• Title/Summary/Keyword: 의료정보보안

Search Result 365, Processing Time 0.024 seconds

의료데이터 공유 및 활용 서비스를 위한 보안/프라이버시 요구사항

  • Park, Kwang-Yong;Song, You-Jin
    • Review of KIISC
    • /
    • v.20 no.3
    • /
    • pp.90-96
    • /
    • 2010
  • 최근 의료기술 발전에 따라 질병의 예방 및 관리에 대한 소비자의 요구사항이 증가하고 있다. 이러한 요구사항에 부응하기 위해 IT와 의료분야의 융합으로 u-헬스케어 서비스가 실현되고 있다. 언제 어디서나 의료서비스를 제공받을 수 있는 u-헬스케어 서비스의 활성화는 의료데이터의 공유 및 활용이 전제조건이 될 것이다. 그러나 의료데이터의 공유 및 활용으로 인해 의료정보에 포함된 개인정보, 병력정보 등의 프라이버시가 침해될 우려가 있다. 본 논문에서는 의료데이터의 공유 및 활용상에서 발생하는 보안 요구사항을 검토한다.

Security of Medical Information on IoT (사물인터넷 환경의 의료정보 보안)

  • Woo, Sung-hee
    • Proceedings of the Korean Institute of Information and Commucation Sciences Conference
    • /
    • 2015.10a
    • /
    • pp.973-976
    • /
    • 2015
  • Inernet of Things(IoT) is interaction with each other, collecting, sharing, and analysing the data. IoT has been noted in combining the fields of medical service in particular. However, the security issue is caused, while IoT is receiving attention. U-Health and medical devices, which deal mainly the personal health information, is required to a high level of privacy and security of health information. This study analyzes cases of leakage of personal medical information, security of IoT, privacy flow, and the response strategies.

  • PDF

Curriculum study of information security awareness for medical institution (의료기관 정보보호 인식교육을 위한 교육과정 연구)

  • Kim, Dong-Won;Han, Keun-Hee
    • Convergence Security Journal
    • /
    • v.19 no.4
    • /
    • pp.151-163
    • /
    • 2019
  • As smart devices and communication technologies have developed rapidly, the healthcare industry in the globe is seeing remarkable issues on medical security. At the same time, personal medical records are being shared in the network, which would raise the risk of information security. This thesis aims to develop the curriculum to raise the awareness of information security among workers in medical institutions by referring to NCS(National Competency Standards) International standards, medical institutions' requirements and educational institutions' curriculums on information security based on proven results from medical devices and systems introduced in the public health centers, territorial branches, community health posts and primary, secondary, tertiary hospitals. Thus, this thesis offers the method to improve information security in healthcare institutions through validation testing conducted by medical practitioners and ICT experts.

Information Security in Hospital Information Exchange System (의료 정보 교환 시스템의 정보 보안)

  • 홍동완;주한규
    • Proceedings of the Korean Information Science Society Conference
    • /
    • 2001.10c
    • /
    • pp.460-462
    • /
    • 2001
  • 국내외적으로 의료 데이터의 전산 자동화 처리에 관심과 노력이 기울여 진 후 대부분의 병원에 의료 정보 시스템이 보급되었다. 의료 데이터가 컴퓨터 시스템에 저장되어 병원 내 각 부서별 자원의 공유가 가능하거나 병원 간 자료 전송이 원활하게 이루어진다면 오프라인으로 처리 및 보관하는데서 발생하는 자료의 관리 노력과 비용을 절감할 수 있다. 또한 인터넷 전용선과 광케이블의 보급으로 인하여 원격 시스템 사용이 원활하게 진행될 전망이며, 치료 정도 시스템의 경우 원격 진료 및 환자 정보 검색이 가능하게 된다. 하지만 의료 데이터가 인터넷을 통해 전송될 경우 환자의 사생활 침해 및 의사와 환자 간의 비밀 보장이 파괴될 우려가 남아있게 된다. 데이터 접근 권한 및 데이터 전송에서 오는 보안 기법이 확립되어야 하나, 국내의 경우 의료 정보 유출에 대한 법령과 체계적인 지침 등이 미흡한 상태이다. 이에 본 논문에서는 전자 문서 교환 표준으로 제안되고 있는 XML을 이용하여 의료 데이터가 전송 공유 가능한 병원 정보 교환 시스템(Hospital Information Exchange System : HIES)을 구축하고 데이터 접근 및 전송에 적용 가능한 보안 기법을 소개하고 있다.

  • PDF

Personal Information Protection for Biometric Verification based TeleHealth Services (바이오인식을 이용한 원격의료에서의 개인정보보호)

  • Shin, Yong-Nyuo;Chun, Myung-Geun
    • Journal of the Korean Institute of Intelligent Systems
    • /
    • v.20 no.5
    • /
    • pp.659-664
    • /
    • 2010
  • This paper provides an integrated framework for biometric data and private information protection in TeleHealth. Biometric technology is indispensable in providing identification and convenience in the TeleHealth environment. Once biometric information is exposed to mallicious attacker, he will suffer great loss from the illegferuse of his biometric data by someone else because of difficulty of change not like ID and password. We have to buil by someone esystem data bon the integrated framework for biometric data and private information protection in TeleHealth. First, we consider the structure of the biometric system and the security requirements of y someone esystem data bon the biometrics. And then, we define the TeleHealth system model and provide the vulnerabilities and countermeasures of the biometric-data by someone eintegrated model.byhe TeleHealth sse bec requires two-phata authentication for countermeasure. Finally, we made some functionferrequirements for main componenets of biometric-data bintegrated TeleHealth system framework to protect biometric data.

