WO2023127312A1 - 情報管理システム、情報管理方法 - Google Patents

情報管理システム、情報管理方法 Download PDF

Info

Publication number
WO2023127312A1
WO2023127312A1 PCT/JP2022/041367 JP2022041367W WO2023127312A1 WO 2023127312 A1 WO2023127312 A1 WO 2023127312A1 JP 2022041367 W JP2022041367 W JP 2022041367W WO 2023127312 A1 WO2023127312 A1 WO 2023127312A1
Authority
WO
WIPO (PCT)
Prior art keywords
access
information
remote terminal
server
management system
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Ceased
Application number
PCT/JP2022/041367
Other languages
English (en)
French (fr)
Japanese (ja)
Inventor
愛華 中島
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hitachi High Tech Corp
Original Assignee
Hitachi High Tech Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hitachi High Tech Corp filed Critical Hitachi High Tech Corp
Priority to EP22912799.8A priority Critical patent/EP4459491A4/en
Priority to JP2023570712A priority patent/JP7691524B2/ja
Priority to US18/713,243 priority patent/US20240338468A1/en
Priority to CN202280077749.9A priority patent/CN118302767A/zh
Publication of WO2023127312A1 publication Critical patent/WO2023127312A1/ja
Anticipated expiration legal-status Critical
Ceased legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/55Detecting local intrusion or implementing counter-measures
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/40ICT specially adapted for the handling or processing of patient-related medical or healthcare data for data related to laboratory analysis, e.g. patient specimen analysis
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to devices or network resources
    • H04L63/107Network architectures or network communication protocols for network security for controlling access to devices or network resources wherein the security policies are location-dependent, e.g. entities privileges depend on current location or allowing specific operations only from locally connected terminals
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/08Access security

