[go: up one dir, main page]

CN116743513B - A safe operation method and system for remote access to electronic medical records - Google Patents

A safe operation method and system for remote access to electronic medical records Download PDF

Info

Publication number
CN116743513B
CN116743513B CN202311031963.3A CN202311031963A CN116743513B CN 116743513 B CN116743513 B CN 116743513B CN 202311031963 A CN202311031963 A CN 202311031963A CN 116743513 B CN116743513 B CN 116743513B
Authority
CN
China
Prior art keywords
data
verification
group
electronic medical
identification
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN202311031963.3A
Other languages
Chinese (zh)
Other versions
CN116743513A (en
Inventor
杨文菊
张娜
廖辛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Second Affiliated Hospital Army Medical University
Original Assignee
Second Affiliated Hospital Army Medical University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Second Affiliated Hospital Army Medical University filed Critical Second Affiliated Hospital Army Medical University
Priority to CN202311031963.3A priority Critical patent/CN116743513B/en
Publication of CN116743513A publication Critical patent/CN116743513A/en
Application granted granted Critical
Publication of CN116743513B publication Critical patent/CN116743513B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/123Applying verification of the received information received data contents, e.g. message integrity
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16HHEALTHCARE INFORMATICS, i.e. INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR THE HANDLING OR PROCESSING OF MEDICAL OR HEALTHCARE DATA
    • G16H10/00ICT specially adapted for the handling or processing of patient-related medical or healthcare data
    • G16H10/60ICT specially adapted for the handling or processing of patient-related medical or healthcare data for patient-specific data, e.g. for electronic patient records
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0442Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply asymmetric encryption, i.e. different keys for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/40Network security protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/88Medical equipments

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Epidemiology (AREA)
  • General Health & Medical Sciences (AREA)
  • Medical Informatics (AREA)
  • Primary Health Care (AREA)
  • Public Health (AREA)
  • Medical Treatment And Welfare Office Work (AREA)

Abstract

本发明涉及医疗通信技术领域,具体而言,涉及一种电子病历远程调阅的安全操作方法及系统,该方法的步骤包括:结合电子病历及对应的医疗数据,以表征为电子病历数据包,并将电子病历数据包划分为验证组与数据组;依次对验证组与数据组进行数据重组,并将验证组与数据组的标识位设定为特定通信协议,以表征为验证组与数据组之间的通信验证方式,形成重组后的验证组与数据组;通过验证组对数据组进行迭代验证,以数据重合度作为判定标准,若数据重合度低于阈值,则对验证组与数据组进行完整度识别,进行相应处理后,重新进行迭代验证,直至数据重合度达到阈值;若数据重合度达到阈值,则完成验证并接收电子病历数据包的通信传输。

The present invention relates to the field of medical communication technology. Specifically, it relates to a safe operation method and system for remote access of electronic medical records. The steps of the method include: combining electronic medical records and corresponding medical data to represent an electronic medical record data package, And divide the electronic medical record data package into a verification group and a data group; reorganize the data of the verification group and the data group in turn, and set the identification bits of the verification group and the data group to a specific communication protocol to represent the verification group and the data group. The communication verification method between them forms the reorganized verification group and data group; the data group is iteratively verified through the verification group, and the data overlap is used as the criterion. If the data overlap is lower than the threshold, the verification group and the data group are Completeness identification is performed, and after corresponding processing, iterative verification is performed again until the data coincidence degree reaches the threshold; if the data coincidence degree reaches the threshold, the verification is completed and the communication transmission of the electronic medical record data packet is received.

