• Convergence Security Journal
• /
• v.11 no.3
• /
• pp.91-98
• /
• 2011

Medical information system based on ad hoc network designed for general information systems and information networks have different security requirements. Malicious code infiltration and security features are performed on same medical information network architecture along the route. Security domain of medical information systems is the ground of penetration and defense performed over the network architecture and it is also the traffic handling areas separated by a concept of differentiated group. Ad hoc-based medical information systems in the network security domain, set some standards about what should be the methodology of this study. In this paper, medical information system network configuration, the determining factor based on the security domain, the structure selection criteria and blocking positionings are presented according to the traffic route configuration. If you apply this methodology designed to increase security, efficiency can be possible. Health information systems in accordance with the security domain areas requires differentiated protection needs of the security mechanism that is proposed by this study.

• Journal of Information Technology Services
• /
• v.21 no.4
• /
• pp.63-74
• /
• 2022

Globally researchers at medical institutions are actively sharing COHORT data of patients to develop vaccines and treatments to overcome the COVID-19 crisis. OMOP-CDM, a common data model that efficiently shares medical data research independently operated by individual medical institutions has patient personal information (e.g. PII, PHI). Although PII and PHI are managed and shared indistinguishably through de-identification or anonymization in medical institutions they could not be guaranteed at 100% by complete de-identification and anonymization. For this reason the security of the OMOP-CDM database is important but there is no detailed and specific OMOP-CDM security inspection tool so risk mitigation measures are being taken with a general security inspection tool. This study intends to study and present a model for implementing a tool to check the security vulnerability of OMOP-CDM by analyzing the security guidelines for the US database and security controls of the personal information protection of the NIST. Additionally it intends to verify the implementation feasibility by real field demonstration in an actual 3 hospitals environment. As a result of checking the security status of the test server and the CDM database of the three hospitals in operation, most of the database audit and encryption functions were found to be insufficient. Based on these inspection results it was applied to the optimization study of the complex and time-consuming CDM CSF developed in the "Development of Security Framework Required for CDM-based Distributed Research" task of the Korea Health Industry Promotion Agency. According to several recent newspaper articles, Ramsomware attacks on financially large hospitals are intensifying. Organizations that are currently operating or will operate CDM databases need to install database audits(proofing) and encryption (data protection) that are not provided by the OMOP-CDM database template to prevent attackers from compromising.

• Journal of the Korea Society of Computer and Information
• /
• v.27 no.7
• /
• pp.57-64
• /
• 2022

In this paper, the definition and overview of digital health care that has emerged recently, core technology, and We would like to propose a plan to establish a next-generation information protection system that can protect digital healthcare devices and data from cyber attacks. Various vulnerabilities exist for digital healthcare devices and data, and cyber attacks are possible for those vulnerabilities. Through an attack on digital health care devices and information and communication networks, it can directly adversely affect human life and health, Since digital healthcare data contains sensitive and personal information, it is essential to safely protect it from cyber attacks. In the case of this proposal, for continuous safe management of data and cyber attacks on equipment and communication networks for digital health devices, It is expected to be able to respond more effectively and continuously through the establishment of the next-generation information protection system.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.11A
• /
• pp.870-881
• /
• 2009

The rapid development of healthcare information management for 3D medical digital library, 3D PACS and 3D medical diagnosis has addressed security issues with medical IT technology. This paper presents multiple 3D medical image data for protection, authentication, indexing and diagnosis information hiding applied to healthcare information management. The proposed scheme based on POCS watermarking embeds the robust watermark for doctor's digital signature and information retrieval indexing key to the distribution of vertex curvedness and embeds the fragile watermark for diagnosis information and authentication reference message to the distance difference of vertex. The multiple embedding process designs three convex sets for robustness, fragileness and invisibility and projects 3D medical image data onto three convex sets alternatively and iteratively. Experimental results confirmed that the proposed scheme has the robustness and fragileness to various 3D geometric and mesh modifiers at once.

• Journal of Korea Entertainment Industry Association
• /
• v.14 no.4
• /
• pp.91-104
• /
• 2020

In this study, the value of the medical resort was divided into hedonic value, hospitality value, safety and personal information protection value, and profitability value by exploring and typifying the successful cases and related services of the medical resort in order to provide the direction of development and policy implications of the medical resort for the medical tourism industry. For those who have used the medical resort, I wanted to verify the impact of the value of medical resort on perception of medical resort and its intention to use it. As a result of this study, it was found that hedonic value and hospitality value of medical resort have a strong influence on usefulness perception and well-being perception of medical resort, that safety and personal information protection value of medical resort was only affected by usefulness perception, and profit value of medical resort was only affected by well-being perception. In addition, the usefulness perception and well-being perception of medical resorts were shown to have an impact on the intention of using medical resorts, especially in the case of well-being perception of medical resorts. The above findings are meaningful in that they expanded the medical resort-related research area for the medical tourism industry and provided useful implications for the development of medical resorts that meet the convenience and needs of medical tourists.

