG. 5 is a diagram for explaining the registration process of the matching condition.
  • the insurance company processing unit 31 of the insurance company terminal 30 responds to the registration of the account information described in FIG. 4, and the matching condition for the receipt information of the insured person a related to the insured person ID included in the account information.
  • the matching condition may be registered as a smart contract (for example, Chaincode).
  • the receipt information corresponding to the insured person ID of the insured person a is registered as a matching condition.
  • the matching condition is not information for determining whether or not the benefit is paid based on the receipt information, but for detecting that the receipt information of a specific insured person is registered in the blockchain 10. Because it is information.
  • the matching conditions set in the condition determination unit 12 of a certain node are also automatically set for the condition determination unit 12 of each node in the blockchain 10.
  • the condition determination unit 12 of each node determines whether or not the receipt information matches the matching condition each time the receipt information is registered in the blockchain 10.
  • FIG. 6 is a diagram for explaining a process executed by the medical institution terminal 40 after the medical treatment of the insured person a.
  • the medical institution processing unit 41 of the medical institution terminal 40 extracts medical records and the like in the cycle from the electronic medical record DB in the medical institution B at a periodic timing such as one month, and the medical records and the like are extracted based on the medical records and the like. Receipt information corresponding to the cycle (1 month) is generated for each patient, and the receipt information of each patient is transmitted to the health insurance terminal 50 (S121). If the insured person a is receiving medical treatment or the like in the cycle, the receipt information of the insured person a is also transmitted to the health insurance terminal 50.
  • the operator of the health insurance association processes the receipt information and the insured person ID with the health insurance processing unit 51.
  • Input to unit 51 S122.
  • the insured person ID corresponding to the receipt information can be specified by collating the name and the like included in the receipt information with the name and the like in the account information registered in advance in the health insurance terminal 50.
  • step S122 may be performed automatically instead of being manually performed by the operator. That is, the health insurance processing unit 51 receives the receipt information transmitted from the medical institution processing unit 41, and the health insurance processing unit 51 uses the insured person ID corresponding to the receipt information as the account information registered in the health insurance terminal 50. It may be specified based on.
  • FIG. 7 is a sequence diagram for explaining an example of a processing procedure executed in response to input of receipt information to the health insurance terminal 50.
  • Step S201 of FIG. 7 corresponds to step S122 of FIG.
  • the health insurance processing unit 51 uses the insured person public key PKi included in the account information including the input insured person ID among the account information registered in the health insurance terminal 50. It is used to encrypt the input receipt information (S202). Subsequently, the health insurance processing unit 51 transmits the insured person ID and the encrypted receipt information to the blockchain 10 (S203).
  • the receipt information receiving unit 11 of each node of the blockchain 10 receives the insured person ID and the receipt information, the receipt information is recorded in the ledger 15 in association with the insured person ID (S204).
  • FIG. 8 shows the state of the registration process of the insured person ID and the receipt information in the blockchain 10 in steps S202 to S204.
  • the registration process is shown for one node, but in the blockchain 10, the insured person ID and the receipt information registered in the node are stored in the ledger 15 of all the other nodes. It will be reflected.
  • the condition determination unit 12 of each node determines whether or not the receipt information newly stored in the ledger 15 matches the matching condition registered in advance (S205).
  • the content of the matching condition is to notify the destination corresponding to the insured ID when the receipt information corresponding to the insured ID set in the matching condition is stored in the ledger 15. It is to do. Therefore, the condition determination unit 12 determines whether or not the insured person ID stored in the ledger 15 together with the receipt information matches the insured person ID set in the matching condition. If the insured ID stored in the ledger 15 does not meet any of the matching conditions, the subsequent processing is not executed. On the other hand, if the ID of the insured stored in the ledger 15 matches any of the matching conditions, the subsequent processing is executed.
  • the insured stored in the ledger 15 detects that the ID matches the matching condition related to the insured ID of the insured person a (that is, the receipt information of the insured person a is stored in the ledger 15). Then, the receipt information notification unit 13 is a notification destination corresponding to the receipt information (that is, a notification destination according to the insured person ID registered together with the receipt information) for the receipt information stored in the ledger 15. Notify (transmit) to the client unit 21 of the insured terminal 20 of the insured a (S206). Upon receiving the receipt information, the client unit 21 decrypts the receipt information with the insured person's private key SKi so that the insured person a can view the receipt information (S207). For example, the client unit 21 may save the file including the decrypted receipt information in the insured terminal 20 and send the name of the file to the e-mail address of the insured a, or the client unit 21 may be decrypted. The receipt information may be displayed.
  • FIG. 9 shows the state of the matching condition determination process in steps S206 and S207.
  • the insured a can confirm his / her receipt information that may be sent to the insurance company A in order to receive the benefit before sending it to the insurance company A. .. Therefore, the insured person a determines whether or not to allow or reject the transmission of the receipt information. For example, it is determined whether or not the receipt information does not include information that one does not want to disclose.
  • the insured person a inputs the result of the determination (permission or rejection of transmission), for example, via the screen displayed by the client unit 21.
  • the client unit 21 determines whether or not the operation to transmit the receipt information is accepted, and when the operation to not transmit is accepted, thereafter. Cancels the processing of.
  • the client unit 21 encrypts the receipt information using the insurance company public key PKc set in advance in the client unit 21 (S209).
  • the client unit 21 transmits the insured person ID of the insured person a and the encrypted receipt information to the insurance company terminal 30 (S210).
  • the insurance company processing unit 31 of the insurance company terminal 30 receives the insured person ID and the receipt information, it corresponds to the insurance company public key PKc and uses the insurance company private key SKc held by the insurance company processing unit 31.
  • the receipt information is decoded (S211).
  • FIG. 10 shows the state of the process of transmitting the receipt information to the insurance company in steps S210 and S211.
  • steps S212 to S216 are executed in order for the insurance company processing unit 31 to confirm the validity of the decrypted receipt information (hereinafter, referred to as “target receipt information”).
  • step S212 the insurance company processing unit 31 transmits a receipt information inquiry request to the blockchain 10 using the insured person ID received together with the target receipt information as a key.
  • the inquiry response unit 14 of any node of the blockchain 10 stores the receipt information encrypted by the insured person public key PKi, which is stored in the ledger 15 in association with the insured person ID, in the ledger 15. Obtained from (S213). Subsequently, the inquiry response unit 14 transmits the receipt information (hereinafter, referred to as “registered receipt information”) to the insurance company processing unit 31 (S214).
  • the insurance company processing unit 31 When the insurance company processing unit 31 receives the registered receipt information, it encrypts the target receipt information with the insured person's public key PKi of the insured person a (S215).
  • the insured person public key PKi of the insured person a can be obtained from the account information including the insured person ID received together with the target receipt information in step S210.
  • the insurance company processing unit 31 compares the target receipt information encrypted with the insured person public key PKi of the insured person a with the registered receipt information (S216).
  • the registration receipt information is encrypted by the insured person's public key PKi. Therefore, if the plaintext target receipt information and the plaintext registration receipt information are the same, the encrypted information should also be the same.
  • the insurance company processing unit 31 determines that the target receipt information is valid if the encrypted target receipt information and the registered receipt information match, and if not, the target receipt information is invalid. Is determined. If the target receipt information is invalid, the subsequent processing will not be executed.
  • the legitimacy of the target receipt information here is two conditions: (1) the target receipt information has not been tampered with, and (2) the target receipt information is the receipt information of the insured person a. Although it means that the condition is satisfied, it can be determined by step S216 whether or not these two conditions are satisfied. That is, when the encrypted target receipt information matches the registered receipt information stored in the blockchain 10, it is confirmed that the information has not been tampered with. Further, when the encrypted target receipt information matches the registered receipt information of the insured person a, it is confirmed that the target receipt information is the receipt information of the insured person a.
  • FIG. 11 shows the state of the confirmation processing of the validity of the receipt information from the insured terminal 20 in steps S212 to S216.
  • the insurance company processing unit 31 notifies, for example, the insured person ID of the insured person a and the target receipt information in plain text to the operator of the insurance company terminal 30 (S217). Notification of the insured person ID of the insured person a and the target receipt information in plain text may be performed by using a known means such as e-mail.
  • the insurance company A conducts an insurance examination based on the receipt information and the account information corresponding to the insured person ID (S218). If the examination is passed, the insurance company A will pay the insured person a a benefit.
  • the insured before the receipt information is presented to the insurance company, the insured is inquired whether or not the receipt information can be transmitted. Therefore, it is possible to control whether or not the receipt information is subject to a claim to the insurance company. As a result, it is possible to prevent the insurance company from being notified of information (such as chronic illness) that the insured person (patient) does not want to know.
  • information such as chronic illness
  • the receipt information is encrypted by the insured person's public key PKi and stored in the blockchain 10. Therefore, in order to decrypt the receipt information, the insured person's private key PKs corresponding to the insured person's public key PKi are required, but it is basically insured to have the insured person's private key PKs. Limited to insurers. This means that the receipt information stored in the blockchain can be logically (substantially) deleted at the will of the insured. That is, if the insured wants to logically delete his / her past receipt information, he / she may destroy (delete) his / her insured private key PKs.
  • the receipt information stored in the blockchain 10 is transmitted to the insurance company terminal via the insured terminal, it is advantageous for the insured (for example, a large amount of benefit is paid). There is a possibility that the receipt information will be falsified.
  • the insurance company can compare the receipt information from the insured terminal with the receipt information registered in the blockchain 10. , It is possible to easily detect whether or not the receipt information from the insured terminal has been tampered with. Therefore, in the present embodiment, it is possible to secure a high degree of falsification resistance in the management of the receipt information, and it is possible to reduce the possibility that the insurance company will be damaged by fraudulent claims.
  • the information included in the matching condition is the insured person ID, and the payment condition of the benefit peculiar to each insurance company is not included. Therefore, even when the blockchain 10 is shared by a plurality of insurance companies, it is possible to avoid disclosure of the payment terms and the like of each insurance company to other insurance companies. In addition, matching conditions can be outside the scope of the effects of changes in payment conditions.
  • the encrypted receipt information can be registered in the blockchain 10.
  • what the administrator of the blockchain 10 can refer to is the encrypted receipt information. Therefore, even the administrator can hide the contents of the receipt information.
  • the insured person's private key SKi is an example of the first secret key.
  • the insured public key PKi is an example of the first public key.
  • the insured person terminal 20 is an example of the first terminal.
  • the insurance company private key SKc is an example of a second private key.
  • the insurance company private key PKc is an example of a second public key.
  • the insurance company terminal 30 is an example of a second terminal.
  • the insured person ID is an example of patient identification information.
  • the receipt information notification unit 13 is an example of a transmission unit.

