ABSTRACT
Subject(s)
Humans , Commerce , Computer Communication Networks , Computer Security , Confidentiality , Electronic Health Records , Health Information Exchange , Logic , Methods , Politics , Privacy , ProxyABSTRACT
Objectives@#Currently, patients’ consent is essential to use their medical records for various purposes; however, most people give their consent using paper forms and have no control over it. Healthcare organizations also have difficulties in dealing with patient consent. The objective of this research is to develop a system for patients to manage their consent flexibly and for healthcare organizations to obtain patient consent efficiently for a variety of purposes. @*Methods@#We introduce a new e-consent model, which uses a purpose-based access control scheme; it is implemented by a blockchain system using Hyperledger Fabric. All metadata of patient records, consents, and data access are written immutably on the blockchain and shared among participant organizations. We also created a blockchain chaincode that performs business logic managing patient consent. @*Results@#We developed a prototype and checked business logics with the chaincode by validating doctors’ data access with purpose-based consent of patients stored in the blockchain. The results demonstrate that our system provides a fine-grained way of handling medical staff ’s access requests with diverse intended purposes for accessing data. In addition, patients can create, update, and withdraw their consents in the blockchain. @*Conclusions@#Our consent model is a solution for consent management both for patients and healthcare organizations. Our system, as a blockchain-based solution that provides high reliability and availability with transparency and traceability, is expected to be used not only for patient data sharing in hospitals, but also for data donation for biobank research purposes.
ABSTRACT
OBJECTIVES: Home-based nursing care services have increased over the past decade. However, accountability and privacy issues as well as security concerns become more challenging during care provider visits. Because of the heterogeneous combination of mobile and stationary assistive medical care devices, conventional systems lack architectural consistency, which leads to inherent time delays and inaccuracies in sharing information. The goal of our study is to develop an architecture that meets the competing goals of accountability and privacy and enhances security in distributed home-based care systems. METHODS: We realized this by using a context-aware approach to manage access to remote data. Our architecture uses a public certification service for individuals, the Japanese Public Key Infrastructure and Health Informatics-PKI to identify and validate the attributes of medical personnel. Both PKI mechanisms are provided by using separate smart cards issued by the government. RESULTS: Context-awareness enables users to have appropriate data access in home-based nursing environments. Our architecture ensures that healthcare providers perform the needed home care services by accessing patient data online and recording transactions. CONCLUSIONS: The proposed method aims to enhance healthcare data access and secure information delivery to preserve user's privacy. We implemented a prototype system and confirmed its feasibility by experimental evaluation. Our research can contribute to reducing patient neglect and wrongful treatment, and thus reduce health insurance costs by ensuring correct insurance claims. Our study can provide a baseline towards building distinctive intelligent treatment options to clinicians and serve as a model for home-based nursing care.
Subject(s)
Humans , Asian People , Certification , Computer Security , Delivery of Health Care , Electronic Health Records , Health Information Exchange , Health Personnel , Health Smart Cards , Home Care Services , Home Health Nursing , Information Dissemination , Insurance , Insurance, Health , Methods , Nursing , Nursing Care , Privacy , Social ResponsibilityABSTRACT
IT Strategic Headquarters of the Japanese government compiled the Priority Policy Program 2007, in which "Establishment of the structure for every citizen to be able to manage and utilize his health information by himself" and "Foundation of the e- Post-Office box for the realization of the social security service in aspects of people" are declared. For this purpose, a health information system is considered that delivers healthcare data to the server, where the data is to be individually self.administered by the owner. A patient can register his data, and download or reference it from any medical institution or home when necessary. We made a prototype system to realize such a personal health data referring system based on the e. post.office box concept. The system is to be used in field trial experiment with the staffs and students of Tokyo Institute of Technology using their ID Card. This prototype system is expected to be available for the policy suggestion in the realization of the e-P.O.Box stated in the Priority Policy Program of the government.