CN109979555A - A kind of medical record data managing method - Google Patents
A kind of medical record data managing method Download PDFInfo
- Publication number
- CN109979555A CN109979555A CN201910281114.0A CN201910281114A CN109979555A CN 109979555 A CN109979555 A CN 109979555A CN 201910281114 A CN201910281114 A CN 201910281114A CN 109979555 A CN109979555 A CN 109979555A
- Authority
- CN
- China
- Prior art keywords
- password
- data
- medical record
- hospital
- patient
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- G—PHYSICS
- G16—INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
- G16H—HEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
- G16H10/00—ICT specially adapted for the handling or processing of patient-related medical or healthcare data
- G16H10/60—ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
Landscapes
- Health & Medical Sciences (AREA)
- Engineering & Computer Science (AREA)
- Epidemiology (AREA)
- General Health & Medical Sciences (AREA)
- Medical Informatics (AREA)
- Primary Health Care (AREA)
- Public Health (AREA)
- Medical Treatment And Welfare Office Work (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of medical record data managing methods, this method shares medical record data using medical record storage server between Different hospital, there are the second data of encryption in the medical record data that hospital uploads, other hospitals can obtain medical record data from the medical record storage server, but decrypt the authorization that the second data need to obtain patient or administrative staff;To improve the safety of patient privacy data.
Description
Technical field
The invention belongs to computer medical data management field more particularly to a kind of medical record data managing methods.
Background technique
Patient sees a doctor or is hospitalized in hospital, and doctor needs to fill in medical record to patient, and existing hospital generally all has been achieved with
Electronization, electronic medical record are stored in the server of hospital, therefore doctor can extract patient from hospital server
Pervious medical record data, facilitate doctor to check patient history, improve the accuracy of diagnosis, on the other hand decrease doctor and fill in
The workload of medical record.But if patient sees a doctor in different hospitals, the prior art can't be supported across case of hospital data
It is shared, this shared privacy for needing to consider patient health data, it is also desirable to consider that doctor obtains the importance of patient data
And urgency.
Summary of the invention
In order to solve the above problem in the prior art, the present invention provides a kind of medical record data managing methods.
The technical solution adopted by the present invention is specific as follows:
A kind of medical record data managing method, including medical record data uploading method and medical record data download method, wherein medical record
Data uploading method includes:
S100: the doctor of First Hospital fills in the medical record of patient using first terminal, and the medical record includes the identity of patient
Identifier;
S110: after doctor has filled in the medical record, the first data and the second data in medical record, first data are determined
It is that shared data can be disclosed in medical record, second data are the data of need for confidentiality in medical record;
S120: patient inputs password in the first terminal, and the password is for adding second data of secrecy
It is close;
S130: the first terminal encrypts second data using the password;
S140: the first terminal generates a case taking, and the case taking includes hospital ID, Record ID, described
First data and encrypted second data, and the case taking is sent to medical record storage server, medical record storage clothes
Business device stores received case taking;
S150: password described in digital certificate public key encryption of the first terminal using First Hospital, it will be encrypted close
Code, the identification identifier of patient, Record ID send jointly to the password storage server of First Hospital, the password storage service
Device is by the encrypted password, the identification identifier of patient, Record ID associated storage;
The medical record data download method includes:
The doctor of S200: the second hospital inputs the identification identifier of patient in second terminal, by the second terminal to
Medical record storage server sends inquiry request, and the inquiry request includes the identification identifier;
S210: the medical record storage server inquires all of the corresponding identification identifier according to the identification identifier
Case taking excludes the case taking from the second hospital in the case taking inquired, and remaining case taking is returned
Return the second terminal;
S220: the second terminal shows the case taking received Xiang doctor, and according to the instruction of doctor, to doctor institute
The second data in the case taking of selection are decrypted;
Wherein, the step S220 further comprises:
S221: doctor terminal requires patient to input password, for decrypting corresponding second data;
When patient independently cannot provide password, the step S220 further comprises:
S222: the second terminal determines that the case taking of doctor's selection is generated by First Hospital, then to the first doctor
The password storage server of institute issues password request, includes ID, the Record ID, disease of the second hospital in the password request
The explanation of people's present case and the personal information of doctor;
S223: for the administrative staff of the password storage server based on the relevant information in password request, judging whether can
To provide corresponding password, if can provide, password storage server is based on the Record ID, and inquiry obtains corresponding encryption
The password crossed, the password that the private key of administrative staff input First Hospital is encrypted to this are decrypted, and obtain corresponding password, close
The password is returned to the second terminal by code storage server.