Landscapes

  • Business, Economics & Management (AREA)
  • General Business, Economics & Management (AREA)
  • Health & Medical Sciences (AREA)
  • Engineering & Computer Science (AREA)
  • Biomedical Technology (AREA)
  • Epidemiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Primary Health Care (AREA)
  • Public Health (AREA)
  • Financial Or Insurance-Related Operations Such As Payment And Settlement (AREA)

Abstract

In this control method executed by an information processing device, upon detecting that receipt information relating to a patient has been stored in a block chain, a computer executes a process to transmit the patient's receipt information to an address corresponding to the patient prior to being transmitted to an address corresponding to an insurance company with which the patient has a contract, thereby making it possible to control whether the receipt information is to be charged to the insurance company.

Description

制御方法、制御プログラム、情報処理装置及び情報処理システムControl methods, control programs, information processing devices and information processing systems
 本発明は、制御方法、制御プログラム、情報処理装置及び情報処理システムに関する。 The present invention relates to a control method, a control program, an information processing device, and an information processing system.
 生命保険や医療保険等、保険会社との間で契約される保険では、被保険者が契約において定められた状態(病状等)になると保険会社から被保険者に対して給付金が支給される。 For insurance contracted with an insurance company, such as life insurance and medical insurance, the insurance company pays benefits to the insured when the insured is in the state (medical condition, etc.) specified in the contract. ..
 被保険者が給付金の支給を受けるためには、被保険者が保険会社に連絡や申請等の手続きを行う必要がある。このような手続きでは、医師による診断書等、多数の書類が必要とされる場合が有り、被保険者にとって負担が大きい。 In order for the insured to receive the benefits, the insured must contact the insurance company and perform procedures such as application. Such a procedure may require a large number of documents such as a medical certificate by a doctor, which imposes a heavy burden on the insured.
国際公開第2018/225428号International Publication No. 2018/225428 国際公開第2018/124297号International Publication No. 2018/12297 特許第6245782号公報Japanese Patent No. 6245782
 そこで、医療機関から健康保険組合に対して提出されるレセプト情報が自動的に保険会社へ転送され、保険会社が当該レセプト情報に基づいて、給付金の支給の該当者の有無を判断できれば、被保険者の負担を軽減できると考えられる。 Therefore, if the receipt information submitted by the medical institution to the health insurance association is automatically transferred to the insurance company, and the insurance company can determine whether or not the person is eligible for the payment of benefits based on the receipt information, it will be covered. It is thought that the burden on the insurer can be reduced.
 しかし、レセプト情報には、給付金の支給に関する契約とは無関係であって、かつ、機微な情報も含まれている可能性が有る。その結果、被保険者が他人には知られたくない病状等に関する情報が、保険会社に漏洩してしまう可能性がある。 However, there is a possibility that the receipt information is irrelevant to the contract regarding the payment of benefits and also contains sensitive information. As a result, information on medical conditions that the insured does not want others to know may be leaked to the insurance company.
 そこで、一側面では、本発明は、レセプト情報を保険会社への請求対象とするか否かを制御可能とすることを目的とする。 Therefore, on one aspect, it is an object of the present invention to make it possible to control whether or not the receipt information is subject to a claim to an insurance company.
 一つの態様では、情報処理装置において実行される制御方法において、患者のレセプト情報がブロックチェーンに格納されたことを検知すると、前記患者のレセプト情報を、前記患者が契約する保険会社に応じた宛先に送信する前に前記患者に応じた宛先に送信する、処理をコンピュータが実行する。 In one aspect, when the control method executed in the information processing device detects that the patient's receipt information is stored in the blockchain, the patient's receipt information is sent to the destination according to the insurance company contracted by the patient. The computer performs the process of sending to the destination according to the patient before sending to.
 一側面として、レセプト情報を保険会社への請求対象とするか否かを制御可能とすることができる。 As one aspect, it is possible to control whether or not the receipt information is subject to a claim to the insurance company.
本発明の実施の形態における情報処理システムの構成例を示す図である。It is a figure which shows the structural example of the information processing system in embodiment of this invention. 本発明の実施の形態におけるブロックチェーン10の各ノードのハードウェア構成例を示す図である。It is a figure which shows the hardware configuration example of each node of the blockchain 10 in embodiment of this invention. 本発明の実施の形態における情報処理システムの機能構成例を示す図である。It is a figure which shows the functional structure example of the information processing system in embodiment of this invention. アカウント情報の登録処理を説明するための図である。It is a figure for demonstrating the registration process of account information. マッチング条件の登録処理を説明するための図である。It is a figure for demonstrating the registration process of a matching condition. 被保険者aの診療後において医療機関端末40が実行する処理を説明するための図である。It is a figure for demonstrating the process which a medical institution terminal 40 executes after the medical treatment of the insured person a. 健保端末50に対するレセプト情報の入力に応じて実行される処理手順の一例を説明するためのシーケンス図である。It is a sequence diagram for demonstrating an example of the processing procedure executed in response to the input of the receipt information to the health insurance terminal 50. 被保険者ID及びレセプト情報のブロックチェーン10への登録処理の様子を示す図である。It is a figure which shows the state of the registration process of the insured person ID and the receipt information in a blockchain 10. マッチング条件の判定処理の様子を示す図である。It is a figure which shows the state of the determination process of a matching condition. 保険会社へのレセプト情報の送信処理の様子を示す図である。It is a figure which shows the state of the transmission processing of the receipt information to an insurance company. 被保険者からのレセプト情報の正当性の確認処理の様子を示す図である。It is a figure which shows the state of the confirmation process of the validity of the receipt information from an insured person. ブロックチェーン10に格納されたレセプト情報の安全性を説明するための図である。It is a figure for demonstrating the security of the receipt information stored in the blockchain 10.
 以下、図面に基づいて本発明の実施の形態を説明する。図1は、本発明の実施の形態における情報処理システムの構成例を示す図である。図1において、情報処理システム1は、被保険者端末20、医療機関端末40、健保端末50、保険会社端末30及びブロックチェーン10等を含む。ブロックチェーン10は、インターネット等のネットワークを介して被保険者端末20、保険会社端末30及び健保端末50と通信可能である。更に、被保険者端末20は、インターネット等のネットワークを介して保険会社端末30と通信可能である。更に、健保端末50は、インターネット等のネットワークを介して医療機関端末40と通信可能である。 Hereinafter, embodiments of the present invention will be described with reference to the drawings. FIG. 1 is a diagram showing a configuration example of an information processing system according to an embodiment of the present invention. In FIG. 1, the information processing system 1 includes an insured person terminal 20, a medical institution terminal 40, a health insurance terminal 50, an insurance company terminal 30, a blockchain 10, and the like. The blockchain 10 can communicate with the insured person terminal 20, the insurance company terminal 30, and the health insurance terminal 50 via a network such as the Internet. Further, the insured terminal 20 can communicate with the insurance company terminal 30 via a network such as the Internet. Further, the health insurance terminal 50 can communicate with the medical institution terminal 40 via a network such as the Internet.
 被保険者端末20は、或る保険会社(以下、「保険会社A」という。)によって提供される保険を契約している或る被保険者(以下、「被保険者a」という。)が利用する端末である。例えば、PC、スマートフォン又はタブレット端末等が被保険者端末20として利用されてもよい。 The insured terminal 20 is provided by an insured person (hereinafter referred to as "insured person a") who has a contract for insurance provided by a certain insurance company (hereinafter referred to as "insurance company A"). It is a terminal to use. For example, a PC, a smartphone, a tablet terminal, or the like may be used as the insured terminal 20.
 医療機関端末40は、被保険者aの通院先の医療機関(以下、「医療機関B」という。)において利用される1以上のコンピュータである。 The medical institution terminal 40 is one or more computers used at the medical institution (hereinafter referred to as "medical institution B") to which the insured person a goes to the hospital.
 健保端末50は、健康保険組合において利用される1以上のコンピュータである。 The health insurance terminal 50 is one or more computers used by the health insurance association.
 保険会社端末30は、保険会社Aにおいて利用される1以上のコンピュータである。 The insurance company terminal 30 is one or more computers used by the insurance company A.
 なお、被保険者a以外の被保険者の被保険者端末20、及び保険会社A以外の保険会社端末30が情報処理システムに含まれてもよい。 The insured terminal 20 of the insured person other than the insured person a and the insurance company terminal 30 other than the insurance company A may be included in the information processing system.
