WO2024032658A1

WO2024032658A1 - Method for processing medical data processing, system, apparatus, and computer device

Info

Publication number: WO2024032658A1
Application number: PCT/CN2023/111994
Authority: WO
Inventors: Ruifeng Zhao; Lin Yi
Original assignee: Wuhan United Imaging Healthcare Co., Ltd.
Priority date: 2022-08-09
Filing date: 2023-08-09
Publication date: 2024-02-15
Also published as: CN115396113A

Abstract

The present disclosure relates to a method for processing medical data implemented by a blockchain network. The method includes receiving a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; acquiring target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and sending the target medical data to the target medical service node, and storing calling information corresponding to the data calling request on-chain.

Description

METHOD FOR PROCESSING MEDICAL DATA PROCESSING, SYSTEM, APPARATUS, AND COMPUTER DEVICE

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to Chinese Patent Application No. 202210949645.4, filed on August 9, 2022, and entitled "BLOCKCHAIN-BASED MEDICAL DATA PROCESSING METHOD, SYSTEM, APPARATUS, AND COMPUTER DEVICE" , the entire content of which is incorporated herein in its entirety.

TECHNICAL FIELD

The present disclosure relates to the field of internet technologies, and in particular, to a method for processing medical data, a medical data processing system, and apparatus, a computer device, a storage medium, and a computer program product.

BACKGROUND

With the development of blockchain technology, blockchain-based medical data sharing methods have brought great help to the treatment and analysis of diseases. In a conventional method, it is not conducive to the introduction of shared new data, while existing data between medical institutions can usually be shared. The large data barriers among various medical institutions make it difficult to realize real data sharing and solve data security problems. Moreover, the whole system has high requirements for the storage service in a blockchain, including high throughput and a good query fact performance, which makes it difficult to realize blockchain data sharing.

SUMMARY

An aspect of the disclosure provides a method for processing medical data implemented by a blockchain network. The method includes: receiving a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; acquiring target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and sending the target medical data to the target medical service node, and storing calling information corresponding to the data calling request on-chain.

In some embodiments, before the receiving the data calling request sent by the target medical service node in the blockchain network, the method further includes: constructing the blockchain network including a plurality of medical service node based on blockchain network configuration parameters and data security parameters, and receiving a registration verification request sent by the medical service node, and performing a registration verification for the medical service node, the registration verification request including a node verification parameter corresponding to the medial service node.

In some embodiments, before the receiving the data calling request sent by the target medical service node in the blockchain network, the method further includes receiving a registration request sent by the patient client terminal corresponding to the target patient, and performing a registration for the patient client terminal, the registration request including an identity verification parameter corresponding to the patient client terminal.

In some embodiments, the blockchain network stores calling verifying information corresponding to the medical data of patients, the calling verifying information being configured to verify an identity information of the medical service node and the medical data sharing protocol upon the data calling request, and the blockchain network manager is configured to acquire to-be-called medical data from a data center upon a successful verification, the data center being configured to store the medical data of the target patient.

In some embodiments, the receiving the registration request sent by the patient client terminal corresponding to the target patient, and performing the registration for the patient client terminal includes: generating patient identification information for the target patient and sending the patient identification information to the patient client terminal according to the identity verification parameter corresponding to the patient client terminal; and storing the identity verification parameter and the patient identification information of the target patient on-chain.

In some embodiments, the generating the patient identification information for the target patient and sending the patient identification information to the patient client terminal according to the identity verification parameter corresponding to the patient client terminal includes: generating, by the patient client terminal, a registration random number according to a user identification (UID) and a user password that are entered, and determining the identity verification parameter based on a combination of the registration random number and the UID ; and generating a random number, and generating the patient identification information according to the random number and the identity verification parameter.

In some embodiments, the method further includes receiving, by the patient client terminal, the patient identification information, and generating a new random number as the patient's private key.

In some embodiments, before the receiving the data calling request sent by the target medical service node in the blockchain network, the method further includes: receiving a medical visit association request sent by the target medical service node, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal; and establishing the association relationship between the patient client terminal corresponding to the target patient and the target medical service node based on the node verification parameter and the identity verification parameter, and sending association relationship record information to the target medical service node, the association relationship including association key information.

In some embodiments, before the acquiring the target medical data according to the pre-stored medical data sharing protocol corresponding to the target patient, the method further includes: receiving a protocol recording request sent by the target medical service node, the protocol recording request including the medical data sharing protocol, the medical data sharing protocol being generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is verified; and storing the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal on-chain.

In some embodiments, the method further includes acquiring medical data upload request sent by the target medical service node, the medical data upload request being obtained by the target medical service node based on a combination of upload address parameter, timestamp information, and medical visit data of the target patient; analyzing the medical data upload request to acquire and store the medical visit data of the target patient; and storing the data upload request on-chain.

In some embodiments, the method further includes establishing a calling record including the data calling request and a hash value of a calling log corresponding to the data calling request; and generating a two-dimensional code based on the hash value and embedding the two-dimensional code as a watermark into a corresponding called medical image.

A second aspect of the present disclosure provides a medical data processing apparatus. The apparatus includes a data calling request receiving module configured to receive a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; a target medical data determination module configured to acquire target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and a data calling recording module configured to send the target medical data to the target medical service node, and store calling information corresponding to the data calling request on-chain.

A third aspect of the present disclosure provides a medical data processing system. The system includes a medical service node and a blockchain network manager. The medical service node is configured to: send a data calling request to a data center, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; and acquire target medical data from the data center based on a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a scope of sharing of medical data of the target patient, the data center being configured to upload and store calling information corresponding to the data calling request.

In some embodiments, the system further including the patient client terminal corresponding to the target patient, wherein the blockchain network manager is configured to receive a registration request sent by the patient client terminal and perform a registration for the patient client terminal, the registration request including a verification parameter corresponding to the patient client terminal.

In some embodiments, the patient client terminal is configured to generate a registration random number based on a user identification (UID) and a user password that are entered, and determining the identity verification parameter based on a combination of the registration random number and the UID, and the blockchain network manager is configured to generate a random number and generate patient identification information according to the random number and the identity verification parameter.

In some embodiments, the blockchain network manager is configured to send the patient identification information to the patient client terminal, and store the identity verification parameter and the patient identification information on chain.

In some embodiments, the patient client terminal is configured to receive the patient identification information and generate a random number as a private key of the target patient.

In some embodiments, the blockchain network stores calling verifying information corresponding to the medical data of patients, the calling verifying information being configured to verify an identity information of the medical service node and the medical data sharing protocol upon the data calling request, and the blockchain network manager is configured to acquire to-be-called medical data from a data center upon a verification, the data center being configured to store the medical data of the target patient.

