ABSTRACT
Objective:To explore the development, application and practical experience of investigator-initiated integrated clinical research information platform.Methods:The process of developing and constructing an integrated clinical research platform in a tertiary hospital in Beijing was introduced, the functions and advantages of the platform were described and displayed, and the main problems and risk points in the development and construction process were analyzed.Results:The integrated clinical research platform meets the management requirements of clinical research initiated by investigators, and the standardized management of the whole life cycle of the project can be realized through the platform, and the key issues of data security, information capture, sharing and interoperability need to be further explored in terms of platform docking.Conclusions:The integrated clinical research platform effectively improves the standardization, management quality and efficiency of investigator-initiated clinical research.
ABSTRACT
The medical data processed and analyzed in clinical research often contain a large number of personal information. Therefore, researchers should pay attention to the safety management of medical data during clinical research. The Data Security Law of People's Republic of China and the Personal Information Protection Law of People's Republic of China implemented on 1 st September and 1 st November 2021 respectively establish legal basis for data security and personal information protection and point out the direction for medical data security, which indicate that data governance has entered the 'strong regulatory era'. In the process of medical data collection and application of clinical research, respecting and protecting the privacy and safety of patients, ensuring the quality of medical data, safely managing medical data and carrying out high-quality clinical research will be an important test for the collection and application of clinical scientific research data under the new legal background.
ABSTRACT
Background: Communication of patient information in a healthcare setting in previous years was based on documented information on paper records carried from one location to another. However, with the introduction of electronic health records (EHRs), communications are now conducted electronically via installed and connected computer systems that are networked together. Inadequate communication of patients' information can deter patients' health and threaten their lives, putting them in unnecessary danger. Objective: The objective of this study was to design a standard EHR template model of communication for tertiary hospital that can be used in communicating patients' information between various departments involved in the management of patients without carrying papers around or tossing Patients or their relatives up and down. Method: The research adopts soft system methodology (SSM) with communication concepts from knowledge management, combining observations with various practical information to make a conclusion based on past experiences through a process of inductive reasoning, a communication model was developed that can be used as a template for hospitals to upgrade/integrate paper-based patient information management to electronic based in a bid to enhance patient care and information management. Results: The developed communication template model has been designed to be adopted for use in a bid to manage patients' information electronically in all tertiary hospitals and other hospitals that may so desire its use. Conclusion: It is observed from this article that communication in hospitals through EHR template is user friendly, safe and possible within the hospital and to outside facilities for effective paperless management of patients.
Subject(s)
Health Information SystemsABSTRACT
Precision medicine became the key strategy in development priority of science and technology in China.The large population-based cohorts become valuable resources in preventing and treating major diseases in the population,which can contribute scientific evidence for personalized treatment and precise prevention.The fundamental question of the achievements above,therefore,is how to construct a large population-based cohort in a standardized way.The Chinese Preventive Medicine Association co-ordinated experienced researchers from Peking University and other well-known institutes to write up two group standards Technical specification of data processing for large population-based cohort study (T/CPMA 001-2018) and Technical specification of data security for large population-based cohort study (T/CPMA 002-2018),on data management.The standards are drafted with principles of emphasizing their scientific,normative,feasible,and generalizable nature.In these two standards,the key principles are proposed,and technical specifications are recommended in data standardization,cleansing,quality control,data integration,data privacy protection,and database security and stability management in large cohort studies.The standards aim to guide the large population-based cohorts that have been or intended to be established in China,including national cohorts,regional population cohorts,and special population cohorts,hence,to improve domestic scientific research level and the international influence,and to support decision-making and practice of disease prevention and control.