Information Security Management in Healthcare Area (보건의료정보 보호관리 모델 개발)

  • Jeong, Hey-Jeong;Kim, Nam-Hyun
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2005.11a
    • /
    • pp.953-956
    • /
    • 2005
  • 보건의료정보는 개인의 가장 민감한 정보로 최상의 보호가 이뤄져야하는 한편, 국민 건강과 복지 향상을 위한 공익의 성격도 강하여 관리와 책임에 대한 명확한 지침이 반드시 필요하다. 본 연구에서는 보건의료 부문의 특성과 정보화 현황을 반영하고 선행연구의 한계점을 보완하여 국내 보건의료 환경에 적합한 정보보호관리 모델을 개발하였다. BS7799, HIPAA Security Rule, HL7 EHR SIG 기능명세 등을 참고하여 필요성, 정보보호 목적/전략 수립, 위험분석/평가, 정보보호관리 정책수립, 정보보호관리 프레임워크 설계, 관리적 보안, 물리적 보안, 기술적 보안, 정보보호관리 평가,운영관리의 총 10개 세부 프로세스와 111개의 이행지표로 구성된 본 모델은 보건의료정보 취급자에게 실행 지침을 제공하여 보건의료정보시스템의 안정성 향상과 국민 보건복지 수준 향상에 이바지할 수 있을 것으로 기대된다.

  • PDF

A Study on the Improvement of Information Security Model for Precision Medicine Hospital Information System(P-HIS) (정밀의료 병원정보시스템(P-HIS) 정보보호모델 개선 방안에 관한 연구)

  • Dong-Won Kim
    • Convergence Security Journal
    • /
    • v.23 no.1
    • /
    • pp.79-87
    • /
    • 2023
  • Precision Medicine, which utilizes personal health information, genetic information, clinical information, etc., is growing as the next-generation medical industry. In Korea, medical institutions and information communication companies have coll aborated to provide cloud-based Precision Medicine Hospital Information Systems (P-HIS) to about 90 primary medical ins titutions over the past five years, and plan to continue promoting and expanding it to primary and secondary medical insti tutions for the next four years. Precision medicine is directly related to human health and life, making information protecti on and healthcare information protection very important. Therefore, this paper analyzes the preliminary research on inform ation protection models that can be utilized in cloud-based Precision Medicine Hospital Information Systems and ultimately proposes research on ways to improve information protection in P-HIS.

An Analysis on Role of Stakeholders for Security System in Smart Healthcare Environment (스마트 의료환경에서 보안체계 구축을 위한 이해관계자 역할 분석)

  • Kim, Yanghoon;Jeong, Wonwho
    • The Journal of Society for e-Business Studies
    • /
    • v.24 no.1
    • /
    • pp.17-27
    • /
    • 2019
  • With the occurrence of the 4th Industrial Revolution, environmental change is happening in the healthcare industry as overall flow of Industry heads to ICT-based business environment. Healthcare Industry, which has the characteristic of public goods, is requiring a reliability and continuity of healthcare industry, however, the introduction of security is being delayed due to the problem of compatibility and extendability of existing system. Accordingly, in this research, we have built a section and role for stakeholders to be concerned in order to induce, analyze and introduce a needed security technology for rapidly building a security system in a smart healthcare environment. We have suggested a possibility of extendability regarding a multi-dimensional effort of stakeholders for establishing a healthcare security system.

Design of 3-Tier Security Mechanism for Improving Security of the Implantable Medical Devices (체내 이식형 의료기기의 보안성 향상을 위한 3-Tier 보안 메커니즘 설계)

  • Ahn, Seung-Hyun;Park, Chang-Seop;Park, Joo-Ho
    • Convergence Security Journal
    • /
    • v.14 no.3_1
    • /
    • pp.11-19
    • /
    • 2014
  • As both medical and IT technologies advance, convergent medical technologies such as implantable medical devices are receiving a lot of attentions from the research and medical appliance market. On the other hand, such a new medical service is facing several new security threats including patient privacy breach since the service is based on the wireless communication. Especially, the new security threat could induce the patient's life threatening accident, so that more secure measures should be provided. In this paper, a variety of security threats associated with the implantable medical devices are pinpointed and a new security mechanism against such threats is proposed.

The Empirical Study on the Misuse Intention Using Information System : Focus on Healthcare Service Sector (정보시스템 오남용 의도에 관한 실증적 연구 : 의료기관을 대상으로)

  • Kim, Eun Ji;Lee, Joon Taik
    • Convergence Security Journal
    • /
    • v.16 no.5
    • /
    • pp.23-31
    • /
    • 2016
  • Despite the number of security incidents in healthcare sector is considerable, earlier studies have been done in business sector. We have tried to empirically analyze the misuse intention using information system for healthcare sector. As a result, the preventative security software of the information security management have positive impact on the effectiveness of sanctions. Though further analysis is needed, the security policies, security awareness program and monitoring practices are determined to have a valid impact on the effectiveness of sanctions equivalent to the preventative security software.