 ブロックチェーン10は、被保険者aのレセプト情報を格納する複数のノードを含む分散型ネットワーク(ブロックチェーン10)である。各ノードは、それぞれ1以上のコンピュータ(情報処理装置)であり、レセプト情報をブロックチェーン10での管理対象として記憶するための台帳15(分散台帳)を備えると共に、保険会社端末30へのレセプト情報の送信の可否の制御等を行う。なお、レセプト情報とは、診療報酬明細書の記載事項を示す情報をいう。例えば、患者氏名、性別及び生年月日等の個人情報、患者の健康保険加入情報、請求元の医療機関名、診療科、病名、診療月に行われた注射、処置、手術、検査、画像診断、リハビリ、診療月に処方された薬等の点数がレセプト情報に含まれる。調剤報酬明細書の記載事項や方目看護療養費明細書の記載事項等がレセプト情報に含まれてもよい。 The blockchain 10 is a decentralized network (blockchain 10) including a plurality of nodes that store the receipt information of the insured person a. Each node is one or more computers (information processing devices), and includes a ledger 15 (distributed ledger) for storing the receipt information as a management target in the blockchain 10, and also receives the receipt information to the insurance company terminal 30. Controls whether or not the information can be transmitted. The receipt information refers to information indicating items to be described in the medical fee statement. For example, personal information such as patient name, gender and date of birth, patient health insurance enrollment information, medical institution name of claimant, clinical department, disease name, injection, treatment, surgery, examination, diagnostic imaging performed in the medical treatment month. , Rehabilitation, scores of medicines prescribed in the month of medical treatment, etc. are included in the receipt information. The receipt information may include items described in the dispensing fee statement and items described in the statement of nursing care expenses.
 図2は、本発明の実施の形態におけるブロックチェーン10の各ノードのハードウェア構成例を示す図である。図2に示されるように、各ノードは、それぞれバスBで相互に接続されているドライブ装置100、補助記憶装置102、メモリ装置103、CPU104、及びインタフェース装置105等を有する。 FIG. 2 is a diagram showing a hardware configuration example of each node of the blockchain 10 according to the embodiment of the present invention. As shown in FIG. 2, each node has a drive device 100, an auxiliary storage device 102, a memory device 103, a CPU 104, an interface device 105, and the like, which are connected to each other by a bus B.
 ノードでの処理を実現するプログラムは、記録媒体101によって提供される。プログラムを記録した記録媒体101がドライブ装置100にセットされると、プログラムが記録媒体101からドライブ装置100を介して補助記憶装置102にインストールされる。但し、プログラムのインストールは必ずしも記録媒体101より行う必要はなく、ネットワークを介して他のコンピュータよりダウンロードするようにしてもよい。補助記憶装置102は、インストールされたプログラムを格納すると共に、必要なファイルやデータ等を格納する。 The program that realizes the processing at the node is provided by the recording medium 101. When the recording medium 101 on which the program is recorded is set in the drive device 100, the program is installed in the auxiliary storage device 102 from the recording medium 101 via the drive device 100. However, the program does not necessarily have to be installed from the recording medium 101, and may be downloaded from another computer via the network. The auxiliary storage device 102 stores the installed program and also stores necessary files, data, and the like.
 メモリ装置103は、プログラムの起動指示があった場合に、補助記憶装置102からプログラムを読み出して格納する。CPU104は、メモリ装置103に格納されたプログラムに従ってノードに係る機能を実行する。インタフェース装置105は、ネットワークに接続するためのインタフェースとして用いられる。 The memory device 103 reads and stores the program from the auxiliary storage device 102 when the program is instructed to start. The CPU 104 executes a function related to the node according to a program stored in the memory device 103. The interface device 105 is used as an interface for connecting to a network.
 なお、記録媒体101の一例としては、CD-ROM、DVDディスク、又はUSBメモリ等の可搬型の記録媒体が挙げられる。また、補助記憶装置102の一例としては、HDD(Hard Disk Drive)又はフラッシュメモリ等が挙げられる。記録媒体101及び補助記憶装置102のいずれについても、コンピュータ読み取り可能な記録媒体に相当する。 An example of the recording medium 101 is a portable recording medium such as a CD-ROM, a DVD disc, or a USB memory. Further, as an example of the auxiliary storage device 102, an HDD (Hard Disk Drive), a flash memory, or the like can be mentioned. Both the recording medium 101 and the auxiliary storage device 102 correspond to computer-readable recording media.
 図3は、本発明の実施の形態における情報処理システムの機能構成例を示す図である。図3において、医療機関端末40は、医療機関処理部41を有する。医療機関処理部41は、医療機関端末40にインストールされた1以上のプログラムが、医療機関端末40のCPUに実行させる処理により実現される。医療機関処理部41は、1ヶ月ごと等の定期的な周期で、当該周期において行われた医療行為(診療等)に関する各被保険者のレセプト情報を健保端末50へ送信する。 FIG. 3 is a diagram showing a functional configuration example of the information processing system according to the embodiment of the present invention. In FIG. 3, the medical institution terminal 40 has a medical institution processing unit 41. The medical institution processing unit 41 is realized by processing one or more programs installed in the medical institution terminal 40 to be executed by the CPU of the medical institution terminal 40. The medical institution processing unit 41 transmits the receipt information of each insured person regarding the medical practice (medical treatment, etc.) performed in the cycle to the health insurance terminal 50 at a regular cycle such as every month.
 健保端末50は、健保処理部51を有する。健保処理部51は、健保端末50にインストールされた1以上のプログラムが、健保端末50のCPUに実行させる処理により実現される。健保処理部51は、医療機関処理部41から送信された各レセプト情報を、各レセプト情報に係る患者(被保険者)の識別情報(以下、「被保険者ID」という。)に対応付けてブロックチェーン10に送信する。 The health insurance terminal 50 has a health insurance processing unit 51. The health insurance processing unit 51 is realized by processing one or more programs installed in the health insurance terminal 50 to be executed by the CPU of the health insurance terminal 50. The health insurance processing unit 51 associates each receipt information transmitted from the medical institution processing unit 41 with the patient (insured person) identification information (hereinafter, referred to as “insured person ID”) related to each receipt information. Send to blockchain 10.
 ブロックチェーン10の各ノードは、レセプト情報受信部11、条件判定部12、レセプト情報通知部13及び照会応答部14等を有する。これら各部は、各ノードにインストールされた1以上のプログラムが、CPU104に実行させる処理により実現される。各ノードは、また、台帳15を利用する。台帳15は、例えば、補助記憶装置102、又は各ノードにネットワークを介して接続可能な記憶装置等を用いて実現可能である。 Each node of the blockchain 10 has a receipt information receiving unit 11, a condition determination unit 12, a receipt information notification unit 13, an inquiry response unit 14, and the like. Each of these parts is realized by a process of causing the CPU 104 to execute one or more programs installed on each node. Each node also uses the ledger 15. The ledger 15 can be realized by using, for example, an auxiliary storage device 102, a storage device that can be connected to each node via a network, or the like.
 レセプト情報受信部11は、健保処理部51から送信されるレセプト情報及び被保険者IDを受信し、受信したレセプト情報及び被保険者IDを対応付けて台帳15に格納する。 The receipt information receiving unit 11 receives the receipt information and the insured person ID transmitted from the health insurance processing unit 51, and stores the received receipt information and the insured person ID in the ledger 15 in association with each other.
 条件判定部12は、台帳15に格納されたレセプト情報がマッチング条件に合致するか否かを判定する。マッチング条件は、各保険会社によって事前に登録される、レセプト情報に対する条件である。 The condition determination unit 12 determines whether or not the receipt information stored in the ledger 15 matches the matching condition. The matching condition is a condition for the receipt information registered in advance by each insurance company.
 レセプト情報通知部13は、マッチング条件に合致したレセプト情報が台帳15に格納されたことを検知すると、当該レセプト情報に係る患者(被保険者a)に応じた宛先(本実施の形態では被保険者端末20)へ送信する。 When the receipt information notification unit 13 detects that the receipt information that matches the matching condition is stored in the ledger 15, the receipt information notification unit 13 receives the address according to the patient (insured person a) related to the receipt information (insured in the present embodiment). Send to the person terminal 20).
 照会応答部14は、保険会社端末30から要求されたレセプト情報を台帳15から取得して保険会社端末30へ送信する。 The inquiry response unit 14 acquires the receipt information requested from the insurance company terminal 30 from the ledger 15 and transmits it to the insurance company terminal 30.
 台帳15は、レセプト情報等を格納する、ブロックチェーン10の分散台帳である。 The ledger 15 is a distributed ledger of the blockchain 10 that stores receipt information and the like.
 被保険者端末20は、クライアント部21を有する。クライアント部21は、被保険者端末20にインストールされた1以上のプログラムが、被保険者端末20のCPUに実行させる処理により実現される。クライアント部21は、ブロックチェーン10のレセプト情報通知部13から送信されるレセプト情報を受信すると、当該レセプト情報を被保険者aが確認可能な状態で出力する。クライアント部21は、当該レセプト情報について、保険会社Aへ送信する旨の操作の判定を行い、保険会社Aに送信する旨の操作を受け付けた場合、当該レセプト情報を保険会社Aに応じた宛先(本実施の形態では、保険会社端末30)へ送信する。 The insured terminal 20 has a client unit 21. The client unit 21 is realized by a process of causing the CPU of the insured terminal 20 to execute one or more programs installed on the insured terminal 20. When the client unit 21 receives the receipt information transmitted from the receipt information notification unit 13 of the blockchain 10, the client unit 21 outputs the receipt information in a state in which the insured person a can confirm it. When the client unit 21 determines the operation to send the receipt information to the insurance company A and accepts the operation to send the receipt information to the insurance company A, the client unit 21 sends the receipt information to the destination according to the insurance company A ( In this embodiment, transmission is performed to the insurance company terminal 30).
 保険会社端末30は、保険会社処理部31を有する。保険会社処理部31は、保険会社端末30にインストールされた1以上のプログラムが、保険会社端末30のCPUに実行させる処理により実現される。保険会社処理部31は、クライアント部21から送信されたレセプト情報を受信すると、受信した前記患者のレセプト情報とブロックチェーン10に格納された被保険者aのレセプト情報との比較結果に基づき、受信したレセプト情報について改竄の有無を判定する。 The insurance company terminal 30 has an insurance company processing unit 31. The insurance company processing unit 31 is realized by processing one or more programs installed in the insurance company terminal 30 to be executed by the CPU of the insurance company terminal 30. When the insurance company processing unit 31 receives the receipt information transmitted from the client unit 21, it receives the receipt information based on the comparison result between the received receipt information of the patient and the receipt information of the insured person a stored in the blockchain 10. It is determined whether or not the received receipt information has been tampered with.
