WO2022145312A1 - 情報処理方法、情報処理装置及びプログラム - Google Patents
情報処理方法、情報処理装置及びプログラム Download PDFInfo
- Publication number
- WO2022145312A1 WO2022145312A1 PCT/JP2021/047597 JP2021047597W WO2022145312A1 WO 2022145312 A1 WO2022145312 A1 WO 2022145312A1 JP 2021047597 W JP2021047597 W JP 2021047597W WO 2022145312 A1 WO2022145312 A1 WO 2022145312A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- patient
- medical data
- doctor
- researcher
- terminal device
- Prior art date
Links
- 230000010365 information processing Effects 0.000 title claims abstract description 48
- 238000003672 processing method Methods 0.000 title claims abstract description 19
- 230000004044 response Effects 0.000 claims abstract description 26
- 230000005540 biological transmission Effects 0.000 claims abstract description 11
- 238000000034 method Methods 0.000 claims description 69
- 230000008569 process Effects 0.000 claims description 50
- 238000011160 research Methods 0.000 claims description 39
- 238000004891 communication Methods 0.000 description 70
- 238000012545 processing Methods 0.000 description 44
- 238000007726 management method Methods 0.000 description 30
- 238000012360 testing method Methods 0.000 description 30
- 238000010586 diagram Methods 0.000 description 29
- 230000009471 action Effects 0.000 description 24
- 230000036772 blood pressure Effects 0.000 description 15
- 201000010099 disease Diseases 0.000 description 12
- 208000037265 diseases, disorders, signs and symptoms Diseases 0.000 description 12
- 230000006870 function Effects 0.000 description 12
- 238000003745 diagnosis Methods 0.000 description 10
- 208000018737 Parkinson disease Diseases 0.000 description 8
- 239000000284 extract Substances 0.000 description 8
- 238000004364 calculation method Methods 0.000 description 7
- 238000012795 verification Methods 0.000 description 6
- 238000005516 engineering process Methods 0.000 description 5
- 238000003384 imaging method Methods 0.000 description 5
- 238000013523 data management Methods 0.000 description 4
- 229940079593 drug Drugs 0.000 description 4
- 239000003814 drug Substances 0.000 description 4
- 230000000747 cardiac effect Effects 0.000 description 3
- HXWLAJVUJSVENX-HFIFKADTSA-N ioflupane I(123) Chemical compound C1([C@H]2C[C@@H]3CC[C@@H](N3CCCF)[C@H]2C(=O)OC)=CC=C([123I])C=C1 HXWLAJVUJSVENX-HFIFKADTSA-N 0.000 description 3
- 238000005065 mining Methods 0.000 description 3
- 239000004065 semiconductor Substances 0.000 description 3
- 238000002603 single-photon emission computed tomography Methods 0.000 description 3
- 208000024891 symptom Diseases 0.000 description 3
- 238000012546 transfer Methods 0.000 description 3
- 230000007704 transition Effects 0.000 description 3
- PDWUPXJEEYOOTR-UHFFFAOYSA-N 2-[(3-iodophenyl)methyl]guanidine Chemical compound NC(=N)NCC1=CC=CC(I)=C1 PDWUPXJEEYOOTR-UHFFFAOYSA-N 0.000 description 2
- 102000006441 Dopamine Plasma Membrane Transport Proteins Human genes 0.000 description 2
- 108010044266 Dopamine Plasma Membrane Transport Proteins Proteins 0.000 description 2
- 238000004458 analytical method Methods 0.000 description 2
- 230000036760 body temperature Effects 0.000 description 2
- 210000004556 brain Anatomy 0.000 description 2
- 238000007689 inspection Methods 0.000 description 2
- 239000004973 liquid crystal related substance Substances 0.000 description 2
- 230000010412 perfusion Effects 0.000 description 2
- 230000036387 respiratory rate Effects 0.000 description 2
- 238000010998 test method Methods 0.000 description 2
- 206010020772 Hypertension Diseases 0.000 description 1
- 208000001953 Hypotension Diseases 0.000 description 1
- 125000002066 L-histidyl group Chemical group [H]N1C([H])=NC(C([H])([H])[C@](C(=O)[*])([H])N([H])[H])=C1[H] 0.000 description 1
- JEYCTXHKTXCGPB-UHFFFAOYSA-N Methaqualone Chemical compound CC1=CC=CC=C1N1C(=O)C2=CC=CC=C2N=C1C JEYCTXHKTXCGPB-UHFFFAOYSA-N 0.000 description 1
- 208000016285 Movement disease Diseases 0.000 description 1
- 230000005856 abnormality Effects 0.000 description 1
- 238000010521 absorption reaction Methods 0.000 description 1
- 239000008280 blood Substances 0.000 description 1
- 210000004369 blood Anatomy 0.000 description 1
- 238000009534 blood test Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 239000002552 dosage form Substances 0.000 description 1
- 238000005401 electroluminescence Methods 0.000 description 1
- 239000004744 fabric Substances 0.000 description 1
- 230000036543 hypotension Effects 0.000 description 1
- 238000013095 identification testing Methods 0.000 description 1
- PDWUPXJEEYOOTR-IUAIQHPESA-N iobenguane (123I) Chemical compound NC(N)=NCC1=CC=CC([123I])=C1 PDWUPXJEEYOOTR-IUAIQHPESA-N 0.000 description 1
- 230000007774 longterm Effects 0.000 description 1
- 238000005259 measurement Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 229910044991 metal oxide Inorganic materials 0.000 description 1
- 150000004706 metal oxides Chemical class 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000000474 nursing effect Effects 0.000 description 1
- 230000008520 organization Effects 0.000 description 1
- 230000001144 postural effect Effects 0.000 description 1
- 238000003825 pressing Methods 0.000 description 1
- 230000002265 prevention Effects 0.000 description 1
- 230000008786 sensory perception of smell Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000001356 surgical procedure Methods 0.000 description 1
- 230000001225 therapeutic effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/30—Payment architectures, schemes or protocols characterised by the use of specific devices or networks
- G06Q20/36—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes
- G06Q20/367—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes
- G06Q20/3678—Payment architectures, schemes or protocols characterised by the use of specific devices or networks using electronic wallets or electronic money safes involving electronic purses or money safes e-cash details, e.g. blinded, divisible or detecting double spending
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/382—Payment protocols; Details thereof insuring higher security of transaction
- G06Q20/3825—Use of electronic signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/389—Keeping log of transactions for guaranteeing non-repudiation of a transaction
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/02—Marketing; Price estimation or determination; Fundraising
- G06Q30/0201—Market modelling; Market analysis; Collecting market data
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q30/00—Commerce
- G06Q30/06—Buying, selling or leasing transactions
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/18—Legal services
- G06Q50/184—Intellectual property management
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/22—Social work or social welfare, e.g. community support activities or counselling services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q50/00—Information and communication technology [ICT] specially adapted for implementation of business processes of specific business sectors, e.g. utilities or tourism
- G06Q50/10—Services
- G06Q50/26—Government or public services
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H40/00—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices
- G16H40/60—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices
- G16H40/67—ICT specially adapted for the management or administration of healthcare resources or facilities; ICT specially adapted for the management or operation of medical equipment or devices for the operation of medical equipment or devices for remote operation
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H80/00—ICT specially adapted for facilitating communication between medical practitioners or patients, e.g. for collaborative diagnosis, therapy or health monitoring
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06Q—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q2220/00—Business processing using cryptography
Definitions
- the present invention relates to an information processing method, an information processing device and a program.
- Patent Document 1 is in charge of cases where an abnormality is detected using patient information, medical staff information in charge, and information for inquiry for diagnosis of a plurality of diseases in which a question about an adverse event in a disease / disease and a plurality of answers are combined.
- a disease diagnosis / treatment / prevention system that notifies medical personnel of alerts is disclosed.
- Patent Document 1 has a problem that a medical researcher cannot study medical treatment using medical data of a patient.
- One aspect is to provide an information processing method that can appropriately provide medical data of patients to medical researchers.
- the information processing method obtains the answer by the patient to the patient ID that identifies the patient, the attributes of the patient, and the medical question, and causes the patient terminal device of the patient to read the doctor ID that identifies the doctor.
- the doctor ID is acquired, the patient ID, attributes and answers of the patient are transmitted to the doctor terminal device corresponding to the acquired doctor ID, and the patient ID, attributes and answers of the patient are displayed.
- the doctor accepts the input of medical data for the patient, accepts the transmission request of medical data including the attributes, answers and input medical data of the patient, and outputs the hash value of the medical data to the blockchain system.
- the disclosure request of the medical data recorded in the blockchain system is accepted via the researcher terminal device of the researcher and the patient's approval for the disclosure request of the researcher is obtained, the medical data is received. It is characterized by outputting to the researcher terminal device.
- FIG. 1 is an explanatory diagram showing an outline of a medical data management system.
- the system of the present embodiment includes an information processing device 1, a blockchain system 2, an information processing terminal 3, an information processing terminal 4, and an information processing terminal 5, and each device transmits / receives information via a network N such as the Internet. ..
- the information processing device 1 is an information processing device that processes, stores, and transmits / receives various information.
- the information processing device 1 is, for example, a server device, a personal computer, a general-purpose tablet PC (personal computer), or the like.
- the information processing device 1 is assumed to be a server device, and is referred to as a server 1 in the following for the sake of brevity.
- Blockchain system 2 is a distributed ledger technology or a distributed network.
- the blockchain system 2 is composed of a plurality of nodes 21 that execute consensus processing. Each of the nodes 21 keeps a copy of the blockchain data through the execution of the consensus process.
- the blockchain system 2 generates a unit of data called a block at regular time intervals and stores the data by connecting them like a chain.
- the blockchain system 2 is autonomously managed by using a peer-to-peer network and a distributed time stamp server. Since the data is stored in a chain, once the data in the block is stored, it is difficult to retroactively change the data.
- the blockchain system 2 may be a public type, a private type, or a consortium type.
- the unit of data may be individual transactions instead of blocks.
- the data may be stored in a stored format such as a directed acyclic graph. In the following, for the sake of brevity, the blockchain system 2 will be read as the blockchain 2.
- the information processing terminal 3 is a terminal device that creates medical data including patient attributes, answers to medical questions by patients, and medical data for patients by doctors, and electronically signs medical data.
- the information processing terminal 3 is an information processing device such as a smartphone, a mobile phone, a tablet, or a personal computer terminal. In the following, for the sake of brevity, the information processing terminal 3 will be read as the doctor terminal 3.
- the information processing terminal 4 is a terminal device that acquires patient attributes and answers to questions, acquires medical data with an electronic signature, and accepts input of approval information in response to a request for disclosure of medical data.
- the information processing terminal 4 is, for example, a smartphone, a mobile phone, a wearable device such as an Apple Watch (registered trademark), a tablet, and an information processing device such as a personal computer terminal. In the following, for the sake of brevity, the information processing terminal 4 will be read as the patient terminal 4.
- the information processing terminal 5 is a terminal device that receives and transmits a medical data disclosure request, and receives medical data that has been approved for the disclosure request.
- the information processing terminal 5 is an information processing device such as a smartphone, a mobile phone, a tablet, or a personal computer terminal. In the following, for the sake of brevity, the information processing terminal 5 will be read as the researcher terminal 5.
- the server 1 acquires the answer by the patient to the patient ID that identifies the patient, the attributes of the patient, and the medical question.
- the server 1 acquires the doctor ID by having the patient terminal 4 read the doctor ID that identifies the doctor.
- the server 1 transmits the patient ID, attributes, and answers of the patient to the doctor terminal 3 corresponding to the acquired doctor ID.
- the server 1 accepts the input of medical data for the patient by the doctor through the doctor terminal 3.
- the server 1 When the server 1 receives a request for transmission of medical data including the patient's attributes, answers, and input medical data from the doctor terminal 3, the server 1 calculates the hash value of the medical data. The server 1 outputs the calculated hash value of the medical data to the blockchain 2.
- the server 1 receives the disclosure request of the medical data recorded in the blockchain 2 via the researcher terminal 5
- the received disclosure request is transmitted to the patient terminal 4 of the patient who provided the medical data.
- the server 1 transmits the medical data to the researcher terminal 5.
- FIG. 2 is a block diagram showing a configuration example of the server 1.
- the server 1 includes a control unit 11, a storage unit 12, a communication unit 13, an input unit 14, a display unit 15, a reading unit 16, and a large-capacity storage unit 17. Each configuration is connected by bus B.
- the control unit 11 includes arithmetic processing units such as a CPU (Central Processing Unit), an MPU (Micro-Processing Unit), and a GPU (Graphics Processing Unit), and reads out a control program 1P (program product) stored in the storage unit 12. By executing it, various information processing, control processing, etc. related to the server 1 are performed. Further, the control program 1P includes a program that executes processes such as generation / execution of smart contracts such as Ethereum's Geth (Go-Ethereum), transfer of virtual currency, account creation, and mining.
- arithmetic processing units such as a CPU (Central Processing Unit), an MPU (Micro-Processing Unit), and a GPU (Graphics Processing Unit)
- control program 1P includes a program that executes processes such as generation / execution of smart contracts such as Ethereum's Geth (Go-Ethereum), transfer of virtual currency, account creation, and mining.
- control unit 11 includes a hash value calculation unit 11a and an electronic signature creation unit 11b.
- the hash value calculation unit 11a performs a process of calculating a hash value of various information by using a cryptographic hash function.
- the electronic signature creation unit 11b generates a signature for digital authentication based on a public key cryptosystem in order to prevent forgery or falsification.
- control unit 11 is described as a single processor in FIG. 2, it may be a multiprocessor.
- the storage unit 12 includes memory elements such as RAM (RandomAccessMemory) and ROM (ReadOnlyMemory), and stores the control program 1P or data required for the control unit 11 to execute processing. Further, the storage unit 12 temporarily stores data and the like necessary for the control unit 11 to execute arithmetic processing.