ABSTRACT
Precision medicine became the key strategy in development priority of science and technology in China.The large population-based cohorts become valuable resources in preventing and treating major diseases in the population,which can contribute scientific evidence for personalized treatment and precise prevention.The fundamental question of the achievements above,therefore,is how to construct a large population-based cohort in a standardized way.The Chinese Preventive Medicine Association co-ordinated experienced researchers from Peking University and other well-known institutes to write up two group standards Technical specification of data processing for large population-based cohort study (T/CPMA 001-2018) and Technical specification of data security for large population-based cohort study (T/CPMA 002-2018),on data management.The standards are drafted with principles of emphasizing their scientific,normative,feasible,and generalizable nature.In these two standards,the key principles are proposed,and technical specifications are recommended in data standardization,cleansing,quality control,data integration,data privacy protection,and database security and stability management in large cohort studies.The standards aim to guide the large population-based cohorts that have been or intended to be established in China,including national cohorts,regional population cohorts,and special population cohorts,hence,to improve domestic scientific research level and the international influence,and to support decision-making and practice of disease prevention and control.
ABSTRACT
In order to improve the access and control of core data in medical information security,the paper builds a virtual isolation private cloud storage architecture in hospital,including virtualized reconstruction,metadata model application based on hierarchical model,access to remote clients design and application based on virtual isolation and so on,providing a reliable method for the isolation and intercommunication between the intranet and extranet.
ABSTRACT
Block chain, as a decentralized, trustless database technology program with an intact information trans-parency and a privacy protection function, can be use to construct a highly effective and reliable transmission sys-tem and promote the Internet to become an infrastructure in building the society-trusted network. Block chain is of significant advantages in optimizing the business processes, reducing the operation cost and improving the synergis-tic efficiency in financial industry, and is thus rapidly applied in other industries. The construction of health and medical big data is faced with the challenge of both information security and privacy protection in health field. Block chain is characterized by high fault tolerance, unaltered infrastructure and privacy protection function, and has thus a large room for its application in medical treatment, pharmaceutical industry, medical insurance and ge-nomics.
ABSTRACT
Resumen Introducción: El desarrollo de tecnologías móviles ha facilitado la creación de aplicaciones mHealth, las cuales son consideradas herramientas clave para la atención segura y de calidad a los pacientes de poblaciones apartadas y con carencia de infraestructura para la prestación de servicios de salud. El artículo considera una propuesta de un modelo de evaluación que permite determinar las debilidades y vulnerabilidades a nivel de seguridad y calidad de servicio (QoS) en aplicaciones mHealth. Objetivo: Realizar una aproximación de un modelo de análisis que apoye la toma de decisiones referentes al uso y producción de aplicaciones seguras, minimizando el impacto y la probabilidad de ocurrencia de los riesgos de seguridad informática. Materiales y métodos: El tipo de investigación aplicada es de tipo descriptivo, debido a que se detallan cada una las características que deben tener las aplicaciones móviles de salud para alcanzar un nivel de seguridad óptimo. La metodología utiliza las normas que regulan las aplicaciones y las mezcla con técnicas de análisis de seguridad, empleando la caracterización de riesgos planteadas por Open Web Application Security Project -OWASP y las exigencias de QoS de la Unión Internacional de Telecomunicaciones -UIT. Resultados: Se obtuvo un análisis efectivo en aplicaciones reales actuales, lo que muestra sus debilidades y los aspectos a corregir para cumplir con parámetros de seguridad adecuados. Conclusiones: El modelo permite evaluar los requerimientos de seguridad y calidad de servicio (QoS) de aplicaciones móviles para la salud que puede ser empleado para valorar aplicaciones actuales o generar los criterios antes de su despliegue.
Abstract Introduction: The development of mobile technologies has facilitated the creation of mHealth applications, which are considered key tools for safe and quality care for patients from remote populations and with lack of infrastructure for the provision of health services. The article considers a proposal for an evaluation model that allows to determine weaknesses and vulnerabilities at the security level and quality of service (QoS) in mHealth applications. Objective: To carry out an approximation of a model of analysis that supports the decision making, concerning the use and production of safe applications, minimizing the impact and the probability of occurrence of the risks of computer security. Materials and methods: The type of applied research is of a descriptive type, because each one details the characteristics that the mobile health applications must have to achieve an optimum level of safety. The methodology uses the rules that regulate applications and mixes them with techniques of security analysis, using the characterization of risks posed by Open Web Application Security Project-OWASP and the QoS requirements of the International Telecommunication Union-ITU. Results: An effective analysis was obtained in actual current applications, which shows their weaknesses and the aspects to be corrected to comply with appropriate security parameters. Conclusions: The model allows to evaluate the safety and quality of service (QoS) requirements of mobile health applications that can be used to evaluate current applications or to generate the criteria before deployment.