Definitions

  • the present invention relates to an information management system that provides remote terminals with data describing information about automatic analyzers.
  • the automatic analyzer is a device that analyzes the components of samples.
  • Information related to automated analyzers e.g., personal information of subjects who provided specimens, and other information exemplified in the embodiments described later
  • a remote terminal such as a mobile terminal
  • a system that manages the information can be done.
  • it is necessary to ensure information security so that personal information such as patient information is not accessed by a third party.
  • Patent Literature 1 describes a technique related to this point although it is not a technique related to an automatic analyzer.
  • the access authority level is automatically lowered due to a timeout or the like, it is normal to log out the user and lose the access authority of the user.
  • the same document discloses a technique for maintaining the lowest level of access authority even in this case so that the user can continue to access the data.
  • the communication status in the examination room and the work content of the person in charge vary depending on the facility and person in charge. Laboratory technicians may leave the communication range where it is possible to communicate with the information management system due to work in a place where radio waves do not reach, such as a reagent refrigerator, or other interruptive work, or due to a timeout without operating the mobile terminal for a certain period of time. You may be automatically logged out of the information management system.
  • Patent Document 1 even if the user logs out of the system in this way, personal information can be managed by classifying it in advance by level, so that only accessible information can be continuously provided. A situation similar to this is considered to occur when the usage status of the user terminal is illegal. For example, when the information management system detects the possibility that the usage status of a user terminal is illegal, it is considered normal to lose the user's access authority level. However, if this is the case, even if the access is not unauthorized, re-authentication is required to access the information again, and the same problem situation as in Patent Document 1 arises.
  • the present invention has been made in view of the problems described above, and provides an information management system that manages information related to automatic analyzers. The purpose is to achieve both convenience.
  • the information management system warns the administrator or lowers the access authority level when detecting a communication disconnection or unauthorized use of a remote terminal, and lowers the access authority level. Even if there is, access to at least part of the information is allowed.
  • the information management system of the present invention even when a remote terminal is used illegally, by maintaining a certain degree of access authority level while lowering the access authority level, information security and user convenience can be achieved. gender can be reconciled.
  • FIG. 1 is a schematic overall configuration diagram of an automatic analyzer 100 according to Embodiment 1.
  • FIG. 1 is a configuration diagram of an information management system 200
  • FIG. 3 is a diagram showing a processing procedure of a service in which an information management system 200 provides information on an automatic analyzer 100 to a mobile terminal 300
  • FIG. 3 shows the structure of a data table held by a storage medium 250 and an example of data.
  • An example of judgment conditions and options thereof constituting a check rule used when judging whether the usage status of the portable terminal 300 is valid in S306 is shown.
  • An example of processing options to be executed when an unauthorized use state of the mobile terminal 300 is detected is shown.
  • An example of an actually configured check rule is shown using each of the options in FIGS. 5A and 5B.
  • FIG. 2 shows a management screen of the information management system 200.
  • FIG. It is an example of a screen interface for instructing measures to be taken for the mobile terminal 300 whose usage status is illegal.
  • FIG. 3 is a diagram illustrating a processing procedure when communication between a mobile terminal 300 and an information management system 200 is disconnected;
  • FIG. 1 is a schematic overall configuration diagram of an automatic analyzer 100 according to Embodiment 1 of the present invention.
  • a specimen container 1 contains a specimen to be analyzed by the automatic analyzer 100 .
  • the sample moving mechanism 2 moves the sample container 1 by rotating with the sample container 1 placed thereon.
  • the specimen ID reader 19 reads the specimen ID printed on the surface of the specimen container 1 .
  • the specimen dispenser 5 dispenses the specimen contained in the specimen container 1 into the reaction container 11 .
  • the reagent container 10 contains a reagent to be reacted with the specimen.
  • the reagent storage 17 holds the reagent container 10 .
  • the reagent dispenser 7 dispenses the reagent into the reaction container 11 .
  • a liquid level detector 9 detects the liquid level in the reagent container 10 .
  • the reagent ID reader 14 reads the reagent ID printed on the surface of the reagent container 10 .
  • a liquid level detector 6 detects the liquid level in the reaction vessel 11 .
  • the reaction container 11 accommodates the specimen and the reagent for reacting them.
  • the reaction container moving mechanism 8 moves the reaction container 11 by rotating with the reaction container 11 placed thereon.
  • the microcomputer 3 controls the operation of the automatic analyzer 100 by controlling each part of the automatic analyzer 100 .
  • the display device 12 displays the results of processing by the microcomputer 3 and the like.
  • the input device 13 is a device, such as a mouse or keyboard, for inputting operation instructions from the user.
  • the storage medium 15 stores data and the like used by the microcomputer 3 .
  • the memory area 16 stores data temporarily used by the microcomputer 3 and the like.
  • the printer 18 prints the results processed by the microcomputer 3 on a paper medium.
  • An interface 4 interconnects each functional unit.
  • the storage medium 15 stores information on patient specimens registered in the automatic analyzer 100 and apparatus maintenance information such as apparatus alarms, maintenance, and reagents.