- the communication unit 13 is a communication module for performing processing related to communication, and transmits / receives information to / from the node 21 of the blockchain 2, the doctor terminal 3, the patient terminal 4, the researcher terminal 5, and the like via the network N. conduct.
- the input unit 14 is an input device such as a mouse, keyboard, touch panel, or button, and outputs the received operation information to the control unit 11.
- the display unit 15 is a liquid crystal display, an organic EL (electroluminescence) display, or the like, and displays various information according to the instructions of the control unit 11.
- the reading unit 16 reads a portable storage medium 1a including a CD (Compact Disc) -ROM or a DVD (Digital Versatile Disc) -ROM.
- the control unit 11 may read the control program 1P from the portable storage medium 1a via the reading unit 16 and store it in the large-capacity storage unit 17. Further, the control unit 11 may download the control program 1P from another computer via the network N or the like and store it in the large-capacity storage unit 17. Furthermore, the control unit 11 may read the control program 1P from the semiconductor memory 1b.
- the large-capacity storage unit 17 includes a recording medium such as an HDD (Hard disk drive) or SSD (Solid State Drive).
- the large-capacity storage unit 17 includes a patient DB (database: database) 171, a doctor DB 172, a question DB 173, a medical data DB 174, a researcher DB 175, a transaction history DB 176, and a management DB 177.
- the patient DB 171 stores the attributes of the patient.
- the doctor DB 172 stores the attributes of the doctor.
- the question DB 173 stores the patient's answer to the medical question.
- the medical data DB 174 stores the medical data of the patient.
- the researcher DB 175 stores the attributes of the researcher.
- the transaction history DB 176 stores the transaction history of medical data.
- the management DB 177 stores management information of medical data.
- the storage unit 12 and the large-capacity storage unit 17 may be configured as an integrated storage device. Further, the large-capacity storage unit 17 may be composed of a plurality of storage devices. Furthermore, the large-capacity storage unit 17 may be an external storage device connected to the server 1.
- server 1 is described as one information processing device in the present embodiment, it may be distributed and processed by a plurality of servers, or it may be configured by a virtual machine.
- FIG. 3 is an explanatory diagram showing an example of the record layout of the patient DB 171 and the doctor DB 172.
- the patient DB 171 includes a patient DID (Decentralized Identifier) column, a name column, a date of birth column, a zip code column, an address column, a telephone number column, an email address column, and a registration date and time column.
- the patient DID column stores the uniquely identified patient DID to identify each patient.
- DID is a decentralized identity (non-distributed identity) in which the user secures the control right regarding his / her own attribute information, and then cooperates with each other in the necessary information among the user's attribute information held by each data holder within the range permitted by the user. Centralized ID).
- the DID can maintain high reliability against immutability or external browsing / tampering by realizing a unique identifier that does not overlap by using a distributed system constructed by the blockchain 2.
- the patient ID may be a conventional (existing) ID for identifying the patient, biometric information using a face or a fingerprint, or the like.
- the name column remembers the patient's name.
- the date of birth column remembers the date of birth of the patient.
- the zip code column stores the zip code based on the patient's current address.
- the address column remembers the patient's current address.
- the telephone number column stores the patient's telephone number.
- the email address column remembers the patient's email address.
- the registration date / time column stores the date / time information in which the patient's attribute is registered.
- the doctor DB172 includes a doctor DID column, a name column, a medical institution name column, and a clinical department name column.
- the doctor DID column stores the uniquely identified doctor's DID to identify each doctor.
- the doctor ID may be a conventional ID for identifying a doctor, biometric information using a face or a fingerprint, or the like.
- the name column remembers the doctor's name.
- the medical institution name column remembers the name of the medical institution where the doctor works.
- the clinical department name column remembers the names of clinical departments such as psychiatry, dermatology, and surgery.
- FIG. 4 is an explanatory diagram showing an example of the record layout of the question DB 173 and the medical data DB 174.
- the question DB 173 includes a patient DID column, a question type column, and a question data column.
- the patient DID column stores the patient DID that identifies the patient.
- the question type column remembers the types of medical questions.
- the types of questions include, for example, PDQ (Parkinson's Disease Questionnaire) -39, MDS-UPDRS (Movement Disorder Society-sponsored revision of the Unified Parkinson's Disease Rating Scale) or EQ-5D (EuroQOL 5 Dimensions).
- the types of questions mentioned above are examples, and are not limited to these.
- the question data column stores medical questions and the patient's answers to each question.
- the medical data DB 174 includes a medical data ID column, a patient DID column, a medical data column, a hash value column, a doctor DID column, a signature date and time column, a date and time column recorded in BC, and a status column.
- the medical data ID column stores the ID of the medical data uniquely identified in order to identify each medical data.
- the patient DID column stores the patient DID that identifies the patient.
- the medical data column stores the patient's medical data in association with the medical data ID.
- the medical data column stores medical data including patient attributes, patient answers to medical questions, and medical data for the patient by the physician.
- the medical data is, for example, a JSON (JavaScript (registered trademark) Object Notation) format file, an XML (Extensible Markup Language) format file, or the like.
- the hash value sequence stores the hash value of medical data.
- the doctor DID column stores the doctor DID that identifies the doctor.
- the signature date and time column stores information on the date and time when the medical data was digitally signed.
- the date and time column recorded in BC stores the date and time when the medical data was recorded in the blockchain 2.
- the status column stores the status of medical data.
- the state of the medical data includes, for example, "saved draft", “submitted”, "signed” or "recorded in BC".
- the "save draft” state is a state in which the patient's attributes and the patient's answer to the question are saved as a draft.
- the "submitted” state is a state indicating that the patient's attributes and the patient's answer to the question have been submitted (sent) to the server 1.
- the "signed” state is a state indicating that the medical data including the attributes of the patient, the answer to the question, and the medical data of the doctor for the patient has been signed.
- the "recorded in BC” state indicates that the medical data has been recorded in the blockchain 2.
- FIG. 5 is an explanatory diagram showing an example of the record layout of the researcher DB 175 and the transaction history DB 176.
- the researcher DB 175 includes a researcher DID column, a research institution ID column, a name column, a date of birth column, a zip code column, an address column, a telephone number column, an email address column, and a registration date / time column.
- the researcher DID column stores the DID of a uniquely identified researcher in order to identify each researcher.
- the researcher ID may be a conventional ID for identifying a researcher, biometric information using a face or a fingerprint, or the like.
- the research institute ID column stores the research institution ID for identifying the research institution to which the researcher belongs.
- a research institution is an organization (institution) or facility for conducting research, testing, appraisal, etc.
- the name column remembers the name of the researcher.
- the date of birth column remembers the date of birth of the researcher.
- the zip code column stores the zip code based on the researcher's current address.
- the address column remembers the researcher's current address.
- the phone number column remembers the researcher's phone number.
- the email address column remembers the researcher's email address.
- the registration date / time column stores the date / time information in which the attributes of the researcher are registered.
- the transaction history DB 176 includes a research institute ID column, a medical data ID column, a patient DID column, a researcher DID column, and a transaction date / time column.
- the research institute ID column stores the research institute ID that identifies the research institute.
- the medical data ID column stores a medical data ID that identifies medical data.
- the patient DID column stores the patient DID that identifies the patient.
- the researcher DID column stores the researcher DID that identifies the researcher.
- the transaction date and time column stores the transaction date and time of medical data between the patient and the researcher.
- FIG. 6 is an explanatory diagram showing an example of the record layout of the management DB 177.
- the management DB 177 includes a management ID column, a medical data ID column, a patient DID column, a researcher DID column, a request status column, a request date and time column, a patient approval date and time column, an approval type column, a patient denial date and time column, and a patient withdrawal date and time column. ..
- the management ID column stores the ID of the management data uniquely specified in order to identify each management data.
- the medical data ID column stores a medical data ID that identifies medical data.
- the patient DID column stores the patient DID that identifies the patient.
- the researcher DID column stores the researcher DID that identifies the researcher.
- the request status column stores the patient's response status to the medical data disclosure request.
- "data not requested”, “waiting for approval”, “approved”, “withdrawn”, “pending”, etc. are stored.
- the request date / time column stores the date / time information when the request for disclosure of medical data is received.
- the patient approval date and time column stores date and time information when the patient approves the use of medical data.
- the approval type column stores the approval type for medical data.
- the type of approval is the first approval for the request for disclosure of medical data, and the first approval, and the sharing that requires the other researchers to share the medical data for which the first approval has been obtained for the request for disclosure of medical data.
- Has approval including the patient's second approval for the request.
- the first approval will be read as "disclosure only”
- the approval including the first approval and the second approval will be read as "disclosure & sharing”.
- the patient denial date and time column stores date and time information in which the patient denied the use of medical data.
- the patient withdrawal date and time column stores information on the date and time when the patient withdrew the approval for the approved medical data.
- each DB described above is an example, and other storage forms may be used as long as the relationship between the data is maintained.
- FIG. 7 is a block diagram showing a configuration example of the node 21 of the block chain 2.
- the node 21 of the block chain 2 includes a control unit 211, a storage unit 212, a communication unit 213, a reception unit 214, an output unit 215, a block generation unit 216, a block verification unit 217, and a block sharing unit 218. Each configuration is connected by bus B.
- the control unit 211 autonomously and decentrally cooperates with the control unit of another node 21 (terminal), and always holds the latest blockchain (ledger: copy of blockchain data) in the storage unit 212.
- the storage unit 212 stores a blockchain (ledger) including transactions broadcast to a distributed network, information required for verification processing of information in the block, and the like.
- the communication unit 213 is a communication module for performing processing related to communication.
- the reception unit 214 receives information to be recorded in the distributed network, which is a blockchain managed by the blockchain 2, from an external node.
- the output unit 215 outputs the blockchain information held by itself in response to a request from the external node.
- the block generation unit 216 generates a block to be added to the block chain based on the information received by the reception unit 214.
- the block generation unit 216 generates a block including information based on the previous block and information received by the reception unit 214. Further, the block generation unit 216 searches for, for example, a nonce as a predetermined consensus process for a block generated by itself or a block generated by a node 21 of another block chain via a block sharing unit 218 described later. After performing processing and processing to add a signature, add a block to the blockchain (ledger) managed by itself. The block generated by the block generation unit 216 is finally added to the block chain 2 by a plurality of nodes 21 performing a predetermined consensus process.
- the block verification unit 217 verifies the information in the block. Normally, the block to be added is the block whose rule is satisfied earliest in the node 21 group including its own node, but the rule is actually set in consideration of the case where a malicious node 21 is included. May be verified whether is satisfied.
- the block sharing unit 218 exchanges information between the nodes 21 belonging to the blockchain 2. More specifically, the block sharing unit 218 transmits the information received by the reception unit 214, the block generated by the block generation unit 216, the block received from the other node 21, and the like to the other node 21 as appropriate. As a result, all the nodes 21 share this information and the latest blockchain 2 as much as possible.
- the configuration of FIG. 7 is merely an example, and the node 21 of the blockchain can execute a predetermined consensus process for sharing and managing the blockchain 2 which is difficult to be tampered with by a plurality of nodes, and is external.
- the specific configuration is not limited as long as the node can add information to the distributed network and refer to the information recorded in the distributed network in response to a request from the node.
- server 1 may be the node 21 of the blockchain 2.
- FIG. 8 is a block diagram showing a configuration example of the doctor terminal 3 and the patient terminal 4.
- the doctor terminal 3 includes a control unit 31, a storage unit 32, a communication unit 33, an input unit 34, and a display unit 35. Each configuration is connected by bus B.
- the control unit 31 includes an arithmetic processing unit such as a CPU and an MPU, and by reading and executing a control program 3P (program product) stored in the storage unit 32, various information processing, control processing, etc. related to the doctor terminal 3 are performed. I do. Further, the control unit 31 includes a hash value calculation unit 31a and an electronic signature creation unit 31b. The hash value calculation unit 31a performs a process of calculating a wallet address or the like by using a cryptographic hash function. Further, the control program 3P includes a program that executes processes such as generation / execution of smart contracts such as Ethereum Geth, transfer of virtual currency, account creation, and mining. The electronic signature creation unit 31b generates a signature for digital authentication based on a public key cryptosystem in order to prevent forgery or falsification.
- a control program 3P program product
- the control unit 31 is described as a single processor in FIG. 8, it may be a multiprocessor.
- the storage unit 32 includes memory elements such as RAM and ROM, and stores the control program 3P or data required for the control unit 31 to execute the process. Further, the storage unit 32 temporarily stores data and the like necessary for the control unit 31 to execute the arithmetic processing.
- the communication unit 33 is a communication module for performing processing related to communication, and transmits / receives information to / from the server 1 or the like via the network N.
- the input unit 34 may be a keyboard, a mouse, or a touch panel integrated with the display unit 35.
- the display unit 35 is a liquid crystal display, an organic EL display, or the like, and displays various information according to the instructions of the control unit 31.
- the patient terminal 4 includes a control unit 41, a storage unit 42, a communication unit 43, an input unit 44, a display unit 45, and an imaging unit 46. Each configuration is connected by bus B. Regarding the control unit 41, the storage unit 42, the communication unit 43, the input unit 44, and the display unit 45 of the patient terminal 4, the control unit 31, the storage unit 32, the communication unit 33, the input unit 34, and the display unit of the doctor terminal 3 Since it is the same as 35, the description thereof will be omitted.
- the photographing unit 46 is an photographing device such as a CCD (Charge Coupled Device) camera or a CMOS (Complementary Metal Oxide Semiconductor) camera.
- the imaging unit 46 may not be built in the patient terminal 4, but may be directly connected to the patient terminal 4 externally to enable imaging.
- FIG. 9 is a block diagram showing a configuration example of the researcher terminal 5.
- the researcher terminal 5 includes a control unit 51, a storage unit 52, a communication unit 53, an input unit 54, and a display unit 55. Each configuration is connected by bus B.
- the control unit 51, the storage unit 52, the communication unit 53, the input unit 54, and the display unit 55 of the researcher terminal 5 the control unit 31, the storage unit 32, the communication unit 33, the input unit 34, and the display unit of the doctor terminal 3 Since it is the same as the part 35, the description thereof will be omitted.
