• The Journal of Korea Institute of Information, Electronics, and Communication Technology
• /
• v.7 no.1
• /
• pp.45-49
• /
• 2014

In this paper, we propose a secure and efficient RFID-based patient authentication protocol to not only authenticate patients' authenticity but also protect patients' personal medical informations for u-Healthcare environments. Since the proposed RFID-based patient authentication protocol provides strong security and efficiency, it can be used practically for patient authentication and personal medical information protection on the high technology medical environments such as u-Hospital and u-Healthcare.

• Journal of Internet Computing and Services
• /
• v.23 no.3
• /
• pp.87-95
• /
• 2022

Recently, with the development of smart technology, in medical information platform, patient's biometric data is measured in real time and accumulated into database, and it is possible to determine the patient's emergency situations. Medical staff can easily access patient information after simple authentication using a mobile terminal. However, in accessing medical information using the mobile terminal, it is necessary to study authentication in consideration of the patient situations and mobile terminal. In this paper, we studied on medical information platforms based on big data processing and edge computing for supporting automatic authentication in emergency situations. The automatic authentication system that we had studied is an authentication system that simultaneously performs user authentication and mobile terminal authentication in emergency situations, and grants upper-level access rights to certified medical staff and mobile terminal. Big data processing and analysis techniques were applied to the proposed platform in order to determine emergency situations in consideration of patient conditions such as high blood pressure and diabetes. To quickly determine the patient's emergency situations, edge computing was placed in front of the medical information server so that the edge computing determine patient's situations instead of the medical information server. The medical information server derived emergency situation decision values using the input patient's information and accumulated biometric data, and transmit them to the edge computing to determine patient-customized emergency situation. In conclusion, the proposed medical information platform considers the patient's conditions and determine quick emergency situations through big data processing and edge computing, and enables rapid authentication in emergency situations through automatic authentication, and protects patient's information by granting access rights according to the patient situations and the role of the medical staff.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.35 no.6B
• /
• pp.962-969
• /
• 2010

Recently, RFID technology can successfully be used to reduce medical errors. This technology can aid in the accurate matching of patients with their medications and treatments. The enthusiasm for using RFID technology in medical settings has been tempered by privacy concerns. In this paper, we propose a secure and efficient RFID authentication system to not only authenticate patients' authenticity but also protect patients' personal medical informations. The proposed system consists of RFID-based patient authentication protocol and database security protocol. As a result, since the proposed RFID authentication system provides strong security and efficiency, it can be used practically for patient authentication and personal medical information protection on the high technology medical environments such as u-Hospital and u-Healthcare.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.1
• /
• pp.49-56
• /
• 2013

Among U-healthcare services adapting the latest IT technique and medical technique, a body-injecting device technique providing medical service to a patient who has incurable disease. But the body-injecting device technique can be easily exposed during wireless section to the third person and it can be used illegally. This paper proposes certification protocol which certifies a patient and hospital staff using random number created by certification server and a patient with hospital staff by synchronization. Specially, the proposed protocol uses security information created by information registered in certification server previously by a patient and hospital staff so that in keeps from accessing of third person who didn't get approval. And it gives more stability.

• Journal of Internet Computing and Services
• /
• v.22 no.1
• /
• pp.99-107
• /
• 2021

With the recent establishment of a ubiquitous-based medical and healthcare environment, the medical information system for obtaining situation information from various sensors is increasing. In the medical information system environment based on context-awareness, the patient situation can be determined as normal or emergency using situational information. In addition, medical staff can easily access patient information after simple user authentication using ID and Password through applications on smart devices. However, these services of authentication and patient information access are staff-oriented systems and do not fully consider the ubiquitous-based healthcare information system environment. In this paper, we present a authentication service model based context-awareness system for providing situational information-driven authentication services to users who access medical information, and implemented proposed system. The authentication service model based context-awareness system is a service that recognizes patient situations through sensors and the authentication and authorization of medical staff proceed differently according to patient situations. It was implemented using wearables, biometric data measurement modules, camera sensors, etc. to configure various situational information measurement environments. If the patient situation was emergency situation, the medical information server sent an emergency message to the smart device of the medical staff, and the medical staff that received the emergency message tried to authenticate using the application of the smart device to access the patient information. Once all authentication was completed, medical staff will be given access to high-level medical information and can even checked patient medical information that could not be seen under normal situation. The authentication service model based context-awareness system not only fully considered the ubiquitous medical information system environment, but also enhanced patient-centered systematic security and access transparency.

• Journal of Internet Computing and Services
• /
• v.21 no.4
• /
• pp.25-34
• /
• 2020

In the current medical information system, a system environment is constructed in which Biometric data generated by using IoT or medical equipment connected to a patient can be stored in a medical information server and monitored at the same time. Also, the patient's biometric data, medical information, and personal information after simple authentication using only the ID / PW via the mobile terminal of the medical staff are easily accessible. However, the method of accessing these medical information needs to be improved in the dimension of protecting patient's personal information, and provides a quick authentication system for first aid. In this paper, we implemented an automatic authentication system based on the patient's situation and evaluated its performance. Patient's situation was graded into normal and emergency situation, and the situation of the patient was determined in real time using incoming patient biometric data from the ward. If the patient's situation is an emergency, an emergency message including an emergency code is send to the mobile terminal of the medical staff, and they attempted automatic authentication to access the upper medical information of the patient. Automatic authentication is a combination of user authentication(ID/PW, emergency code) and mobile terminal authentication(medical staff's role, working hours, work location). After user authentication, mobile terminal authentication is proceeded automatically without additional intervention by medical staff. After completing all authentications, medical staffs get authorization according to the role of medical staffs and patient's situations, and can access to the patient's graded medical information and personal information through the mobile terminal. We protected the patient's medical information through limited medical information access by the medical staff according to the patient's situation, and provided an automatic authentication without additional intervention in an emergency situation. We performed performance evaluation to verify the performance of the implemented automatic authentication system.