In some embodiments, the blockchain network manager is configured to receive a medical visit association request sent by the target medical service node, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal; and establish the association relationship between the patient client terminal corresponding to the target patient and the target medical service node based on the node verification parameter and the identity verification parameter, and send association relationship record information to the target medical service node, the association relationship including association key information.

In some embodiments, the blockchain network manager is configured to receive a protocol recording request sent by the target medical service node, the protocol recording request including the medical data sharing protocol, the medical data sharing protocol being generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is successfully verified; and store the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal on-chain.

In some embodiments, the blockchain network manager is configured to acquire a medical data upload request sent by the target medical service node, the medical data upload request being obtained by the target medical service node based on a combination of upload address parameter, timestamp information, and medical visit data of the target patient; the data center is configured to analyze the medical data upload request to acquire and store the medical visit data of the target patient; and the blockchain network manager is configured to store the data upload request on-chain.

In some embodiments, the medical data includes medical images, and the blockchain network manager is configured to establish a calling record including the data calling request and a hash value of a calling log corresponding to the data calling request, and generate a two-dimensional code based on the hash value and embed the two-dimensional code as a watermark into a corresponding called medical image.

A fourth aspect of the present disclosure provides a computer device. The computer device includes a memory and one or more processors. The memory stores a computer program. When executing the computer program, the one or more processors are configured to perform a method for processing medical data method according to the first aspect.

A fifth aspect of the present disclosure provides a computer-readable storage medium having a computer program. The computer program, when executed by one or more processors, causes the one or more processors to perform a method for processing medical data method according to the first aspect.

A sixth aspect of the present disclosure provides computer program product having a computer program stored therein. The computer program, when executed by one or more processors, causes the one or more processors to perform a method for processing medical data method according to according to the first aspect.

Details of one or more embodiments of the present disclosure are set forth in the following accompanying drawings and descriptions. Other features, objectives, and advantages of the present disclosure become obvious with reference to the specification, the accompanying drawings, and the claims.

BRIEF DESCRIPTION OF THE DRAWINGS

In order to better describe and illustrate the embodiments of the present disclosure, one or more accompanying drawings can be referred to. However, the additional details or examples configured to describe the accompanying drawings should not be considered as a limitation on the scope of any of the inventions, currently described embodiments, or preferred modes of the present disclosure.

FIG. 1 is a schematic flowchart of a method for processing medical data according to an embodiment;

FIG. 2 is a schematic diagram of interactive processing of medical data according to an embodiment;

FIG. 3 is a schematic flowchart of a data upload step according to an embodiment;

FIG. 4 is a schematic flowchart of another method for processing medical data according to an embodiment;

FIG. 5 is a structural block diagram of a blockchain-based medical data processing apparatus according to an embodiment; and

FIG. 6 is a diagram of an internal structure of a computer device according to an embodiment.

DETAILED DESCRIPTION OF THE EMBODIMENTS

In order to make the objectives, technical solutions, and advantages of the present disclosure clearer, the present disclosure will be further described in detail below in conjunction with the accompanying drawings and embodiments. It should be understood that specific embodiments described herein are only intended to explain the present disclosure, and are not intended to limit the present disclosure.

It should be noted that user information (including, but not limited to, user equipment information, user personal information, etc. ) and data (including, but not limited to, display data, analysis data, etc. ) as referred to in the present disclosure are all information or data authorized by a user or fully authorized by respective parties. Correspondingly, the present disclosure further provides a corresponding user authorization entry for the user to choose authorization or choose rejection.

In an embodiment, as shown in FIG. 1, a method for processing medical data, implemented by a blockchain network is provided. This embodiment is illustrated with an example in which the method is applied to a server. It can be understood that the method may also be applied to a terminal, or applied to a system including a terminal and a server, such as a medical data processing system (also referred to as data security sharing system) , and is realized through interaction between the terminal and the server. Furthermore, this method can also be implemented by multiple parties, including terminals, servers, etc. In this embodiment, the method includes the following steps 101-103.

In step 101, a data calling request sent by a target medical service node in a blockchain network is received.

The data calling request may be a request for calling medical data of a target patient, and the blockchain network may store an association relationship between a patient client terminal corresponding to the target patient and the target medical service node, e.g., a predetermined association relationship.

The blockchain network may be a consortium blockchain network. The consortium blockchain has an identity management mechanism, by which, identity permissions of medical institutions for joining the network can be controlled. For example, authorized medical institutions join the network, so that data security and robustness of the system can be improved, and the scalability of the medical data processing system for future addition of medical institutions is ensured.

As an example, the target medical service node may be a node corresponding to the authorized medical institution in the consortium blockchain network. The target patient may be a current patient who visits the medical institution corresponding to the target medical service node. For example, based on the visit behavior of the current patient, the target medical service node may send a data calling request corresponding to the current patient.

In practical applications, based on the medical visit behavior of the target patient, the target medical service node corresponding to the visited medical institution may send the data calling request corresponding to the target patient through the blockchain network. Since the blockchain network may store the predetermined association relationship between the patient client terminal corresponding to the target patient and the target medical service node obtained by, for example, the fact that target patient and the medical institution have been bound through a registration of medical visit, the target medical service node may acquire the requested medical data of the target patient based on the data calling request through the blockchain network.

Specifically, the medical institution corresponding to the target medical service node may send the data calling request to the data center of the medical data processing system, to acquire patient data corresponding to the target patient stored in the data center. For example, the target medical service node may generate a data request (i.e., a data calling request) , which is then sent together with a corresponding verification hash value of the data calling request and medical visit verification value that are encrypted using a session key between the medical service node and the data center.

In an example, patient data acquired based on the data calling request may be historical medical visit data of the target patient. For example, during a visit of the target patient to the medical institution, the target patient may perform a registration for a current medical visit behavior. If the target patient has registered with the medical data processing system, the registration step may be skipped. The medical institution may perform a registration of the medical visit, for example, medical visit information of the target patient is chained for certification purposes. A binding key is then generated for the patient client terminal corresponding to the target patient and the target medical service node corresponding to the medical institution and a medical data sharing protocol is generated. The blind key and the medical data sharing protocol are then chained. Further, the target medical service node corresponding to the medical institution may upload current medical visit data to the data center. The data center may chain the uploaded current medical visit record (e.g., transaction information for a current medical visit event) to the blockchain network.