- FIG. 10 is an explanatory diagram illustrating an operation of creating medical data with an electronic signature.
- Patient attributes include the patient's name, gender, age, date of birth, zip code, address, telephone number, email address, medical history, medication history or blood type.
- the attributes of the patient may include biological data (for example, blood pressure, electrocardiogram, cardiac sound, or X-ray absorption rate) which is various physiological and anatomical information emitted by the living body.
- the patient terminal 4 accepts the input of the patient's attribute and transmits the accepted patient's attribute to the server 1.
- the server 1 receives the patient attribute transmitted from the patient terminal 4 and issues the patient DID.
- the server 1 issues a patient DID that identifies a patient by using a platform such as Ethereum® ERC725 / 735 or Soverin Network.
- the server 1 associates with the issued patient DID and stores the received patient attributes in the patient DB 171. Specifically, the server 1 associates with the patient DID and stores the patient's name, date of birth, zip code, address, telephone number, e-mail address, and registration date and time as one record in the patient DB 171.
- PDQ-39 which is a disease-specific QOL (Quality of Life) questionnaire for Parkinson's disease patients
- the patient terminal 4 accepts the selection of the type of question by the patient (eg, PDQ-39, MDS-UPDRS or EQ-5D).
- the patient terminal 4 acquires the corresponding question from the storage unit or an external device and displays it on the screen according to the type of the received question.
- the patient terminal 4 receives an answer from the patient to the question displayed on the screen, associates the accepted answer with the patient DID, and sends the answer to the server 1.
- the server 1 receives the patient DID and the answer to the question transmitted from the patient terminal 4, and stores the received patient DID and the answer in the question DB 173. Specifically, the server 1 associates with the received patient DID, and stores the question data including the type of question, the question, and the answer to the question in the question DB 173 as one record.
- vital data biological data measured by a wearable device that enables measurement of blood pressure, heart rate, respiratory rate, body temperature, etc., or a terminal equipped with a vital sensor is used as a server. It may be registered in 1.
- the terminal 2 acquires vital data including blood pressure, heart rate, respiratory rate, body temperature, etc. via a wearable device.
- the terminal 2 registers the acquired vital data in the server 1 together with the patient's attributes and the answers to the questions.
- Medical data includes patient attributes, answers to questions, and medical data by the physician for the patient.
- the doctor terminal 3 of a doctor uses a library that generates a code, and generates a code that describes a doctor DID that identifies a doctor.
- the code includes a one-dimensional code or a two-dimensional code.
- the one-dimensional code may be, for example, a bar code representing a numerical value or a character by the thickness of a striped line.
- the two-dimensional code may be, for example, a QR code (registered trademark) of a display method having information in the horizontal direction and the vertical direction, as opposed to the one-dimensional code having the information only in the horizontal direction.
- An example of a two-dimensional code will be described below.
- the physician DID may be issued using a platform such as Ethereum's ERC725 / 735 or Sovrin Network.
- the doctor terminal 3 displays the generated two-dimensional code on the screen.
- the patient terminal 4 reads the two-dimensional code displayed on the doctor terminal 3.
- the patient terminal 4 uses a two-dimensional code analysis library and acquires a doctor's DID from the read two-dimensional code.
- an example using a two-dimensional code has been given, but the present invention is not limited to this.
- the doctor DID stored in an IC tag (Integrated Circuit Tag), an RF tag (Radio Frequency Tag), an RFID (Radio Frequency Identifier) chip (micro chip), or the like may be read by an RF reader, or ,
- the doctor DID stored in the bar code may be read.
- the doctor DID may be accepted by manual input.
- the patient terminal 4 transmits the acquired doctor DID and patient DID to the server 1.
- the server 1 receives the doctor DID and the patient DID transmitted from the patient terminal 4.
- the server 1 acquires the patient attributes and the answers to the questions based on the received patient DID. Specifically, the server 1 acquires the patient attribute from the patient DB 171 based on the patient DID.
- the server 1 acquires the answer to the question from the question DB 173 based on the patient DID.
- the server 1 transmits the patient DID, the acquired patient attributes, and the answers to the questions to the doctor terminal 3 corresponding to the received doctor DID.
- the doctor terminal 3 receives the patient DID, the patient attributes, and the answers to the questions transmitted from the server 1.
- the doctor terminal 3 accepts the input of medical data for the patient by the doctor.
- the medical data includes severity classification of diseases such as Parkinson's disease, prescription information (drug component name, dosage form or dose, etc.), blood pressure or pulse, and the like.
- the doctor terminal 3 When the doctor terminal 3 receives an instruction for electronically signing medical data including patient attributes, answers to questions, and medical data, the doctor terminal 3 performs electronic signature processing (encryption) on the medical data.
- the electronic signature processing is a function of digitally signing a given data using a private key.
- the hash value obtained by converting the given data with a cryptographic hash function is encrypted.
- the cryptographic hash function is a one-way cryptographic processing method for detecting falsification of a digital document, and the output value is always fixed at 64 digits in hexadecimal notation. Any hash function may be used, and for example, SHA (Secure Hash Algorithm) -1 or SHA-256 can be used.
- SHA Secure Hash Algorithm
- the medical data is digitally signed by the doctor, but the present invention is not limited to this.
- medical data may be digitally signed by a qualified medical person such as a clinical laboratory technician, a physiotherapist, or a caregiver.
- the doctor terminal 3 associates with the patient DID and the doctor DID, and transmits the electronically signed medical data to the server 1.
- the server 1 receives the patient DID, the doctor DID, and the electronically signed medical data transmitted from the doctor terminal 3.
- the server 1 decodes the electronically signed medical data using the public key.
- the server 1 creates a medical data ID that identifies medical data.
- the server 1 may use ERC721, which is one of Ethereum's smart contract standards, to create a non-fungible token (NFT) that can prove "value" as a medical data ID. If the ERC721 standard is used, all medical data IDs on the blockchain 2 are disclosed, but since they cannot be tampered with, it is possible to attach the owner or attribution information.
- the server 1 associates with the created medical data ID, and stores the patient DID, the decoded medical data, the doctor DID, the electronic signature date and time, and the "signed" state as one record in the medical data DB 174.
- the server 1 transmits medical data to the patient terminal 4.
- the patient terminal 4 receives the medical data transmitted from the server 1 and displays it on the screen.
- the patient terminal 4 receives an instruction to output (record) the medical data to the blockchain 2 from the patient
- the patient terminal 4 transmits an output instruction to the blockchain 2 to the server 1.
- the output instructions include the patient DID and the medical data ID.
- the server 1 receives an output instruction to the blockchain 2 transmitted from the patient terminal 4, and outputs a hash value of the medical data to the blockchain 2 in response to the received output instruction.
- the server 1 calculates the hash value of medical data using a cryptographic hash function.
- the server 1 adopts a hash function using the SHA2-256 algorithm and calculates a hash value of medical data.
- the hash function is not limited to the hash function, and other encryption methods may be used.
- the server 1 associates with the patient DID, the doctor DID, and the medical data ID, and transmits the calculated hash value of the medical data to any node 21 of the blockchain 2.
- the node 21 of the blockchain 2 receives and records the patient DID, the doctor DID, the medical data ID, and the hash value of the medical data transmitted from the server 1.
- the server 1 associates with the medical data ID, and stores the hash value of the medical data, the recording date and time in the blockchain 2, and the state of being "recorded in BC" in the medical data DB 174.
- FIG. 11 is an explanatory diagram illustrating a process of recording medical data in the blockchain 2.
- One node 21 of the blockchain 2 receives the transaction data (transaction) transmitted from the server 1.
- the transaction data includes a patient DID, a doctor DID, a medical data ID and a hash value of the medical data.
- the node 21 is the pre-block management information created based on the patient DID, the doctor DID, the medical data ID and the hash value of the medical data included in the received transaction data, and the blockchain information managed by the node 21. Generate a block that contains at least and.
- each node 21 of the blockchain 2 executes a process according to a predetermined consensus algorithm.
- a process according to a predetermined consensus algorithm.
- the node 21, node 21, node 21 executes an arithmetic process called PoW (Proof of Work) to update the blockchain 2.
- the node 21 to be used is determined.
- PoW is a (mining) operation process for searching for a certain correct answer value from a hash value stored in advance in the block immediately before the newly generated block.
- the node 21 When a new block is generated, the node 21 generates a hash value stored in the block immediately before the block and a hash value obtained by hashing the transaction data, and stores the hash value in the latest block. For example, as shown in FIG. 11, when the block 3 is generated, the node 21 hashes the hash value stored in the block 2 and a plurality of transaction data to generate a hash value, and stores the hash value in the block 3. ..
- the node 21 inserts a nonce value in the header in addition to the transaction data to generate a hash value in order to increase the difficulty of the arithmetic processing.
- the nonce value is a value such that a predetermined number of zeros are consecutive in the header of the hash value, and the processing load of arithmetic processing is adjusted by designing the number of zeros related to the nonce value to an appropriate number.
- each node 21 When generating the latest block, each node 21 solves a search problem of searching for a correct answer value (a nonce value in the Bitcoin example) from the hash value included in the previous block. For example, as shown in FIG. 11, when the block 3 is newly generated, each node 21 searches for the correct answer value from the hash value stored in the block of the block 2. The probability of finding the correct answer value in one calculation process is low, and when blockchain technology related to virtual currencies such as Bitcoin is applied, it takes about 10 minutes on average. Each node 21 simultaneously executes the arithmetic processing of the search problem and searches for the correct answer value. Then, the node 21 that finds the correct answer value earliest is given the authority to generate the latest block.
- a correct answer value a nonce value in the Bitcoin example
- the node 21 If the search is successful, the node 21 generates the latest block containing the verified transaction data (patient DID, doctor DID, medical data ID, and hash value of medical data), and the data related to the block is transferred to another node. Notify 21, 21, 21 ... In this case, as described above, the node 21 generates a hash value from the hash value and transaction data stored in the previous block, stores the hash value in a new block, and notifies each node 21. ..
- the node 21 generates a hash value stored in the block 2 and a hash value obtained by hashing the transaction data, stores the hash value in a new block 3, and stores the hash value and the transaction data in the other nodes 21, 21, 21.
- the hash value stored in the new block includes the hash value of the previous block, each block constituting the block chain is associated in chronological order.
- the other nodes 21, 21, 21 ... Store the transaction data in the storage unit 212 after confirming the validity of the data of the notified block.
- the data related to the same blockchain is duplicated and stored in the storage unit 212 of each node 21, 21, 21 ...
- the administrator (minor) of the node 21 that succeeded in the search is given a reward for the success in the search. That is, the administrator of the node 21 that succeeds in the search is paid the fee for each transaction stored in the block. This gives the administrator an incentive to invest computational resources called node 21.
- PoW was used as a method for determining the update authority of the blockchain, but the present embodiment is not limited to this, and for example, POI (Proof of Importance), POS (Proof of Stake), etc. are used. You may use it.
- POI Proof of Importance
- POS Proof of Stake
- the present embodiment is not limited to this.
- blockchain technology related to Ethereum, Hyperledger Fabric, etc. may be applied.
- FIG. 12 is an explanatory diagram illustrating an operation of outputting medical data to the researcher terminal 5.
- the attributes of the researcher are registered in advance.
- Researcher attributes include the researcher's name, date of birth, zip code, address, telephone number, email address, profile or research purpose, and the like. Since the researcher registration process is the same as the patient registration process, the description thereof will be omitted.
- the researcher terminal 5 When the researcher terminal 5 receives a request for disclosure of medical data by a researcher, the researcher terminal 5 transmits the received disclosure request to the server 1 in association with the researcher DID and the medical data ID.
- the server 1 transmits the researcher DID, the medical data ID, and the disclosure request transmitted from the researcher terminal 5 to the patient terminal 4 of the patient who provided the medical data.
- a researcher's message or profile may be sent to the patient terminal 4 together with the disclosure request. In this case, the patient terminal 4 displays the researcher's message or profile on the screen together with the disclosure request.
- the patient terminal 4 When the patient terminal 4 receives the approval information for the medical data disclosure request in response to the disclosure request transmitted from the server 1, the patient terminal 4 transmits the accepted approval information to the server 1.
- the server 1 creates a transaction in which the researcher pays a predetermined token to the patient according to the approval information transmitted from the patient terminal 4.
- a transaction is a transaction record in blockchain 2, and stores various information and value transfers between participants in blockchain 2.
- the transaction created includes the researcher's wallet address, the patient's wallet address, the token quantity paid, and the transaction date and time.
- the wallet address is an account number for virtual currency created for each transaction, and is displayed as a character string or QR code.
- the wallet address is a mathematically derived address based on the public key cryptography used in the blockchain 2. Further, the source and destination wallet addresses are recorded in the node 21 of the blockchain 2 and are not tampered with as long as the system of the blockchain 2 continues to maintain. Since the wallet address is calculated, it can be created online or offline.
- Server 1 sends the created transaction to any node 21 of the blockchain 2.
- the node 21 of the blockchain 2 receives the transaction and executes the token payment process.
- the researcher paid the token to the patient who provided the medical data, but the present invention is not limited to this.
- a researcher may pay a predetermined token only to a doctor who has digitally signed medical data.
- the researcher may pay a predetermined token to both the patient who provided the medical data and the doctor who digitally signed the medical data.
- the physician electronically signs the medical data despite the researcher's request for disclosure, for example, the sponsor or system operator may pay the physician a predetermined token.
- a virtual currency which is a kind of token
- the present invention is not limited to this.
- it can be applied to other types of tokens such as electronic money, coupons or points as well.
- the node 21 After executing the token payment process, the node 21 acquires the hash value of the medical data based on the medical data ID. The node 21 transmits the hash value of the acquired medical data to the server 1.
- the server 1 receives the hash value of the medical data transmitted from the node 21.