Subject(s)
Confidentiality , Hospital Information Systems , Computer Security , Quality of Health CareABSTRACT
Objective To study transaction log and apply its analysis to hospital information security to prevent data loss and treat abnormal data.Methods The application of transaction log was described in log backup and database recovery,and the optration of log analysis was explored in HIS.Sqlplus and Ftp tools in Oracle were used to analyze the transaction log.Results The tracking and analysis of the log files contributed to making clear the incident,finding program bug,getting back lost data.Conclusion Log backup,database recovery and log analysis were of great importance for hospital information security,and log analysis has to be emphasized on in the future.
ABSTRACT
Based on current data security problems existing in medical big data platform,the paper starts from security situation first,analyzing the key points,difficulties and common protection measures of security guarantee of domestic medical big data.Combining with the medical big data platform practice implemented by Southwest Hospital,it puts forward security strategy for data security of current medical big data platform,including management security,decryption security,storage security,network security,etc.
ABSTRACT
Objective To propose a hybrid encryption algorithm involving in elliptic curve cryptography (ECC) and advanced encryption standard (AES) to solve the problems of wiretapping and tampering of medical data in wireless channel transmission.Methods The sender used AES session key for medical data encryption and ECC public key for AES session key,and applied SHA-1 to obtaining the information summary of medical data and ECC public key to gaining information summary signature.The recipient employed ECC private key to verify the signature and then to decrypt AES session key,and finally decrypt medical data with AES session key.Results The proposed security solution gained advantages over the conventional ECC algorithm and hybrid cryptographic algorithm of RSA and AES in encryption and decryption time,safety strength and energy consumption,so that the confidentiality and integrity of medical data could be ensured during transmission.Conclusion The hybrid encryption scheme can meet the requirement of wireless medical sensor network in low time complexity,and realizes the protection of the patient data and privacy.
ABSTRACT
Taking Children's Hospital in Hunan Province as an example,the paper introduces the design and application of the security mode for the mobile business platform of hospital from the aspects of the overall structure,implementation plans of security access equipment,security authentication modes and strategies,etc.,and provides ideas for safely implementing remote deployment and mobile application.
ABSTRACT
The problems in data collection, data management and data security of healthcare wearable devices were summarized and analyzed with measures proposed for the solution of these problems and for speeding up the sustainable development of healthcare wearable devices from the aspects of technologies, management and laws, such as using multiple data coding technologies, establishing hierarchical data management and control model, adding remote control functions, investigating the responsibility for use of their data, working out law systems for protecting personal healthcare data,beefing up popularization of privacy data protection.
ABSTRACT
Wearable technology, widely applied in health and medical field, has become an important part of in-telligent healthcare and medicare. However, the data security and privacy protection of wearable health and medi-cal devices are greatly concerned and need to be solved. The characteristics of data security and privacy protection of wearable health and medical devices were thus analyzed and compared with those of traditional health and medi-cal devices. The related studies and laws on domestic and foreign wearable health and medical devices were summa-rized, and the advances, experiences and problems in domestic and foreign wearable health and medical devices were analyzed and compared in order to provide reference for establishing the mechanisms underlying their data se-curity and privacy protection.
ABSTRACT
ABSTRACT Digital watermarking has emerged as major technique for ensuring security for various types of data like medical data, digital copyright protection, transaction tracing and so on. With the advancement in digital data distribution over the network there has been increase in the need for protection of such data from unauthorized copying or usages. Watermarking helps in providing the security to some extent. Robustness against any sort of unauthenticated attack is the major requirement of watermarking. In this paper we proposed an efficient watermarking technique for medical data security with the aid of neural network. Usage of neural network is generally used to create and control watermarking strength automatically. This method provides better watermarked data which can be highly secured to unauthorized usage. It is observed that the proposed method provides better security for the multimedia data when compared with other data security methods.