 なお、本実施の形態では、一人の被保険者(被保険者a)、一つの医療機関(医療機関B)、及び一つの保険会社(保険会社A)について説明するが、複数の被保険者、複数の医療機関及び複数の保険会社が存在してもよい。 In this embodiment, one insured person (insured person a), one medical institution (medical institution B), and one insurance company (insurance company A) will be described, but a plurality of insured persons. , Multiple medical institutions and multiple insurance companies may exist.
 以下、情報処理システム1において実行される処理手順について説明する。情報処理システム1の運用前に、まず、被保険者端末20から健保端末50及び保険会社端末30に対して被保険者のアカウント情報の登録が行われる。 The processing procedure executed in the information processing system 1 will be described below. Before the operation of the information processing system 1, first, the insured person's account information is registered from the insured person's terminal 20 to the health insurance terminal 50 and the insurance company terminal 30.
 図4は、アカウント情報の登録処理を説明するための図である。図4において、クライアント部21の右上の重なっている保険会社公開鍵PKcは、クライアント部21に対して予め保険会社Aの公開鍵(以下、「保険会社公開鍵PKc」という。)が設定されている(含まれている)ことを示す。例えば、クライアント部21は、保険会社Aから各被保険者に対して配布されたアプリケーションプログラムが被保険者端末20に実行される処理によって実現されてもよい。この場合、保険会社Aは、当該アプリケーションの配布の前に当該アプリケーションに対して保険会社公開鍵PKcを含めておいてもよい。 FIG. 4 is a diagram for explaining the account information registration process. In FIG. 4, the overlapping insurance company public key PKc on the upper right of the client unit 21 has the public key of the insurance company A (hereinafter referred to as “insurance company public key PKc”) set in advance for the client unit 21. Indicates that it is (included). For example, the client unit 21 may be realized by a process in which an application program distributed from the insurance company A to each insured person is executed on the insured person terminal 20. In this case, the insurance company A may include the insurance company public key PKc for the application before distribution of the application.
 まず、被保険者aは、クライアント部21に対して氏名等の被保険者aの属性情報を入力する(S101)。氏名等の入力は、例えば、クライアント部21が被保険者端末20に表示させる画面を介して行われてもよい。 First, the insured person a inputs the attribute information of the insured person a such as the name to the client unit 21 (S101). The input of the name and the like may be performed, for example, via the screen displayed on the insured terminal 20 by the client unit 21.
 クライアント部21は、氏名等の入力に応じ、被保険者aの被保険者ID、被保険者aの公開鍵(以下、「被保険者公開鍵PKi」という。)及び秘密鍵(以下、「被保険者秘密鍵SKi」という。)のペアを生成する。クライアント部21は、当該被保険者ID、当該氏名等及び被保険者公開鍵PKiを、健保端末50及び保険会社端末30のそれぞれに送信する(S102、S103)。 The client unit 21 responds to the input of the name and the like, and receives the insured person's ID, the insured person's public key (hereinafter referred to as "insured person's public key PKi"), and the private key (hereinafter, "" Insured person's private key SKi ") is generated. The client unit 21 transmits the insured person ID, the name, etc., and the insured person public key PKi to each of the health insurance terminal 50 and the insurance company terminal 30 (S102, S103).
 健保端末50及び保険会社端末30のそれぞれは、被保険者ID、氏名等及び被保険者公開鍵PKiを、被保険者aのアカウント情報として記憶装置に記憶する。 Each of the health insurance terminal 50 and the insurance company terminal 30 stores the insured person ID, name, etc. and the insured person public key PKi in the storage device as the account information of the insured person a.
 一方、保険会社端末30からは、予めマッチング条件がブロックチェーン10の各ノードの条件判定部12に対して設定される。マッチング条件とは、特定のレセプト情報を検知するための条件をいう。 On the other hand, from the insurance company terminal 30, matching conditions are set in advance for the condition determination unit 12 of each node of the blockchain 10. The matching condition refers to a condition for detecting specific receipt information.
 図5は、マッチング条件の登録処理を説明するための図である。例えば、保険会社端末30の保険会社処理部31は、図4において説明したアカウント情報の登録に応じ、当該アカウント情報に含まれている被保険者IDに係る被保険者aのレセプト情報に対するマッチング条件を、ブロックチェーン10のいずれかのノードの条件判定部12に登録する。当該マッチング条件は、スマートコントラクト(例えば、Chaindcode等)として登録されてもよい。 FIG. 5 is a diagram for explaining the registration process of the matching condition. For example, the insurance company processing unit 31 of the insurance company terminal 30 responds to the registration of the account information described in FIG. 4, and the matching condition for the receipt information of the insured person a related to the insured person ID included in the account information. Is registered in the condition determination unit 12 of any node of the blockchain 10. The matching condition may be registered as a smart contract (for example, Chaincode).
 本実施の形態では、被保険者aの被保険者IDに対応するレセプト情報であることがマッチング条件として登録される。マッチング条件は、給付金の支給に該当するか否かをレセプト情報に基づいて判定するための情報ではなく、特定の被保険者のレセプト情報がブロックチェーン10に登録されたことを検知するための情報だからである。なお、或るノードの条件判定部12に設定されたマッチング条件は、ブロックチェーン10内の各ノードの条件判定部12に対しても自動的に設定される。 In the present embodiment, the receipt information corresponding to the insured person ID of the insured person a is registered as a matching condition. The matching condition is not information for determining whether or not the benefit is paid based on the receipt information, but for detecting that the receipt information of a specific insured person is registered in the blockchain 10. Because it is information. The matching conditions set in the condition determination unit 12 of a certain node are also automatically set for the condition determination unit 12 of each node in the blockchain 10.
 各ノードの条件判定部12は、マッチング条件が設定されると、ブロックチェーン10にレセプト情報が登録されるたびに、当該レセプト情報が当該マッチング条件に合致するか否かを判定する。 When the matching condition is set, the condition determination unit 12 of each node determines whether or not the receipt information matches the matching condition each time the receipt information is registered in the blockchain 10.
 その後、被保険者aが医療機関Bにおいて診療を受けたとする。この場合、当該診療の後の所定のタイミングで図6の処理が実行される。図6は、被保険者aの診療後において医療機関端末40が実行する処理を説明するための図である。 After that, it is assumed that the insured person a receives medical treatment at the medical institution B. In this case, the process of FIG. 6 is executed at a predetermined timing after the medical treatment. FIG. 6 is a diagram for explaining a process executed by the medical institution terminal 40 after the medical treatment of the insured person a.
 医療機関端末40の医療機関処理部41は、1ヶ月等の周期的なタイミングで、例えば、医療機関Bにおける電子カルテDBから当該周期における医事記録等を抽出し、当該医事記録等に基づいて当該周期(1ヶ月)に対応するレセプト情報を患者ごとに生成し、各患者の当該レセプト情報を健保端末50へ送信する(S121)。当該周期において、被保険者aが診療等を受けていれば、被保険者aのレセプト情報も健保端末50へ送信される。 The medical institution processing unit 41 of the medical institution terminal 40 extracts medical records and the like in the cycle from the electronic medical record DB in the medical institution B at a periodic timing such as one month, and the medical records and the like are extracted based on the medical records and the like. Receipt information corresponding to the cycle (1 month) is generated for each patient, and the receipt information of each patient is transmitted to the health insurance terminal 50 (S121). If the insured person a is receiving medical treatment or the like in the cycle, the receipt information of the insured person a is also transmitted to the health insurance terminal 50.
 医療機関処理部41から送信されたレセプト情報が健保端末50において受信されると、例えば、健康保険組合の運用者が健保処理部51に対して、当該レセプト情報と被保険者IDとを健保処理部51へ入力する(S122)。レセプト情報に対応する被保険者IDは、レセプト情報に含まれている氏名等と、健保端末50に予め登録されているアカウント情報における氏名等とを照合することで特定可能である。 When the receipt information transmitted from the medical institution processing unit 41 is received by the health insurance terminal 50, for example, the operator of the health insurance association processes the receipt information and the insured person ID with the health insurance processing unit 51. Input to unit 51 (S122). The insured person ID corresponding to the receipt information can be specified by collating the name and the like included in the receipt information with the name and the like in the account information registered in advance in the health insurance terminal 50.
 なお、ステップS122は、運用者による手作業ではなく、自動的に行われてもよい。すなわち、医療機関処理部41から送信されたレセプト情報を健保処理部51が受信し、健保処理部51が当該レセプト情報に対応する被保険者IDを、健保端末50に登録されているアカウント情報に基づいて特定してもよい。 Note that step S122 may be performed automatically instead of being manually performed by the operator. That is, the health insurance processing unit 51 receives the receipt information transmitted from the medical institution processing unit 41, and the health insurance processing unit 51 uses the insured person ID corresponding to the receipt information as the account information registered in the health insurance terminal 50. It may be specified based on.
 健保処理部51(健保端末50)に対するレセプト情報の入力以降の処理手順については、シーケンス図を用いて説明する。図7は、健保端末50に対するレセプト情報の入力に応じて実行される処理手順の一例を説明するためのシーケンス図である。 The processing procedure after the input of the receipt information to the health insurance processing unit 51 (health insurance terminal 50) will be described with reference to a sequence diagram. FIG. 7 is a sequence diagram for explaining an example of a processing procedure executed in response to input of receipt information to the health insurance terminal 50.