- the server 1 acquires the hash value of the medical data from the medical data DB 174 based on the medical data ID.
- the server 1 collates the hash value of the medical data transmitted from the node 21 with the hash value of the medical data stored in the medical data DB 174.
- the server 1 determines that the two match, the server 1 acquires the medical data corresponding to the hash value of the medical data from the medical data DB 174.
- the server 1 transmits the acquired medical data to the researcher terminal 5.
- the researcher terminal 5 receives the medical data transmitted from the server 1 and displays it on the screen.
- smart contracts may be used.
- the smart contract is a mechanism in which the definition of execution conditions and contract contents is programmed in advance and incorporated into a transaction, and when a transaction that matches the execution conditions and contract contents occurs, the contract is automatically fulfilled.
- the server 1 generates a smart contract code that describes the execution conditions necessary for processing medical data transactions, the wallet addresses of patients and researchers, and the like.
- the server 1 sends a transaction including the generated smart contract code to any node 21 of the blockchain 2.
- Node 21 of the blockchain 2 records the transaction including the received smart contract.
- the content of the smart contract code defines, for example, a contract to pay a predetermined token from the researcher's wallet address to the patient's wallet address when the patient's approval is obtained for the researcher's disclosure request.
- Transactions include smart contract codes, patient and researcher digital signatures. If the node 21 of the blockchain 2 meets the execution conditions approved by the patient for the disclosure request of the researcher, the predetermined token determined in the contract contents is sent from the researcher's wallet address to the patient's wallet address. Pay to.
- the present invention is not limited to this, and for example, the sponsor or the system operator may pay the patient a predetermined token.
- FIG. 13 is an explanatory diagram showing an example of an input screen for answers to questions.
- the screen includes an answer input field 11a, a save button 11b and a submit button 11c.
- the answer input field 11a is an input field for accepting input of an answer by a patient to a question related to medical treatment.
- the save button 11b is a button to save the answer to the question as a draft.
- the submit button 11c is a button for transmitting (submitting) an answer to a question to the server 1.
- FIG. 13 describes an example in which the type of question is PDQ-39, but the same applies to other types of questions.
- the patient terminal 4 acquires PDQ-39 from the storage unit 12 of the server 1 or an external device.
- the patient terminal 4 displays the acquired PDQ-39 in the answer input field 11a.
- the patient terminal 4 accepts the input operation of the answer input field 11a
- the patient terminal 4 accepts the answer by the patient to the question.
- the patient terminal 4 accepts the touch (click) operation of the save button 11b
- the patient terminal 4 saves the answer input by the answer input field 11a as a draft.
- the patient terminal 4 accepts the touch operation of the submit button 11c
- the patient terminal 4 transmits the answer input by the answer input field 11a and the patient's attribute to the server 1 in association with the patient DID.
- FIG. 14 is an explanatory diagram showing an example of a medical data creation screen.
- the screen includes a QR code generation button 12a, a patient data acquisition button 12b, a QR code display field 12c, a patient attribute display field 12d, a browsing button 12e, a medical care data reception field 12f, a signature transmission button 12g, and a result display field 12h. ..
- the QR code generation button 12a is a button for generating a QR code in which a doctor's DID is described.
- the data acquisition button 12b from the patient is a button for acquiring the patient's attributes and the answer to the question from the patient.
- the QR code display field 12c is a display field for displaying the QR code.
- the patient attribute display column 12d is a display column for displaying the patient attribute.
- the browse button 12e is a button that displays the answer to the question.
- the number of browsing buttons 12e may be provided based on the type of question. As shown in the figure, browsing buttons 12e for each of "PDQ-39", “MDS-UPDRS” and “EQ-5D” are provided.
- the title of the corresponding browsing button 12e is set to "browsing”
- the browsing button 12e is set to an operable active state.
- the title of the corresponding browsing button 12e is set to "no data”
- the browsing button 12e is inoperable (inactive). Set to inactive) state.
- the medical data reception column 12f is a reception column for accepting input of medical data in which a doctor diagnoses a patient.
- the signature transmission button 12g is a button for electronically signing and transmitting medical data including patient attributes, answers to questions, and medical data.
- the result display column 12h is a display column for displaying the result of the electronic signature and transmission processing for the medical data.
- the doctor terminal 3 When the doctor terminal 3 accepts the click (touch) operation of the QR code generation button 12a, the doctor terminal 3 uses a library that generates a two-dimensional code to generate a QR code that describes a doctor's DID. The doctor terminal 3 displays the generated QR code in the QR code display field 12c. The patient terminal 4 acquires the doctor DID by reading the QR code displayed on the doctor terminal 3.
- the patient terminal 4 transmits the acquired doctor DID and patient DID to the server 1.
- the server 1 receives the doctor DID and the patient DID transmitted from the patient terminal 4, and acquires the patient attributes and the answers to the questions from the patient DB 171 and the question DB 173 based on the received patient DID.
- the server 1 transmits the acquired patient attributes and answers to the questions to the doctor terminal 3 corresponding to the received doctor DID.
- the patient's attributes and answers to the questions can be obtained from the patient by pressing the data acquisition button 12b.
- the doctor terminal 3 accepts the click operation of the data acquisition button 12b from the patient, the doctor terminal 3 generates a sub screen for accepting the input of the patient DID.
- the doctor terminal 3 accepts the input of the patient DID on the generated sub screen, and transmits the accepted patient DID to the server 1.
- the patient's attributes and the answers to the questions are obtained from the server 1 in the same manner as the above-mentioned processing.
- the doctor terminal 3 receives the patient's attributes and answers to the questions transmitted from the server 1.
- the doctor terminal 3 displays the received attributes of the patient in the patient attribute display column 12d.
- the doctor terminal 3 accepts the click operation of the browsing button 12e
- the doctor terminal 3 displays the answer to the corresponding question on the sub screen.
- the doctor terminal 3 accepts the click operation of the browsing button 12e corresponding to "PDQ-39”
- the doctor terminal 3 generates a sub screen for displaying the answer to the question.
- the doctor terminal 3 acquires an answer to "PDQ-39" from the answer to the received question, and displays the acquired answer to "PDQ-39" on the sub screen.
- Medical data includes diagnostic data, treatment data and examination data.
- the diagnostic data is data related to diagnosis such as medical condition information and disease information (for example, a disease name determined by a doctor).
- the treatment data is data related to treatment such as treatment policy, treatment method, surgical information or drug information for a patient's disease.
- the test data is data on various tests (eg, blood tests) that the patient has undergone to determine the presence or absence of the disease or its extent.
- the doctor terminal 3 displays diagnostic data including severity classification, treatment data including prescription information (drug component name, dosage type or dose, etc.), medical diagnostic images, olfactory test, blood pressure and pulse.
- the input of the including test data is accepted by the medical data reception column 12f.
- the medical diagnostic image is an image obtained by inspection such as MRI (Magnetic Resonance Image), DAT (Dopamine transporter) Scan, Cardiac MIBG (123I-metaiodobenzylguanidine) Scintigraphy or Brain Perfusion SPECT (Single Photon Emission Computed Tomography).
- MRI Magnetic Resonance Image
- DAT Dopamine transporter
- MIBG 123I-metaiodobenzylguanidine Scintigraphy
- Brain Perfusion SPECT Single Photon Emission Computed Tomography
- the doctor terminal 3 When the doctor terminal 3 accepts the click operation of the signature transmission button 12g, the doctor terminal 3 electronically signs medical data including patient attributes, answers to questions, and medical data, and associates the electronically signed medical data with the patient DID and the doctor DID. And send it to server 1.
- the doctor terminal 3 displays the result of the electronic signature and transmission processing for the medical data in the result display column 12h. As shown in the figure, "Signature & transmission was successful" is displayed in the result display field 12h.
- FIG. 15 is an explanatory diagram showing an example of a medical data display screen on the patient terminal 4 side.
- the screen includes a medical data ID display field 13a, a status icon 13b, a date and time display field 13c, a doctor display button 13d, a disclosure request display field 13e, a disclosure request button 13f, and a transaction history display button 13g.
- the medical data ID display field 13a is a display field for displaying the medical data ID.
- the state icon 13b is an icon indicating the state of medical data.
- the date / time display column 13c is a display column for displaying the update date / time of each state of the medical data.
- the doctor display button 13d is a display field for displaying the attributes of the doctor who has digitally signed the medical data.
- the disclosure request display column 13e is a display column for displaying information related to the disclosure request.
- the disclosure request button 13f is a button for transitioning to the disclosure request response screen (FIG. 18) described later.
- the transaction history display button 13g is a button for transitioning to the transaction history screen (FIG. 19) described later.
- the patient terminal 4 acquires information on medical data from the management DB 177 of the server 1 based on the patient DID.
- Information about the medical data includes the medical data ID, the status of the medical data (saved draft, submitted, signed and recorded in BC), and the update date and time of each status.
- the patient terminal 4 displays information on the medical data on the screen for each medical data ID.
- the patient terminal 4 displays the medical data ID in the medical data ID display field 13a.
- the patient terminal 4 displays the corresponding icon on the state icon 13b according to the state of the medical data.
- the patient terminal 4 determines that the medical data status is "submitted”
- the patient terminal 4 displays an icon indicating the "submitted” status on the status icon 13b, and the doctor display button 13d cannot be operated.
- the patient terminal 4 displays the update date and time of each state in the date and time display field 13c.
- the date and time of "save draft”, the date and time of "submitted”, the date and time of "signed” and the date and time of "recorded in BC" are displayed in the date and time display field 13c. Since the electronic signature from the doctor has not been obtained yet, the presentation information "Please ask the doctor to sign” is displayed in the date and time display field 13c instead of the date and time of "signed”. Further, since the medical data is not recorded in the blockchain 2, "-" is displayed in the date and time display field 13c instead of the date and time of "recorded in BC".
- the patient terminal 4 sets the active state of the disclosure request button 13f and the transaction history display button 13g according to the state of medical data. Specifically, when the patient terminal 4 determines that the state of the medical data is "save draft", “submitted”, or “signed”, the disclosure request button 13f and the transaction history display button 13g cannot be operated. Set to inactive state. When the patient terminal 4 determines that the state of the medical data is "recorded in BC", the patient terminal 4 sets the disclosure request button 13f and the transaction history display button 13g to an operable active state.
- FIG. 16 is an explanatory diagram showing an example of a medical data display screen on the patient terminal 4 side. Note that FIG. 16 is an example of medical data for which an electronic signature has been obtained. The contents overlapping with FIG. 15 are designated by the same reference numerals and the description thereof will be omitted.
- the patient terminal 4 acquires information on medical data from the management DB 177 of the server 1 based on the patient DID.
- the information regarding the medical data includes the medical data ID, the state of the medical data, the update date and time of each state, the doctor DID and the attribute of the doctor who digitally signed the medical data.
- the patient terminal 4 determines that the status of the medical data is "signed"
- the patient terminal 4 displays an icon indicating the "signed” status in the status icon 13b, and displays the date and time signed by the doctor in the date / time display field 13c. do.
- the patient terminal 4 sets the doctor display button 13d to an operable active state.
- the patient terminal 4 receives the touch operation of the doctor display button 13d
- the patient terminal 4 transmits the medical data ID to the server 1.
- the server 1 acquires the doctor DID of the doctor who signed the medical data from the medical data DB 174 based on the medical data ID transmitted from the patient terminal 4.
- the server 1 acquires the attributes of the doctor from the doctor DB 172 based on the acquired doctor DID.
- the attributes of a doctor include the name of the doctor and the name of the medical institution to which the doctor belongs.
- the server 1 transmits the acquired doctor DID and the attributes of the doctor to the patient terminal 4.
- the patient terminal 4 receives the doctor DID and the doctor's attributes transmitted from the server 1, and displays the received doctor's DID and the doctor's attributes in the date and time display field 13c (the date and time of "signed” and the date and time of "recorded in BC".
- the title of the doctor display button 13d is changed to "Hide doctor".
- FIG. 17 is an explanatory diagram showing an example of a medical data display screen on the patient terminal 4 side. Note that FIG. 17 is an example of medical data recorded in the blockchain 2. The contents overlapping with FIGS. 15 and 16 are designated by the same reference numerals and the description thereof will be omitted.
- the patient terminal 4 acquires information on medical data and information on disclosure requests from the server 1 based on the patient DID.
- the information regarding the medical data includes the medical data ID, the state of the medical data, the update date and time of each state, the doctor DID and the attribute of the doctor who digitally signed the medical data.
- Information about disclosure requests includes the quantity of disclosure requests for medical data, the quantity awaiting approval, the quantity approved for "disclosure only", and the quantity approved for "disclosure & sharing”.
- the patient terminal 4 transmits the patient DID to the server 1.
- the server 1 receives the patient DID transmitted from the patient terminal 4.
- the server 1 acquires information on medical data from the management DB 177 based on the received patient DID.
- the server 1 acquires information regarding a medical data disclosure request from the management DB 177 based on the patient DID and the medical data ID.
- the server 1 transmits the acquired medical data information and the disclosure request information to the patient terminal 4.
- the patient terminal 4 receives the information regarding the medical data and the information regarding the disclosure request transmitted from the server 1 and displays them on the screen. Since the process of displaying information related to medical data is the same as that shown in FIG. 16, the description thereof will be omitted.
- the patient terminal 4 displays the received information regarding the disclosure request in the disclosure request display column 13e. As shown, the quantity of disclosure request for medical data, the quantity awaiting approval, the quantity approved by "disclosure only", and the quantity approved by "disclosure & sharing" are displayed in the disclosure request display column 13e.
- the patient terminal 4 determines that the status of the medical data is "recorded in BC"
- the patient terminal 4 displays an icon indicating the "recorded in BC" status on the status icon 13b, and sets the date and time of "recorded in BC". It is displayed in the date and time display field 13c, and the disclosure request button 13f and the transaction history display button 13g are set to the operable active state.
- the patient terminal 4 receives the touch operation of the disclosure request button 13f, the patient terminal 4 transitions to the disclosure request response screen (FIG. 18) described later.