• The Korean Society of Law and Medicine
• /
• v.24 no.4
• /
• pp.67-101
• /
• 2023

The utilization of generative AI in the medical field is also being rapidly researched. Access to vast data sets reduces the time and energy spent in selecting information. However, as the effort put into content creation decreases, there is a greater likelihood of associated issues arising. For example, with generative AI, users must discern the accuracy of results themselves, as these AIs learn from data within a set period and generate outcomes. While the answers may appear plausible, their sources are often unclear, making it challenging to determine their veracity. Additionally, the possibility of presenting results from a biased or distorted perspective cannot be discounted at present on ethical grounds. Despite these concerns, the field of generative AI is continually advancing, with an increasing number of users leveraging it in various sectors, including biomedical and life sciences. This raises important legal considerations regarding who bears responsibility and to what extent for any damages caused by these high-performance AI algorithms. A general overview of issues with generative AI includes those discussed above, but another perspective arises from its fundamental nature as a large-scale language model ('LLM') AI. There is a civil law concern regarding "the memorization of training data within artificial neural networks and its subsequent reproduction". Medical data, by nature, often reflects personal characteristics of patients, potentially leading to issues such as the regeneration of personal information. The extensive application of generative AI in scenarios beyond traditional AI brings forth the possibility of legal challenges that cannot be ignored. Upon examining the technical characteristics of generative AI and focusing on legal issues, especially concerning the protection of personal information, it's evident that current laws regarding personal information protection, particularly in the context of health and medical data utilization, are inadequate. These laws provide processes for anonymizing and de-identification, specific personal information but fall short when generative AI is applied as software in medical devices. To address the functionalities of generative AI in clinical software, a reevaluation and adjustment of existing laws for the protection of personal information are imperative.

• Korean Journal of Health Education and Promotion
• /
• v.20 no.1
• /
• pp.61-76
• /
• 2003

As people get broader access to health information through the internet, there is a greater need for measure to maximize the social advantages of the internet and to minimize negative side-effects. With this concern, this paper classifies internet health information services sites into : on-line supply of health information, on-line consultation, on-line diagnosis, and on-line sales. As well this paper analyzes domestic laws supporting and/or regulating these services. The efficient provision of internet health services requires comprehensive laws on individual privacy protection, prevention and handling of medical accidents, an electronic prescription form for internet diagnosis, electronic signing, payment for medical expenses, qualifications for internet medical practitioners. Additional laws are required to establish internet pharmacies and internet health goods stores. These new laws can be prepared either separately or through revision of existing laws governing medical practice, pharmacies, and public health promotion. However, as the legal control by the government on cyber processes and entities has a fairly minimal effect, consumers should be encouraged to improve their own capacity for wisely using internet health services and health-service providers should be encouraged to promote voluntary supervision and control of their own services and practices.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.6
• /
• pp.103-110
• /
• 2016

The recent frequent cases of damage due to leakage of medical data and the privacy of medical patients is increasing day by day. The government says the Privacy Rule regulations established for these victims, such as prevention. Medical data guidelines can be seen 'national medical privacy guidelines' is only released. When replacing the image data between the institutions it has been included in the image file (JPG, JPEG, TIFF) there is exchange of data in common formats such as being made when the file is leaked to an external file there is a risk that the exposure key identification information of the patient. This medial image file has no protection such as encryption, This this paper, introduces a masking technique using a mosaic technique encrypting the image file contains the application to optical character recognition techniques. We propose pseudonymization technique of personal information in the image data.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.51 no.10
• /
• pp.128-136
• /
• 2014

Recently, although exponentially growing the quantity of information that have been used and shared on internet networks, the patient information of each medical center have not been used and shared among medical centers due to the protection of patients privacy and the different database schema. To address this problem, we have studied the data structure of the patient information, the standard of medical information for patients we propose a patient information sharing system design that each medical center is able to use and share the patient information among medical centers in spite of different patient information systems with protecting patients privacy.

• Journal of the Korea Society of Computer and Information
• /
• v.24 no.11
• /
• pp.109-117
• /
• 2019

Recently, the invasion of privacy in medical information has been issued following the interest in the secondary use of mass medical information. The mass medical information is very useful information that can be used in various fields such as disease research and prevention. However, due to privacy laws such as the Privacy Act and Medical Law, this information, including patients' or health professionals' personal information, is difficult to utilize as a secondary use of mass information. To do these problem, various methods such as k-anonymity, l-diversity and differential-privacy that can be utilized while protecting privacy have been developed and utilized in this field. In this paper, we discuss the differential privacy processing of the various methods that have been studied so far, and discuss the problems of differential privacy using Laplace noise and the previously proposed differential privacy. Finally, we propose a new scheme to solve the existing problem by adding a 1-bit status field to the last column of a given data set to confirm the response to queries from analysts.