• Korean Journal of Health Education and Promotion
• /
• v.20 no.1
• /
• pp.61-76
• /
• 2003

As people get broader access to health information through the internet, there is a greater need for measure to maximize the social advantages of the internet and to minimize negative side-effects. With this concern, this paper classifies internet health information services sites into : on-line supply of health information, on-line consultation, on-line diagnosis, and on-line sales. As well this paper analyzes domestic laws supporting and/or regulating these services. The efficient provision of internet health services requires comprehensive laws on individual privacy protection, prevention and handling of medical accidents, an electronic prescription form for internet diagnosis, electronic signing, payment for medical expenses, qualifications for internet medical practitioners. Additional laws are required to establish internet pharmacies and internet health goods stores. These new laws can be prepared either separately or through revision of existing laws governing medical practice, pharmacies, and public health promotion. However, as the legal control by the government on cyber processes and entities has a fairly minimal effect, consumers should be encouraged to improve their own capacity for wisely using internet health services and health-service providers should be encouraged to promote voluntary supervision and control of their own services and practices.

• Journal of Digital Convergence
• /
• v.13 no.4
• /
• pp.227-233
• /
• 2015

The recent health care is growing rapidly want to receive offers users a variety of medical services, can be exploited easily exposed to a third party information on the role of the patient's hospital staff (doctors, nurses, pharmacists, etc.) depending on the patient clearly may have to be classified. In this paper, in order to ensure safe use by third parties in the health care environment, classify the attributes of patient information and patient privacy protection technique using hierarchical multi-property rights proposed to classify information according to the role of patient hospital officials The. Hospital patients and to prevent the proposed method is represented by a mathematical model, the information (the data consumer, time, sensor, an object, duty, and the delegation circumstances, and so on) the privacy attribute of a patient from being exploited illegally patient information from a third party the prevention of the leakage of the privacy information of the patient in synchronization with the attribute information between the parties.

• Korean Journal of Head & Neck Oncology
• /
• v.23 no.2
• /
• pp.147-152
• /
• 2007

Objectives and Background : Aims of this studies are to collect and analyze the lawful restriction against cancer registration and to suggest the model promoting the cancer registry. Materials and Methods : Total 16 countries, the members of OECD, including the U.S. are evaluated. the status of cancer registration of the evaluated countries are analyzed. The legislated laws, protect the individual's information, of the evaluated countries are analyzed. The cases any registries were impaired with the law to protect privacy are searched and analyzed. Results : All of the evaluated countries have some kinds of privacy protecting laws. For cancer registration, 11 of 16 countries implement some lawful authorities. Some of countries have experienced restriction of registration by the law of protecting individual's health data. All countries have performed cancer registry and 6 of 16 countries have nearly 100% population-based cancer registration. Conclusions : The cancer registry has to be the national effort. The informed consent of the data subjects and the permission of any special institutes are the difference to perform the registration. So, it is necessary to legislate any law supporting the cancer registration and establish any independent institutes to protect the individual's health data and support the cancer registry.

• Journal of Communications and Networks
• /
• v.13 no.2
• /
• pp.102-112
• /
• 2011

In this paper, we propose a privacy-preserving emergency call scheme, called PEC, enabling patients in life-threatening emergencies to fast and accurately transmit emergency data to the nearby helpers via mobile healthcare social networks (MHSNs). Once an emergency happens, the personal digital assistant (PDA) of the patient runs the PEC to collect the emergency data including emergency location, patient health record, as well as patient physiological condition. The PEC then generates an emergency call with the emergency data inside and epidemically disseminates it to every user in the patient's neighborhood. If a physician happens to be nearby, the PEC ensures the time used to notify the physician of the emergency is the shortest. We show via theoretical analysis that the PEC is able to provide fine-grained access control on the emergency data, where the access policy is set by patients themselves. Moreover, the PEC can withstandmultiple types of attacks, such as identity theft attack, forgery attack, and collusion attack. We also devise an effective revocation mechanism to make the revocable PEC (rPEC) resistant to inside attacks. In addition, we demonstrate via simulation that the PEC can significantly reduce the response time of emergency care in MHSNs.