Description

Safe operation method and system for remotely retrieving electronic medical records
Technical Field
The invention relates to the technical field of medical communication, in particular to a safe operation method and system for remotely retrieving an electronic medical record.
Background
Along with continuous innovation of technology, telemedicine has become a popular inquiry mode for people. In the present day, in telemedicine, a doctor side mainly depends on an electronic medical record of a patient side and related data of historical medical treatment to perform processing, but on one hand, hospitals included in telemedicine are numerous, communication protocols of all hospitals are not uniform, safety risks of patient side medical privacy data transmission are easy to increase, on the other hand, in terms of rapid development of big data age, if telemedicine does not have corresponding secret operation on patient side medical privacy data, leakage of patient side medical privacy data is very easy to be caused, and great trouble is caused to a patient. Based on the above, we have devised a safe operation method and system for remote retrieval of electronic medical records.
Disclosure of Invention
The invention aims to provide a safe operation method and a safe operation system for remotely retrieving an electronic medical record, which are used for verifying the relevance between a group and a data group by verifying the electronic medical record at a patient end and related data of historical medical treatment, implementing communication encryption and data encryption of the related data of the electronic medical record and the historical medical treatment, solving the technical problems of great trouble to patients caused by leakage of medical privacy data at the patient end and reducing the safety risk of medical privacy data transmission at the patient end.
The embodiment of the invention is realized by the following technical scheme:
a safe operation method for remotely retrieving electronic medical records includes the steps:
combining the electronic medical record and the corresponding medical data to characterize the electronic medical record as an electronic medical record data packet, and dividing the electronic medical record data packet into a verification group and a data group;
sequentially carrying out data recombination on the verification group and the data group, setting identification bits of the verification group and the data group as a specific communication protocol to characterize a communication verification mode between the verification group and the data group, and forming a recombined verification group and data group;
performing iterative verification on the data set through the verification set, taking the data overlap ratio as a judgment standard, if the data overlap ratio is lower than a threshold value, performing integrity recognition on the verification set and the data set, and performing iterative verification on the data set through the verification set again after performing corresponding processing on the integrity recognition result until the data overlap ratio reaches the threshold value; if the data overlap ratio reaches a threshold value, completing verification and receiving communication transmission of the electronic medical record data packet;
wherein, the objective function for integrity recognition of the verification group and the data group is as follows:
wherein ,for the objective function of integrity recognition, for measuring the gap between the model predicted result and the actual result,/>number of data samples +.>For the eigenvalue of the ith sample, +.>For the integrity of the ith sample, if the data is complete, set to 1, if the data is incomplete, set to 0, < >>For the model prediction result of the ith sample, < +.>For parameters of the model, +.>For regularization parameters for controlling model complexity, prevent overfitting, +.>Is the j-th parameter of the model;
the verification group consists of a named field and a measurement field, wherein the data reorganization of the verification group is specifically as follows: randomly segmenting the measurement field according to a pre-stored setting, carrying out data aggregation on the named field and the measurement field of each segment to form aggregation data of each segment, and setting a specific communication protocol at the identification bit of the aggregation data of each segment.
Optionally, the data set is composed of original data, wherein the data reorganization of the data set specifically includes: dividing the original data according to batches based on the measurement fields after random segmentation, enabling the divided batches of original data to be consistent with the measurement fields of the segments, sequentially carrying out data compression and communication encryption on the batches of original data, and setting a specific communication protocol at the identification position of the batches of original data.
Optionally, the communication encryption specifically adopts a set single key and/or public key communication encryption algorithm, and the communication encryption is carried out on each batch of original data after data compression through the set single key and/or public key communication encryption algorithm.
Optionally, a decryption module corresponding to a set single key and/or public key communication encryption algorithm is further arranged in the verification group.
Optionally, the iterative verification is performed on the data set through the verification group, and the specific process is as follows:
carrying out specific communication protocol verification on the identification bits of each piece of sectional aggregate data and the identification bits of each batch of original data;