  • This information includes (a) personal information such as the patient's name, sex and age, patient information such as the sample ID and measurement results, and (b) non-patient information such as reagents, maintenance and alarms. Whether or not these pieces of information can be displayed is controlled by the access authority level of the logged-in user. When accessing personal information and patient information, a higher access authority is required compared to non-patient information.
  • FIG. 2 is a configuration diagram of the information management system 200.
  • the information management system 200 is a system that provides information about the automatic analyzer 100 to the mobile terminal 300 (remote terminal).
  • the information management system 200 may be configured as part of the automatic analyzer 100, or may be configured as a system separate from the automatic analyzer 100 and configured to communicate with the automatic analyzer 100. good too.
  • FIG. 2 shows an example configured as a separate system.
  • the information management system 200 can be configured by a server computer or the like having the units shown in FIG.
  • the information management system 200 includes a device information acquisition section 210 , a user input reception section 220 , a service provision section 230 , an access management section 240 and a storage medium 250 .
  • the device information acquisition unit 210 acquires information stored in the storage medium 15 of the automatic analyzer 100 .
  • the user input reception unit 220 receives user inputs such as user IDs, passwords, specification of services requested from the information management system 200, and operation instructions on a screen interface, which will be described later.
  • the service providing unit 230 provides services to the mobile terminal 300 .
  • the service referred to here includes, for example, (a) presenting information about the state of the automatic analyzer 100, and (b) presenting personal information about the provider (patient, subject, etc.) of the sample analyzed by the automatic analyzer 100. , and other specific examples will be described later.
  • the access management unit 240 manages access to information provided by the information management system 200 through services. Details of the access management procedure will be described later.
  • the storage medium 250 stores data describing information held by the information management system 200 .
  • the mobile terminal 300 includes a computer 310 , a storage medium 320 , a display device 330 , an access management section 340 and a user input reception section 350 .
  • the access manager 340 can be implemented as a software module, for example.
  • Computer 310 manages access to information on mobile terminal 300 by executing access management unit 340 .
  • the computer 310 also controls each unit included in the mobile terminal 300 .
  • the storage medium 320 stores data describing information held by the mobile terminal 300 .
  • the display device 330 presents information about the automatic analyzer 100 to the user by displaying information acquired from the information management system 200 .
  • the access management unit 340 manages access to information held by the mobile terminal 300 .
  • User input reception unit 350 receives an operation instruction from the user for portable terminal 300 .
  • FIG. 3 is a diagram showing the processing procedure of a service in which the information management system 200 provides the mobile terminal 300 with information on the automatic analyzer 100. FIG. Each step in FIG. 3 will be described below.
  • Fig. 3 Step S301
  • the administrator registers information about users who use the information management system 200 via the user input reception unit 220 .
  • the user information registered in this step is stored in the storage medium 250 . Examples of user information include:
  • Login-related information such as a user ID and password used when a user logs into the information management system 200
  • Fig. 3 Step S302
  • the user performs a login operation via the user input reception unit 350 of the mobile terminal 300 .
  • the access management unit 240 performs login authentication using the user ID and password entered by the user.
  • the access management unit 240 stores, in the storage medium 250, information that associates the ID of the mobile terminal 300 with the ID of the user who logged in at S302. Thereby, which user is using which mobile terminal 300 can be grasped in the information management system 200 .
  • Fig. 3 Step S303: Supplement
  • the information that associates the user with the mobile terminal 300 saved in this step is manually deleted by the administrator (a specific example will be described later), the user logs out via the user input reception unit 350, and the power of the mobile terminal 300 is turned off. , is held in the storage medium 250 until an event such as . That is, the user remains logged in to the information management system 200 .
  • the service providing unit 230 notifies the portable terminal 300 of the service types that can be provided to the logged-in user according to the user information registered in S301.
  • Computer 310 of portable terminal 300 displays the service menu screen on display device 330 according to the notification. The user can access information about the automatic analyzer 100 provided by the information management system 200 via this service menu screen.
  • the service providing unit 230 presents to the portable terminal 300 only information items permitted by an access authority table (or an information item table) described later with reference to FIG. That is, even if the service is permitted to be provided to the user, the service providing unit 230 does not allow the mobile terminal 300 to access information items for which the user does not have access rights among the information items referred to therein. Do not present against
  • the information management system 200 waits to receive terminal usage information from the mobile terminal 300 .
  • the mobile terminal 300 (computer 310) periodically transmits the usage status to the information management system 200, and the access management section 240 receives it. Examples of usage states include:
  • the mobile terminal 300 connects to the information management system 200 via wireless communication (eg, WiFi), the identifier of the connection source area, that is, the identifier of the WiFi connection point; (b) communication status between the mobile terminal 300 and the information management system 200 (whether communication is established, radio wave intensity, etc.); (c) operation history on the mobile terminal 300;
  • wireless communication eg, WiFi
  • the identifier of the connection source area that is, the identifier of the WiFi connection point
