• The Journal of Korean Institute of Next Generation Computing
• /
• v.13 no.6
• /
• pp.66-76
• /
• 2017

In this study, we investigated how to protect personal healthcare information when constructing OMOP (Observational Medical Outcomes Partnership) CDM (Common Data Model). There are two proposed methods; to restrict data corresponding to HIPAA (Health Insurance Portability and Accountability Act) PHI (Protected Health Information) to be extracted to CDM or to disable identification of it. While processing sensitive information is restricted by Korean Personal Information Protection Act and medical law, there is no clear regulation about what is regarded as sensitive information. Therefore, it was difficult to select the sensitive information for protecting personal healthcare information. In order to solve this problem, we defined HIPAA PHI as restriction criterion of Article 23 of the Personal Information Protection Act and maps data corresponding to CDM data. Through this study, we expected that it will contribute to the spread of CDM construction in Korea as providing solutions to the problem of protection of personal healthcare information generated during CDM construction.

• Asia-pacific Journal of Multimedia Services Convergent with Art, Humanities, and Sociology
• /
• v.6 no.8
• /
• pp.15-23
• /
• 2016

Recently the interest in secondary use of medical information has emerged. But the domestic legislation or guidelines, such as being able to say that already specialize in healthcare information, can be seen a 'national medical privacy guidelines'. However the guidelines have suggested that only a violation of privacy laws in the medical information, it does not defined clearly with respect to protected health information(PHI) for secondary use. In this paper, we learn the HIPAA(Health Insurance Portability and Accountability Act) Privacy Rule of the US legislation which provides a non-identifiable screen instructions for secondary utilization of medical information, domestic guidelines and other country's guidelines. comparing with the HIPAA, national medical privacy guidelines and the domestic studies, we propose a new domestic target non-identifying information suitable for the domestic field and present future research direction.

• Journal of the Institute of Electronics and Information Engineers
• /
• v.50 no.2
• /
• pp.221-231
• /
• 2013

Exchanging personal health information(PHI) is an essential process of healthcare services using information and communication technology. But the process have the inherent risk of information disclosure, so the PHI should be protected to ensure the reliability of healthcare services. In this paper, we designed encryption module for wearable personal health devices(PHD). A main goal is to guarantee that the real-time encoded and transmitted PHI cannot be allowed to be read, revised and utilized without user's permission. To achieve this, encryption algorithms as DES and 3DES were implemented in modules operating in Telos Rev B(16bit RISC, 8Mhz). And the experiments were performed in order to evaluate the performance of encryption and decryption using vital-sign measured by PHD. As experimental results, an block encryption was measured the followings: DES required 1.802 ms and 3DES required 6.683 ms. Also, we verified the interoperability among heterogeneous devices by testing that the encrypted data in Telos could be decoded in other machines without errors. In conclusion, the encryption module is the method that a PHD user is given the powerful right to decide for authority of accessing his PHI, so it is expected to contribute the trusted healthcare service distribution.