In another example, based on the fact that the data center may break down data barriers among medical institutions, enabling the system to be more efficient and highly available, the data center may be a data repository for storing medical data, and the data stored may be encrypted and digitally signed to ensure authenticity and security of the stored data, so that storage, query, and entry of the medical data can be realized by a high-performance data repository. Security information and identity information required for verifying the data calling request of the medical data are stored by the blockchain network, which can perform decoupling based on system architecture and optimize system performance. For example, the blockchain network may store calling verifying information corresponding to the medical data of patients, the calling verifying information may be configured to verify the identity information of the medical service node and the medical data sharing protocol upon the data calling request, and the blockchain network may acquire the requested medical data from the data center (e.g., a high-performance data repository) after the data calling request is successfully verified. The data center is configured to store the medical data of the target patient.

In step 102, target medical data is acquired according to a pre-stored medical data sharing protocol corresponding to the target patient.

The medical data sharing protocol may be configured to represent a sharing scope of the medical data of the target patient. For example, the medical data sharing protocol may include patient identity information and shareable information scope of patient medical data determined by a patient. The shareable information scope may be configured to represent a callable data scope and a caller scope, such as data fields or information fields that can be shared and an extent to which the data fields or information fields can be shared (including, but not limited to, whether the data fields or information fields can be used by other medical institutions for diagnosis, whether the data fields or information fields can be used by medical research institutions for research analysis, for which medical institutions or medical research institutions the data fields or information fields can be shared, not for sharing, or for de-identified sharing) .

In a specific implementation, for the received data calling request, the target medical data for the data calling request may be acquired according to the medical data sharing protocol corresponding to the target patient pre-stored in the blockchain network.

For example, the data center can call smart contracts based on the medical data sharing protocol uploaded by the target patient in the consortium blockchain during his medical visit. Consequently, the requested data included in the data calling request, such as EHR (Electronic Health Record) , that meets requirements can be determined as the target medical data.

In another example, the data center may decrypt the data request, and after the data request is successfully verified, may analyze the content of the data request and call the corresponding medical data sharing protocol (e.g., a smart contract) to obtain the corresponding EHR.

In an example, utilizing blockchain technology as the framework for secure medical data sharing ensures the traceability of medical data due to the immutability characteristic of blockchain technology. Moreover, utilizing smart contracts of the consortium blockchain guarantees the stable execution of automated data read and write operations in the medical data processing system, thereby reducing the risks posed by malicious node manipulations and fostering transparency, decentralization, and accountability among all participants.

In step 103, the target medical data is sent to the target medical service node, and calling information corresponding to the data calling request is chained and stored.

As an example, the calling information may be transaction information of a calling event for this request, so as to chain a corresponding transaction record.

After the target medical data is determined, the target medical data may be sent to the target medical service node, and the calling information corresponding to the data calling request may be chained and stored. For example, the target medical service node may request corresponding data from the data center, and the data center may send the data to the target medical service node after verifying the legitimacy of the identity and the request, and upload the transaction record corresponding to the data calling request to the blockchain.

In an example, the data center may encrypt the EHR with a session key, generate a corresponding verification hash value, and send the EHR and the hash value to the target medical service node. The data center also chains the transaction record corresponding to the data calling request. The target medical service node then acquires the EHR corresponding to the target patient after receiving the corresponding data and verifying the hash value.

Compared to conventional methods, according to the technical solution of this implementation example, the introduction of multiple roles in the medical data processing system enables the inclusion of the medical data supply chain, such as patients, into the system. This allows patients to participate in the process of data security sharing through a patient client terminal. Within the framework of the consortium blockchain, the introduction of the patient role is advantageous for implementing different data sharing strategies for various types of medical data (e.g., data with different sensitivities) and different medical institutions. Additionally, while ensuring the security of patient data, the introduction of the patient role facilitates the continuous generation of new data in the system, rather than solely relying on the sharing of existing data.

As the introduction of the patient role brings new data into the system, the system's throughput also needs to meet certain requirements. In the technical solution in embodiments, a data center, e.g., a cloud data center is introduced as a data lake for storing medical data. This enables breaking down data barriers between medical institutions, with only critical information being recorded in the consortium blockchain. This enhances the value of block information in the consortium blockchain and reduces the rate and volume of input information required for blockchain transactions to a minimum, which helps save system costs and enables efficient consensus among newly added nodes when expanding the system horizontally, thereby improving system throughput and efficiency.

In the above method for processing medical data, the data calling request sent by the target medical service node in the blockchain network is received, which is a request for calling the medical data of the target patient. The blockchain network stores the predetermined association relationship between the patient client terminal corresponding to the target patient and the target medical service node. The target medical data is acquired according to the pre-stored medical data sharing protocol corresponding to the target patient, and the medical data sharing protocol represents a sharing scope of the medical data of the target patient. The target medical data is sent to the target medical service node, and the calling information corresponding to the data calling request is chained and stored. The solution achieves optimized medical data processing based on blockchain. Introducing the patient role and the expandable medical data sharing protocol provides support for adding new shareable data and addresses the issue of data barriers. By acquiring medical data upon the data calling request and storing corresponding information record on-chain, data can be stored respectively based on decoupling of the system architecture, the system performance can be optimized, and the data processing efficiency can be improved. Additionally, this solution ensures the authenticity and security of shared data

In an embodiment, prior to receiving the data calling request sent by the target medical service node in the blockchain network, the method may further include: constructing a blockchain network including a plurality of medical service nodes based on blockchain network configuration parameters and data security parameters; receiving a registration verification request sent by each medical service node and performing a registration verification for each medical service node, the registration verification request including a node verification parameter corresponding to the medial service node; and receiving a registration request sent by the patient client terminal corresponding to the target patient and performing a registration for the patient client terminal, the registration request including an identity verification parameter corresponding to the patient client terminal.

As an example, the blockchain network configuration parameters may include a list of trusted institutions, block-generation parameters, server node parameters, and network communication parameters. The data security parameters may include a public key, prime group information, and hash functions. For example, security parameters of a key sharing algorithm (i.e., the data security parameters) may be determined by a blockchain network manager, and the data security parameters may be chained. It can be understood that in some embodiments, the blockchain network manager is an abstract manager which configures the static parameters of the blockchain and write blockchain smart contracts. By writing and deploying smart contracts, the blockchain network manager can effectively manage the consortium chain.

In practical applications, the consortium blockchain network may be pre-constructed. To enable those skilled in the art to better understand the above steps, embodiments of the present disclosure are illustrated below with an example in conjunction with FIG. 2. However, it should be understood that the embodiments of the present disclosure are not limited thereto. As shown in FIG. 2, when the consortium blockchain network is initialized, blockchain network configuration may be initialized through the blockchain network manager to establish the network. The corresponding blockchain network configuration parameters and strategies can be shared with all applicants of the system. Then, server nodes of various medical institutions (i.e., medical service nodes) and client terminal nodes can be added to the consortium blockchain network.