Further, the identification identifier of the patient is the identification card number or social security number of patient.
Further, doctor determines first data and the second data on the basis of seeking advice from patient.
Further, the first terminal provides medical record User Interface, and for each filling in field provides privacy options.
Further, the encryption uses symmetric encipherment algorithm.
Further, the symmetric encipherment algorithm is DES or aes algorithm.
Further, the administrative staff are based on the information in password request, and further pass through the means such as phone, confirmation
The reliability of password request.
Further, the password request of the password storage server record each time.
The beneficial effects of the present invention are: patient is made to can protect its private data, the doctor of other hospitals obtains privacy number
According to the permission for needing to obtain patient or specified administrative staff.
Detailed description of the invention
Described herein the drawings are intended to provide a further understanding of the invention, constitutes part of this application, but
It does not constitute improper limitations of the present invention, in the accompanying drawings:
Fig. 1 is medical record data management system according to the present invention.
Specific embodiment
Come that the present invention will be described in detail below in conjunction with attached drawing and specific embodiment, illustrative examples therein and says
It is bright to be only used to explain the present invention but not as a limitation of the invention.
Referring to attached drawing 1, it illustrates medical record data management system according to the present invention, which includes medical record storage clothes
Business device, password storage server and doctor terminal.
Wherein, the medical record storage server is used to store the medical record data of patient, passes through network and each hospital
System is connected.The password storage server is used to store the password of the private data of patient, and each hospital has one
Corresponding password storage server, thus there are multiple password storage servers in system.The doctor terminal is that doctor fills in
With the terminal of browsing patient's medical record, which is connect with the subsystems in hospital by hospital internal network, can also be passed through
Medical record storage server described in visiting from outside.
Based on above system, multiple hospitals can by the medical record storage server share patient medical record data, one
Aspect helps doctor to understand patient history, on the other hand may also aid in doctor and fills in medical record.But shared data may face disease
The privacy problem of personal data needs to carry out finer data management.The following detailed description of medical record data management of the invention
Method.
The medical record data managing method includes two parts: medical record data uploading method and medical record data download method.
Medical record data uploading method:
S100: the doctor of First Hospital fills in the medical record of patient in doctor terminal, and the medical record includes the identity mark of patient
Know symbol.
The identification identifier is used for unique identification patient, the identification card number of patient can be used, or use patient's
Social security number etc., so as to help doctor and system to determine patient belonging to medical record.
S110: after doctor has filled in the medical record, the first data and the second data in medical record, first data are determined
It is that shared data can be disclosed in medical record, second data are the data of need for confidentiality in medical record.
It discloses or secrecy can be decided in its sole discretion by patient, therefore doctor can be on the basis of seeking advice from patient, described in determination
First data and the second data.But first data have included at least the identification identifier.
Specifically, on the medical record User Interface of doctor terminal, it can be for each filling in field provides privacy options, Yi Shengtong
It crosses and chooses privacy options, be otherwise public data using the corresponding field of determination as private data.
S120: patient inputs password in doctor terminal, and the password is for encrypting second data of secrecy.
Password is voluntarily selected by user, and patient can use different passwords in different hospitals, can also filled out every time
Different passwords is all replaced when writing medical record.
S130: the doctor terminal encrypts second data using the password.
The encryption uses symmetric encipherment algorithm, and specific algorithm can be existing symmetrical using any one in this field
Encryption Algorithm, such as DES, AES etc..
S140: the doctor terminal generates a case taking, and the case taking includes hospital ID, Record ID, described
First data and encrypted second data, and the case taking is sent to medical record storage server, medical record storage clothes
Business device stores received case taking.
Wherein, the hospital ID is the unique identifier of the First Hospital, and the Record ID is the medical record in the hospital
The unique identifier of record one medical record of unique identification can be remembered by hospital ID and Record ID in medical record storage server
Record.
S150: password described in digital certificate public key encryption of the doctor terminal using First Hospital, it will be encrypted close
Code, the identification identifier of patient, Record ID send jointly to the password storage server of First Hospital, the password storage service
Device is by the encrypted password, the identification identifier of patient, Record ID associated storage.