if the verification is a specific communication protocol, the verification is performed again through a named field, if the verification is passed, data decryption and data decompression are sequentially performed on each batch of original data, iterative matching is performed on each batch of original data and each segmented measurement field until the matching of each batch of original data and each segmented measurement field is completed, and then the data overlap ratio is obtained based on the matching result;
if the verification is the specific communication protocol, the verification is performed again through the named field, if the verification of the named field fails, the verification is judged to fail, and the flow is ended;
if the identification bit of each piece of segment aggregate data and/or the identification bit of each batch of original data is verified to be not in a specific communication protocol, judging that verification fails, and carrying out warning marking on the identification bit which is not in the specific communication protocol, and ending the flow.
Optionally, before dividing the electronic medical record data packet, the method further includes a data preprocessing step for the electronic medical record data packet, where the data preprocessing step sequentially includes:
adopting a K adjacent algorithm to carry out data complement and data correction on the electronic medical record data packet;
and adopting a median method to correct the data missing of the electronic medical record data packet.
A safe operation system for remotely retrieving electronic medical records is applied to the safe operation method for remotely retrieving electronic medical records, and comprises the following steps:
the sending end packages the electronic medical record and the corresponding medical data, names the sending end and the receiving end for the packaged data, and transmits the processed packaged data to the receiving end after sequentially carrying out protocol identification and setting processing on the named packaged data;
the receiving end sequentially verifies the protocol identification and the name of the sending end and the receiving end of the packed data, and after the verification is passed, the processed packed data is restored and the restored packed data is received.
The technical scheme of the embodiment of the invention has at least the following advantages and beneficial effects:
according to the embodiment of the invention, the relevance between the group and the data group is verified by the electronic medical record of the patient side and the related data of the historical medical treatment, and the communication encryption and the data encryption of the related data of the electronic medical record and the historical medical treatment are implemented, so that the problem of leakage of the medical privacy data of the patient side is solved, the technical problem of great trouble on the patient is solved, and the safety risk of the medical privacy data transmission of the patient side is reduced.
Drawings
FIG. 1 is a schematic overall flow chart of a method for remotely retrieving electronic medical records according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of the logic for performing iterative verification of a data set by a verification group according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Referring to fig. 1, an embodiment of the present invention provides an overall flow diagram of a method for remotely retrieving an electronic medical record.
A safe operation method for remotely retrieving electronic medical records includes the steps:
combining the electronic medical record and the corresponding medical data to characterize the electronic medical record as an electronic medical record data packet, and dividing the electronic medical record data packet into a verification group and a data group;
sequentially carrying out data recombination on the verification group and the data group, setting identification bits of the verification group and the data group as a specific communication protocol to characterize a communication verification mode between the verification group and the data group, and forming a recombined verification group and data group;
performing iterative verification on the data set through the verification set, taking the data overlap ratio as a judgment standard, if the data overlap ratio is lower than a threshold value, performing integrity recognition on the verification set and the data set, and performing iterative verification on the data set through the verification set again after performing corresponding processing on the integrity recognition result until the data overlap ratio reaches the threshold value; if the data overlap ratio reaches a threshold value, completing verification and receiving communication transmission of the electronic medical record data packet.
The objective function for integrity recognition of the validation set and the data set is as follows:
wherein ,for the purpose of integrity recognition, an objective function is used to measure the difference between the model predicted outcome and the actual outcome,/>Number of data samples +.>For the eigenvalue of the ith sample, +.>For the integrity of the ith sample, if the data is complete, set to 1, if the data is incomplete, set to 0, < >>For model pair ith samplePrediction result of the present, ->For parameters of the model, +.>For regularization parameters for controlling model complexity, prevent overfitting, +.>Is the j-th parameter of the model.
In this embodiment, the electronic medical record is defined as that all necessary fields are filled in, and the field values are determined to be complete in a reasonable range, and then the present embodiment may extract some features, for example, whether each field is filled in, whether the field values are within a reasonable range, the length of the field values, etc., based on the foregoing, the present embodiment trains a data integrity recognition model, and sets an objective function of the model to execute the functions in the foregoing steps. In practical applications, the problem of unbalance of data needs to be considered, that is, if most of the data of the electronic medical records are complete, the model is set to favor the prediction of the data to be complete, and it can be understood that, if the situation occurs, the embodiment can solve the problem by means of oversampling, undersampling or modifying an objective function, and the like, besides the application.