 図7のステップS201は、図6のステップS122に対応する。ステップS201(S122)応じて、健保処理部51は、健保端末50に登録されているアカウント情報のうち、入力された被保険者IDを含むアカウント情報に含まれている被保険者公開鍵PKiを用いて、入力されたレセプト情報を暗号化する(S202)。続いて、健保処理部51は、当該被保険者ID及び暗号化されたレセプト情報をブロックチェーン10に送信する(S203)。 Step S201 of FIG. 7 corresponds to step S122 of FIG. In response to step S201 (S122), the health insurance processing unit 51 uses the insured person public key PKi included in the account information including the input insured person ID among the account information registered in the health insurance terminal 50. It is used to encrypt the input receipt information (S202). Subsequently, the health insurance processing unit 51 transmits the insured person ID and the encrypted receipt information to the blockchain 10 (S203).
 ブロックチェーン10の各ノードのレセプト情報受信部11は、当該被保険者ID及びレセプト情報を受信すると、当該被保険者IDに対応付けて当該レセプト情報を台帳15に記録する(S204)。 When the receipt information receiving unit 11 of each node of the blockchain 10 receives the insured person ID and the receipt information, the receipt information is recorded in the ledger 15 in association with the insured person ID (S204).
 なお、図8には、ステップS202~S204における、被保険者ID及びレセプト情報のブロックチェーン10への登録処理の様子が示されている。図8では、便宜上、一つのノードに関して当該登録処理が図示されているが、ブロックチェーン10内では、当該ノードに登録された被保険者ID及びレセプト情報は、他の全てのノードの台帳15に反映される。 Note that FIG. 8 shows the state of the registration process of the insured person ID and the receipt information in the blockchain 10 in steps S202 to S204. In FIG. 8, for convenience, the registration process is shown for one node, but in the blockchain 10, the insured person ID and the receipt information registered in the node are stored in the ledger 15 of all the other nodes. It will be reflected.
 続いて、各ノードの条件判定部12は、台帳15に新たに格納されたレセプト情報が予め登録されているマッチング条件に合致するか否かを判定する(S205)。本実施の形態において、マッチング条件の内容は、当該マッチング条件に設定されている被保険者IDに対応するレセプト情報が台帳15に格納されたら当該被保険者IDに応じた宛先に対して通知を行うというものである。したがって、条件判定部12は、レセプト情報と共に台帳15に格納された被保険者IDが、マッチング条件に設定されている被保険者IDに合致するか否かを判定する。台帳15に格納された被保険IDがいずれのマッチング条件にも合致しない場合、以降の処理は実行されない。一方、台帳15に格納された被保険はIDが、いずれかのマッチング条件に合致する場合、以降の処理が実行される。例えば、台帳15に格納された被保険はIDが被保険者aの被保険者IDに係るマッチング条件に合致する場合(すなわち、被保険者aのレセプト情報が台帳15に格納されたことを検知すると)、レセプト情報通知部13は、台帳15に格納されたレセプト情報を、当該レセプト情報に応じた通知先(すなわち、当該レセプト情報と共に登録された被保険者IDに応じた通知先)である被保険者aの被保険者端末20のクライアント部21へ通知(送信)する(S206)。クライアント部21は、当該レセプト情報を受信すると、当該レセプト情報を被保険者秘密鍵SKiで復号化して、被保険者aが当該レセプト情報を閲覧可能な状態とする(S207)。例えば、クライアント部21は、復号化されたレセプト情報を含むファイルを被保険者端末20に保存し、当該ファイルの名前を被保険者aのメールアドレス宛に送信してもよいし、復号化されたレセプト情報を表示してもよい。 Subsequently, the condition determination unit 12 of each node determines whether or not the receipt information newly stored in the ledger 15 matches the matching condition registered in advance (S205). In the present embodiment, the content of the matching condition is to notify the destination corresponding to the insured ID when the receipt information corresponding to the insured ID set in the matching condition is stored in the ledger 15. It is to do. Therefore, the condition determination unit 12 determines whether or not the insured person ID stored in the ledger 15 together with the receipt information matches the insured person ID set in the matching condition. If the insured ID stored in the ledger 15 does not meet any of the matching conditions, the subsequent processing is not executed. On the other hand, if the ID of the insured stored in the ledger 15 matches any of the matching conditions, the subsequent processing is executed. For example, the insured stored in the ledger 15 detects that the ID matches the matching condition related to the insured ID of the insured person a (that is, the receipt information of the insured person a is stored in the ledger 15). Then, the receipt information notification unit 13 is a notification destination corresponding to the receipt information (that is, a notification destination according to the insured person ID registered together with the receipt information) for the receipt information stored in the ledger 15. Notify (transmit) to the client unit 21 of the insured terminal 20 of the insured a (S206). Upon receiving the receipt information, the client unit 21 decrypts the receipt information with the insured person's private key SKi so that the insured person a can view the receipt information (S207). For example, the client unit 21 may save the file including the decrypted receipt information in the insured terminal 20 and send the name of the file to the e-mail address of the insured a, or the client unit 21 may be decrypted. The receipt information may be displayed.
 なお、図9には、ステップS206及びS207における、マッチング条件の判定処理の様子が示されている。 Note that FIG. 9 shows the state of the matching condition determination process in steps S206 and S207.
 レセプト情報が通知されることにより、被保険者aは、給付金を受けるために保険会社Aに送信されるかもしれない自らのレセプト情報を、保険会社Aへの送信前に確認することができる。そこで、被保険者aは、当該レセプト情報の送信の許否を判断する。例えば、自らが公開したくない情報が当該レセプト情報に含まれていないか否か等が判断される。被保険者aは、判断の結果(送信の許否)を、例えば、クライアント部21が表示する画面を介して入力する。 By being notified of the receipt information, the insured a can confirm his / her receipt information that may be sent to the insurance company A in order to receive the benefit before sending it to the insurance company A. .. Therefore, the insured person a determines whether or not to allow or reject the transmission of the receipt information. For example, it is determined whether or not the receipt information does not include information that one does not want to disclose. The insured person a inputs the result of the determination (permission or rejection of transmission), for example, via the screen displayed by the client unit 21.
 クライアント部21は、被保険者aによって判断の結果の入力操作が行われると、当該レセプト情報を送信する旨の操作を受け付けたか否かを判定し、送信しない旨の操作を受け付けた場合、以降の処理を中止する。一方、送信する旨の操作を受け付けた場合、クライアント部21は、当該レセプト情報を、予めクライアント部21に設定されている保険会社公開鍵PKcを用いて暗号化する(S209)。続いて、クライアント部21は、被保険者aの被保険者IDと暗号化されたレセプト情報とを保険会社端末30へ送信する(S210)。保険会社端末30の保険会社処理部31は、当該被保険者ID及び当該レセプト情報を受信すると、保険会社公開鍵PKcに対応し、保険会社処理部31が保有する保険会社秘密鍵SKcを用いて当該レセプト情報を復号化する(S211)。 When the insured person a performs the input operation of the judgment result, the client unit 21 determines whether or not the operation to transmit the receipt information is accepted, and when the operation to not transmit is accepted, thereafter. Cancels the processing of. On the other hand, when the operation to transmit is accepted, the client unit 21 encrypts the receipt information using the insurance company public key PKc set in advance in the client unit 21 (S209). Subsequently, the client unit 21 transmits the insured person ID of the insured person a and the encrypted receipt information to the insurance company terminal 30 (S210). When the insurance company processing unit 31 of the insurance company terminal 30 receives the insured person ID and the receipt information, it corresponds to the insurance company public key PKc and uses the insurance company private key SKc held by the insurance company processing unit 31. The receipt information is decoded (S211).
 なお、図10には、ステップS210及びS211における、保険会社へのレセプト情報の送信処理の様子が示されている。 Note that FIG. 10 shows the state of the process of transmitting the receipt information to the insurance company in steps S210 and S211.
 続いて、復号化されたレセプト情報(以下、「対象レセプト情報」という。)の正当性を保険会社処理部31が確認するために、ステップS212~S216が実行される。 Subsequently, steps S212 to S216 are executed in order for the insurance company processing unit 31 to confirm the validity of the decrypted receipt information (hereinafter, referred to as “target receipt information”).
 ステップS212において、保険会社処理部31は、対象レセプト情報と共に受信された被保険者IDをキーとして、ブロックチェーン10対してレセプト情報の照会要求を送信する。ブロックチェーン10のいずれかのノードの照会応答部14は、当該被保険者IDに対応付けられて台帳15に格納されている、被保険者公開鍵PKiによって暗号化されているレセプト情報を台帳15から取得する(S213)。続いて、照会応答部14は、当該レセプト情報(以下、「登録レセプト情報」という。)を保険会社処理部31へ送信する(S214)。 In step S212, the insurance company processing unit 31 transmits a receipt information inquiry request to the blockchain 10 using the insured person ID received together with the target receipt information as a key. The inquiry response unit 14 of any node of the blockchain 10 stores the receipt information encrypted by the insured person public key PKi, which is stored in the ledger 15 in association with the insured person ID, in the ledger 15. Obtained from (S213). Subsequently, the inquiry response unit 14 transmits the receipt information (hereinafter, referred to as “registered receipt information”) to the insurance company processing unit 31 (S214).
