• Journal of Information Management
• /
• v.36 no.1
• /
• pp.125-154
• /
• 2005

Due to the development of Internet and the collection and usage of the individual information, the infringements of the personal data have been increased rapidly. Regarding the personal data protection in the medical industry, it is clearly described in 'Act on Promotion of Information and Communication Network Utilization and information Protection, etc.'. the law is ratified on the basis of the service provider, therefore, it has its own limitation to be applied to medical industry. Therefore, this paper is to set the security standard and to discuss the range of legal application and considerations on its basis for the domestic medical institution at the electronic medical record system. We exemplify specific applicable content of the electronic signature in the electronic medical record also, present a security assessment item in electronic medical system and set the criteria for the security standard in the medical industry.

• Journal of radiological science and technology
• /
• v.44 no.4
• /
• pp.399-407
• /
• 2021

This study discussed the validity and necessity of compulsory recording of radiographic examination performed by radiological technologist on patients in medical institutions related to radiation exposure. Also, this study provided reasonable evidence of radiographic examination related medical records can contribute to the improvement of public health. Based on overseas cases of implementing a radiographic examination record system, the essential items to be included in medical record are the exposure date, exposure time, exposure method, exposure conditions that is tube voltage, tube current. Name and license number of the radiological technologist who performed the examination should be include in medical record. It is expected that the medical record of the total amount of radiation exposure per year would be in giving the maximum benefit with the minimum exposure to the medical radiation examination of the patient. In addition, interventional radiography medical record should also include exposure time, type and dose of the contrast medium.

• Convergence Security Journal
• /
• v.19 no.1
• /
• pp.49-60
• /
• 2019

Medical record is part of the personal information that values the dignity and value of an individual, and can lead to serious social prejudice and disadvantage to an individual when it is breached illegally. In addition, the medical record has been highly threatened because its value is relatively high, and external threats are continuing. In this paper, we propose a medical record sharing framework that guarantees patient's privacy based on blockchain using ciphertext policy-based attribute based proxy re-encryption scheme. The proposed framework first uses the blockchain technology to ensure the integrity and transparency of medical records, and uses the stealth address to build the unlinkability between physician and patient. Besides, the ciphertext policy attribute-based proxy re-encryption scheme is used to enable fine-grained access control, and it is possible to share information in emergency situations without patient's agreement.

• Smart Media Journal
• /
• v.5 no.1
• /
• pp.114-121
• /
• 2016

Currently, different medical institutions have been carrying out the e-healthcare system project. The system includes electronic medical record and prescription delivery system, and, the Medical Treatment law permits electronic signature for medical record management, which reduced the relevant costs and enabled sharing medical record. And medical solution using online certificates is expanding its application. In that light, the role of certificates became more important than ever. However, in contrast to active effort made to manage personal certificates, certificates related to medical solutions and other types of work are not being managed properly. Most work-related certificates are saved in office computers, which makes them vulnerable to various security threats. Although certificate servers can be used as a solution to this problem, hospitals must build the server separately and, therefore, small and medium-size hospitals can be reluctant to bear the burden. This study proposed a way to design and implement an effective and secure certificate management system by save the certificate file as a BLOB, using existing resources without needing to build a separate certificate server, at minimized costs.

• The Korean Society of Law and Medicine
• /
• v.23 no.2
• /
• pp.171-209
• /
• 2022

There were also many medical-related rulings in 2021, among which the rulings reviewed in this paper are as follows. The first relates to a case in which the medical record, which is the primary judgment data regarding the presence or absence of medical negligence, has been modified. The court judged whether there was negligence on the basis of the first written medical record without considering the contents of the medical record that was later modified. Next, the ruling on the case of asking for liability for damages for prescription of anti-obesity drugs recognized negligence related to prescription, but denied liability for property damage by denying a causal relationship, and recognized only alimony for violation of the duty of explanation. The a full-bench ruling on the scope of subrogation of the National Health Insurance Corporation, which subrogates the claims for compensation for medical expenses against the perpetrator of the patient, changed the existing precedent that had taken the 'deduction method after offsetting negligence' and judged it as 'the method of offsetting negligence after deduction'. In addition, in the ruling on whether or not there was negligence, the court was not bound by the medical record appraisal result. Lastly, in relation to the National Health Insurance Service's disposition of reimbursement for medical care benefit costs, we reviewed the ruling that discretion should be exercised even when a non-medical person makes a refund to a medical institution opened by a non-medical person. And we also reviewed the ruling that the scope of reimbursement for medical institutions jointly using facilities and manpower specifically should be determined.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.11 no.9
• /
• pp.4624-4640
• /
• 2017

This paper mainly presents a secure and efficient e-Medical Record System via searchable encryption scheme from asymmetric pairings, which could provide privacy data search and encrypt function for patients and doctors in public platform. The core technique of this system is an extension public key encryption system with keyword search, which the server could test whether or not the files stored in platform contain the keyword without leaking the information about the encrypted file. Compared with former e-medical record systems, the system proposed here has several superior features: (1)Users could search the data stored in cloud server contains some keywords without leaking anything about the origin data. (2) We apply asymmetric pairings to achieve shorter key size scheme in the standard model, and adopt the dual system encryption technique to reduce the scheme's secure problem to the hard Symmetric External Diffie-Hellman assumption, which could against the variety of attacks in the future complex network environment. (3) In the last of paper, we analyze the scheme's efficiency and point out that our scheme is more efficient and secure than some other classical searchable encryption models.