In an alternative embodiment, the medical institutions may include hospitals, and institutions such as physical examination centers and medical research institutions that are able to join the medical data processing system and have service nodes or client terminal nodes, which are not specifically limited in this embodiment.

In an example, each medical institution may perform a key registration. As shown in FIG. 2, the medical service node corresponding to the medical institution may associate its own UID with a private key, and then may send a corresponding hash valve to the blockchain network manager. The blockchain network manager then calculates node certification information as a key based on the private key of the medical institution. The certification information may correspond to a private key. Each medical institution may register a plurality of keys.

For example, the medical service node corresponding to the medical institution may generate a random number as its own private key, and may send a hash value of a combination of the UID and the private key as a medical visit verification value (i.e., the registration verification request includes a node verification parameter corresponding to the medial service node) to the blockchain network manager. The blockchain network manager may select a random number, perform a combination of the random number and the received medical visit verification value, calculate a corresponding hash value, and then add a product of a manager private key and a public key of the medical institution to obtain the node certification information, which is kept for backup. It is to be noted that, in the present disclosure, combining two characters, values, or numbers may refer, in some implementations, to concatenating the two characters, values, or numbers.

In this embodiment, the blockchain network including the plurality of medical service nodes is constructed based on the blockchain network configuration parameters and the data security parameters. The registration verification request sent by the medical service node is received and registration verification for the medical service node is performed. Further, the registration request sent by the patient client terminal corresponding to the target patient is received, and the registration for the patient client terminal is performed. As such, network joining objects can be controlled through the identity management mechanism of the consortium blockchain, which improves data security.

In an embodiment, receiving the registration request sent by the patient client terminal corresponding to the target patient and performing the registration for the patient client terminal may include generating, according to the identity verification parameter corresponding to the patient client terminal, patient identification information for the target patient, sending the patient identification information to the patient client terminal, and storing the identity verification parameter and the patient identification information of the target patient on-chain in a corresponding manner.

In practical applications, the patient client terminal generates a corresponding identity verification value (i.e., the identity verification parameter) in response to patient input information, and sends the identity verification value to the blockchain network manager. The blockchain network manager generates a receiving tag, i.e., the patient identification information, based on the received identity verification value and sends the receiving tag to the patient client terminal, and may also store the received identity verification value and the generated receiving tag on the blockchain network in a corresponding manner.

In an example, the patient client terminal registration can be performed for each patient. As shown in FIG. 2, in response to a patient registration, the patient client terminal may send a hash value of the UID of the patient to the blockchain network manager, and then the blockchain network manager may store the hash value on the blockchain network and return a personal card. The patient client terminal may locally generate a set of verification parameters based on the received personal card.

For example, the patient client terminal may generate a random number as a registration random number according to a UID and a user password that are entered, generate an identity verification value based on a combination of the registration random number and the UID. For example, the identity verification value is determined according to a hash value of the combination of the registration random number and the UID, and send the identity verification value to the blockchain network manager. Then, the blockchain network manager may generate a manager random number, generate a receiving tag according to a hash value of a combination of the manager random number and the received identity verification value, store the received identity verification value and the generated receiving tag on the blockchain network, and return the receiving tag to the patient client terminal. Then, the patient client terminal may generate a random number as a key, and generate, according to the key, the UID, the user password, the registration random number, and the receiving tag, an identity verification card quadruple, which is then stored locally.

In another example where the identity information of a patient j is taken as an example,

identity verification value=hash (registration random number || patient UID) ;

receiving tag=hash (identity verification value || manager random number) .

A random number S_j corresponding to the patient j is generated by a patient client terminal for the second time as a private key for the patient j, after the receiving tag is received. The identity verification card quadruple is calculated as (B_j, C_j, D_j, E_j) ,
H_pw= hash (patient UID || patient password) ;

E_j = hash (registration random number || S_j || receiving tag) ,

where the symbol "||" represents a combination operation, and the symbolrepresents an exclusive or (XOR) operation.

It can be understood that it is possible to use the same or different hash algorithms to determine B_j, C_j, D_j, and E_j in the identity verification card quadruple.

When the patient j visits the medical institution k for medical services, the medical data is generated by patient j at medical institution k. Therefore, a binding key is needed between the patient j and the medical institution k to manage subsequent steps. The generation of this binding key is completed during the doctor's consultation process. The patient j calculates H_pw based on his own UID and password. Then, using B_j, C_j, D_j from the identity verification card quadruple, the registration random number, the receiving tag, and the private key can be solved, and whether hash (registration random number ||S_j|| received label) is equal to E_j is further determined. This step prevents the client's identity information from being tampered with or misappropriated by others'information.

After the patient identity is successfully verified, according to a timestamp V₁, a binding key preparation parameter N₁ and an auxiliary verification value N_bq can be calculated:

N₁ =manager random number || identity verification value || V₁ + S_j·institution public key (e.g., S_j·S_k·H) ;

N_bq = hash (receiving tag || identity verification value) ,

where S_k is the random number generated by the medical institution.

N₁, N_bq, and V₁ are then sent to the medical service node.

Then medical service node calculates the patient's identity verification value using the following equation:

receiving tag || identity verification value || V₁ = N₁-institution private key·patient public key (e.g., S_j·S_k·H) .

The medical institution then sends a request to the consortium blockchain network to verify if the patient's identity verification value is correct. After successfully verifying the patient's identity verification value, N_bq can be calculated based on the obtained identity verification value and the receiving tag, and whether it matches the value in the request can be then determined.

In this embodiment, according to the identity verification parameter corresponding to the patient client terminal, the patient identification information for the target patient is generated and sent to the patient client terminal, and then the identity verification parameter and the patient identification information of the target patient are chained and stored in a corresponding manner. It can thus introduce the patient roles, while ensuring patient data security, which provides data support for subsequent data sharing.

In an embodiment, prior to receiving the data calling request sent by the target medical service node in the blockchain network, the method may further include receiving a medical visit association request sent by the target medical service node, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal; and establishing an association relationship between the patient client terminal corresponding to the target patient and the target medical service node based on the node verification parameter and the identity verification parameter, and sending association relationship record information to the target medical service node. The association relationship includes association key information.

In practical applications, when a patient visits a medical institution, the medical service node corresponding to the medical institution may send a medical visit association request based on information provided by the patient client terminal. The medical visit association request may include the node verification parameter corresponding to the target medical service node (e.g., a medical visit verification value) and the identity verification parameter corresponding to the patient client terminal (e.g., an identity verification value) . Then, the blockchain network manager may establish the association relationship (e.g., association certification information) between the patient client terminal corresponding to the target patient and the target medical service node according to the node verification parameter and the identity verification parameter, and then may store association relationship record information (e.g., the association certification information and the identity verification value) on the blockchain network and send the association relationship record information to the medical service node corresponding to the medical institution.

