• Proceedings of the Korea Information Processing Society Conference
• /
• 2012.11a
• /
• pp.958-960
• /
• 2012

본 논문에서는 사용자에게 PHR(PHR : Personal Health Record) 서비스를 제공 할 때 발생 가능한 개인정보변조 및 유출에 대한 위협에 대응하기 위하여 PHR과 ECC(ECC : Elliptic Curve Cryptosystem)에 대한 연구 및 안전한 개인정보 전송을 위한 XML 형식의 PHR 서비스 메시지 구조설계와 ECC 알고리즘 기법을 이용한 PHR 암 복호화 시스템을 설계하였다.

• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.16 no.5
• /
• pp.117-123
• /
• 2016

In recent years, Personal Health Record (PHR) has emerged as a patient-centric model of health information exchange. The Personal Health Record (PHR) owners enjoy the full right of accessing their records anywhere and anytime making storage and retrieval more efficient. Due to the sensitivity and confidential nature of the PHR, however, the PHR is maintained in a secure and private environment with the individual determining rights of access. In this paper, we propose a system which enables access to the user's PHR in the event of emergency. In emergency situation where the user is unconscious, the emergency staff can use the PHR information to request a emergency access to the PHR server based on the predefined rights of access for PHR. Under the proposed system, the PHR owner can specify a fine grain access control policy during emergency situations.

• Journal of the Korean Society for information Management
• /
• v.41 no.1
• /
• pp.283-311
• /
• 2024

This study examined the factors affecting the intention of the public to share electronic medical records(EMR) based on the theory of reasoned action and the privacy calculus model. It also investigated whether the purpose of EMR sharing varies depending on personal characteristics, such as the degree of interest in health and personal medical history. According to an online survey of 145 people, altruistic enjoyment, awareness of personal information protection, recognition of legal and institutional roles, and interest in health had a positive impact on the level of EMR sharing, and trust in hospitals positively adjusted the relationship between recognition of legal and institutional roles and sharing intentions. Accordingly, we confirmed that the public recognized the role of the government and hospitals in the sharing process as necessary. The public interest benefits of sharing are critical to activating public participation in the sharing of EMR, and it is also essential to prepare guidelines that legally guarantee the security and proper use of EMR.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2014.10a
• /
• pp.699-700
• /
• 2014

The use of Radio Frequency Identification technology (RFID) in medical context enables not only drug identification, but also a rapid and precise identification of patients, physicians, nurses or any other healthcare giver. The combination of RFID tag identification with structured and secured Internet of Things (IoT) solutions enables ubiquitous and easy access to medical related records, while providing control and security to all interactions. This paper defines a basic security architecture, easily deployable on mobile platforms, which would allow to establish and manage a medication prescription service in mobility context making use of electronic Personal Health Records. This security architecture is aimed to be used with a mobile e-health application (m-health) through a simple and intuitive interface, supported by RFID technology. This architecture, able to support secured and authenticated interactions, will enable an easy deployment of m-health applications. The special case of drug administration and ubiquitous medication control system, along with the corresponding Internet of Things context, is presented.

• Journal of Gastric Cancer
• /
• v.15 no.2
• /
• pp.121-126
• /
• 2015

Purpose: We evaluated the socio-personal and clinical factors that can affect preoperative quality of life to determine how to improve preoperative quality of life in patients with gastric cancer. Materials and Methods: The preoperative quality of life data of 200 patients (68 females and 132 males; mean age $58.9{\pm}12.6years$) with gastric cancer were analyzed according to socio-personal and clinical factors. The Korean versions of the European Organization for Research and Treatment of Cancer (EORTC) Quality of Life Questionnaire Core (QLQ) 30 and the EORTC QLQ-STO22, a gastric cancer-specific module, were used to assess quality of life. Patients were asked to complete the questionnaire preoperatively by themselves. Results: Patients with a higher academic background and stage I disease tended to have higher global health status scores. Highly educated younger men had better physical functioning scores. Highly educated and well-nourished patients with stage I cancer had higher role functioning scores. Married patients had better emotional scores. The symptom scales were affected by sex, age, education level, nutrition, and cancer stage. Conclusions: Preoperative quality of life in patients with gastric cancer can be improved by nutritional support and treatment of symptoms caused by disease progression. Psychological support may be helpful for patients with a poor quality of life.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.4
• /
• pp.1832-1853
• /
• 2018

The personal health record (PHR) system is a promising application that provides precise information and customized services for health care. To flexibly protect sensitive data, attribute-based encryption has been widely applied for PHR access control. However, escrow, exposure and abuse of private keys still hinder its practical application in the PHR system. In this paper, we propose a coordinated ciphertext policy attribute-based access control with user accountability (CCP-ABAC-UA) for the PHR system. Its coordinated mechanism not only effectively prevents the escrow and exposure of private keys but also accurately detects whether key abuse is taking place and identifies the traitor. We claim that CCP-ABAC-UA is a user-side lightweight scheme. Especially for PHR receivers, no bilinear pairing computation is needed to access health records, so the practical mobile PHR system can be realized. By introducing a novel provably secure construction, we prove that it is secure against selectively chosen plaintext attacks. The analysis indicates that CCP-ABAC-UA achieves better performance in terms of security and user-side computational efficiency for a PHR system.