 保険会社処理部31は、登録レセプト情報を受信すると、対象レセプト情報を被保険者aの被保険者公開鍵PKiで暗号化する(S215)。なお、被保険者aの被保険者公開鍵PKiは、ステップS210において対象レセプト情報と共に受信された被保険者IDを含むアカウント情報から取得可能である。続いて、保険会社処理部31は、被保険者aの被保険者公開鍵PKiで暗号化された対象レセプト情報と、登録レセプト情報とを比較する(S216)。ここで、登録レセプト情報は、被保険者公開鍵PKiによって暗号化されている。したがって、平文の対象レセプト情報と、平文の登録レセプト情報とが同じであれば、それぞれが暗号化された情報も同じであるはずである。したがって、保険会社処理部31は、暗号化された対象レセプト情報と、登録レセプト情報とが一致すれば、対象レセプト情報は正当であると判定し、そうでなければ、対象レセプト情報は不正であると判定する。対象レセプト情報が不正である場合、以降の処理は実行されない。なお、ここでいう、対象レセプト情報の正当性とは、(1)対象レセプト情報が改竄されていないこと、及び(2)対象レセプト情報が被保険者aのレセプト情報であることという2つの条件を満たすことをいうが、ステップS216によって、これら2つの条件の充足の有無を判定することができる。すなわち、暗号化された対象レセプト情報が、ブロックチェーン10に格納されている登録レセプト情報と一致することで、改竄されていないことが確認される。また、暗号化された対象レセプト情報が、被保険者aの登録レセプト情報と一致することで、対象レセプト情報が被保険者aのレセプト情報であることが確認される。 When the insurance company processing unit 31 receives the registered receipt information, it encrypts the target receipt information with the insured person's public key PKi of the insured person a (S215). The insured person public key PKi of the insured person a can be obtained from the account information including the insured person ID received together with the target receipt information in step S210. Subsequently, the insurance company processing unit 31 compares the target receipt information encrypted with the insured person public key PKi of the insured person a with the registered receipt information (S216). Here, the registration receipt information is encrypted by the insured person's public key PKi. Therefore, if the plaintext target receipt information and the plaintext registration receipt information are the same, the encrypted information should also be the same. Therefore, the insurance company processing unit 31 determines that the target receipt information is valid if the encrypted target receipt information and the registered receipt information match, and if not, the target receipt information is invalid. Is determined. If the target receipt information is invalid, the subsequent processing will not be executed. The legitimacy of the target receipt information here is two conditions: (1) the target receipt information has not been tampered with, and (2) the target receipt information is the receipt information of the insured person a. Although it means that the condition is satisfied, it can be determined by step S216 whether or not these two conditions are satisfied. That is, when the encrypted target receipt information matches the registered receipt information stored in the blockchain 10, it is confirmed that the information has not been tampered with. Further, when the encrypted target receipt information matches the registered receipt information of the insured person a, it is confirmed that the target receipt information is the receipt information of the insured person a.
 なお、図11には、ステップS212~S216における、被保険者端末20からのレセプト情報の正当性の確認処理の様子が示されている。 Note that FIG. 11 shows the state of the confirmation processing of the validity of the receipt information from the insured terminal 20 in steps S212 to S216.
 対象レセプト情報が正当である場合、保険会社処理部31は、例えば、保険会社端末30の運用者に対して被保険者aの被保険者ID及び平文の対象レセプト情報を通知する(S217)。被保険者aの被保険者ID及び平文の対象レセプト情報の通知は、例えば、電子メール等、公知の手段を用いて行われればよい。当該通知に応じ、保険会社Aでは、当該レセプト情報と、当該被保険者IDに対応付いているアカウント情報と等に基づいて、保険審査を行う(S218)。審査に通過した場合、保険会社Aから被保険者aに対して給付金が支給される。 If the target receipt information is valid, the insurance company processing unit 31 notifies, for example, the insured person ID of the insured person a and the target receipt information in plain text to the operator of the insurance company terminal 30 (S217). Notification of the insured person ID of the insured person a and the target receipt information in plain text may be performed by using a known means such as e-mail. In response to the notification, the insurance company A conducts an insurance examination based on the receipt information and the account information corresponding to the insured person ID (S218). If the examination is passed, the insurance company A will pay the insured person a a benefit.
 上述したように、本実施の形態によれば、レセプト情報が保険会社に提示される前に、当該レセプト情報の送信の許否が、被保険者に対して照会される。したがって、レセプト情報を保険会社への請求対象とするか否かを制御することができる。その結果、被保険者(患者)が知られたくない情報(持病等)が保険会社に通知されてしまうのを回避することができる。 As described above, according to the present embodiment, before the receipt information is presented to the insurance company, the insured is inquired whether or not the receipt information can be transmitted. Therefore, it is possible to control whether or not the receipt information is subject to a claim to the insurance company. As a result, it is possible to prevent the insurance company from being notified of information (such as chronic illness) that the insured person (patient) does not want to know.
 また、レセプト情報は、被保険者公開鍵PKiによって暗号化されてブロックチェーン10に格納される。したがって、当該レセプト情報を復号化するためには、当該被保険者公開鍵PKiに対応する被保険者秘密鍵PKsが必要であるところ、被保険者秘密鍵PKsを保有するのは基本的に被保険者に限られる。このことは、被保険者の意思によって、ブロックチェーンに格納されたレセプト情報を論理的に(実質的に)削除可能であることを意味する。すなわち、被保険者は、自らの過去のレセプト情報を論理的に削除したければ、自らの被保険者秘密鍵PKsを破棄(削除)してしまえばよい。 In addition, the receipt information is encrypted by the insured person's public key PKi and stored in the blockchain 10. Therefore, in order to decrypt the receipt information, the insured person's private key PKs corresponding to the insured person's public key PKi are required, but it is basically insured to have the insured person's private key PKs. Limited to insurers. This means that the receipt information stored in the blockchain can be logically (substantially) deleted at the will of the insured. That is, if the insured wants to logically delete his / her past receipt information, he / she may destroy (delete) his / her insured private key PKs.
 また、ブロックチェーン10に格納されているレセプト情報が被保険者端末を経由して保険会社端末に送信される場合、被保険者にとって有利なように(例えば、高額な給付金が支給されるように)当該レセプト情報が改竄される可能性が有る。但し、正しいレセプト情報は、改竄が困難なブロックチェーン10に格納されているため、保険会社は、被保険者端末からのレセプト情報を、ブロックチェーン10に登録されているレセプト情報と比較することで、被保険者端末からのレセプト情報について改竄の有無を容易に検知することができる。したがって、本実施の形態では、レセプト情報の管理について高い改竄耐性を確保することができ、保険会社が不正請求によって被害を受ける可能性を低下させることができる。 Further, when the receipt information stored in the blockchain 10 is transmitted to the insurance company terminal via the insured terminal, it is advantageous for the insured (for example, a large amount of benefit is paid). There is a possibility that the receipt information will be falsified. However, since the correct receipt information is stored in the blockchain 10 which is difficult to falsify, the insurance company can compare the receipt information from the insured terminal with the receipt information registered in the blockchain 10. , It is possible to easily detect whether or not the receipt information from the insured terminal has been tampered with. Therefore, in the present embodiment, it is possible to secure a high degree of falsification resistance in the management of the receipt information, and it is possible to reduce the possibility that the insurance company will be damaged by fraudulent claims.
 また、本実施の形態において、マッチング条件に含まれる情報は、被保険者IDであり、保険会社ごとに固有の給付金の支払条件は含まれない。したがって、複数の保険会社によってブロックチェーン10が共用される場合であっても、各保険会社の支払条件等が他の保険会社に開示されるのを回避することができる。また、マッチング条件を支払条件の変更の影響の範囲外とすることができる。 Further, in the present embodiment, the information included in the matching condition is the insured person ID, and the payment condition of the benefit peculiar to each insurance company is not included. Therefore, even when the blockchain 10 is shared by a plurality of insurance companies, it is possible to avoid disclosure of the payment terms and the like of each insurance company to other insurance companies. In addition, matching conditions can be outside the scope of the effects of changes in payment conditions.
 また、マッチング条件の照合対象が被保険者IDであり、レセプト情報ではないため、暗号化されたレセプト情報をブロックチェーン10への登録対象とすることができる。その結果、例えば、図12に示されるように、ブロックチェーン10の管理者が参照できるのは、暗号化されたレセプト情報である。したがって、当該管理者にさえも、レセプト情報の内容を隠蔽することができる。 Further, since the collation target of the matching condition is the insured person ID and not the receipt information, the encrypted receipt information can be registered in the blockchain 10. As a result, for example, as shown in FIG. 12, what the administrator of the blockchain 10 can refer to is the encrypted receipt information. Therefore, even the administrator can hide the contents of the receipt information.
 なお、本実施の形態において、被保険者秘密鍵SKiは、第1の秘密鍵の一例である。被保険者公開鍵PKiは、第1の公開鍵の一例である。被保険者端末20は、第1の端末の一例である。保険会社秘密鍵SKcは、第2の秘密鍵の一例である。保険会社秘密鍵PKcは、第2の公開鍵の一例である。保険会社端末30は、第2の端末の一例である。被保険者IDは、患者の識別情報の一例である。レセプト情報通知部13は、送信部の一例である。 In the present embodiment, the insured person's private key SKi is an example of the first secret key. The insured public key PKi is an example of the first public key. The insured person terminal 20 is an example of the first terminal. The insurance company private key SKc is an example of a second private key. The insurance company private key PKc is an example of a second public key. The insurance company terminal 30 is an example of a second terminal. The insured person ID is an example of patient identification information. The receipt information notification unit 13 is an example of a transmission unit.
 以上、本発明の実施の形態について詳述したが、本発明は斯かる特定の実施形態に限定されるものではなく、請求の範囲に記載された本発明の要旨の範囲内において、種々の変形・変更が可能である。 Although the embodiments of the present invention have been described in detail above, the present invention is not limited to such specific embodiments, and various modifications are made within the scope of the gist of the present invention described in the claims.・ Can be changed.
1      情報処理システム
10     ブロックチェーン
11     レセプト情報受信部
12     条件判定部
13     レセプト情報通知部
14     照会応答部
15     台帳
20     被保険者端末
21     クライアント部
30     保険会社端末
31     保険会社処理部
40     医療機関端末
41     医療機関処理部
50     健保端末
51     健保処理部
100    ドライブ装置
101    記録媒体
102    補助記憶装置
103    メモリ装置
104    CPU
105    インタフェース装置
B      バス 1 Information processing system 10 Blockchain 11 Receipt information receiving unit 12 Condition judgment unit 13 Receipt information notification unit 14 Inquiry response unit 15 Ledger 20 Insured person terminal 21 Client unit 30 Insurance company terminal 31 Insurance company processing unit 40 Medical institution terminal 41 Medical Engine processing unit 50 Health insurance terminal 51 Health insurance processing unit 100 Drive device 101 Recording medium 102 Auxiliary storage device 103 Memory device 104 CPU
105 Interface device B bus