  • communication status between the mobile terminal 300 and the information management system 200 whether communication is established, radio wave intensity, etc.
  • the access management unit 240 determines whether the usage status of the mobile terminal 300 received in S305 is valid. Check rules used for determination will be described later. If the state of use is valid, the process returns to S305. If the state of use is illegal, the process proceeds to S307. If the usage state is valid, the user can continue to use the service while maintaining the access authority level.
  • the access management unit 240 issues a warning to the administrator (S308) or lowers the access authority level of the user (S309). Performed manually or by automated processing. If the access authority level is to be automatically lowered, the administrator may be notified to that effect. After the access authority level is lowered, only the information accessible by the access authority level is provided to the mobile terminal 300 . Until the user logs in again to the information management system 200, the access authority level is not restored (in other words, it is restored when the user logs in again). After S308 or S309, the process returns to S305.
  • a lower access privilege level means a narrower range of accessible information.
  • the access authority level may be lowered to an access authority level that allows access only to information that does not include the subject's personal information. As a result, even if the user does not log in again, at least part of the information can be continuously accessed, thereby maintaining convenience for the user.
  • Fig. 3 Step S310
  • the access management unit 240 deletes the information for association saved in S ⁇ b>303 from the storage medium 250 .
  • the user is logged out of the information management system 200 .
  • FIG. 4 shows the structure of the data table held by the storage medium 250 and an example of data.
  • the storage medium 250 stores a login information table, mobile terminal table, information item table, and access authority table.
  • the login information table is a data table that holds login-related information and user management authority in S301.
  • As the authentication information in addition to the password, face or voiceprint authentication may be used. It is also possible for multiple people to use the same user ID.
  • the user ID and password used when logging into the automatic analyzer 100 may be used in this table, or may be defined separately.
  • the mobile terminal table is a data table that holds the usage status of the mobile terminal 300 in S305.
  • the mobile terminal table associates the ID of the mobile terminal 300 with the user ID using the terminal and holds it as one record. As a result, the association information in S303 can be held.
  • the information item table is a data table that manages which information items are provided to each user.
  • the information items provided to each user are defined in principle according to the access authority table described below. However, if the access authority is given only to information about a specific model of the automatic analyzer 100 or a specific examination room, this is defined in this table. ⁇ marks in the figure indicate information items that can be provided, and X marks indicate information items that cannot be provided.
  • the service providing unit 230 provides only the information items permitted by this table to the mobile terminal 300 (that is, the user using the terminal). Information that can be derived from the access authority table does not necessarily have to be held in this table, but for convenience of processing, accessible information items are aggregated and defined in this table.
  • the access authority table is a data table that defines the access authority (range of accessible information items) for each information item.
  • a single service provided by the information management system 200 may provide a plurality of information items. Access rights for each information item are defined by this table separately from the service types provided to users.
  • the access authority is defined, for example, for each user management authority (user role).
  • the accessible range for each information item differs for each access right. For example, in the condition editing service, only the administrator can edit everyone's conditions, but other users can only refer to their own conditions. As described above, the purpose of use of the mobile terminal 300 differs depending on the person in charge.
  • the storage medium 250 may store a provided service table that lists the service types provided to each user, a user schedule table that records the work schedule of each user, and the like.
  • FIG. 5A shows an example of judgment conditions and their options constituting a check rule used when judging whether or not the usage status of the mobile terminal 300 is valid in S306. If the usage status of the mobile terminal 300 matches the one specified from the options as the determination condition, it can be determined that the usage status is incorrect. Any one or more of the following can be specified as the judgment condition:
  • the service of the information management system 200 that is used using the mobile terminal 300 that is, the type of information about the automatic analyzer 100 that the information management system 200 provides to the mobile terminal 300 .
  • a service that provides the information item itself described in FIG. 4 and a service that presents the information item in the process of providing the service are mixed. corresponds to the type of
  • the IDs of prohibited areas other than the permitted area are listed as the area condition
  • the IDs of all terminals are listed as the terminal condition
  • the ID of the specific user is specified as the user condition.
  • FIG. 5B shows an example of options for processing to be performed when an unauthorized use status of the mobile terminal 300 is detected.
  • Measures to be taken when fraud is detected include a process performed in the mobile terminal 300 and a process performed in the information management system 200 (and notifying the administrator terminal of the result).
  • An example of processing performed in the mobile terminal 300 will be described later.
  • the processing executed in the information management system 200 includes warning display on the administrator terminal or lowering of the user's access authority level (automatic lowering and lowering by manual operation) described in S307 to S309. In addition, it is conceivable to notify the portable terminal 300 of a warning.
  • FIG. 5C shows an example of actually configured check rules using the options in FIGS. 5A and 5B.