The digital certificate is to be presented to First Hospital in advance, and private key corresponding with public key in digital certificate is by first
The trusted people of hospital is taken care of, and subsequent decryption password is used for.
The doctor that above-mentioned steps describe First Hospital uploads the process of medical record data.It should be noted that actually each
There is the server of the storage medical record of oneself in hospital, therefore the medical record generated in the First Hospital is also required to be stored in oneself
In server, the doctor of First Hospital can access the medical record server of First Hospital by doctor terminal to obtain the patient
The medical record data generated in the court;But this is unrelated with present invention shared procedure of interest, therefore this is not explained in detail again.
Medical record storage server of the present invention is the server for sharing medical record between Different hospital, therefore the doctor of the second hospital
Life can download the medical record data of First Hospital by the medical record storage server, be explained below.
Medical record data download method:
The doctor of S200: the second hospital inputs the identification identifier of patient in its doctor terminal, passes through the doctor terminal
Inquiry request is sent to medical record storage server, carries the identification identifier in the inquiry request.
Specifically, the doctor of the second hospital when seeing a doctor to patient, can decide whether downloading disease according to state of an illness needs
Medical record of the people in other hospitals.Whether thus its identification identifier for being primarily based on patient, inquiring in medical record storage server has
Medical record of the patient in other hospitals.
S210: the medical record storage server inquires all of the corresponding identification identifier according to the identification identifier
Case taking excludes the case taking from the second hospital in the case taking inquired, and remaining case taking is returned
Return the doctor terminal.
As previously mentioned, case taking includes hospital ID, Record ID, the first data, encrypted second data, and first
It include the identification identifier of patient in data.Therefore the medical record storage server can be inquired according to the identification identifier
All case takings of the patient, and the case taking from second hospital is excluded (due to the second hospital by hospital ID
The case taking of oneself can voluntarily be obtained in the second hospital internal, therefore the doctor of the second hospital is not necessarily to from medical record storage service
Device obtains).
S220: the doctor terminal shows the case taking received Xiang doctor, and according to the instruction of doctor, to doctor institute
The second data in the case taking of selection are decrypted.
Specifically, doctor may browse through the public information in case taking by doctor terminal, such as hospital, medical record generate
Time, patient's essential information etc..Based on browsing as a result, doctor can choose its interested case taking, and instruct doctor
The second data of encryption therein are decrypted in raw terminal, further to browse the encryption information of medical record.
But as previously mentioned, the second data of encryption are all patient's need for confidentiality, doctor terminal is if necessary to decryption the
Two data, it is necessary to obtain the password of patient.Therefore step S220 further comprises:
S221: doctor terminal requires patient to input password, for decrypting corresponding second data.
Whether Xiang doctor the second data are disclosed at this time, is dependent on patient oneself.If patient thinks that second data relate to
And certain unsuitable disclosed privacy informations, then patient can refuse to provide password.
But in a practical situation, it is possible to patient is in emergency situation (such as remaining unconscious), can not according to oneself
Subjective desire provides password, just needs to obtain password by password storage server at this time.Therefore step S220 can also be into one
Step includes:
S222: doctor terminal determines that the case taking of doctor's selection is generated by First Hospital, then to First Hospital
Password storage server issues password request, includes that the ID, the Record ID, patient of the second hospital works as in the password request
The explanation of preceding situation and the personal information of doctor.
Specifically, doctor terminal can determine hospital belonging to case taking (such as the by the hospital ID of case taking
One hospital), so as to initiate to request to First Hospital, it is therefore an objective to obtain the password for encrypting the second data in the case taking.
Doctor's personal information is for determining the specific personnel for initiating request, to facilitate subsequent examination and audit.Disease
The explanation of people's present case be then in order to First Hospital illustrate patient's present case and its password can not be independently provided.
S223: for the administrative staff of the password storage server based on the relevant information in password request, judging whether can
To provide corresponding password, if can provide, password storage server is based on the Record ID, and inquiry obtains corresponding encryption
The password crossed, the password that the private key of administrative staff input First Hospital is encrypted to this are decrypted, and obtain corresponding password, close
The password is returned to the doctor terminal by code storage server.
The administrative staff should be the trusted people of First Hospital, be administered the private key by commission, and administrative staff can be with
Based on the information in password request, can also further by other means (such as phone), the reliability of confirmation request (such as
The patient is in a critical condition for confirmation, can not independently provide password), then decide whether to provide corresponding password.