In an example, after the registration, the patient client terminal may perform a patient visit binding operation. As shown in FIG. 2, if the patient information of the target patient already exists in the medical data processing system, a patient visit binding step may be performed, and patient information and medical institution information may be bound and stored on the blockchain network.

For example, when a patient visits a medical institution, the medical service node corresponding to the medical institution may send the medical visit verification value, the identity verification value (i.e., the medical visit association request includes the node verification parameter corresponding to the target medical service node and the identity verification parameter corresponding to the patient client terminal) , and the public key provided by the patient client terminal to the blockchain network manager. Then, the blockchain network manager may select a random number and calculate the association certification information (i.e., the association relationship record information) based on the received public key, the medical visit verification value, the random number, and the manager private key, and may then store the association certification information and the identity verification value on the blockchain network and return the association certification information and the identity verification value to the medical service node corresponding to the medical institution.

In a specific implementation, a binding key (i.e., association key information) may be generated for the patient client terminal and the medical service node. The medical institution corresponding to the medical service node may be a medical institution that is visited for the first time and has registered with the blockchain network, and can then authenticate a patient when the patient needs a health diagnosis in the future.

In another example, as shown in FIG. 2, verification may be performed locally through the identity verification card quadruple according to the UID and the password entered at the patient client terminal, and an auxiliary verification value may be generated by using the receiving tag, the identity verification value, the timestamp, the patient private key, and the public key of the medical institution. The receiving tag generated by the auxiliary verification value is associated with the hash value of the identity verification value and then is sent together with the timestamp to the medical service node corresponding to the medical institution.

The medical service node corresponding to the medical institution may quickly analyze out the identity verification value from the received auxiliary verification value through cyclic group information of the blockchain network, and then may verify the received hash value. Upon a successful verification, the medical service node may select a random number as a temporary key with the patient, send an XOR value of the temporary key and the receiving tag, calculate a binding key locally, generate a key sharing verification value according to the medical visit verification value, the binding key, and the timestamp, and send the key sharing verification value together with the XOR value. The patient client terminal may calculate the temporary key through the received XOR value, and restore the binding key according to the temporary key, the identity verification value, the medical visit verification value, and the receiving tag.

In this embodiment, the medical visit association request sent by the target medical service node is received. Then, the association relationship between the patient client terminal corresponding to the target patient and the target medical service node is then established based on the node verification parameter and the identity verification parameter, and the association relationship record information is sent to the target medical service node, which helps to authenticate the patient during subsequent health diagnosis of the patient.

In an embodiment, prior to acquiring the target medical data according to the pre-stored medical data sharing protocol corresponding to the target patient, the method may further include: receiving a protocol recording request sent by the target medical service node, the protocol recording request including a medical data sharing protocol which is generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is successfully verified; and storing the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal on-chain in a corresponding manner.

In practical applications, based on the established binding key, the medical service node corresponding to the medical institution and the patient client terminal may chain the medical data sharing protocol (i.e., by sending a protocol recording request) . The medical data sharing protocol may include shareable scope information of patient medical data and patient identity information, and then the medical data sharing protocol and the identity information of the target patient corresponding to the patient client terminal may be chained and stored in a corresponding manner.

In an example, as shown in FIG. 2, according to the shared binding key (i.e., the association key information) , the patient client terminal may associate the identity verification value with the medical visit verification value, and encrypt the association result and then send it to the medical service node. The corresponding binding key verification value may be sent together. Then, the medical service node may locally calculate a binding key verification value, and after determining that the locally calculated verification value is consistent with the received binding key verification value, may perform decryption through the binding key. Then, the medical service node may generate a customized medical data sharing protocol. For example, the medical data sharing protocol may be generated according to a patient requirement, a data type, data sensitivity, a requested institution type, etc. The identity verification value, the medical visit verification value, and the association certification information may be written together into the medical data sharing protocol and uploaded to the blockchain.

In an alternative embodiment, the patient signs the medical data sharing protocol with the medical institution, and recognition of the patient for privacy and security can be enhanced, so that the patient is more willing to incorporate medical data into the medical data processing system. Moreover, based on the customized protocol, the shareable scope information agreed by the patient can be determined, such as which fields included can be shared and the degrees of the sharing (e.g., shared for diagnosis by other medical institutions, shared for research analysis by medical research institutions, not for sharing, or for de-identified sharing, etc. ) . The medical data sharing protocol may be written into the blockchain as a mapping relationship with real data. When a chain code in the blockchain is called to read data in the data center, the chain code may query the medical data sharing protocol according to the identity of a caller to issue a calling of legitimate data. In this embodiment, the protocol recording request sent by the target medical service node is received, and the medical data sharing protocol is then generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information. Then, the medical data sharing protocol and the identity information of the target patient corresponding to the patient client terminal are chained and stored in a corresponding manner, so that the patient can participate in the data security sharing process based on the introduction of the expandable medical data sharing protocol, which provides support for the addition of more new shareable data to the system.

In an embodiment, as shown in FIG. 3, the method may further include the following steps 301-304.

In step 301, a data upload request sent by the target medical service node is received, and an upload address parameter and timestamp information are generated and sent to the target medical service node.

In a specific implementation, the target medical service node may request data upload from the data center by, for example, sending a data upload request, and then the data center may return an available URL and a request upload timestamp (i.e., an upload address parameter and timestamp information) to the target medical service node for the data upload request.

In step 302, medical data upload information sent by the target medical service node is acquired. The medical data upload information is obtained by the target medical service node based on a combination of the upload address parameter, the timestamp information, and the medical visit data of the target patient.

In practical applications, the target medical service node may encrypt the EHR (i.e., the medical data upload information) through a session key with the data center and then send the encrypted EHR to the data center, and may also send an upload verification value at the same time.

For example, the EHR may be obtained according to a combination of a patient identity verification value, a medical institution visit verification value, medical data (i.e., medical visit data) , and an upload timestamp. Then, the EHR may be encrypted through the session key with the data center and sent, and the upload verification value of the EHR is sent at the same time.

In step 303, the medical data upload information is analyzed to obtain and store the medical visit data of the target patient.

In step 304, upload information corresponding to the data upload request is chained and stored.