  • the rule for Facility A is an example of prohibiting the use of the information management system 200 via the mobile terminal 300 in the offline state. According to this rule, the access privilege level is unconditionally lowered when the user goes offline.
  • the rule for the facility B is an example of a rule that maintains the access authority level if a legal operation is continued even though there are many areas in which communication is not possible within the range where the laboratory technician works.
  • the rule of the facility C is an example in which strict rules are applied only to the mobile terminals 300 used by employees other than the laboratory technician in a facility where various employees such as part-timers work in addition to the examining doctor.
  • Facility A's rule example is a strict rule that prohibits access to all offline terminals. Imposing such strict access restrictions may not be suitable for the operational realities of the facility. In such a case, as in the example rules for facilities B and C, rules with a slightly less strict degree may be used.
  • the information management system 200 receives instruction input designating these check rules via the user input reception unit 220 and stores the contents in the storage medium 250 .
  • the access management unit 240 determines in S306 whether the usage of the mobile terminal 300 is valid according to the check rule.
  • Fig. 6 is an example of a screen interface for entering check rules.
  • User input reception unit 220 receives the check rules described in FIGS. 5A to 5C via the screen interface in FIG.
  • a rule name 601 is a field for entering the name of a check rule.
  • the online condition 602, the area condition 603, the terminal condition 604, the restricted operation 606 (operation state), and the conflict processing (fraud detection processing) correspond to the check rules described with reference to FIGS. 5A to 5C.
  • FIG. 6 shows an example using only some of the rule items described with reference to FIGS. 5A to 5C, it is also possible to optionally add or delete items constituting a rule.
  • FIG. 7 shows a management screen of the information management system 200.
  • the access management unit 240 presents the management screen of FIG. 7 on a display device such as a display.
  • the management screen presents the following information for each ID of the mobile terminal 300:
  • the access management unit 240 When the access management unit 240 detects an unauthorized use situation according to the check rules, it alerts the administrator by highlighting the mobile terminal 300 on the management screen (thick line frame in FIG. 7). When the administrator selects the highlighted item, the access management unit 240 presents the screen of FIG. 8, thereby prompting the administrator to instruct a specific countermeasure.
  • FIG. 8 is an example of a screen interface for instructing measures to be taken for the mobile terminal 300 whose usage status is illegal.
  • the access management unit 240 displays the usage status of the mobile terminal 300 using a notification screen as shown in the example of FIG. is displayed on the administrator terminal. Further, when the administrator selects "yes", the access authority level of the terminal is lowered and the information of the terminal is deleted from the portable terminal table. As a result, the terminal is logged out of the information management system 200 .
  • at least one of the following methods can be performed: forcibly lowering the access authority level of the terminal or logging out when an illegal situation occurs. good.
  • ⁇ Embodiment 1 Summary>
  • the information management system 200 detects an unauthorized use of the mobile terminal 300, at least one of issuing a warning to that effect or lowering the access authority level of the mobile terminal 300. to implement. Even when the access authority level is lowered, it is not necessary to prohibit access to all services of the information management system 200 (that is, all information related to the automatic analyzer 100), and some services may continue to be available. Accordingly, it is possible to ensure security of information related to the automatic analyzer 100 and maintain convenience for the user.
  • the information management system 200 has the automatic analysis device 100 installed as a check rule for detecting the unauthorized use of the mobile terminal 300, as illustrated in FIGS. 5A to 5C. It is possible to set judgment criteria suitable for the actual situation and measures to be taken when fraud is detected. This enables security management suitable for the facility.
  • Embodiment 2 In the first embodiment, an example has been described in which the information management system 200 maintains information security by lowering the user's access authority level.
  • the information held by the information management system 200 is downloaded to the mobile terminal 300 so that the mobile terminal 300 can be used continuously even if the communication between the mobile terminal 300 and the information management system 200 is disconnected. In some cases, the downloaded information can continue to be used even when the mobile terminal 300 goes offline. At this time, the issue is how to ensure the security of the information downloaded to the mobile terminal 300 .
  • Embodiment 2 of the present invention describes an example of countermeasures for this security problem.
  • the configurations of the information management system 200, mobile terminal 300, and automatic analysis device 100 are the same as in the first embodiment.
  • FIG. 9 is a diagram explaining a processing procedure when communication between the mobile terminal 300 and the information management system 200 is disconnected. Steps similar to those in FIG. 3 are given the same step numbers, and descriptions thereof are omitted. It is assumed that S301 has already been performed.
  • the access management unit 240 includes information for identifying a user (for example, a user ID) and information for determining whether the usage of the mobile terminal 300 is valid (check rules described in FIGS. 5A to 5C). ) is transmitted to the mobile terminal 300 .
  • the access management unit 340 stores these in the storage medium 320.
  • Step S902 This step is generally the same as S304, but the processing in the mobile terminal 300 is different from that in the first embodiment. Every time the computer 310 acquires information about the automatic analyzer 100 from the information management system 200 , the information is stored in the storage medium 320 . As a result, even if the communication between the mobile terminal 300 and the information management system 200 is cut off, the user can continue the operation in the offline state.
  • Fig. 9 Step S903
