• The KIPS Transactions:PartC
• /
• v.18C no.6
• /
• pp.379-388
• /
• 2011

Ensuring the security of medical records is becoming an increasingly important problem as modern technology is integrated into existing medical services. As a consequence of the adoption of EMR(Electronic Medical Records) in the health care sector, it is becoming more and more common for a health professional to edit and view a patient's record. In order to protect the patient's privacy, a secure authentication model to access the electronic medical records system must be used. A traditional identity based digital certificate for the authenticity of EMR has private key management and key escrow of a user's private key. In order to protect the EMR, The traditional authentication system is based on the digital certificate. The identity based digital certificate has many disadvantages, for example, the private key can be forgotten or stolen, and can be easily escrow of the private key. Nowadays, authentication model using fingerprint recognition technology for EMR has become more prevalent because of the advantages over digital certificate -based authentication model. Because identity-based fingerprint recognition can eliminate disadvantages of identity-based digital certificate, the proposed authentication model provide high security for access control in EMR.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.20 no.6
• /
• pp.1-8
• /
• 2019

Medical information is an important personal information for patients, and it must be protected. In particular, when medical personnel approach electronic medical records, authentication for enhanced security is essential. However, the existing public certificate-based certification model did not reflect the security characteristics of the electronic medical record(EMR) due to problems such as personal key management and authority delegation. In this study, we propose a fingerprint recognition-based authentication model with enhanced security to solve problems in the approach of the existing electronic medical record system. The proposed authentication model is an EMR system based on fingerprint recognition using PEMS (Private-key Escrow Management Server), which is applied with the private key commission protocol and the private key withdrawal protocol, enabling the problem of personal key management and authority delegation to be resolved at source. The performance experiment of the proposed certification model confirmed that the performance time was improved compared to the existing public certificate-based authentication, and the user's convenience was increased by recognizing fingerprints by replacing the electronic signature password.

• Proceedings of the Korea Society for Industrial Systems Conference
• /
• 1999.12a
• /
• pp.453-461
• /
• 1999

최근 인터넷의 보급 및 확대가 의료 환경에 중요한 변화를 가져오고 있다 인터넷이 단순히 전세계의 정보를 얻는 단계에서 벗어나 의료의 중요한 부분이라고 할 수 있는 환자의 진단과 처방을 실시할 수 있는 원격진료 시스템까지 확대되어 이용되어지고 있다. 원격 진료 시스템이란 최근 부각되고 있는 멀티미디어 시스템인 오디오, 비디오 및 문자정보를 통신을 통하여 의료의 제공, 진단, 자문, 치료, 의료의 정보전달 등을 하는 행위이다. 원격진료 시스템은 화상진료, 전자의무기록, 특정인 호출 시스템으로 구성되어 있다.

• Smart Media Journal
• /
• v.5 no.1
• /
• pp.114-121
• /
• 2016

Currently, different medical institutions have been carrying out the e-healthcare system project. The system includes electronic medical record and prescription delivery system, and, the Medical Treatment law permits electronic signature for medical record management, which reduced the relevant costs and enabled sharing medical record. And medical solution using online certificates is expanding its application. In that light, the role of certificates became more important than ever. However, in contrast to active effort made to manage personal certificates, certificates related to medical solutions and other types of work are not being managed properly. Most work-related certificates are saved in office computers, which makes them vulnerable to various security threats. Although certificate servers can be used as a solution to this problem, hospitals must build the server separately and, therefore, small and medium-size hospitals can be reluctant to bear the burden. This study proposed a way to design and implement an effective and secure certificate management system by save the certificate file as a BLOB, using existing resources without needing to build a separate certificate server, at minimized costs.

• Review of KIISC
• /
• v.16 no.5
• /
• pp.72-83
• /
• 2006

XML기반 웹서비스의 활성화와 더불어 효율적인 데이터 호출 및 통합을 위해, XML 문서 안에 웹서비스 호출 노드를 내장할 수 있는 Active XML(AXML) 문서가 개발되었다. 본 논문에서는 기존 전송계층 보안 프로토콜 및 WS-Security의 제한점을 방지하기 위한, AXML 문서의 내장형 웹서비스 호출과 XML-Encryption 및 XML-Signature 보안 표준을 통합한 데이터 암호화 및 전자서명 방식에 대해 소개한다. 또한, '전자의료 시스템' 예제를 통해 AXML 문서를 이용한 중첩된 웹서비스 호출 및 쿼리위임 방식에 대해 소개한다. 마지막으로, 기존 보안성 정형분석 방법의 확장을 통한 AXML 시스템의 보안 취약 가능성에 대해 언급하고자 한다.