In a specific implementation, the chained upload information (e.g., transaction information for this upload event) may be recorded in a blockchain super node. The upload information may be packaged into blocks through the structure of the data chain. Newly generated block data may be verified according to a consensus algorithm in a blockchain sharing protocol. The upload information may be then distributed to various nodes for storage. Each node has a full copy of information of the block to complete the chaining of a corresponding transaction record.

In another embodiment, the blockchain network manager acquires a medical data upload request sent by the target medical service node. The medical data upload request is obtained by the target medical service node based on a combination of upload address parameter, timestamp information, and medical visit data of the target patient. The data center analyze the medical data upload request to acquire and store the medical visit data of the target patient. The blockchain network manager chains and stores the data upload request.

In an example, the data center may store the medical data obtained by analyzing in the database after decryption and verification, and may chain an upload transaction of the corresponding URL. For example, the data center may decrypt the EHR, verify the upload verification value and legitimacy of the EHR, and store the medical data in the corresponding URL. The data center may further chain the transaction. For example, the medical service node may combine and chain the identity verification value, the medical visit verification value, the timestamp, and the signature.

In another example, according to the technical solution in this embodiment, digital signatures and asymmetric encryption/decryption processes are used only for a small number of steps, and simple methods like random numbers, hash functions, XOR operations, etc. are utilized, which ensures the security and reliability of the steps, and effectively improves system efficiency.

In this embodiment, the data upload request sent by the target medical service node is received, and the upload address parameter and the timestamp information are generated and sent to the target medical service node. The medical data upload information sent by the target medical service node is acquired and analyzed, and the medical visit data of the target patient is acquired and stored. The upload information corresponding to the data upload request is chained and stored. Thus, new shareable data can be provided and the corresponding transaction record can be chained, ensuring authenticity and security of shared data.

In an embodiment, as shown in FIG. 4, a schematic flowchart of another method for processing medical data is provided. In this embodiment, the method includes the following steps 401-407.

In step 401, the blockchain network including a plurality of medical service nodes is constructed based on blockchain network configuration parameters and data security parameters. In step 402, a registration verification request sent by the medical service node is received, and a registration verification is performed for the medical service node, the registration verification request including a node verification parameter corresponding to the medial service node. In step 403, a registration request sent by the patient client terminal corresponding to the target patient is received, and a registration is performed for the patient client terminal, the registration request including an identity verification parameter corresponding to the patient client terminal. In step 404, a medical visit association request sent by the target medical service node is received, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal. In step 405, an association relationship between the patient client terminal corresponding to the target patient and the target medical service node is established based on the node verification parameter and the identity verification parameter, and association relationship record information is sent to the target medical service node. In step 406, a protocol recording request sent by the target medical service node is received, the protocol recording request including a medical data sharing protocol which is generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is successfully verified. In step 407, the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal are chained and stored in a corresponding manner. It is to be noted that specific limitations on the above steps may be obtained with reference to the above specific limitations on the method for processing medical data. Details are not described herein again.

In some embodiments, the medical data includes medical images. When a medical service node calls a patient's medical data, a calling record is established, including the data calling request and a hash value of a corresponding calling log. For example, calling logs are hashed to generate hash values, and a rainbow table is created with the hash values as the keys and the data calling requests as the values. The calling record is stored on the blockchain. Based on the hash value, a two-dimensional code is generated, and then embedded as a watermark image into the requested medical image using an invisible watermark embedding algorithm, such that the medical image contains a transparent watermark with the two-dimensional code as the watermark image. In the event of a leakage of the medical image, a watermark extraction algorithm is used to extract the watermark and call the two-dimensional code. By obtaining the two-dimensional code, the corresponding hash value is also obtained, and a query is performed in the calling record, e.g., the rainbow table, in the consortium blockchain, to determine the corresponding calling request, such that the caller, the calling time, and other information related to the leaked medical image can be determined.

It should be understood that, although the steps in the flowcharts related to the above embodiments are displayed in sequence as indicated by the arrows, the steps are not necessarily performed in the order indicated by the arrows. Unless otherwise clearly specified herein, the steps are performed without any strict order limitation, and may be performed in other orders. In addition, at least some steps in the flowcharts related to the above embodiments may include a plurality of steps or a plurality of stages, and such steps or stages are not necessarily performed at the same moment, and may be performed at different moments. The steps or stages are not necessarily performed in sequence, and the steps or stages and at least some of other steps or steps or stages of other steps may be performed in turn or alternately.

Based on the same invention concept, embodiments of the present disclosure further provide a medical data processing apparatus configured to implement the method for processing medical data described above. An implementation solution to the problem provided by the apparatus is similar to that described in the above method. Therefore, specific limitations in one or more embodiments of the medical data processing apparatus provided in the following may be obtained with reference to the limitations on the method for processing medical data above. Details are not described herein again.

In an embodiment, as shown in FIG. 5, a medical data processing apparatus is provided. The apparatus includes: a data calling request receiving module 501 configured to receive a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; a target medical data determination module 502 configured to acquire target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and a calling information chaining module 503 configured to send the target medical data to the target medical service node, and store calling information corresponding to the data calling request on-chain.

In an embodiment, the apparatus further includes: a blockchain network construction module configured to construct, based on blockchain network configuration parameters and data security parameters, a blockchain network including a medical service node; a node registration module configured to receive a registration verification request sent by the medical service node, and perform a registration verification for the medical service node, the registration verification request including a node verification parameter corresponding to the medial service node; and a client terminal registration module configured to receive a registration request sent by the patient client terminal corresponding to the target patient, and perform a registration for the patient client terminal, the registration request including an identity verification parameter corresponding to the patient client terminal.

In an embodiment, the blockchain network stores calling verifying information corresponding to the medical data of patients. The calling verifying information is configured to verify an identity information of the medical service node and the medical data sharing protocol upon a request for calling the medical data of the patients. The blockchain network manager is configured to acquire to-be-called medical data from a data center upon a successful verification. The data center is configured to store the medical data of the target patient.

In an embodiment, the client terminal registration module includes: a patient identification information generation submodule configured to generate, according to the identity verification parameter corresponding to the patient client terminal, patient identification information for the target patient and send the patient identification information to the patient client terminal; and a storage submodule configured to store the identity verification parameter and the patient identification information of the target patient on-chain in a corresponding manner.

In an embodiment, the apparatus further includes: a medical visit association request receiving module configured to receive a medical visit association request sent by the target medical service node, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal; and an association relationship establishment module configured to establish an association relationship between the patient client terminal corresponding to the target patient and the target medical service node based on the node verification parameter and the identity verification parameter, and send association relationship record information to the target medical service node. The association relationship includes association key information.

In an embodiment, the apparatus further includes: a protocol recording request receiving module configured to receive a protocol recording request sent by the target medical service node, the protocol recording request including a medical data sharing protocol which is generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is successfully verified; and a protocol storage module configured to store the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal on-chain in a corresponding manner.