  • the information management system 200 detects that fact. For example, if communication from the mobile terminal 300 to the information management system 200 does not occur continuously for a predetermined time or longer, it can be determined that the communication has been disconnected.
  • the service providing unit 230 does not provide services to the mobile terminal 300 (does not provide information on the automatic analyzer 100) while the communication with the mobile terminal 300 is disconnected.
  • Fig. 9 Steps S904 to S906
  • the user refers to the information acquired from the information management system 200 on the portable terminal 300 (S904).
  • the access management unit 340 determines whether the usage status of the mobile terminal 300 is valid according to the check rule acquired from the information management system 200 in S902 (S905). If the unauthorized use is detected, the access management unit 340 lowers the access authority level of the user in the same manner as in S309, and deletes all data requiring access authority from the storage medium 320 (S906).
  • the user's access authority level on the mobile terminal 300 is substantially the same as when the access authority level is lowered on the information management system 200. becomes. This is because the range of information items that the user can access is narrowed.
  • the range of information items to be deleted may be determined in accordance with the check rule acquired from the information management system 200 according to the accessible range after lowering the access authority level on the information management system 200 .
  • the access management unit 340 transmits the user's current access authority level and the operation history of the mobile terminal 300 during offline to the information management system 200 .
  • the access management unit 240 detects that the portable terminal 300 has been reconnected by the notification.
  • the access manager 240 reflects the access authority level received by notification. If the access authority level is not lowered in S905-S906, the user can continue to use the service with the same access authority level as before the disconnection of communication. When the access authority level is lowered in S905-S906, the lowered access authority level remains until the user logs in to the information management system 200 again.
  • the access management section 240 may lower the access authority level of the user according to the check rule.
  • the access authority level is not lowered in S905-S906, the original access authority level is notified from the mobile terminal 300 to the information management system 200 in S907, so that the access authority level is not lowered. That is, the access authority level on the information management system 200 side and the access authority level on the mobile terminal 300 side are different from each other. Since the information management system 200 trusts the access authority level declared by the mobile terminal 300, there is some security concern.
  • the information management system 200 downloads information on the automatic analyzer 100 onto the mobile terminal 300, so that the information can be viewed continuously even if the mobile terminal 300 goes offline.
  • the access management unit 340 deletes the information downloaded to the mobile terminal 300, thereby substantially lowering the access authority level on that terminal. As a result, it is possible to maintain the information security of the automatic analyzer 100 through the mobile terminal 300 while taking into consideration the convenience when offline.
  • the information management system 200 lowers the access authority level on the mobile terminal 300 and restores communication when an unauthorized use situation occurs on the mobile terminal 300 while the mobile terminal 300 is offline. When it does, it notifies the information management system 200 of the lowered access authority level.
  • the information management system 200 reflects the access authority level received by the notification to the terminal. As a result, even if a check rule for lowering the access authority level is not formed in the information management system 200 at the time of communication disconnection, information security is maintained by the mobile terminal 300 voluntarily detecting unauthorized use. can do.
  • the information management system 200 maintains the access authority level on the mobile terminal 300 as when logged in, if no unauthorized use occurs on the mobile terminal 300 while the mobile terminal 300 is offline. When the communication is restored, the information management system 200 is notified of the access authority level. The information management system 200 reflects the access authority level received by the notification to the terminal. As a result, even if the access authority level is lowered in the information management system 200 at the time of communication disconnection, as long as the portable terminal 300 is used properly, the user can log in again to recover the access authority level. You can save time.
  • the device information acquisition unit 210, the user input reception unit 220, the service provision unit 230, the access management unit 240, and the access management unit 340 are configured by hardware such as circuit devices implementing these functions. Alternatively, it can be constructed by executing software implementing these functions on an arithmetic device.
  • the access management unit 340 is implemented as dedicated module hardware/software that implements processing for transmitting and receiving data between the mobile terminal 300 and the information management system 200 according to the above embodiments. be able to.
  • one example of the automatic analyzer 100 is a multi-item chemical analyzer that analyzes a plurality of requested items of a specimen by photometry.
  • the present invention is not limited to this, and can be applied to various automatic analyzers handling samples such as patient specimens.
  • Specimen container 2 Specimen moving mechanism 3: Microcomputer 4: Interface 5: Specimen dispenser 6: Liquid level detector 7: Reagent dispenser 8: Reaction container moving mechanism 9: Liquid level detection Device 10: reagent container 11: reaction container 12: display device 13: input device (mouse, keyboard, etc.) 14: Reagent ID reader 15: Storage medium 16: Memory area 17: Reagent storage 18: Printer 19: Sample ID reader 200: Information management system 210: Device information acquisition unit 220: User input reception unit 230: Service provision unit 240: Access management unit 250: Storage medium 300: Portable terminal 310: Computer 320: Storage medium 330: Display device 340: Access management unit 350: User input acceptance unit