- the patient terminal 4 receives the touch operation of the transaction history display button 13g
- the patient terminal 4 transitions to the transaction history screen (FIG. 19) of medical data described later.
- FIG. 18 is an explanatory diagram showing an example of a response screen of a disclosure request on the patient terminal 4 side.
- the contents overlapping with FIGS. 15 to 17 are designated by the same reference numerals and the description thereof will be omitted.
- the screen includes a disclosure request display field 14a, an approval button 14b, a denial button 14c, a withdrawal button 14d, and an approval type setting dialog 14e.
- the disclosure request display column 14a is a display column for displaying information related to the disclosure request of medical data.
- the approval button 14b is a button for performing an approval process in response to a request for disclosure of medical data.
- the denial button 14c is a button for performing a denial process in response to a request for disclosure of medical data.
- the withdrawal button 14d is a button for performing an approval withdrawal process for the approved medical data.
- the approval type setting dialog 14e is a dialog (child screen) that accepts the setting of the approval type for medical data.
- the patient terminal 4 acquires information regarding a disclosure request for the medical data from the server 1 based on the medical data ID.
- the patient terminal 4 displays the acquired information regarding the disclosure request in the disclosure request display column 14a.
- the researcher DID, application date and time, and request status (for example, waiting for approval) are displayed in the disclosure request display column 14a.
- the information regarding the disclosure request is not limited to the above items, and may include, for example, the name and e-mail address of the researcher.
- the approval type setting dialog 14e includes an approval type setting radio button 14f and an in-dialog approval button 14g.
- the approval type setting radio button 14f is a radio button that accepts an approval type (“disclosure only” or “disclosure & sharing”) for medical data.
- the approval button 14g in the dialog is a button for performing approval processing of medical data according to the approval type.
- the patient terminal 4 When the patient terminal 4 accepts the touch operation of the approval type setting radio button 14f, the patient terminal 4 accepts the approval type setting.
- the patient terminal 4 receives the touch operation of the approval button 14g in the dialog, the patient terminal 4 transmits the approval type set by the approval type setting radio button 14f to the server 1 in association with the medical data ID.
- the patient terminal 4 When the patient terminal 4 receives the touch operation of the denial button 14c, it associates with the medical data ID and transmits denial information indicating that the use of the medical data is denied to the server 1. When the patient terminal 4 receives the touch operation of the withdrawal button 14d, the patient terminal 4 associates with the medical data ID and transmits the approval withdrawal information indicating that the approved medical data has been approved and withdrawn to the server 1.
- FIG. 19 is an explanatory diagram showing an example of a transaction history screen of medical data on the patient terminal 4 side.
- the contents overlapping with FIGS. 15 to 17 are designated by the same reference numerals and the description thereof will be omitted.
- the screen includes a transaction history display field 15a.
- the transaction history display column 15a is a display column for displaying the transaction history of medical data.
- the patient terminal 4 transmits the patient DID and the medical data ID to the server 1.
- the server 1 receives the DID and the medical data ID transmitted from the patient terminal 4.
- the server 1 acquires the transaction history of medical data from the transaction history DB 176 based on the received patient DID and medical data ID.
- the server 1 transmits the acquired transaction history to the patient terminal 4.
- the patient terminal 4 receives the transaction history transmitted from the server 1 and displays it in the transaction history display field 15a.
- a transaction history including a researcher DID, a patient DID, a transaction history date and time, and a hash value of medical data is displayed in the transaction history display field 15a.
- FIG. 20 is an explanatory diagram showing an example of a detailed screen of medical data on the patient terminal 4 side.
- the contents overlapping with FIGS. 15 to 17 are designated by the same reference numerals and the description thereof will be omitted.
- the screen includes a medical data display field 16a.
- the medical data display column 16a is a display column for displaying detailed information of medical data.
- the patient terminal 4 transmits the patient DID and the medical data ID to the server 1.
- the server 1 receives the DID and the medical data ID transmitted from the patient terminal 4. Based on the received patient DID and medical data ID, the server 1 provides patient attributes, answers to medical questions by the patient (eg, answers to PDQ-39), and medical data by the doctor to the patient (eg, blood pressure, prescription). Medical data including information or pulse) is acquired from the medical data DB 174.
- the server 1 transmits the acquired medical data to the patient terminal 4.
- the patient terminal 4 receives the medical data transmitted from the server 1 and displays it in the medical data display field 16a.
- FIG. 21 is an explanatory diagram showing an example of a medical data management screen on the researcher terminal 5 side.
- the screen includes a researcher display field 17a, a management information display field 17b, an action button 17c and a patient DID link 17d.
- the researcher display field 17a is a display field for displaying the name of the researcher.
- the management information display column 17b is a display column for displaying management information of medical data.
- the action button 17c is a button that accepts an action for medical data.
- Actions include "data request” and "view”.
- the "data request” action is an action of transmitting a request for disclosure of the medical data to the patient who provided the medical data.
- the “browsing” action is an action for browsing (displaying) medical data.
- the action may include “reapproval” or “reclaim”.
- the "reapproval” action is an action in which a request for approval is sent again for medical data that was once refused to be disclosed in response to the researcher's request for disclosure.
- the "reclaim” action is a request for disclosure of medical data to the patient who provided the medical data after the disclosing period (eg, one year) has been provided for the medical data. Is an action to resend.
- the patient DID link 17d is a button for transitioning to the medical data display screen (FIG. 29) described later.
- the researcher terminal 5 transmits the researcher DID to the server 1.
- the server 1 receives the researcher DID transmitted from the researcher terminal 5, and acquires the researcher's name and research institution ID from the researcher DB 175 based on the received researcher DID. Based on the researcher DID, the server 1 acquires the patient DID, the information regarding the disclosure request, and the signature date and time of the medical data by the doctor from the management DB 177.
- the server 1 transmits the acquired researcher's name, research institution ID, patient DID, information on the disclosure request, and the date and time when the doctor signs the medical data to the researcher terminal 5.
- the researcher terminal 5 receives the name of the researcher, the research institute ID, the patient DID, the information on the disclosure request, and the signature date and time of the medical data transmitted from the server 1.
- the researcher terminal 5 displays the name of the received researcher in the researcher display field 17a, and displays the research institute ID, patient DID, information on the disclosure request, and the signing date and time of medical data in the management information display field 17b.
- Information regarding the disclosure request includes the data type, disclosure request status, disclosure request date and time, approval date and time, denial date and time, and approval withdrawal date and time. Disclosure request status includes unrequested data, approved (view & share), approved (view only), withdrawn and pending.
- research institution ID As shown in the figure, research institution ID, patient DID (data owner), data type, disclosure request (request) status, action button 17c generated according to the disclosure request status, doctor signature date and time, researcher disclosure request ( Request) date and time, patient approval date and time, patient denial date and time, and patient approval withdrawal date and time are displayed in the management information display column 17b.
- the researcher terminal 5 sets the title and active state of the action button 17c according to the disclosure request status. Specifically, when the researcher terminal 5 determines that the disclosure request status is "data not requested”, the title of the action button 17c is set to "data request” and the action button 17c can be operated in an active state. Set to. When the researcher terminal 5 determines that the disclosure request status is "withdrawn” or “pending”, the title of the action button 17c is set to "data request”, and the action button 17c is inoperable and inactive. Set to state. When the researcher terminal 5 determines that the disclosure request status is "approved (view & share)" or “approved (view only)”, the title of the action button 17c is set to "view”, and the action button 5 is set. Set 17c to an operable active state.
- the researcher terminal 5 When the researcher terminal 5 accepts the touch operation of the action button 17c whose title is "data request", the researcher terminal 5 transmits the researcher DID and the medical data ID to the server 1.
- the server 1 receives the researcher DID and the medical data ID transmitted from the researcher terminal 5, and creates a disclosure request for the medical data based on the received researcher DID and the medical data ID.
- the server 1 transmits the created disclosure request to the patient terminal 4.
- the researcher terminal 5 When the researcher terminal 5 accepts the touch operation of the action button 17c whose title is "view", the researcher terminal 5 acquires medical data from the medical data DB 174 of the server 1 based on the medical data ID. The researcher terminal 5 displays the acquired medical data on the screen. Once the patient approves the researcher to disclose the medical data, the medical data can be continuously viewed. Alternatively, a period during which the medical data can be disclosed may be provided. For example, a researcher can repeatedly browse the medical data within a predetermined period (for example, one year).
- the researcher terminal 5 determines the disclosure request status.
- the researcher terminal 5 determines that the status of the disclosure request is "approved (viewed & shared)" or “approved (viewed only)" the medical data owned by the patient corresponding to the patient DID Transition to the display screen (FIG. 29) of.
- FIG. 22 is an explanatory diagram showing an example of a transaction history screen on the researcher terminal 5 side.
- the screen includes a transaction history display field 18a.
- the transaction history display field 18a is a display field for displaying the transaction history.
- the researcher terminal 5 transmits the researcher DID to the server 1.
- the server 1 receives the researcher DID transmitted from the researcher terminal 5, and acquires the transaction history of the researcher's medical data from the transaction history DB 176 based on the received researcher DID.
- the server 1 transmits the acquired transaction history to the researcher terminal 5.
- the researcher terminal 5 receives the transaction history transmitted from the server 1 and displays it in the transaction history display field 18a.
- the transaction history of medical data including the research institution ID, medical data ID, transaction date and time, patient DID, researcher DID, and hash value of medical data of the research institution to which the researcher belongs is displayed in the transaction history display column 18a. Is displayed.
- the display of a single transaction history is illustrated, the display is not limited to this, and a plurality of transaction histories may be listed.
- the transaction history of the medical data described above may be transmitted to the doctor terminal 3 or the patient terminal 4, and the transaction history screen may be displayed on the doctor terminal 3 side or the patient terminal 4 side.
- the control unit 31 of the doctor terminal 3 uses a library that generates a two-dimensional code to generate a two-dimensional code (for example, a QR code) that describes a doctor DID (step S311).
- the control unit 31 displays the generated two-dimensional code on the display unit 35 (step S312).
- the control unit 41 of the patient terminal 4 reads the two-dimensional code displayed on the doctor terminal 3 by the imaging unit 46 (step S411).
- the control unit 41 uses the analysis library of the two-dimensional code and acquires the doctor DID from the read two-dimensional code (step S412).
- the control unit 41 obtains the patient's answer to the patient's attributes and medical questions from the server 1 via the communication unit 43 (step S413).
- the control unit 41 acquires the patient attributes from the patient DB 171 of the large-capacity storage unit 17 of the server 1 based on the patient DID, and answers the questions from the question DB 173 of the large-capacity storage unit 17 of the server 1. get.
- the control unit 41 may accept the input of the answer to the question by the patient by the input unit 44.
- the control unit 41 transmits the acquired patient attributes and answers to the questions to the server 1 in association with the patient DID and the doctor DID via the communication unit 43 (step S414).
- the control unit 11 of the server 1 receives the patient DID, the doctor DID, the patient attributes and the answer transmitted from the patient terminal 4 via the communication unit 13 (step S111), and receives the patient DID, the doctor DID, and the patient.
- the attribute and the answer are transmitted to the doctor terminal 3 (step S112).
- the control unit 31 of the doctor terminal 3 receives the patient DID, the doctor DID, the attributes of the patient, and the response transmitted from the server 1 by the communication unit 33 (step S313).
- the control unit 31 displays the received patient attributes and responses on the display unit 35 (step S314).
- the control unit 31 receives the input of medical data for the patient by the doctor by the input unit 34 (step S315).
- the control unit 31 receives an electronic signature instruction for medical data including patient attributes, answers to questions, and medical data by the input unit 34 (step S316), and the electronic signature creation unit 31b of the control unit 31 receives a doctor's private key. Is used to perform an electronic signature processing on the medical data (step S317).
- the control unit 31 transmits the electronically signed medical data to the server 1 by the communication unit 33 in association with the patient DID and the doctor DID (step S318).
- the control unit 11 of the server 1 receives the patient DID, the doctor DID, and the signed medical data transmitted from the doctor terminal 3 by the communication unit 13 (step S113).
- the control unit 11 uses the public key to decode the received electronically signed medical data (step S114).
- the control unit 11 uses, for example, ERC721, which is one of Ethereum's smart contract standards, to create a medical data ID that specifies medical data (step S115).
- the control unit 11 associates with the created medical data ID, and stores the patient DID, medical data, doctor DID, electronic signature date and time, and the state of the "signed" medical data as one record in the medical data DB 174 ( Step S116).
- the control unit 11 transmits medical data to the patient terminal 4 by the communication unit 13 (step S117).
- the control unit 41 of the patient terminal 4 receives the medical data transmitted from the server 1 by the communication unit 43 (step S415), and displays the received medical data by the display unit 45 (step S416).
- the control unit 41 receives an instruction from the patient to record the medical data in the blockchain 2 by the input unit 44 (step S417), the control unit 41 transmits the recording instruction to the blockchain 2 to the server 1 by the communication unit 43 (step). S418).
- the control unit 11 of the server 1 receives the recording instruction to the blockchain 2 transmitted from the patient terminal 4 by the communication unit 13 (step S118).
- the hash value calculation unit 11a of the control unit 11 calculates the hash value of the medical data using a cryptographic hash function (step S119).
- the control unit 11 associates the calculated hash value of the medical data with the medical data ID and stores it in the medical data DB 174 (step S120).
- the control unit 11 creates a transaction by associating the calculated hash value of the medical data with the patient DID and the doctor DID (step S121).
- the created transaction contains hash values of patient DID, doctor DID and medical data.
- the control unit 11 transmits the created transaction to any node 21 of the blockchain 2 that manages the transaction data in a distributed manner by the communication unit 13 (step S122).
- the control unit 211 of the node 21 of the blockchain 2 receives the transaction transmitted from the server 1 by the communication unit 213 (step S211).
- the control unit 211 of the node 21 records the hash value of the medical data in association with the patient DID and the doctor DID based on the received transaction (step S212).