• Journal of Korea Multimedia Society
• /
• v.18 no.1
• /
• pp.42-51
• /
• 2015

In this paper, we analyze the quality status of Health and Welfare division's standardized log and asses the characteristics of the institutions' logs analysis to establish the criteria to minimize hazards and control the quality of log's institutional details to limit extraction. As a result, extraction condition's proposed development direction to adequately assess and control health and welfare abuses privacy control target log. This improvement over the status and quality of information shared with relation to institutional work of the log quality characteristics is made possible. In addition, quality control and inspection standards were prepared in accordance with the institutional log characteristics. Future research will include performing continuous analysis and improvement activities on the quality of logs with integrated control of sharing personal information and distributing information about logs' quality to proactively target organ. Therefore, we expect that correcting proactive personal information misuse and leakage is possible to achieve.

• Asia pacific journal of information systems
• /
• v.21 no.3
• /
• pp.71-96
• /
• 2011

Within the traditional medical delivery system, patients residing in medically vulnerable areas, those with body movement difficulties, and nursing facility residents have had limited access to good healthcare services. However, Information and Communication Technology (ICT) provides us with a convenient and useful means of overcoming distance and time constraints. ICT is integrated with biomedical science and technology in a way that offers a new high-quality medical service. As a result, rapid technological advancement is expected to play a pivotal role bringing about innovation in a wide range of medical service areas, such as medical management, testing, diagnosis, and treatment; offering new and improved healthcare services; and effecting dramatic changes in current medical services. The increase in aging population and chronic diseases has caused an increase in medical expenses. In response to the increasing demand for efficient healthcare services, a telehealth service based on ICT is being emphasized on a global level. Telehealth services have been implemented especially in pilot projects and system development and technological research. With the service about to be implemented in earnest, it is necessary to study its overall acceptance by consumers, which is expected to contribute to the development and activation of a variety of services. In this sense, the study aims at positively examining the structural relationship among the acceptance factors for telehealth services based on the Technology Acceptance Model (TAM). Data were collected by showing audiovisual material on telehealth services to online panels and requesting them to respond to a structured questionnaire sheet, which is known as the information acceleration method. Among the 1,165 adult respondents, 608 valid samples were finally chosen, while the remaining were excluded because of incomplete answers or allotted time overrun. In order to test the reliability and validity of the assessment scale items, we carried out reliability and factor analyses, and in order to explore the causal relation among potential variables, we conducted a structural equation modeling analysis using AMOS 7.0 and SPSS 17.0. The research outcomes are as follows. First, service quality, innovativeness of medical technology, and social influence were shown to affect perceived ease of use and perceived usefulness of the telehealth service, which was statistically significant, and the two factors had a positive impact on willingness to accept the telehealth service. In addition, social influence had a direct, significant effect on intention to use, which is paralleled by the TAM used in previous research on technology acceptance. This shows that the research model proposed in the study effectively explains the acceptance of the telehealth service. Second, the research model reveals that information privacy concerns had a insignificant impact on perceived ease of use of the telehealth service. From this, it can be gathered that the concerns over information protection and security are reduced further due to advancements in information technology compared to the initial period in the information technology industry, and thus the improvement in quality of medical services appeared to ensure that information privacy concerns did not act as a prohibiting factor in the acceptance of the telehealth service. Thus, if other factors have an enormous impact on ease of use and usefulness, concerns over these results in the initial period of technology acceptance may become irrelevant. However, it is clear that users' information privacy concerns, as other studies have revealed, is a major factor affecting technology acceptance. Thus, caution must be exercised while interpreting the result, and further study is required on the issue. Numerous information technologies with outstanding performance and innovativeness often attract few consumers. A revised bill for those urgently in need of telehealth services is about to be approved in the national assembly. As telemedicine is implemented between doctors and patients, a wide range of systems that will improve the quality of healthcare services will be designed. In this sense, the study on the consumer acceptance of telehealth services is meaningful and offers strong academic evidence. Based on the implications, it can be expected to contribute to the activation of telehealth services. Further study is needed to assess the acceptance factors for telehealth services, such as motivation to remain healthy, health care involvement, knowledge on health, and control of health-related behavior, in order to develop unique services according to the categorization of customers based on health factors. In addition, further study may focus on various theoretical cognitive behavior models other than the TAM, such as the health belief model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1551-1560
• /
• 2016