According to step S150, the password in password storage server is all using hospital's public key encryption, therefore correspondingly
It should be decrypted by administrative staff using private key, password could be obtained.
Password storage server can recorde password request each time, when facilitating subsequent dispute on, provide corresponding
Proof.
Above-mentioned steps S221 and step S222-S223 is the method for two kinds of acquisition passwords, and doctor and doctor terminal are according to tool
Body situation obtains password using one of method, so that the second data in case taking be decrypted.Based on this mistake
Journey, one side patient can be reluctant that disclosed private data maintains secrecy to certain, decide whether to mention according to personal subjective desire
Supply the doctor of other hospitals;On the other hand, can not independently in emergency circumstances in patient, the doctor of the second hospital can also lead to
The trust that second of means obtains First Hospital administrative staff is crossed, obtains password from password storage server.
The above description is only a preferred embodiment of the present invention, thus it is all according to the configuration described in the scope of the patent application of the present invention,
The equivalent change or modification that feature and principle are done, is included in the scope of the patent application of the present invention.
Claims (8)
1. a kind of medical record data managing method, which is characterized in that including medical record data uploading method and medical record data download method,
Wherein medical record data uploading method includes:
S100: the doctor of First Hospital fills in the medical record of patient using first terminal, and the medical record includes the identity of patient
Symbol;
S110: after doctor has filled in the medical record, the first data and the second data in medical record are determined, first data are diseases
Shared data can be disclosed in case, and second data are the data of need for confidentiality in medical record;
S120: patient inputs password in the first terminal, and the password is for encrypting second data of secrecy;
S130: the first terminal encrypts second data using the password;
S140: the first terminal generates a case taking, and the case taking includes the hospital ID of First Hospital, record
ID, first data and encrypted second data, and the case taking is sent to medical record storage server, medical record
Storage server stores received case taking;
S150: password described in digital certificate public key encryption of the first terminal using First Hospital, by encrypted password, disease
Identification identifier, the Record ID of people sends jointly to the password storage server of First Hospital, and the password storage server will
The encrypted password, the identification identifier of patient, Record ID associated storage;
The medical record data download method includes:
The doctor of S200: the second hospital inputs the identification identifier of patient in second terminal, by the second terminal to medical record
Storage server sends inquiry request, and the inquiry request includes the identification identifier;
S210: the medical record storage server inquires all medical records of the corresponding identification identifier according to the identification identifier
Record, excludes the case taking from the second hospital in the case taking inquired, and remaining case taking is returned to institute
State second terminal;
S220: the second terminal shows the case taking received Xiang doctor, and according to the instruction of doctor, to selected by doctor
Case taking in the second data be decrypted;
Wherein, the step S220 further comprises:
S221: doctor terminal requires patient to input password, for decrypting corresponding second data;
When patient independently cannot provide password, the step S220 further comprises:
S222: the second terminal determines that the case taking of doctor's selection is generated by First Hospital, then to First Hospital
Password storage server issues password request, includes that the ID, the Record ID, patient of the second hospital works as in the password request
The explanation of preceding situation and the personal information of doctor;
S223: the administrative staff of the password storage server judge whether to mention based on the relevant information in password request
For corresponding password, if can provide, password storage server is based on the Record ID, and inquiry obtains corresponding encrypted
Password, the password that the private key of administrative staff input First Hospital is encrypted to this are decrypted, and obtain corresponding password, password is deposited
It stores up server and the password is returned into the second terminal.
2. the method according to claim 1, wherein the identification identifier of the patient is the identification card number of patient
Or social security number.
3. method described in -2 any one according to claim 1, which is characterized in that doctor is on the basis of seeking advice from patient, really
Fixed first data and the second data.
4. method according to claim 1 to 3, which is characterized in that the first terminal provides medical record and fills in boundary
Face, and for each filling in field provides privacy options.
5. method according to any of claims 1-4, which is characterized in that the encryption uses symmetric encipherment algorithm.
6. according to the method described in claim 5, it is characterized in that, the symmetric encipherment algorithm is DES or aes algorithm.
7. the method according to claim 1, wherein the administrative staff are based on the information in password request, and
Further by means such as phones, the reliability of password request is confirmed.