- the control unit 211 of the node 21 that has received the transaction manages the hash values of the patient DID, the doctor DID, and the medical data included in the received transaction via the block generation unit 216. Generate a block that includes at least the previous block management information created based on the information of the existing blockchain (ledger). Then, the control unit 211 of each node 21 of the block chain 2 executes a predetermined consensus process by the block generation unit 216.
- a blockchain is a group of data having a predetermined data structure called a block arranged in chronological order, and has a role as a ledger in which transaction details are recorded.
- each block in addition to the data to be recorded in the block such as transaction details, the information of one or more previous blocks (hereinafter referred to as the previous block) and the information for detecting the presence or absence of falsification (nonce or signature, etc.) And include.
- a nonce is a value in a data area in which the value obtained when the data in the area is processed by a one-way function is set so as to satisfy a predetermined rule. ..
- a new block is added to the blockchain 2 through processing according to a predetermined consensus algorithm in which two or more nodes participate.
- a predetermined consensus algorithm in which two or more nodes participate.
- PoW which is one of the consensus algorithms
- a rule such as "the Hash value of the block is equal to or less than the threshold value" is predetermined for each block (data group) including the information of the previous block and the nonce. Therefore, when adding a block, the block verification unit 217 performs a process in which a plurality of nodes simultaneously search for a nonce that satisfies such a rule.
- consensus algorithms such as BFT (Byzantine fault tolerance).
- the control unit 211 of each node 21 of the block chain 2 stores (adds) the block generated by the block generation unit 216 in the storage unit 212 via the block sharing unit 218.
- the recording process to the blockchain 2 is executed on the server 1 side, but the present invention is not limited to this, and the recording process may be executed on the patient terminal 4 side.
- the control unit 51 of the researcher terminal 5 receives a request for disclosure of medical data recorded in the blockchain 2 by the input unit 54 (step S531).
- the control unit 51 associates with the researcher DID and the medical data ID via the communication unit 53, and transmits the received disclosure request to the server 1 (step S532).
- the control unit 11 of the server 1 receives the researcher DID, the medical data ID, and the disclosure request transmitted from the researcher terminal 5 by the communication unit 13 (step S131).
- the control unit 11 transmits the received researcher ID, medical data ID, and disclosure request to the patient terminal 4 of the patient who provided the medical data (step S132).
- the control unit 41 of the patient terminal 4 receives the researcher ID, medical data ID, and disclosure request transmitted from the server 1 by the communication unit 43 (step S431).
- the control unit 41 receives the approval information for the medical data in response to the received disclosure request (step S432), and transmits the received approval information to the server 1 by the communication unit 43 (step S433).
- Approval information includes information indicating whether the medical data can be disclosed and the type of approval for the medical data (“disclosure only” or “disclosure & sharing”).
- the control unit 11 of the server 1 receives the approval information transmitted from the patient terminal 4 by the communication unit 13 (step S133).
- the control unit 11 determines whether or not the medical data subject to the disclosure request can be disclosed based on the received approval information (step S134).
- the control unit 11 transmits a notification including the fact that the medical data cannot be disclosed to the researcher terminal 5 by the communication unit 13 (step S135).
- the control unit 51 of the researcher terminal 5 receives the non-disclosure notification transmitted from the server 1 by the communication unit 53 (step S533), and displays the received non-disclosure notification by the display unit 55 (step S534).
- control unit 11 determines that the medical data can be disclosed (YES in step S134)
- the control unit 11 creates a transaction for paying a predetermined token from the researcher to the patient (step S136).
- the transaction includes the researcher's wallet address, the patient's wallet address, the token quantity paid and the transaction date and time.
- the control unit 11 transmits the created transaction to any node 21 of the blockchain 2 by the communication unit 13 (step S137).
- the node 21 of the blockchain 2 receives the transaction transmitted from the server 1 by the communication unit 213 (step S231), and executes the received transaction (step S232).
- the control unit 211 of the node 21 acquires the hash value of the medical data based on the medical data ID (step SS233).
- the control unit 211 of the node 21 transmits the hash value of the acquired medical data to the server 1 by the communication unit 213 (step S234).
- the control unit 11 of the server 1 receives the hash value of the medical data transmitted from the blockchain 2 by the communication unit 13 (step S138).
- the control unit 11 acquires the hash value of the medical data from the medical data DB 174 of the large-capacity storage unit 17 based on the medical data ID (step S139).
- the control unit 11 collates the hash value of the acquired medical data with the hash value of the medical data transmitted from the node 21 and determines whether or not they match (step S140).
- control unit 11 determines that the two do not match (NO in step S140)
- the control unit 11 transmits an error message including the fact that the medical data is invalid to the researcher terminal 5 by the communication unit 13 (step S141).
- the control unit 51 of the researcher terminal 5 receives the error message transmitted from the server 1 by the communication unit 53 (step S535), and displays the received error message by the display unit 55 (step S536).
- control unit 11 determines that the two match (YES in step S140)
- the control unit 11 acquires medical data corresponding to the hash value of the medical data from the medical data DB 174 of the large-capacity storage unit 17 (step S142). ..
- the control unit 11 transmits the acquired medical data to the researcher terminal 5 by the communication unit 13 (step S143).
- the control unit 51 of the researcher terminal 5 receives the medical data transmitted from the server 1 by the communication unit 53 (step S537), displays the received medical data by the display unit 55 (step S538), and ends the process. ..
- the researcher can actively promote the provision of medical data by paying a predetermined token to the patient who provided the medical data.
- researchers can study medical care using medical data recorded in blockchain 2, thereby researching new treatment methods, extending healthy life expectancy, improving the quality of medical services, or medical expenses or nursing care. It will be possible to contribute to cost control.
- the second embodiment relates to a form in which medical data is shared by researchers. The description of the contents overlapping with the first embodiment will be omitted.
- the researcher uses the medical data based on the approval type of the medical data set by the patient.
- the approval type of medical data is "disclosure only”
- the medical data can be disclosed to the researcher who requested the disclosure, but cannot be shared with other researchers.
- the approval type of medical data is "disclosure & sharing”
- the medical data can be disclosed to the researcher who requested the disclosure and can be shared with other researchers.
- FIG. 27 is a flowchart showing a processing procedure when sharing medical data.
- the researcher terminal 5 of the sharing source is represented by the reference numeral 5a
- the researcher terminal 5 of the sharing destination is represented by the reference numeral 5b.
- the control unit 51 of the researcher terminal 5a transmits the medical data ID to the server 1 by the communication unit 53 (step S551).
- the control unit 11 of the server 1 receives the medical data ID transmitted from the researcher terminal 5a by the communication unit 13 (step S151).
- the control unit 11 acquires the approval type of the medical data from the medical data DB 174 of the large-capacity storage unit 17 based on the received medical data ID (step S152).
- the control unit 11 transmits the acquired approval type to the researcher terminal 5a by the communication unit 13 (step S153).
- the control unit 51 of the researcher terminal 5a receives the approval type transmitted from the server 1 by the communication unit 53 (step S552).
- the control unit 51 determines whether or not the received approval type is "disclosure & sharing" (step S553).
- the control unit 51 determines that the approval type is not “disclosure & sharing” (NO in step S553), the control unit 51 ends the process.
- the control unit 51 determines that the approval type is "disclosure & sharing" (YES in step S553)
- the control unit 51 accepts the input of the researcher DID of the sharing destination by the input unit 54 (step S554).
- the control unit 51 transmits the medical data ID and the accepted researcher DID of the sharing destination to the server 1 by the communication unit 53 (step S555).
- the control unit 11 of the server 1 receives the medical data ID transmitted from the researcher terminal 5a and the researcher DID of the sharing destination by the communication unit 13 (step S154).
- the control unit 11 acquires medical data from the medical data DB 174 of the large-capacity storage unit 17 based on the received medical data ID (step S155).
- the control unit 11 transmits the acquired medical data to the researcher terminal 5b by the communication unit 13 (step S156).
- the control unit 51 of the researcher terminal 5b receives the medical data transmitted from the server 1 by the communication unit 53 (step S556), displays the received medical data by the display unit 55 (step S557), and ends the process. ..
- the medical data may be automatically shared with other researchers in the research institution to which the researcher belongs. ..
- the third embodiment relates to a mode in which information about a research result studied using medical data is output to a patient terminal 4.
- the description of the contents overlapping with the first and second embodiments will be omitted.
- Research results include, for example, academic papers, reports, research plans, or videos of illnesses, symptoms, and treatment methods based on a large number of patient medical data.
- FIG. 28 is a flowchart showing a processing procedure when outputting information on the research result to the patient terminal 4.
- the control unit 51 of the researcher terminal 5 acquires information on the research result of the research using the medical data (step S571). Specifically, the control unit 51 may receive information on the research results by the input unit 54, or may acquire the information from the external device by the communication unit 53. For example, if the research result is a treatise, the information about the research result includes the title of the treatise, the author / editor, the bibliographic number, the date and time of publication, the content, and the like.
- the control unit 51 transmits the researcher DID and the acquired information on the research result to the server 1 in association with the medical data ID associated with the research result via the communication unit 53 (step S572).
- the control unit 11 of the server 1 receives the researcher DID, information about the research result, and the medical data ID transmitted from the researcher terminal 5 by the communication unit 13 (step S171).
- the control unit 11 identifies the patient who provided the medical data based on the received medical data ID (step S172). Specifically, the control unit 11 acquires the patient DID from the transaction history DB 176 of the large-capacity storage unit 17 based on the researcher DID and the medical data ID, and identifies the patient.
- the control unit 11 transmits information on the research result to the patient terminal 4 of the specified patient by the communication unit 13 (step S173).
- the control unit 41 of the patient terminal 4 receives the information on the research result transmitted from the server 1 by the communication unit 43 (step S471), displays the information on the received research result on the display unit 45 (step S472), and processes it. To finish.
- the fourth embodiment relates to an embodiment in which medical data of a plurality of times is output in an integrated manner.
- the description of the contents overlapping with the first to third embodiments will be omitted.
- medical data including the attributes of the patient, the answers by the patient to a plurality of questions, and the medical data including the medical data at the time of the first diagnosis by the doctor and the medical data at the time of the second and subsequent diagnoses are provided. The process of outputting to the researcher terminal 5 will be described.
- FIG. 29 is an explanatory diagram showing an example of a screen for displaying medical data a plurality of times on the researcher terminal 5 side. Although an example of a test item for Parkinson's disease has been described with reference to FIG. 29, the present invention is not limited to this, and the same applies to test items for other types of diseases.
- the screen includes a patient DID display field 19a, a browsing button 19b, a severity classification display field 19c, a diagnostic image display object 19d, an olfactory test display field 19e, a prescription information display field 19f, a blood pressure display field 19g, a pulse display field 19h, and a download.
- the patient DID display field 19a is a display field for displaying the patient DID.
- the browse button 19b is a button for displaying an answer to a question. Since the browsing button 19b is the same as the browsing button 12e in FIG. 14, the description thereof will be omitted.
- the severity classification display column 19c is a display column for displaying the severity classification information a plurality of times.
- the severity is I (symptoms are only one limb), II (symptoms are on both limbs), III (postural instability is added), IV (partial to daily life). It is classified into (needs assistance) and V degree (life in a wheelchair or bedridden).
- the severity classification information includes the severity classification and the date and time of diagnosis of the severity. As shown in the figure, the severity classification information such as "I: 2012/06/08", “II: 2017/10/31" and "III: 2020/03/04" is displayed in the severity classification display column 19c. Will be done.
- the diagnostic image display object 19d is a button for displaying a plurality of diagnostic images.
- the number of diagnostic image display objects 19d may be provided based on the type of diagnostic image. As shown in the figure, diagnostic image display objects 19d for each of "MRI”, “DAT Scan”, “Cardiac MIBG Scintigraphy” and “Brain Perfusion SPECT” are provided.
- the olfactory test display column 19e is a display column that displays the results of a plurality of olfactory tests.
- the prescription information display field 19f is a display field for displaying a plurality of prescription information.
- the blood pressure display column 19g is a display column for displaying the results of a plurality of blood pressure tests.
- the pulse display column 19h is a display column for displaying the test results of a plurality of pulses.
- the download button 19i is a button for downloading medical data.
- the researcher terminal 5 transmits the patient DID and the researcher DID to the server 1.
- the server 1 receives the patient DID and the researcher DID transmitted from the researcher terminal 5, and acquires a plurality of medical data of the patient based on the received patient DID and the researcher DID. Specifically, the server 1 acquires answers to all the questions for each question type from the question DB 173 based on the patient DID.
- the server 1 extracts the medical data ID of the medical data to be traded from the transaction history DB 176 based on the patient DID and the researcher DID.
- the server 1 acquires all the corresponding medical data from the medical data DB 174 based on the extracted medical data ID.
- the server 1 transmits the acquired medical data a plurality of times to the researcher terminal 5.
- the researcher terminal 5 integrates a plurality of medical data transmitted from the server 1.
- the researcher terminal 5 displays the integrated medical data a plurality of times on the screen.
- the researcher terminal 5 extracts a plurality of severity classifications from the medical data in the order of newest diagnosis date and time, and displays the extracted plurality of severity classifications in the severity classification display column 19c.
- the researcher terminal 5 extracts the results of multiple olfactory tests from the medical data in the order of the oldest diagnosis date and time, and generates a graph showing the scores of the olfactory tests based on the extracted results of the multiple olfactory tests.
- the researcher terminal 5 displays the generated graph in the olfactory test display field 19e.
- a graph showing the score of the odor test using the odor stick (OSIT-J: Odor Stick Identification Test for Japanese) in the patient is displayed in the odor test display column 19e.
- the horizontal axis shows the number of tests such as the first time, the second time, and so on, and the vertical axis shows the score of the olfactory test.
- the horizontal axis may be the date of the sense of smell test.
- the researcher terminal 5 may generate a graph corresponding to each test method and display it in the olfactory test display column 19e.