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Bioethics (AREA)
  • Computing Systems (AREA)
  • Epidemiology (AREA)
  • Medical Informatics (AREA)
  • Primary Health Care (AREA)
  • Public Health (AREA)
  • Storage Device Security (AREA)
PCT/JP2022/041367 2021-12-27 2022-11-07 情報管理システム、情報管理方法 Ceased WO2023127312A1 (ja)

Priority Applications (4)

Application Number Priority Date Filing Date Title
EP22912799.8A EP4459491A4 (en) 2021-12-27 2022-11-07 INFORMATION MANAGEMENT SYSTEM AND INFORMATION MANAGEMENT PROCEDURES
JP2023570712A JP7691524B2 (ja) 2021-12-27 2022-11-07 情報管理システム、情報管理方法
US18/713,243 US20240338468A1 (en) 2021-12-27 2022-11-07 Information Management System and Information Management Method
CN202280077749.9A CN118302767A (zh) 2021-12-27 2022-11-07 信息管理系统、信息管理方法

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2021-213308 2021-12-27
JP2021213308 2021-12-27

Publications (1)

Publication Number Publication Date
WO2023127312A1 true WO2023127312A1 (ja) 2023-07-06

Family

ID=86998813

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2022/041367 Ceased WO2023127312A1 (ja) 2021-12-27 2022-11-07 情報管理システム、情報管理方法

Country Status (5)

Country Link
US (1) US20240338468A1 (https=)
EP (1) EP4459491A4 (https=)
JP (1) JP7691524B2 (https=)
CN (1) CN118302767A (https=)
WO (1) WO2023127312A1 (https=)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20250330469A1 (en) * 2024-04-17 2025-10-23 Red Hat, Inc. Remote login resource access control using a container