8. the method according to claim 1, wherein the password of password storage server record each time is asked
It asks.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910281114.0A CN109979555A (en) | 2019-04-09 | 2019-04-09 | A kind of medical record data managing method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201910281114.0A CN109979555A (en) | 2019-04-09 | 2019-04-09 | A kind of medical record data managing method |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109979555A true CN109979555A (en) | 2019-07-05 |
Family
ID=67083698
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201910281114.0A Pending CN109979555A (en) | 2019-04-09 | 2019-04-09 | A kind of medical record data managing method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109979555A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111935183A (en) * | 2020-09-27 | 2020-11-13 | 南京第三极区块链科技有限公司 | Method and system for credible transfer of user information between non-cooperative bodies of distributed network |
| CN113782129A (en) * | 2021-08-17 | 2021-12-10 | 湖北衡宇医疗科技有限公司 | Medical record information calling method, query end, platform end, system and storage medium |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436231A (en) * | 2008-11-24 | 2009-05-20 | ***集团宽带业务应用国家工程实验室有限公司 | Method and apparatus for recording and reading medical document |
| CN103700050A (en) * | 2012-09-27 | 2014-04-02 | 捷达世软件(深圳)有限公司 | Case data management method and system |
| CN109243553A (en) * | 2018-06-28 | 2019-01-18 | 平安科技(深圳)有限公司 | Medical data processing method, system, computer equipment and readable storage medium storing program for executing |
-
2019
- 2019-04-09 CN CN201910281114.0A patent/CN109979555A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101436231A (en) * | 2008-11-24 | 2009-05-20 | ***集团宽带业务应用国家工程实验室有限公司 | Method and apparatus for recording and reading medical document |
| CN103700050A (en) * | 2012-09-27 | 2014-04-02 | 捷达世软件(深圳)有限公司 | Case data management method and system |
| CN109243553A (en) * | 2018-06-28 | 2019-01-18 | 平安科技(深圳)有限公司 | Medical data processing method, system, computer equipment and readable storage medium storing program for executing |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111935183A (en) * | 2020-09-27 | 2020-11-13 | 南京第三极区块链科技有限公司 | Method and system for credible transfer of user information between non-cooperative bodies of distributed network |
| CN113782129A (en) * | 2021-08-17 | 2021-12-10 | 湖北衡宇医疗科技有限公司 | Medical record information calling method, query end, platform end, system and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11907397B2 (en) | Records access and management | |
| US11887705B2 (en) | Apparatus, system and method for patient-authorized secure and time-limited access to patient medical records utilizing key encryption | |
| US6131090A (en) | Method and system for providing controlled access to information stored on a portable recording medium | |
| TWI254233B (en) | Data processing system for patient data | |
| JP5897040B2 (en) | Secure access to emergency personal health records | |
| US10841286B1 (en) | Apparatus, system and method for secure universal exchange of patient medical records utilizing key encryption technology | |
| CN106960128B (en) | Intelligent medical treatment data managing method and system based on distributed validation technology | |
| US20040054657A1 (en) | Medical information management system | |
| EP1441301A2 (en) | Method for identifying and communicating with potential clinical trial participants | |
| KR20200016458A (en) | Blockchain-based phr platform server operating method and phr platform server operating system | |
| WO2012017612A1 (en) | Device for sharing anonymized information, and method for sharing anonymized information | |
| KR101701304B1 (en) | Method and system for managing medical data using attribute-based encryption in cloud environment | |
| KR101232379B1 (en) | Method and system for managing electronic personal healthrecords | |
| CN114121197A (en) | Medical data safety management and control system | |
| US10929509B2 (en) | Accessing an interoperable medical code | |
| CN109979555A (en) | A kind of medical record data managing method | |
| EP4035095A1 (en) | Utilizing a user's health data stored over a health care network for disease prevention | |
| CN115547441B (en) | Safety acquisition method and system based on personal health medical data | |
| JP2000331101A (en) | System and method for managing information related to medical care | |
| CN115831302A (en) | Method and apparatus for managing disease control data | |
| Huda et al. | Privacy-aware access to patient-controlled personal health records in emergency situations | |
| JP2000293603A (en) | Area medical information system and electronic patient card | |
| KR102064970B1 (en) | Method and apparatus for managing of medical record | |
| US7853581B2 (en) | Data processing system for the processing of object data | |
| US20240119174A1 (en) | Personal Data Anonymization System (PDAS) with Customized Token |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190705 |
|
| RJ01 | Rejection of invention patent application after publication |