- the researcher terminal 5 extracts a plurality of prescription information from the medical data in the order of newest diagnosis date and time, and displays the extracted multiple prescription information in the prescription information display field 19f.
- the researcher terminal 5 extracts the blood pressure (hypertension and hypotension) test results from the medical data in the order of the oldest diagnosis date and time, and generates a graph showing the blood pressure value based on the extracted blood pressure test results. ..
- the researcher terminal 5 displays the generated graph in the blood pressure display field 19g.
- the horizontal axis indicates the number of examinations such as the first time, the second time, and so on, and the vertical axis indicates the blood pressure value.
- the horizontal axis may be the date of the blood pressure test.
- the researcher terminal 5 extracts the results of multiple pulse tests from the medical data in the order of the oldest diagnosis date and time, and generates a graph showing the pulse rate based on the extracted results of the multiple pulse tests.
- the researcher terminal 5 displays the generated graph in the pulse display field 19h.
- the horizontal axis indicates the number of inspections such as the first time, the second time, and so on, and the vertical axis indicates the pulse rate.
- the horizontal axis may be the date of the pulse test.
- the researcher terminal 5 When the researcher terminal 5 accepts the click (touch) operation of the browse button 19b, the researcher terminal 5 displays a plurality of answers to the corresponding question on the sub screen. For example, when the researcher terminal 5 accepts the click operation of the browsing button 19b corresponding to "PDQ-39", the researcher terminal 5 generates a sub screen for displaying the answer to the question. The researcher terminal 5 extracts a plurality of answers to "PDQ-39" from the received medical data, and displays the extracted multiple answers on the sub screen.
- the researcher terminal 5 When the researcher terminal 5 accepts the click operation of the diagnostic image display object 19d, the researcher terminal 5 displays the corresponding diagnostic image a plurality of times on the sub screen. For example, when the researcher terminal 5 accepts a click operation of the diagnostic image display object 19d corresponding to "DAT Scan", the researcher terminal 5 generates a sub screen for displaying the diagnostic image. The researcher terminal 5 extracts a plurality of diagnostic images for "DAT Scan" from the received medical data, and displays the extracted multiple diagnostic images on the sub screen. Both the diagnostic image and the date and time when the diagnostic image was taken may be displayed on the sub screen.
- the researcher terminal 5 When the researcher terminal 5 accepts the click operation of the download button 19i, the researcher terminal 5 writes the integrated medical data based on the medical data a plurality of times in an Excel (registered trademark) file, a PDF (Portable Document Format) file, or the like. The researcher terminal 5 downloads the file in which the medical data is written to the designated folder.
- Excel registered trademark
- PDF Portable Document Format
- FIG. 29 has described an example of displaying medical data multiple times, the present invention is not limited to this, and the same applies to one medical data.
- the fifth embodiment relates to a form of re-disclosure of medical data of a patient in a second period after a predetermined period.
- the description of the contents overlapping with the first to fourth embodiments will be omitted.
- FIG. 30 is an explanatory diagram showing an example of the record layout of the management DB 177 in the fifth embodiment.
- the contents overlapping with FIG. 6 are designated by the same reference numerals and the description thereof will be omitted.
- the management DB 177 includes a consent information column and a re-disclosure period column.
- the consent information column stores consent information (for example, rediscloseable or non-rediscloseable) regarding the redisclosure of the patient's medical data.
- the re-disclosure period column stores the re-disclosure period of medical data.
- the re-disclosure period is the second period after the predetermined period.
- the predetermined period may be two years from the starting date, and the second period may be 20 years after 2 years.
- the starting date may be, for example, the registration date when the medical data is first registered in the node 21 of the blockchain 2, or the approval date when the patient's first approval for the disclosure request of the medical data is obtained. ..
- the second period may be stored in the re-disclosure period column in advance, or the setting by the user may be accepted.
- the patient terminal 4 When the patient terminal 4 receives the consent information regarding the re-disclosure of medical data in the second period after the predetermined period, the patient terminal 4 transmits the received consent information to the server 1. If consent information is obtained for the medical data, the medical data in the second period can be re-disclosed.
- the server 1 associates the consent information transmitted from the patient terminal 4 with the medical data ID and stores it in the management DB 177.
- the researcher terminal 5 transmits the received re-disclosure request to the server 1 in association with the researcher DID and the medical data ID.
- the server 1 receives the researcher DID, the medical data ID, and the redisclosure request transmitted from the researcher terminal 5.
- the server 1 determines whether or not the medical data can be re-disclosed in response to the received re-disclosure request.
- the server 1 acquires the consent information corresponding to the medical data and the second period (re-disclosure period) from the management DB 177 based on the medical data ID.
- the server 1 determines whether or not the medical data can be redistributed based on the acquired consent information and the second period. For example, in the second period, when the consent information is "rediscloseable", the control unit 11 determines that the medical data can be redisclosed. Alternatively, if the consent information is "non-rediscloseable" in the second period, the control unit 11 determines that the medical data cannot be re-disclosed.
- the server 1 determines that the medical data can be redistributed
- the server 1 transmits the redisclosure request, the researcher DID, and the medical data ID transmitted from the server 1 to the patient terminal 4 of the patient who provided the medical data.
- the patient terminal 4 displays the re-disclosure request, the researcher DID, and the medical data ID transmitted from the server 1 on the screen.
- the history of past disclosure requests searcher DID, disclosure request date / time, approval date / time, etc.
- researcher's message or profile may be transmitted to the patient terminal 4.
- the patient terminal 4 displays the history of past disclosure requests, the message or profile of the researcher on the screen together with the disclosure request.
- the patient terminal 4 When the patient terminal 4 receives the patient's re-approval information for the medical data re-disclosure request, the patient terminal 4 transmits the received re-approval information to the server 1.
- the reapproval information includes information indicating whether the medical data can be redistributed and the type of approval for the medical data (“disclosure only” or “disclosure & sharing”).
- the server 1 receives the reapproval information transmitted from the patient terminal 4.
- the server 1 determines whether or not the medical data can be redistributed according to the received reapproval information.
- the server 1 determines that the medical data can be redistributed, the server 1 pays a predetermined token from the researcher to the patient via the node 21 of the blockchain 2. Since the payment process is the same as that of the first embodiment, the description thereof will be omitted. If the patient has a service such as providing the medical data free of charge, the token payment process may be omitted.
- the node 21 of the blockchain 2 After executing the token payment process, the node 21 of the blockchain 2 acquires the hash value of the medical data based on the medical data ID. The node 21 transmits the hash value of the acquired medical data to the server 1. The server 1 receives the hash value of the medical data transmitted from the node 21. The server 1 collates the received medical data hash value with the medical data hash value stored in the medical data DB 174.
- the server 1 determines that the two match, the server 1 acquires the medical data corresponding to the hash value of the medical data from the medical data DB 174.
- the server 1 transmits the acquired medical data to the researcher terminal 5.
- the researcher terminal 5 receives the medical data transmitted from the server 1 and displays it on the screen.
- FIG. 31 is an explanatory diagram showing an example of the acceptance screen for consent information.
- the contents overlapping with FIG. 18 are designated by the same reference numerals and the description thereof will be omitted.
- the approval type setting dialog 14e includes the consent check box 14h.
- Consent check box 14h ⁇ a check box that accepts consent information regarding the redisclosure of medical data of patients in the second period (for example, 20 years) after a predetermined period (for example, 2 years).
- the patient terminal 4 receives the consent check box 14h ⁇ check operation, the patient terminal 4 acquires the received consent information (for example, rediscloseable or non-rediscloseable) ⁇ .
- the second period may be set by the user (for example, the patient).
- the patient terminal 4 When the patient terminal 4 receives the touch operation of the approval button 14g in the dialog, the patient terminal 4 associates the approval type set by the approval type setting radio button 14f and the consent information acquired by the consent check box 14h with the medical data ID. Send to server 1.
- the server 1 stores the approval type and the consent information transmitted from the patient terminal 4 in the management DB 177 in association with the medical data ID.
- FIG. 32 is a flowchart showing a processing procedure when outputting medical data obtained by re-approval of a patient to a researcher terminal 5.
- the contents overlapping with FIGS. 25 and 26 are designated by the same reference numerals and the description thereof will be omitted.
- the control unit 51 of the researcher terminal 5 receives a request for re-disclosure of medical data recorded in the storage unit 212 of the node 21 of the blockchain 2 by the input unit 54 (step S581).
- the control unit 51 associates with the researcher DID and the medical data ID via the communication unit 53, and transmits the received redisclosure request to the server 1 (step S582).
- the control unit 11 of the server 1 receives the researcher DID, the medical data ID, and the redisclosure request transmitted from the researcher terminal 5 by the communication unit 13 (step S181).
- the control unit 11 Based on the received medical data ID, the control unit 11 acquires the consent information corresponding to the medical data and the second period from the management DB 177 of the large-capacity storage unit 17 (step S182). The control unit 11 determines whether or not the medical data can be redistributed based on the acquired consent information and the second period (step S183).
- control unit 11 determines that the medical data cannot be redisclosed (NO in step S183)
- the control unit 11 transmits a notification including the fact that the medical data cannot be redisclosed to the researcher terminal 5 by the communication unit 13 (step S184).
- the control unit 51 of the researcher terminal 5 receives the non-rediscloseable notification transmitted from the server 1 by the communication unit 53 (step S583), and displays the received non-rediscloseable notification by the display unit 55 (step S584).
- control unit 11 determines that the medical data can be redistributed (YES in step S183)
- the control unit 11 sends the received researcher ID, medical data ID, and redisclosure request to the patient who provided the medical data.
- Step S185 The control unit 41 of the patient terminal 4 receives the researcher ID, medical data ID, and redisclosure request transmitted from the server 1 by the communication unit 43 (step S481).
- the control unit 41 displays the received researcher ID, medical data ID, and redisclosure request on the display unit 45 (step S482).
- control unit 41 When the control unit 41 receives the patient's reapproval information for the medical data in response to the received redisclosure request (step S483), the control unit 41 transmits the received reapproval information to the server 1 by the communication unit 43 (step S484). ..
- the reapproval information includes information indicating whether or not the medical data can be redistributed, and an approval type for the medical data.
- the control unit 11 of the server 1 receives the reapproval information transmitted from the patient terminal 4 by the communication unit 13 (step S186).
- the control unit 11 determines whether or not the medical data can be redistributed based on the received reapproval information (step S187). When the control unit 11 determines that the medical data cannot be redistributed (NO in step S187), the control unit 11 returns to the process of step S184. When the control unit 11 determines that the medical data can be redistributed (YES in step S187), the control unit 11 executes the process of step S136.