Claims (9)

  1.  情報処理装置において実行される制御方法において、
     患者のレセプト情報がブロックチェーンに格納されたことを検知すると、前記患者のレセプト情報を、前記患者が契約する保険会社に応じた宛先に送信する前に前記患者に応じた宛先に送信する、
     処理をコンピュータが実行することを特徴とする制御方法。     In the control method executed in the information processing device
    When it is detected that the patient's receipt information is stored in the blockchain, the patient's receipt information is transmitted to the destination according to the patient before being transmitted to the destination according to the insurance company contracted by the patient.
    A control method characterized by a computer performing processing.
  2.  前記患者に応じた宛先に送信した前記患者のレセプト情報を第1の端末が受信すると、前記第1の端末は、受信した前記患者のレセプト情報を前記患者が契約する保険会社に送信する旨の操作を受け付けたか否かの判定を行い、前記保険会社に送信する旨の操作を受け付けた場合、前記患者のレセプト情報を前記保険会社に応じた宛先に送信する、
     ことを特徴とする請求項1に記載の制御方法。     When the first terminal receives the receipt information of the patient transmitted to the destination corresponding to the patient, the first terminal transmits the received receipt information of the patient to the insurance company contracted by the patient. When it is determined whether or not the operation has been accepted and the operation to be transmitted to the insurance company is accepted, the receipt information of the patient is transmitted to the destination corresponding to the insurance company.
    The control method according to claim 1, wherein the control method is characterized by the above.
  3.  前記保険会社に応じた宛先に送信した前記患者のレセプト情報を第2の端末が受信すると、前記第2の端末は、受信した前記患者のレセプト情報と、前記ブロックチェーンに格納された前記患者のレセプト情報との比較結果に基づき、受信した前記患者のレセプト情報について改竄の有無を判定する、
     ことを特徴とする請求項2に記載の制御方法。     When the second terminal receives the patient's receipt information transmitted to the destination corresponding to the insurance company, the second terminal receives the received patient's receipt information and the patient's receipt information stored in the blockchain. Based on the result of comparison with the receipt information, it is determined whether or not the received receipt information of the patient has been tampered with.
    The control method according to claim 2, wherein the control method is characterized by the above.
  4.  前記患者のレセプト情報は、前記患者が保有する第1の秘密鍵に対応する第1の公開鍵により暗号化されており、前記患者に応じた宛先に送信した前記患者のレセプト情報を第1の端末が受信すると、前記第1の端末は、受信した前記患者のレセプト情報を前記第1の秘密鍵により復号化し、前記患者のレセプト情報を前記患者が契約する保険会社に送信する旨の操作を受け付けたか否かの判定を行い、前記保険会社に送信する旨の操作を受け付けた場合、前記第1の秘密鍵により復号化した前記患者のレセプト情報を、前記保険会社が保有する第2の秘密鍵に対応する第2の公開鍵により暗号化して前記保険会社に応じた宛先に送信する、
     ことを特徴とする請求項1に記載の制御方法。     The patient's receipt information is encrypted by a first public key corresponding to the first private key held by the patient, and the patient's receipt information transmitted to a destination corresponding to the patient is first. When the terminal receives it, the first terminal decrypts the received receipt information of the patient with the first private key and transmits the receipt information of the patient to the insurance company contracted by the patient. When it is determined whether or not the patient has been accepted and the operation to be transmitted to the insurance company is accepted, the patient's receipt information decrypted by the first private key is stored in the second secret held by the insurance company. It is encrypted with the second public key corresponding to the key and sent to the destination corresponding to the insurance company.
    The control method according to claim 1, wherein the control method is characterized by the above.
  5.  前記保険会社に応じた宛先に送信した前記患者のレセプト情報を第2の端末が受信すると、前記第2の端末は、受信した前記患者のレセプト情報を前記第2の秘密鍵により復号化し、前記第2の秘密鍵により復号化した前記患者のレセプト情報を前記第1の公開鍵により暗号化し、前記第1の公開鍵により暗号化した前記患者のレセプト情報と、前記ブロックチェーンに格納された前記患者のレセプト情報との比較結果に基づき、受信した前記患者のレセプト情報について改竄の有無を判定する、
     ことを特徴とする請求項4に記載の制御方法。     When the second terminal receives the receipt information of the patient transmitted to the destination corresponding to the insurance company, the second terminal decodes the received receipt information of the patient with the second private key, and the above-mentioned The patient's receipt information decrypted by the second private key is encrypted by the first public key, and the patient's receipt information encrypted by the first public key and the said patient's receipt information stored in the blockchain. Based on the comparison result with the patient's receipt information, it is determined whether or not the received patient's receipt information has been tampered with.
    The control method according to claim 4, wherein the control method is characterized by the above.
  6.  前記患者のレセプト情報は、前記患者の識別情報に対応付けて前記ブロックチェーンに格納され、
     前記情報処理装置は、前記患者の識別情報に基づき、前記患者のレセプト情報が前記ブロックチェーンに格納されたことを検知する、
     ことを特徴とする請求項1乃至5いずれか一項に記載の制御方法。     The patient's receipt information is stored in the blockchain in association with the patient's identification information.
    The information processing device detects that the receipt information of the patient is stored in the blockchain based on the identification information of the patient.
    The control method according to any one of claims 1 to 5, characterized in that.
  7.  患者のレセプト情報がブロックチェーンに格納されたことを検知すると、前記患者のレセプト情報を、前記患者が契約する保険会社に応じた宛先に送信する前に前記患者に応じた宛先に送信する、
     処理をコンピュータに実行させることを特徴とする制御プログラム。     When it is detected that the patient's receipt information is stored in the blockchain, the patient's receipt information is transmitted to the destination according to the patient before being transmitted to the destination according to the insurance company contracted by the patient.
    A control program characterized by having a computer execute processing.
  8.  患者のレセプト情報がブロックチェーンに格納されたことを検知すると、前記患者のレセプト情報を、前記患者が契約する保険会社に応じた宛先に送信する前に前記患者に応じた宛先に送信する送信部、
     を有することを特徴とする情報処理装置。     When it is detected that the patient's receipt information is stored in the blockchain, the transmitter that transmits the patient's receipt information to the destination according to the patient before transmitting the receipt information to the destination according to the insurance company contracted by the patient. ,
    An information processing device characterized by having.
  9.  患者のレセプト情報がブロックチェーンに格納されたことを検知すると、前記患者のレセプト情報を、前記患者が契約する保険会社に応じた宛先に送信する前に前記患者に応じた宛先に送信する送信部、
     を有することを特徴とする情報処理システム。     When it is detected that the patient's receipt information is stored in the blockchain, the transmitter that transmits the patient's receipt information to the destination according to the patient before transmitting the receipt information to the destination according to the insurance company contracted by the patient. ,
    An information processing system characterized by having.
PCT/JP2019/023450 2019-06-13 2019-06-13 Control method, control program, information processing device, and information processing system WO2020250375A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/023450 WO2020250375A1 (en) 2019-06-13 2019-06-13 Control method, control program, information processing device, and information processing system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/JP2019/023450 WO2020250375A1 (en) 2019-06-13 2019-06-13 Control method, control program, information processing device, and information processing system