ABSTRACT
Described in this paper is the application of electronic medical records, hand-holding mobile terminals,bid data collection and analysis, and data security in medical quality control.
ABSTRACT
OBJECTIVES: We aimed to develop a common health information exchange (HIE) platform that can provide integrated services for implementing the HIE infrastructure in addition to guidelines for participating in an HIE network in South Korea. METHODS: By exploiting the Health Level 7 (HL7) Clinical Document Architecture (CDA) and Integrating the Healthcare Enterprise (IHE) Cross-enterprise Document Sharing-b (XDS.b) profile, we defined the architectural model, exchanging data items and their standardization, messaging standards, and privacy and security guidelines, for a secure, nationwide, interoperable HIE. We then developed a service-oriented common HIE platform to minimize the effort and difficulty of fulfilling the standard requirements for participating in the HIE network. The common platform supports open application program interfaces (APIs) for implementing a document registry, a document repository, a document consumer, and a master patient index. It could also be used for testing environments for the implementation of standard requirements. RESULTS: As the initial phase of implementing a nationwide HIE network in South Korea, we built a regional network for workers' compensation (WC) hospitals and their collaborating clinics to share referral and care record summaries to ensure the continuity of care for industrially injured workers, using the common HIE platform and verifying the feasibility of our technologies. CONCLUSIONS: We expect to expand the HIE network on a national scale with rapid support for implementing HL7 and IHE standards in South Korea.
Subject(s)
Humans , Computer Security , Computer Systems , Continuity of Patient Care , Delivery of Health Care , Electronic Health Records , Health Level Seven , Information Services , Korea , Privacy , Referral and Consultation , Workers' CompensationABSTRACT
Objective:To solve the management problems of using mobile cart, PDA, flat-panel computer and other mobile devices in hospital, promote the evolution of mobile device management to intelligent management. Methods: Select the mobile device management system for hospital use based on their own characteristics.Results: Manage all the mainstream operating system and terminal equipment; manage the hardware and software of mobile terminal and assets in hospital.Conclusion: Improve the management, reduce the maintenance workload, save the cost of operation and maintenance.
ABSTRACT
Objective To discover the main points of PACS quality control through basic study and advance some solution ways which include hardware and software improving. Methods Combined computer and network tech with hardware and software,like tech of network security,to increase the validity of PACS quality control. Results The archives and communications could be more accurate and safe by use of hardware and software and ROC theory. Conclusion The importance of quality control of PACS in the practical work is progressing and latest tech of hardware and software should be used to increase the quality control of PACS.
ABSTRACT
OBJECTIVE: For the ubiquity of medical service, when user who has proper authority want to access medical data, user accessability should be assured. And the security of the disclosed medical data is important. This paper presents single user access interface on multiple patient reservoirs and elaborate access control using the Role-Based Access Control(RBAC) system. METHODS: Proposed system consists of 4-tier architecture that is client application, Access Control Central(ACC) agent, Local Access Control(LAC) agent and Hospital Information Systems(HIS). User requests medical data with client application. ACC notarizes user identity and controls access of user request and selectively encrypts medical data. LAC charges data conversion for communication between ACC and HIS. HIS has repositories of medical datum. System provides security service with digital certificate, X.509v3, of user. RESULTS: User requests medical data of several HIS approaching single ACC not by each HIS. Through conversion process of LAC, data that is described XML and is used for communication inter system enables information exchange with single common data format that is independent to several HIS. CONCLUSION: In the proposed system, user accesses medical datum of several HIS regardless of location and has consistent access interface. And using independent format against each HIS makes easy information exchange between several HIS. Transferred data maintains security about significant datum by selective encryption and increases encryption efficiency. Unified access control about multiple patient reservoirs that are scattered in other places provides unified and precise diagnosis of patient information. And it functions the portal of collaborate treatment in inter-HIS.