• 한국IT서비스학회:학술대회논문집
• /
• 2007.11a
• /
• pp.364-369
• /
• 2007

다양한 의료서비스를 정형화되고 효율적인 방법으로 제공하기 위하여 최근 의료기관의 EMR(Electronic Medical Record; 전자의무기록) 시스템의 도입이 급속도로 확산되고 있다. 그러나 국내에서 구축되고 있는 EMR은 초기에 기대했던 EMR의 도입목적을 중분하게 달성하지 못하고 있다. 이는 근본적으로 EMR의 방향성과 구조에 한계를 지니고 있기 때문이다. 국내에서 구축되고 있는 대부분의 전자의무기록시스템은 자료수집원 지향 의무기록 (Source Oriented Medical Record; SOMR) 방식으로 개별 사실을 수집하고 제시하기 위한 관찰자 중심, 서식중심의 시스템이며 차트 이송과 종이를 없애는 것이 주목적이다. SOMR 방식은 EMR의 다양한 도입목적, 특히 임상자료의 효과적 활용을 충족시킬 수 없는 태생적인 한계를 지니고 있기 때문에 문제지향 의무기록 (Problem Oriented Medical Record; POMR) 방식의 EMR과 적절한 혼용전략 (Hybrid Strategy)이 절실히 요구된다. 본 연구의 목적은 SOMR 시스템과 POMR 시스템이 보완적으로 결합된 하이브리드 EMR 아키텍처를 제시하고 아키텍처를 구성하는 데 필요한 기술적 요소들과 그들간의 상호관계 틀 파악한 후 이를 기반으로 개발방법론을 도출하는 것이다. 또한 만성신부전증 환자 사례를 이용하여 앞서 제시된 개발방법론에 따라 프로토타입을 개발하였다. 본 연구는 EMR 시스템이 SOMR 구조에만 편향됨으로써 발생될 수 있는 다양한 문제들을 해결함으로써 진료의 품질 항상, 임상연구의 활성화, 조직적이고 과학적인 진료계획의 수립과 같은 소외되어 왔던 EMR의 목표를 실현할 수 있을 것으로 기대 된다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.3
• /
• pp.947-971
• /
• 2022

The Electronic Medical Record (EMR) is a valuable source of medical data intelligence in e-health systems. The watermarking techniques have been used to authenticate the owner and protect the EMR from illegal copying. The existing distributive strategies, successfully operated to secure the EMR, are found to be inadequate. Blockchain technology, mainly, is employed by a sharing database that allows the digital crypto-currency. It rapidly leads to the magnified expectations acme. In this excitement, the use of consortium adopting the technology based on Blockchain, in the EMR structure, is found improving. This type of consortium adds an immutable share with a translucent record of the entire business and it is accomplished with responsibility, along with faith and transparency. The combination of watermarking and Blockchain technology provides a singular chance to promote a secured, trustworthy electronic documents administration to share with the e-records system. The authors, in this article, present their views on consortium Blockchain technology which is incorporated in the EMR system. The ledger, used for the distribution of the block structure, has team healthcare models based on dissimilar multiple image watermarking techniques.

• Journal of Digital Convergence
• /
• v.13 no.7
• /
• pp.229-238
• /
• 2015

This research is aimed to develop a National competency standards(NCS) as a method of job standardization, and then to be applicated as a baseline data on overall university curriculum by using the NCS. Study period is from June 21, 2014 to November 30, 2014. To accomplish the aims, a pool of researchers and experts like as industrial site experts, education training experts, and job analysis specialists was formed. Job title to be conducted in medical record is defined as medical information management and NCS was developed through deducing 12 competency unit, 43 competency unit elementary and competency unit each career during lifelong. And finally the developed standards proposal was completed to be NCS after verification by on-the-spot specialists.

• The Korean Society of Law and Medicine
• /
• v.13 no.1
• /
• pp.359-395
• /
• 2012

In a broad term, health and medical data means all patient information that has been generated or circulated in government health and medical policies, such as medical research and public health, and all sorts of health and medical fields as well as patients' personal data, referred as medical data (filled out as medical record forms) by medical institutions. The kinds of health and medical data in medical records are prescribed by Articles on required medical data and the terms of recordkeeping in the Enforcement Decree of the Medical Service Act. As EMR, OCS, LIS, telemedicine and u-health emerges, sharing and protecting digital health and medical data is at issue in these days. At medical institutions, health and medical data, such as medical records, is classified as "sensitive information" and thus is protected strictly. However, due to the circulative property of information, health and medical data can be public as well as being private. The legal grounds of health and medical data as such are based on the right to informational self-determination, which is one of the fundamental rights derived from the Constitution. In there, patients' rights to refuse the collection of information, to control recordkeeping (to demand access, correction or deletion) and to control using and sharing of information are rooted. In any processing of health and medical data, such as generating, recording, storing, using or disposing, privacy can be violated in many ways, including the leakage, forgery, falsification or abuse of information. That is why laws, such as the Medical Service Act and the Personal Data Protection Law, and the Guideline for Protection of Personal Data at Medical Institutions (by the Ministry of Health and Welfare) provide for technical, physical, administrative and legal safeguards on those who handle personal data (health and medical information-processing personnel and medical institutions). The Personal Data Protection Law provides for the collection, use and sharing of personal data, and the regulation thereon, the disposal of information, the means of receiving consent, and the regulation of processing of personal data. On the contrary, health and medical data can be inspected or delivered of the copies, based on the principle of restriction on fundamental rights prescribed by the Constitution. For instance, Article 21(Access to Record) of the Medical Service Act, and the Personal Data Protection Law prescribe self-disclosure, the release of information by family members or by laws, the exchange of medical data due to patient transfer, the secondary use of medical data, such as medical research, and the release of information and the release of information required by the Personal Data Protection Law.