In an embodiment, the apparatus further includes: a data upload request receiving module configured to receive a data upload request sent by the target medical service node, generate an upload address parameter and timestamp information, and send the upload address parameter and the timestamp information to the target medical service node; an upload information acquisition module configured to acquire medical data upload information sent by the target medical service node, the medical data upload information being obtained by the target medical service node based on a combination of the upload address parameter, the timestamp information, and medical visit data of the target patient; a analyzing module configured to analyze the medical data upload information to obtain and store the medical visit data of the target patient; and a storage module configured to store upload information corresponding to the data upload request on-chain.

The modules in the above medical data processing apparatus may be implemented entirely or partially by software, hardware, or a combination thereof. The above modules may be built in or independent of a processor in the computer device in a hardware form, or may be stored in a memory of the computer device in a software form, so that the processor calls and performs operations corresponding to the above modules.

In an embodiment, a computer device is provided. The computer device may be a terminal, and a diagram of an internal structure thereof is shown in FIG. 6. The computer device includes one or more processors, a memory, and a network interface connected through a system bus. The one or more processors of the computer device are configured to provide computing and control capabilities. The memory of the computer device includes a non-transitory storage medium and an internal memory. The non-transitory storage medium stores an operating system, a computer program, and a database. The internal memory provides an environment for running of the operating system and the computer program in the non-transitory storage medium. The database of the computer device is configured to store related data during the process of performing the method for processing medical data. The network interface of the computer device is configured to communicate with an external terminal over a network. The computer program is executed by the one or more processors to perform the method for processing medical data.

Those skilled in the art may understand that, the structure shown in FIG. 6 is only a block diagram of a partial structure related to the solution of the present disclosure, which does not constitute a limitation on the computer device to which the solution of the present disclosure is applied. Specifically, the computer device may include more or fewer components than those in the drawings, or include a combination of some components, or include different component layouts.

In an embodiment, the one or more processors, when executing the computer program, perform the following steps: receiving a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; acquiring target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and sending the target medical data to the target medical service node, and storing calling information corresponding to the data calling request on-chain.

In some embodiments, when executing the computer program, the one or more processors further perform steps of the method for processing medical data in the other embodiments above.

In an embodiment, a computer-readable storage medium storing a computer program is provided. The computer program, when executed by one or more processors, causes the one or more processors to perform the following steps: receiving a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; acquiring target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and sending the target medical data to the target medical service node, and storing calling information corresponding to the data calling request on-chain.

In some embodiments, when the computer program is executed by the one or more processors, steps of the method for processing medical data in the other embodiments above are further performed.

In an embodiment, a computer program product including a computer program is provided. The computer program, when executed by one or more processors, causes the one or more processors to perform the following steps: receiving a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; acquiring target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and sending the target medical data to the target medical service node, and storing calling information corresponding to the data calling request on-chain.

In some embodiments, when the computer program is executed by the processor, steps of the method for processing medical data in the other embodiments above are further performed.

A medical data processing system is provided. The system includes a medical service node and a blockchain network manager. The medical service node is configured to: send a data calling request to a data center, the data call request is a request to call medical data of a target patient, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; and acquire target medical data from the data center based on a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a scope of sharing of medical data of the target patient. The data center is configured to upload and store calling information corresponding to the data calling request.

The other embodiments of the medical data processing system described in the present disclosure can be referred to the various embodiments of the method for processing medical data described above, and will not be repeated here.

Those of ordinary skill in the art may understand that all or some of procedures of the method in the above embodiments may be implemented by a computer program by instructing relevant hardware. The computer program may be stored in a non-transitory computer-readable storage medium. When the computer program is executed, the procedures of the above method embodiments may be implemented. Any reference to a memory, a database, or another medium used in the embodiments provided in the present disclosure may include at least one of a non-transitory memory and a transitory memory. The non-transitory memory may include a read-only memory (ROM) , a magnetic tape, a floppy disk, a flash memory, an optical memory, a high-density embedded non-transitory memory, a resistive random access memory (ReRAM) , a Magnetoresistive Random Access Memory (MRAM) , a Ferroelectric Random Access Memory (FRAM) , a Phase Change Memory (PCM) , a graphene memory, etc.. The transitory memory may include a Random Access Memory (RAM) , an external cache, or the like. For the purpose of description instead of limitation, the RAM is available in a plurality of forms, such as a Static Random Access Memory (SRAM) or a Dynamic Random Access Memory (DRAM) . The database as referred to in the embodiments provided in the present disclosure may include at least one of a relational database and a non-relational database. The non-relational database may include a blockchain-based distributed database, etc., but is not limited thereto. The processor as referred to in the embodiments provided in the present disclosure may be a general-purpose processor, a central processing unit, a graphics processor, a digital signal processor, a programmable logic device, a data processing logic device based on quantum computing, etc., but is not limited thereto.

The technical features in the above embodiments may be randomly combined. For a concise description, not all possible combinations of the technical features in the above embodiments are described. However, all the combinations of the technical features are to be considered as falling within the scope described in this specification provided that they do not conflict with each other.

The above embodiments only describe several implementations of the present disclosure, and their description is specific and detailed, but cannot thus be understood as a limitation on the patent scope of the present disclosure. It should be noted that those of ordinary skill in the art may further make variations and improvements without departing from the conception of the present disclosure, and these all fall within the protection scope of the present disclosure. Therefore, the patent protection scope of the present disclosure should be subject to the appended claims.

Claims

A method for processing medical data, implemented by a blockchain network, comprising:

receiving a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node;

acquiring target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and

sending the target medical data to the target medical service node, and storing calling information corresponding to the data calling request on-chain.
The method according to claim 1, wherein, before the receiving the data calling request sent by the target medical service node in the blockchain network, the method further comprises:

constructing the blockchain network comprising a plurality of medical service node based on blockchain network configuration parameters and data security parameters, and

receiving a registration verification request sent by the medical service node, and performing a registration verification for the medical service node, the registration verification request including a node verification parameter corresponding to the medial service node.
The method according to claim 1 or claim 2, wherein, before the receiving the data calling request sent by the target medical service node in the blockchain network, the method further comprises:

receiving a registration request sent by the patient client terminal corresponding to the target patient, and performing a registration for the patient client terminal, the registration request including an identity verification parameter corresponding to the patient client terminal.
The method according to any one of claims 1-3, wherein the blockchain network stores calling verifying information corresponding to the medical data of patients, the calling verifying information being configured to verify an identity information of the medical service node and the medical data sharing protocol upon the data calling request, and the blockchain network manager is configured to acquire to-be-called medical data from a data center upon a successful verification, the data center being configured to store the medical data of the target patient.
The method according to claim 3, wherein the receiving the registration request sent by the patient client terminal corresponding to the target patient, and performing the registration for the patient client terminal comprises:

generating patient identification information for the target patient and sending the patient identification information to the patient client terminal according to the identity verification parameter corresponding to the patient client terminal; and

storing the identity verification parameter and the patient identification information of the target patient on-chain.
The method according to claim 5, wherein the generating the patient identification information for the target patient and sending the patient identification information to the patient client terminal according to the identity verification parameter corresponding to the patient client terminal comprises:

generating, by the patient client terminal, a registration random number according to a user identification (UID) and a user password that are entered, and determining the identity verification parameter based on a combination of the registration random number and the UID ; and

generating a random number, and generating the patient identification information according to the random number and the identity verification parameter.
The method according to claim 1, further comprising:

receiving, by the patient client terminal, the patient identification information, and generating a new random number as the patient's private key.
The method according to any one of claims 1-7, wherein, before the receiving the data calling request sent by the target medical service node in the blockchain network, the method further comprises:

receiving a medical visit association request sent by the target medical service node, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal; and

establishing the association relationship between the patient client terminal corresponding to the target patient and the target medical service node based on the node verification parameter and the identity verification parameter, and sending association relationship record information to the target medical service node, the association relationship comprising association key information.
The method according to claim 8, wherein, before the acquiring the target medical data according to the pre-stored medical data sharing protocol corresponding to the target patient, the method further comprises:

receiving a protocol recording request sent by the target medical service node, the protocol recording request including the medical data sharing protocol, the medical data sharing protocol being generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is verified; and

storing the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal on-chain.
The method according to any one of claims 1-9, further comprising:

acquiring medical data upload request sent by the target medical service node, the medical data upload request being obtained by the target medical service node based on a combination of upload address parameter, timestamp information, and medical visit data of the target patient;

analyzing the medical data upload request to acquire and store the medical visit data of the target patient; and

storing the data upload request on-chain.
The method according to any one of claims 1-10, wherein the medical data including a medical image, and the method further comprises:

establishing a calling record comprising the data calling request and a hash value of a calling log corresponding to the data calling request; and

generating a two-dimensional code based on the hash value and embedding the two-dimensional code as a watermark into a corresponding called medical image.
A medical data processing apparatus, comprising:

a data calling request receiving module configured to receive a data calling request sent by a target medical service node in a blockchain network, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node;

a target medical data determination module configured to acquire target medical data according to a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a sharing scope of the medical data of the target patient; and

a data calling recording module configured to send the target medical data to the target medical service node, and store calling information corresponding to the data calling request on-chain.
A medical data processing system, including a medical service node and a blockchain network manager,

wherein the medical service node is configured to:

send a data calling request to a data center, the data calling request being a request for calling medical data of a target patient, the blockchain network storing an association relationship between a patient client terminal corresponding to the target patient and the target medical service node; and

acquire target medical data from the data center based on a pre-stored medical data sharing protocol corresponding to the target patient, the medical data sharing protocol representing a scope of sharing of medical data of the target patient, the data center being configured to upload and store calling information corresponding to the data calling request.
The medical data processing system according to claim 13, further comprising the patient client terminal corresponding to the target patient, wherein the blockchain network manager is configured to receive a registration request sent by the patient client terminal and perform a registration for the patient client terminal, the registration request including a verification parameter corresponding to the patient client terminal.
The medical data processing system according to claim 14, wherein the patient client terminal is configured to generate a registration random number based on a user identification (UID) and a user password that are entered, and determining the identity verification parameter based on a combination of the registration random number and the UID; and

wherein the blockchain network manager is configured to generate a random number and generate patient identification information according to the random number and the identity verification parameter.
The medical data processing system according to claim 14, wherein the blockchain network manager is configured to send the patient identification information to the patient client terminal, and store the identity verification parameter and the patient identification information on chain.
The medical data processing system according to claim 16, wherein the patient client terminal is configured to receive the patient identification information and generate a random number as a private key of the target patient.
The medical data processing system according to any one of claims 13-17, wherein the blockchain network stores calling verifying information corresponding to the medical data of patients, the calling verifying information being configured to verify an identity information of the medical service node and the medical data sharing protocol upon the data calling request, and the blockchain network manager is configured to acquire to-be-called medical data from a data center upon a verification, the data center being configured to store the medical data of the target patient.
The medical data processing system according to any one of claims 13-18, wherein the blockchain network manager is configured to:

receive a medical visit association request sent by the target medical service node, the medical visit association request including a node verification parameter corresponding to the target medical service node and an identity verification parameter corresponding to the patient client terminal; and

establish the association relationship between the patient client terminal corresponding to the target patient and the target medical service node based on the node verification parameter and the identity verification parameter, and send association relationship record information to the target medical service node, the association relationship comprising association key information.
The medical data processing system according to claim 19, wherein the blockchain network manager is configured to receive a protocol recording request sent by the target medical service node, the protocol recording request including the medical data sharing protocol, the medical data sharing protocol being generated based on a combination of the node verification parameter corresponding to the target medical service node, the identity verification parameter corresponding to the patient client terminal, and the association relationship record information after the association key information is successfully verified; and

store the medical data sharing protocol and identity information of the target patient corresponding to the patient client terminal on-chain.
The medical data processing system according to any one of claims 13-20, wherein the blockchain network manager is configured to acquire a medical data upload request sent by the target medical service node, the medical data upload request being obtained by the target medical service node based on a combination of upload address parameter, timestamp information, and medical visit data of the target patient;

the data center is configured to analyze the medical data upload request to acquire and store the medical visit data of the target patient; and

the blockchain network manager is configured to store the data upload request on-chain.
The medical data processing system according to any one of claims 13-21, wherein the medical data comprises medical images, and the blockchain network manager is configured to:

establish a calling record comprising the data calling request and a hash value of a calling log corresponding to the data calling request; and

generate a two-dimensional code based on the hash value and embed the two-dimensional code as a watermark into a corresponding called medical image.
A computer device, comprising a memory and one or more processors, the memory storing a computer program, wherein when executing the computer program, the one or more processors are configured to perform a method for processing medical data method according to any one of claims 1-12.
A computer-readable storage medium having a computer program, which when executed by one or more processors, causes the one or more processors to perform a method for processing medical data method according to any one of claims 1-12.
A computer-program product having a computer program stored therein, which when executed by one or more processors, causes the one or more processors to perform a method for processing medical data method according to any one of claims 1-12.