Landscapes
- Business, Economics & Management (AREA)
- Engineering & Computer Science (AREA)
- Accounting & Taxation (AREA)
- Finance (AREA)
- Theoretical Computer Science (AREA)
- Health & Medical Sciences (AREA)
- General Physics & Mathematics (AREA)
- Physics & Mathematics (AREA)
- Strategic Management (AREA)
- General Business, Economics & Management (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Primary Health Care (AREA)
- Tourism & Hospitality (AREA)
- Marketing (AREA)
- Economics (AREA)
- Development Economics (AREA)
- Computer Security & Cryptography (AREA)
- Bioethics (AREA)
- Epidemiology (AREA)
- Public Health (AREA)
- Computer Networks & Wireless Communication (AREA)
- Biomedical Technology (AREA)
- Human Resources & Organizations (AREA)
- Entrepreneurship & Innovation (AREA)
- Databases & Information Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Technology Law (AREA)
- Game Theory and Decision Science (AREA)
- Data Mining & Analysis (AREA)
- Educational Administration (AREA)
- Child & Adolescent Psychology (AREA)
- Operations Research (AREA)
- Pathology (AREA)
- Medical Treatment And Welfare Office Work (AREA)
Abstract
Description
実施形態1は、患者の医療データを研究者(医療研究者)に提供する形態に関する。図1は、医療データ管理システムの概要を示す説明図である。本実施形態のシステムは、情報処理装置1、ブロックチェーンシステム2、情報処理端末3、情報処理端末4及び情報処理端末5を含み、各装置はインターネット等のネットワークNを介して情報の送受信を行う。
実施形態2は、研究者により医療データを共有する形態に関する。なお、実施形態1と重複する内容については説明を省略する。
実施形態3は、医療データを用いて研究した研究結果に関する情報を患者端末4に出力する形態に関する。なお、実施形態1~2と重複する内容については説明を省略する。研究結果は、例えば大量の患者の医療データに基づく学術論文、レポート、研究計画書、または治療に関する病気・症状・治療方法の動画等を含む。
実施形態4は、複数回の医療データを統合的に出力する形態に関する。なお、実施形態1~3と重複する内容については説明を省略する。本実施形態では、患者の属性、複数回の質問に対する患者による回答、及び、医師による初回診断時の診療データと、2回目以降の診断時の診療データとを統合した診療データを含む医療データを研究者端末5に出力する処理を説明する。
実施形態5は、所定期間以降の第2期間における患者の医療データを再開示する形態に関する。なお、実施形態1~4と重複する内容については説明を省略する。
11 制御部
12 記憶部
13 通信部
14 入力部
15 表示部
16 読取部
17 大容量記憶部
171 患者DB
172 医師DB
173 質問DB
174 医療データDB
175 研究者DB
176 取引履歴DB
177 管理DB
1a 可搬型記憶媒体
1b 半導体メモリ
1P 制御プログラム
2 ブロックチェーンシステム(ブロックチェーン)
21 ノード
211 制御部
212 記憶部
213 通信部
214 受付部
215 出力部
216 ブロック生成部
217 ブロック検証部
218 ブロック共有部
3 情報処理端末(医師端末)
31 制御部
31a ハッシュ値算出部
31b 電子署名作成部
32 記憶部
33 通信部
34 入力部
35 表示部
3P 制御プログラム
4 情報処理端末(患者端末)
41 制御部
42 記憶部
43 通信部
44 入力部
45 表示部
46 撮影部
5 情報処理端末(研究者端末)
51 制御部
52 記憶部
53 通信部
54 入力部
55 表示部
Claims (20)
- 患者を特定する患者ID、患者の属性、及び医療に関する質問に対する前記患者による回答を取得し、
医師を特定する医師IDを前記患者の患者端末装置により読み取らせることにより前記医師IDを取得し、
取得した前記医師IDに対応する医師端末装置へ前記患者の患者ID、属性及び回答を送信し、
前記患者の患者ID、属性及び回答が表示された前記医師端末装置を通じて、前記医師による前記患者に対する診療データの入力を受け付け、
前記患者の属性、回答及び入力された診療データを含む医療データの送信要求を受け付け、
前記医療データのハッシュ値をブロックチェーンシステムに出力し、
前記ブロックチェーンシステムに記録された前記医療データの開示要求を研究者の研究者端末装置を介して受け付け、
前記研究者の開示要求に対する前記患者の承認を得た場合に、前記医療データを前記研究者端末装置に出力する
情報処理方法。 - 前記医師の秘密鍵を用いて電子署名を行った電子署名付き医療データを前記医師端末装置から取得し、
取得した前記医療データを前記患者端末装置に出力する
請求項1に記載の情報処理方法。 - 前記医療データに対する前記ブロックチェーンシステムへの出力指示を前記患者端末装置から受け付けた場合に、前記医療データのハッシュ値を前記ブロックチェーンシステムに出力する
請求項1又は2に記載の情報処理方法。 - 前記医師IDを記述した二次元コードを前記患者端末装置により読み取らせることにより前記医師IDを取得する
請求項1から3のいずれか一つに記載の情報処理方法。 - 前記開示要求に対する前記患者の承認を得た場合に、前記研究者のウォレットアドレス宛から前記患者のウォレットアドレス宛へ、前記ブロックチェーンシステム経由で所定のトークンを支払う
請求項1から4のいずれか一つに記載の情報処理方法。 - 前記医療データの開示要求に対する承認、または、前記承認と、前記医療データの開示要求に対して承認を得た前記医療データを、他の研究者に共有することを求める共有要求に対する前記患者の第2承認とを含む承認情報を前記患者端末装置から受け付け、
受け付けた前記承認情報を前記医療データに対応付けて記憶する
請求項1から5のいずれか一つに記載の情報処理方法。 - 所定期間以降の第2期間における前記医療データの再開示に関する承諾情報を前記患者端末装置から受け付け、
前記第2期間において、前記承諾情報が得られた医療データの再開示要求を研究者の研究者端末装置を介して受け付けた場合、受け付けた再開示要求を前記患者端末装置に送信し、
前記再開示要求に対する前記患者の再承認を得た場合に、前記医療データを前記研究者端末装置に出力する
請求項1から6のいずれか一つに記載の情報処理方法。 - 前記医療データを用いて研究した研究結果に関する情報を前記研究者端末装置から受け付け、
受け付けた前記研究結果に関する情報を、前記医療データを提供した患者の患者端末装置に出力する
請求項1から7のいずれか一つに記載の情報処理方法。 - 前記医療データを特定する医療データID、前記医療データの取引日時、前記患者ID、前記研究者を特定する研究者ID及び前記医療データのハッシュ値を含む取引履歴を取得し、
取得した前記取引履歴を、前記研究者端末装置、前記医師端末装置または前記患者端末装置に送信する
請求項2から8のいずれか一つに記載の情報処理方法。 - 前記患者ID、前記開示要求に関する情報及び前記医師による医療データの署名日時を取得し、
取得した前記患者ID、前記開示要求に関する情報及び前記医療データの署名日時を前記研究者端末装置に送信する
請求項2から9のいずれか一つに記載の情報処理方法。 - 前記医療データに対する開示要求を前記研究者端末装置から受け付けた場合に、受け付けた前記開示要求を、前記医療データを提供した患者の患者端末装置に送信する
請求項1から10のいずれか一つに記載の情報処理方法。 - 前記医療データID、前記開示要求に関する情報及び前記医師IDを取得し、
取得した前記医療データID、前記開示要求に関する情報及び前記医師IDを前記患者端末装置に送信する
請求項1から11のいずれか一つに記載の情報処理方法。 - 前記医療データを記憶したが前記医師からの電子署名を未取得の状態であるか、前記医師から前記医療データの電子署名を取得済みの状態であるか、または前記医療データを前記ブロックチェーンシステムに記録済みの状態であるかを示す前記医療データの状態を前記患者端末装置に送信し、
前記医療データの状態を示すオブジェクトを前記患者端末装置に表示させる
請求項2から12のいずれか一つに記載の情報処理方法。 - 患者を特定する患者ID、患者の属性、及び医療に関する質問に対する前記患者による回答を取得する第1取得部と、
医師を特定する医師IDを前記患者の患者端末装置により読み取らせることにより前記医師IDを取得する第2取得部と、
取得した前記医師IDに対応する医師端末装置へ前記患者の患者ID、属性及び回答を送信する送信部と、
前記患者の患者ID、属性及び回答が表示された前記医師端末装置を通じて、前記医師による前記患者に対する診療データの入力を受け付ける第1受付部と、
前記患者の属性、回答及び入力された診療データを含む医療データの送信要求を受け付ける第2受付部と、
前記医療データのハッシュ値をブロックチェーンシステムに出力する第1出力部と、
前記ブロックチェーンシステムに記録された前記医療データの開示要求を研究者の研究者端末装置を介して受け付ける第3受付部と、
前記研究者の開示要求に対する前記患者の承認を得た場合に、前記医療データを前記研究者端末装置に出力する第2出力部と
を備える情報処理装置。 - 患者を特定する患者ID、患者の属性、及び医療に関する質問に対する前記患者による回答を取得し、
医師を特定する医師IDを前記患者の患者端末装置により読み取らせることにより前記医師IDを取得し、
取得した前記医師IDに対応する医師端末装置へ前記患者の患者ID、属性及び回答を送信し、
前記患者の患者ID、属性及び回答が表示された前記医師端末装置を通じて、前記医師による前記患者に対する診療データの入力を受け付け、
前記患者の属性、回答及び入力された診療データを含む医療データの送信要求を受け付け、
前記医療データのハッシュ値をブロックチェーンシステムに出力し、
前記ブロックチェーンシステムに記録された前記医療データの開示要求を研究者の研究者端末装置を介して受け付け、
前記研究者の開示要求に対する前記患者の承認を得た場合に、前記医療データを前記研究者端末装置に出力する
処理をコンピュータに実行させるプログラム。 - 患者を特定する患者IDを取得し、
患者の属性、及び医療に関する質問に対する前記患者による回答を受け付け、
医師を特定する医師IDを取得し、
取得した前記医師IDに対応付けて、前記患者の患者ID、属性及び回答を送信し、
前記患者の属性、回答及び前記医師による前記患者に対する診療データを含む医療データを受信し、
ブロックチェーンシステムに記録された前記医療データの研究者による開示要求を受信した場合に、前記研究者の開示要求に対する前記患者の承認を得たか否かを示す情報を送信する
処理をコンピュータに実行させるプログラム。 - 前記医療データに対する前記ブロックチェーンシステムへの出力指示を受け付け、
受け付けた前記ブロックチェーンシステムへの出力指示を送信する
処理を実行させる請求項16に記載のプログラム。 - 前記医師IDを記述した二次元コードを読み取り、
読み取った前記二次元コードから前記医師IDを取得する
処理を実行させる請求項16又は17に記載のプログラム。 - 前記医療データの開示要求に対する承認、または、前記承認と、前記医療データの開示要求に対して承認を得た前記医療データを、他の研究者に共有することを求める共有要求に対する前記患者の第2承認とを含む承認情報を受け付け、
受け付けた前記承認情報を、前記医療データを特定する医療データIDに対応付けて送信する
処理を実行させる請求項16から18のいずれか一つに記載のプログラム。 - 前記医療データを記憶したが前記医師からの電子署名を未取得の状態であるか、前記医師から前記医療データの電子署名を取得済みの状態であるか、または前記医療データを前記ブロックチェーンシステムに記録済みの状態であるかを示す前記医療データの状態を受信し、
受信した前記医療データの状態を示すオブジェクトを表示する
処理を実行させる請求項16から19のいずれか一つに記載のプログラム。
Priority Applications (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2022573024A JPWO2022145312A1 (ja) | 2020-12-28 | 2021-12-22 | |
US18/269,013 US20240079104A1 (en) | 2020-12-28 | 2021-12-22 | Information processing method, information processing apparatus, and nontransitory computer-readable storage medium |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2020219507 | 2020-12-28 | ||
JP2020-219507 | 2020-12-28 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022145312A1 true WO2022145312A1 (ja) | 2022-07-07 |
Family
ID=82260669
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2021/047597 WO2022145312A1 (ja) | 2020-12-28 | 2021-12-22 | 情報処理方法、情報処理装置及びプログラム |
Country Status (3)
Country | Link |
---|---|
US (1) | US20240079104A1 (ja) |
JP (1) | JPWO2022145312A1 (ja) |
WO (1) | WO2022145312A1 (ja) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2024043255A1 (ja) * | 2022-08-23 | 2024-02-29 | 一般社団法人 臨床医工情報学 コンソーシアム関西 | 情報処理方法、情報処理システム、及びコンピュータプログラム |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2016219015A (ja) * | 2015-05-21 | 2016-12-22 | 通男 木村 | 研究情報管理システム |
US20180082024A1 (en) * | 2016-09-16 | 2018-03-22 | International Business Machines Corporation | Secure Distributed Patient Consent and Information Management |
WO2018225428A1 (ja) * | 2017-06-05 | 2018-12-13 | Necソリューションイノベータ株式会社 | 診療記録管理システム、装置、方法およびプログラム |
-
2021
- 2021-12-22 JP JP2022573024A patent/JPWO2022145312A1/ja active Pending
- 2021-12-22 WO PCT/JP2021/047597 patent/WO2022145312A1/ja active Application Filing
- 2021-12-22 US US18/269,013 patent/US20240079104A1/en active Pending
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP2016219015A (ja) * | 2015-05-21 | 2016-12-22 | 通男 木村 | 研究情報管理システム |
US20180082024A1 (en) * | 2016-09-16 | 2018-03-22 | International Business Machines Corporation | Secure Distributed Patient Consent and Information Management |
WO2018225428A1 (ja) * | 2017-06-05 | 2018-12-13 | Necソリューションイノベータ株式会社 | 診療記録管理システム、装置、方法およびプログラム |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2024043255A1 (ja) * | 2022-08-23 | 2024-02-29 | 一般社団法人 臨床医工情報学 コンソーシアム関西 | 情報処理方法、情報処理システム、及びコンピュータプログラム |
JP7498999B1 (ja) | 2022-08-23 | 2024-06-13 | 一般社団法人 臨床医工情報学 コンソーシアム関西 | 情報処理方法、情報処理システム、及びコンピュータプログラム |
Also Published As
Publication number | Publication date |
---|---|
JPWO2022145312A1 (ja) | 2022-07-07 |
US20240079104A1 (en) | 2024-03-07 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
Kimura et al. | Development of a database of health insurance claims: standardization of disease classifications and anonymous record linkage | |
US20200019963A1 (en) | Data usage method, system, and program thereof employing blockchain network (bcn) | |
JP6830719B1 (ja) | 高信頼データ取引システム、および高信頼データ取引方法 | |
JP6912840B1 (ja) | 情報処理方法、診断支援装置及びコンピュータプログラム | |
CN102073786A (zh) | 用于识别患者间关系的系统、设备和方法 | |
JP2010508610A (ja) | 健康統合プラットフォームapi | |
CN105612551A (zh) | 个体化用药中信息的电子递送 | |
JP2005293273A (ja) | 個人情報開示システム、カルテ情報開示システム、個人情報開示方法、およびコンピュータプログラム | |
CA3146318A1 (en) | Data analytics system, method and program product for processing health insurance claims and targeted advertisement-based healthcare management | |
Bhardwaj et al. | Development of a recommender system HealthMudra using blockchain for prevention of diabetes | |
Zakzouk et al. | A blockchain-based electronic medical records management framework in smart healthcare infrastructure | |
Lodha et al. | Healthcare system using blockchain | |
WO2022145312A1 (ja) | 情報処理方法、情報処理装置及びプログラム | |
KR20170022007A (ko) | 건강정보관리 시스템 및 그 방법이 구현된 컴퓨터로 판독 가능한 기록매체 | |
Soner et al. | Combining blockchain and machine learning in healthcare and health informatics: An exploratory study | |
JP2015118552A (ja) | 医療情報管理プログラム、医療情報管理方法および医療情報管理装置 | |
Awasthi et al. | AI and IoT-based intelligent health care & sanitation | |
Panigrahi et al. | Application of Blockchain as a solution to the real-world issues in health care system | |
Usharani et al. | Blockchain Technology Use Cases in Healthcare Management: State-of-the-Art Framework and Performance Evaluation | |
Shruthi et al. | Medical Data Asset Management and an Approach for Disease Prediction using Blockchain and Machine Learning | |
Garett et al. | The potential application of blockchain technology in HIV research, clinical practice, and community settings | |
Yang et al. | Blockchain-Based Healthcare and Medicine Data Sharing and Service System | |
WO2023181880A1 (ja) | 情報処理方法、プログラム及び情報処理装置 | |
Israni et al. | Blockchain: a decentralized, persistent, immutable, consensus, and irrevocable system in healthcare | |
Hornback et al. | Development of a generalizable multi-site and multi-modality clinical data cloud infrastructure for pediatric patient care |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21915172 Country of ref document: EP Kind code of ref document: A1 |
|
ENP | Entry into the national phase |
Ref document number: 2022573024 Country of ref document: JP Kind code of ref document: A |
|
WWE | Wipo information: entry into national phase |
Ref document number: 18269013 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
WWE | Wipo information: entry into national phase |
Ref document number: 11202304917Q Country of ref document: SG |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21915172 Country of ref document: EP Kind code of ref document: A1 |