Publications (1)

Publication Number Publication Date
WO2020250375A1 true WO2020250375A1 (en) 2020-12-17

Family

ID=73781716

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2019/023450 WO2020250375A1 (en) 2019-06-13 2019-06-13 Control method, control program, information processing device, and information processing system

Country Status (1)

Country Link
WO (1) WO2020250375A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09153050A (en) * 1995-11-29 1997-06-10 Hitachi Ltd Method and device for gathering document information
JP2001350838A (en) * 2000-06-05 2001-12-21 Earth Soft:Kk Recipe control system
JP2002304465A (en) * 2001-04-05 2002-10-18 Hitachi Ltd Method and device for disclosing medical fee bill
JP2008293428A (en) * 2007-05-28 2008-12-04 Asopics Corp Encrypted mail transmitting/receiving system equipped with external device storing private id
US20190074077A1 (en) * 2017-09-04 2019-03-07 Taiwan Fintech Corporation, Fusion$360 Prescription management system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09153050A (en) * 1995-11-29 1997-06-10 Hitachi Ltd Method and device for gathering document information
JP2001350838A (en) * 2000-06-05 2001-12-21 Earth Soft:Kk Recipe control system
JP2002304465A (en) * 2001-04-05 2002-10-18 Hitachi Ltd Method and device for disclosing medical fee bill
JP2008293428A (en) * 2007-05-28 2008-12-04 Asopics Corp Encrypted mail transmitting/receiving system equipped with external device storing private id
US20190074077A1 (en) * 2017-09-04 2019-03-07 Taiwan Fintech Corporation, Fusion$360 Prescription management system and method

Similar Documents

Publication Publication Date Title
US11531781B2 (en) Encryption scheme for making secure patient data available to authorized parties
US11893124B2 (en) Method for building cloud-based medical image database for protection of patient information and reading medical image therefrom
US10114977B2 (en) Secure access to individual information
US11297459B2 (en) Records access and management
US10249386B2 (en) Electronic health records
US20020194131A1 (en) Method and system for electronically transmitting authorization to release medical information
US8977572B2 (en) Systems and methods for patient-controlled, encrypted, consolidated medical records
US20160188805A1 (en) Privacy compliant consent and data access management system and methods
WO2018152410A1 (en) Records access and management
US11343330B2 (en) Secure access to individual information
US10893027B2 (en) Secure access to individual information
EP3605376A1 (en) Blockchain-based distribution of medical data records
US10622104B2 (en) System and method utilizing facial recognition with online (social) network to access casualty health information in an emergency situation
US20150101065A1 (en) User controlled data sharing platform
US8019620B2 (en) System and method for medical privacy management
KR20070000653A (en) Safekeeping system for electronic prescription using digital signature and method thereof
WO2001098866A2 (en) Method and apparatus for requesting and retrieving medical information
WO2020250375A1 (en) Control method, control program, information processing device, and information processing system
US20200388357A1 (en) Shared revocation ledger for data access control
JP2023536027A (en) Methods and systems for securing data, particularly biotechnology laboratory data
Braunstein et al. Technologies to assure privacy, security and trust
KR102350614B1 (en) Health data sharing system and method using a block chain registry and a recording medium recording a program for performing the same
EP3629274A1 (en) Smart contract based ordering of medical procedures
Aurucci et al. “GDPR” IMPACT ON HEALTH DATA EXCHANGE IN EUROPEAN DIGITAL ENVIRONMENT
DeMuro et al. Healthcare Organizations as Health Data Fiduciaries: An International Analysis

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19933121

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19933121

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: JP