With the advancement of wearable devices and wireless body are networks, smart healthcare systems based on such technologies have been emerging to effectively monitor patient health and disease progression. In order to implement viable smart healthcare systems, the security and privacy of patient's personal health information must be considered. Yang et al. proposed a privacy-preserving authentication scheme using key-insulation technique for remote health monitoring system, however, key-insulation technique is not properly adapted to their scheme which in turn causes a security pitfall contrary to their assertions. Besides, Yang et al.'s scheme does not guarantee user anonymity against healthcare service provider. Therefore, in this paper, we discuss the security concerns for Yang et al.'s scheme and present an improved anonymous authentication scheme.

• Journal of Society of Preventive Korean Medicine
• /
• v.18 no.3
• /
• pp.11-21
• /
• 2014

The rapid development and distribution of information communication industry facilitates the changes of hospital administration, introducing EMR(Electronic Medical Record) instead of paper-based medical record in the medical field. The developed countries such as U.S. have established EMR system after in the middle of 1970s because the primary advantages of EMR is to store and handle vast amounts of records efficiently and increase the quality of health care. Most of health organizations in Korea also apply medical record system to their administration. As the result, they have accomplished a scientific administration system through the use of medical record to handle a variety of patient's information including patient's confidentiality and privacy such as family history, social status, income level, and so on. However, access to and the misuse of EMR causes illegal infringement of patient's information and finally it becomes a very serious medical issue. Potential leakage and misuse of records may seriously infringe patient's privacy rights. In this respect, the related agencies in the public and private sector have been making efforts to prevent patient's records leakages. Especially, the revision bill of Medical Law in 2002 establishes the ways on the security and standards of electronic records. However, it does not provide the proper guidelines which is applied to the rapid changes of the medical environment. One of the most priorities in the hospital administration is the production and maintenance of an accurate medical records fulfilled by medical recorders. Therefore, it is very important for health care providers to hire ethical-based medical recorders. But, unfortunately most of hospitals overlook the importance of their roles. All parts including government, physician and patient must have more concerns on the problems related to EMR. Therefore, this study aims to propose the proper ways to resolve the problems coming from EMR.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2009.10a
• /
• pp.866-870
• /
• 2009

Mobile Health (M-Health) system is a recent term for medical and public health practice supported by mobile devices, such as mobile phones, PDAs, and other wireless devices. Mobile Health system has been successfully establishing at few general hospital in Korea. However, to use diverse devices manufactured by various company cause inoperability, and lack of security disappoints customers often. Although the outstanding health environment, most of hospitals are unavailable to share electronic patient records due to lack of standard protocol to handle the interoperability each other. Health Level 7 (HL7) is the best solution for the problem. In this paper, we will analyse a current M-Health service in terms of security and mobile device, and suggest iPhone for the best device against hospital environment. Also, for keep confidentiality of health information and patient privacy, enhanced security mechanism is introduced. As a consequence, interoperable standard, and most appropriate device for supporting staffs and M-Health performance, and enhanced securirty mechanism will be integrated in order to propose improved M-health model.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.30 no.6
• /
• pp.999-1012
• /
• 2020

As the utilize of personal health records increases in recent years, research on cryptographic protocol for protecting personal information of personal health records has been actively conducted. Currently, personal health records are commonly encrypted and outsourced to the cloud. However, this method is limited in verifying the integrity of personal health records, and there is a problem with poor data availability because it is essential to use it in decryption. To solve this problem, this paper proposes a verifiable cloud-based personal health record management scheme using Redactable signature scheme and zero-knowledge proof. Verifiable cloud-based personal health record management scheme can be used to verify the integrity of the original document while preserving privacy by deleting sensitive information by using Redactable signature scheme, and to verify that the redacted document has not been deleted or modified except for the deleted part of the original document by using the zero-knowledge proof. In addition, it is designed to increase the availability of data than the existing management schemes by designing to recover deleted parts only when necessary through the Redact Recovery Authority. And we propose a verifiable cloud-based personal health record management model using the proposed scheme, and analysed its efficiency by implementing the proposed scheme.