• Journal of the Health Care and Life Science
• /
• v.9 no.1
• /
• pp.1-9
• /
• 2021

In this study, a model in which certification standards were added to the health information management practice program was studied and presented in order to understand the EMR certification standards implemented by the Korea Health and Medical Information Service. In the practice program, the certification standard function for patient information management was added to the health information management education system to practice and understand patient information management that corresponds to the functional standard of the EMR certification system. The EMR certification standard practice program for patient information management is composed of the following certification standards. registration number and personal information management, treatment reservation schedule management, personal information revision history management, identification of people with the same name, integrated management of multiple registration numbers, patient search by identification information, patient search by health care type, surgical procedure consent record and inquiry, record/inquiry of consent form for personal information use, display of life-sustaining medical decision information, registration/inquiry of external medical institution documents, registration and inquiry of external examination results. In this way, by operating and practicing the functions of the health information system according to the certification standards, it is possible to understand and practice the certification standards and details of patient information management in the functional area of the certification standards. In addition, since the function of the EMR certification standard can be checked, it will be possible to improve the management ability of the electronic medical record system of the health information manager in the medical institution.

• 한국노년학
• /
• v.38 no.1
• /
• pp.15-26
• /
• 2018

This study was aimed to investigate the influencing level of nursing staff's recognition for the health care accreditation on patient safety managing activities by identifying the relationship between them and other factors affecting on patient safety managing activities. Subjects of this study were 182 nursing staffs working in six geriatric hospitals accredited for health care in Seoul metropolitan area. Data was collected during April, 2016 by structured questionnaires. And SPSS/WIN 15.0 program with t-test, ANOVA, Pearson's correlation, and stepwise multiple regression analysis were employed for analyzing them. 96.2% of the subjects have recognized the accreditation and 31.8% of them have acknowledge it in detail. The average level of recognition for the health care accreditation and patient safety managing activity were 3.60 and 4.39 point (max.5.0) respectively. Correlation between them was positive(r=.339, p<.001). Significant factors influencing patient safety managing activity were internal service quality promotion (t=5.292, p<.001) and academic background (t=2.836, p=.005). Education program or information on health care accreditation system, and action plans for promoting internal service quality for the nursing staffs including job standardization of the jobs are recommended for the better patient safety managing activities.

• Journal of Internet Computing and Services
• /
• v.19 no.6
• /
• pp.31-40
• /
• 2018

With the development of IT technology recently, medical information systems are being constructed in an integrated u-health environment through cloud services, IoT technologies, and mobile applications. These kinds of medical information systems should provide the medical staff with authorities to access patients' medical information for emergency status treatments or therapeutic purposes. Therefore, in the medical information systems, the reliable and prompt authentication processes are necessary to access the biometric information and the medical information of the patients in charge of the medical staff. However, medical information systems are accessing with simple and static user authentication mechanism using only medical ID / PWD in the present system environment. For this reason, in this paper, we suggest a dynamic situation authentication mechanism that provides transparency of medical information access including various authentication factors considering patient's emergency status condition and dynamic situation authentication system supporting it. Our dynamic Situation Authentication is a combination of user authentication and mobile device authentication, which includes various authentication factor attributes such as emergency status, role of medical staff, their working hours, and their working positions and so forth. We designed and implemented a dynamic situation authentication system including emergency status decision, dynamic situation authentication, and authentication support DB construction. Finally, in order to verify the serviceability of the suggested dynamic situation authentication system, the medical staffs download the mobile application from the medical information server to the medical staff's own mobile device together with the dynamic situation authentication process and the permission to access medical information to the patient and showed access to medical information.

• Journal of Convergence for Information Technology
• /
• v.7 no.4
• /
• pp.27-38
• /
• 2017

The purpose of this study was to ascertain new policies fo the development of the Korean Hospital Accreditation Program (HAP) by comparing and reviewing the domestic HAP of Korea, the U. S. and Australia as well as the International Accreditation Program of the International Society for Health Care Quality. The results of this study are as follows. First, it is necessary to improve the standards of the HAP such as 'patient and community centered standards' and 'staffing related standards'. Second, it is necessary to strengthen patient safety through the HAP. Third, the linkage among the HAP, clinical indicators and patient experience evaluation should be strengthened. Fourth, the competencies of surveyors should be improved. Fifth, the HAP of small and medium hospitals also needs to be vitalized. Sixth, it is necessary to improve the disclosure of the healthcare quality evaluation results. The findings of this study can be used as a basis to improve the Korean HAP.