• Journal of Internet Computing and Services
• /
• v.18 no.6
• /
• pp.75-84
• /
• 2017

As there has been growing interests in PHR-based personalized health management project, various institutions recently explore safe methods of recording personal medical and health information. In particular, innovative medical solution can be realized when medical researchers and medical service institutes can generally get access to patient data. As EMR data is extremely sensitive, there has been no progress in clinical information exchange. Moreover, patients cannot get access to their own health data and exchange it with researchers or service institutions. It can be operated in terms of technology, yet policy environment are affected by state laws as well as Privacy and Security Policy. Blockchain technology-independent, in transaction, and under test-is introduced in the medical industry in order to settle these problems. In other words, medical organizations can grant preliminary approval on patient information exchange by using the safely encrypted and distributed Blockchain ledger and can be managed independently and completely by individuals. More apparently, medical researchers can gain access to information, thereby contributing to the scientific advance in rare diseases or minor groups in the world. In this paper, we focused on how to manage personal medical information and its protective use and proposes medical treatment exchange system for patients based on a permissioned Blockchain network for the safe PHR operation. Trusted Model for Sharing Medical Data (TMSMD), that is proposed model, is based on exchanging information as patients rely on hospitals as well as among hospitals. And introduce medical treatment exchange system for patients based on a permissioned Blockchain network. This system is a model that encrypts and records patients' medical information by using this permissioned Blockchain and further enhances the security due to its restricted counterfeit. This provides service to share medical information uploaded on the permissioned Blockchain to approved users through role-based access control. In addition, this paper presents methods with smart contracts if medical institutions request patient information complying with domestic laws by using the distributed Blockchain ledger and eventually granting preliminary approval for sharing information. This service will provide an independent information transaction and the Blockchain technology under test will be adopted in the medical industry.

• Journal of Digital Convergence
• /
• v.12 no.9
• /
• pp.123-131
• /
• 2014

The demand of the real-time data was promoted by significant development of network and IT technology. In particular, the entry of an aging society and income growth increase the demand for personal health related data which attempt to provide various and evolutional healthcare services by several healthcare institutions. Especially the presentation of the medical examination result is the most basic healthcare services which should be expressed to maximize understanding in personal health records for their own health. However according to absence of systematic visualization framework and visualization model, intuitive understanding of healthcare related data is difficult. Cosequently In this study, customized visualization representation based on the results of medical examination was provided to aviod consistent format for health examinee and establish a variety of data representations.

• The Korean Society of Law and Medicine
• /
• v.24 no.2
• /
• pp.35-77
• /
• 2023

As the amendment to the Personal Information Protection Act, which newly established the basis for the right to request transmission of personal information, was promulgated through the plenary session of the National Assembly, MyData, which was previously applied only to the financial sector, could spread to all fields. The right to request transmission of personal information is the right of the information subject to be guaranteed for the realization of MyData. However, since the right to request transmission of personal information stipulated in the Personal Information Protection Act is designed to be applied to all fields, not a special field such as the medical field, it has many shortcomings to act as a core basis for implementing MyData in Medicine. Based on this awareness of the problem, this paper compares and analyzes major legal trends related to the right to portability of personal health information at home and abroad, and examines the limitations of Korea's Personal Information Protection Act and Medical Act in realizing Medical MyData. Under the Personal Information Protection Act, the right to request transmission of personal information is insufficient to apply to the medical field, such as the scope of information to be transmitted, the transmission method, and the scope of the person obligated to perform the transmission, etc.. Regulations on the right to access medical information and transmission of medical records under the Medical Act also have limitations in implementing the full function of Medical My Data in that the target information and the leading institution are very limited. In order to overcome these limitations, this paper prepared a separate and independent special law to regulate matters related to the use and protection of personal health information as a measure to improve the legal system that can effectively guarantee the right to portability of personal health information, taking into account the specificity of the medical field. It was proposed to specifically regulate the contents of the movement and transmission system of personal health information.

• Journal of Korean Medical Science
• /
• v.33 no.53
• /
• pp.343.1-343.8
• /
• 2018

Background: Linkage of public healthcare data is useful in stroke research because patients may visit different sectors of the health system before, during, and after stroke. Therefore, we aimed to establish high-quality big data on stroke in Korea by linking acute stroke registry and national health claim databases. Methods: Acute stroke patients (n = 65,311) with claim data suitable for linkage were included in the Clinical Research Center for Stroke (CRCS) registry during 2006-2014. We linked the CRCS registry with national health claim databases in the Health Insurance Review and Assessment Service (HIRA). Linkage was performed using 6 common variables: birth date, gender, provider identification, receiving year and number, and statement serial number in the benefit claim statement. For matched records, linkage accuracy was evaluated using differences between hospital visiting date in the CRCS registry and the commencement date for health insurance care in HIRA. Results: Of 65,311 CRCS cases, 64,634 were matched to HIRA cases (match rate, 99.0%). The proportion of true matches was 94.4% (n = 61,017) in the matched data. Among true matches (mean age 66.4 years; men 58.4%), the median National Institutes of Health Stroke Scale score was 3 (interquartile range 1-7). When comparing baseline characteristics between true matches and false matches, no substantial difference was observed for any variable. Conclusion: We could establish big data on stroke by linking CRCS registry and HIRA records, using claims data without personal identifiers. We plan to conduct national stroke research and improve stroke care using the linked big database.