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006185113A (ja) * 2004-12-27 2006-07-13 Hitachi Software Eng Co Ltd 情報処理装置
JP2006251932A (ja) * 2005-03-08 2006-09-21 Canon Inc セキュリティ管理方法、装置およびセキュリティ管理用プログラム
JP2008090469A (ja) * 2006-09-29 2008-04-17 Quality Kk 携帯装置管理システム
JP2009080560A (ja) * 2007-09-25 2009-04-16 Sky Kk アクセス権限制御システム
JP2010055297A (ja) * 2008-08-27 2010-03-11 Fujitsu Ltd アクセス制御プログラム,アクセス制御方法及びアクセス制御装置

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892900A (en) * 1996-08-30 1999-04-06 Intertrust Technologies Corp. Systems and methods for secure transaction management and electronic rights protection
JP4950384B2 (ja) * 2000-03-28 2012-06-13 株式会社東芝 医療用画像診断装置及びそのセキュリティ管理方法

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2006185113A (ja) * 2004-12-27 2006-07-13 Hitachi Software Eng Co Ltd 情報処理装置
JP2006251932A (ja) * 2005-03-08 2006-09-21 Canon Inc セキュリティ管理方法、装置およびセキュリティ管理用プログラム
JP2008090469A (ja) * 2006-09-29 2008-04-17 Quality Kk 携帯装置管理システム
JP2009080560A (ja) * 2007-09-25 2009-04-16 Sky Kk アクセス権限制御システム
JP2010055297A (ja) * 2008-08-27 2010-03-11 Fujitsu Ltd アクセス制御プログラム,アクセス制御方法及びアクセス制御装置

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP4459491A4 *

Also Published As

Publication number Publication date
EP4459491A1 (en) 2024-11-06
EP4459491A4 (en) 2025-12-17
US20240338468A1 (en) 2024-10-10
JP7691524B2 (ja) 2025-06-11
JPWO2023127312A1 (https=) 2023-07-06
CN118302767A (zh) 2024-07-05

Similar Documents

Publication Publication Date Title
JP6185868B2 (ja) 機密データにアクセス不能であることを確実にする方法およびシステム
CN115550043B (zh) 诊断测试设备及用于存储测试结果的云系统
EP3025257B1 (en) Systems and methods for a distributed clinical laboratory
US8508332B2 (en) Access control
US10339298B2 (en) Weak password support in a multi-user environment
US9871777B2 (en) Web-based data and instrument management solution
CN111192674A (zh) 用于交换健康数据的方法和设备
JP7691524B2 (ja) 情報管理システム、情報管理方法
US9285379B2 (en) Information management apparatus and sample testing apparatus that permit functions based upon operator attributes
CN114175115A (zh) 资产管理系统
JP2011086012A (ja) 監視制御システム
KR20210112329A (ko) 분자 진단 방법에 사용하기 위한 시퀀싱 기기 및 시약의 정량화
CN113918894A (zh) 权限管理方法和权限管理装置
WO2014085500A1 (en) Identification acquisition device for reducing the likelihood of incidence of a lapse in proper discharge of a security procedure
US20050154919A1 (en) Processing device
US12386933B2 (en) Analysis device and authentication method
CN111371870A (zh) 医疗设备数据传送系统及方法
JP2005346702A (ja) 識別表示装置を備える診断システム
KR101746515B1 (ko) 시약장 관리 서버, 시스템 및 방법
JP2004028583A (ja) ネットワーク対応形測定装置
US20080077975A1 (en) Computer system and method of controlling access to computer
SE542293C2 (en) System for authorization control and breath testing
CN109491748A (zh) 一种基于小程序的可穿戴设备管控方法及管控终端
WO2010095597A1 (ja) 管理装置および管理システム
CN119865339A (zh) 一种用于电竞酒店网路安全保护及预警的方法及系统

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 22912799

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 202280077749.9

Country of ref document: CN

WWE Wipo information: entry into national phase

Ref document number: 2023570712

Country of ref document: JP

NENP Non-entry into the national phase

Ref country code: DE

ENP Entry into the national phase

Ref document number: 2022912799

Country of ref document: EP

Effective date: 20240729