• Journal of Digital Convergence
• /
• v.16 no.1
• /
• pp.217-229
• /
• 2018

Electronic Health Record (EHR) systems are widely adopted worldwide in hospitals for generating and exchanging records of patient information. Recent developments are moving towards implementing interoperable EHR systems that enable information to be shared seamlessly across healthcare organizations. In this context, this paper explores the factors that cause medical information privacy concerns, identifies how people react to privacy invasion and what their perceptions are towards the acceptance of the EHR system. Interviews were conducted to draw a grounded theory on medical information privacy concerns in the use of EHRs. Medical information privacy concerns are caused by perceived sensitivity of medical information and the weaknesses in security technologies. Trust in medical professionals, medical institutions and technologies plays an important role in determining people's reaction to privacy invasion and their perceptions on the use of EHRs.

• Journal of the Health Care and Life Science
• /
• v.9 no.1
• /
• pp.1-9
• /
• 2021

In this study, a model in which certification standards were added to the health information management practice program was studied and presented in order to understand the EMR certification standards implemented by the Korea Health and Medical Information Service. In the practice program, the certification standard function for patient information management was added to the health information management education system to practice and understand patient information management that corresponds to the functional standard of the EMR certification system. The EMR certification standard practice program for patient information management is composed of the following certification standards. registration number and personal information management, treatment reservation schedule management, personal information revision history management, identification of people with the same name, integrated management of multiple registration numbers, patient search by identification information, patient search by health care type, surgical procedure consent record and inquiry, record/inquiry of consent form for personal information use, display of life-sustaining medical decision information, registration/inquiry of external medical institution documents, registration and inquiry of external examination results. In this way, by operating and practicing the functions of the health information system according to the certification standards, it is possible to understand and practice the certification standards and details of patient information management in the functional area of the certification standards. In addition, since the function of the EMR certification standard can be checked, it will be possible to improve the management ability of the electronic medical record system of the health information manager in the medical institution.

• The Journal of the Korea institute of electronic communication sciences
• /
• v.15 no.1
• /
• pp.199-204
• /
• 2020

With the development of IT. convergence systems are applied and operated in many different fields. A representative field among them is medical service, which develops in diverse types in combination with nano-technology and bio technology. However, there is a lack of technical innovation in terms of medical data operation and management. For example, data and documents are saved and integrated separately depending on their forms when electronic health records or data like SAM files are transmitted or kept. In other cases, such records and data are still kept after being recorded in paper. This study tries to design and implement the EMR system that makes it possible to capsulize forms of data and documents and to digitalize documents in work process as they are in terms of operation and storage. The system is expected to support efficient operation of electronic documents in the aspects of work and management.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.04a
• /
• pp.916-919
• /
• 2012

EMR(Electronic Medical Records) 시스템은 기존의 의무 기록을 전산화 한 것으로 의료 서비스 시용자의 신체정보 및 진료정보 등을 전산화 하여 저장하는 시스템이다. 노령화 사회로 들어서게 되면서 많은 의료 소비자들이 의료 서비스 기관들에 발걸음이 잦아지고 각 환자마다 늘어나게 될 데이터를 좀 더 효율적으로 관리할 수 있는 EMR의 필요성이 대두되고 있다. 본 논문은 현재 IT트렌드의 흐름을 살펴보고 의료 정보 기술과 접목한 새로운 차세대 EMR 기술을 분석하고 그 발전 방향을 제시하고자 한다.

• Journal of the Korean Society for information Management
• /
• v.33 no.4
• /
• pp.245-267
• /
• 2016

ARMA International has been leading education and publication in records and information management industry worldwide. This study aimed to trace issues and trends in international records and information management field through analysing the articles brought up in Information Management, which is ARMA International's official magazine. Further analysis was also conducted on noticeable subjects from the magazine in order to realize where we currently are. Scanning the contents of Information Management would definitely provide with implications and suggestions to Korean private companies as well as records management communities.