The algorithm provided by the embodiment can improve the accuracy and generalization capability of the model, has the advantages of strong interpretability, simple algorithm and the like, and is beneficial to improving the integrity recognition accuracy of the electronic medical record data.
In the implementation process, the patient end may package the electronic medical record and the related data of the history medical treatment (corresponding medical data), aggregate to form an electronic medical record data packet, and upload the electronic medical record data packet to the cloud end, where the cloud end divides the electronic medical record data packet of the patient end into an authentication group and a data group respectively, the authentication group corresponds to the data group one by one, the cloud end performs identification of a specific communication protocol on the data packet header of the authentication group and the data group respectively, and after performing corresponding processing on the authentication group and the data group respectively, sends the authentication group and the data group to a specific hospital and/or a specific doctor (i.e. a receiving end) selected by the patient end, and the specific hospital and/or the specific doctor firstly determines whether the identification position (i.e. the data packet head position) between the authentication group and the data group is the specific communication protocol according to the acquired authentication group, if the authentication group is not, the specific hospital and/or the specific doctor reselects the data group (in practical application, the specific doctor and/or the specific doctor may receive a plurality of authentication groups and the data group, therefore, if the authentication group is selected by the authentication group fails, the communication protocol is performed again, and the communication protocol is performed again by the specific authentication protocol, and the communication protocol is performed again, if the authentication is performed in the specific data group and the communication protocol is failed, if the names of the patient and the specific hospital and/or the specific doctor pass the verification, the specific hospital and/or the specific doctor receives the electronic medical record data packet of the patient end, or remotely reviews the electronic medical record data packet of the patient end in the cloud under a specific communication protocol.
In the implementation process, before the electronic medical record data packet is divided, the method further comprises a data preprocessing step of the electronic medical record data packet, and the data preprocessing step sequentially comprises the following steps: adopting a K adjacent algorithm to carry out data complement and data correction on the electronic medical record data packet; and adopting a median method to correct the data missing of the electronic medical record data packet.
In one embodiment, the verification group is composed of a named field and a measurement field, wherein the data reorganization of the verification group is specifically: randomly segmenting the measurement field according to a pre-stored setting, carrying out data aggregation on the named field and the measurement field of each segment to form aggregation data of each segment, and setting a specific communication protocol at the identification bit of the aggregation data of each segment.
In the implementation process, the verification group is characterized as verification data of related data of the electronic medical record of the patient and the historical medical treatment, the named field is characterized as digital signature of the patient and the specific hospital and/or the specific doctor, the measurement field is characterized as total data length of original data in the data group, the cloud end randomly segments the measurement field according to pre-stored settings to obtain a plurality of measurement fields with different lengths, at this time, the named field and the plurality of measurement fields with different lengths are subjected to data aggregation to obtain a plurality of measurement fields with named fields with different lengths, namely, the segmented aggregated data in the embodiment, and the specific communication protocol is integrated at the identification position of the segmented aggregated data.
In one embodiment, the data set is composed of raw data, wherein the data reorganization of the data set is specifically: dividing the original data according to batches based on the measurement fields after random segmentation, enabling the divided batches of original data to be consistent with the measurement fields of the segments, sequentially carrying out data compression and communication encryption on the batches of original data, and setting a specific communication protocol at the identification position of the batches of original data.
In the implementation process, the data set is characterized as the electronic medical record of the patient and related data of the history medical treatment, in the processing of the verification set and the data set, the data processing of the verification set is finished firstly, and then the data processing of the data set is finished based on the verification set, so that the original data is divided into the original data with different lengths of each batch according to batches based on the measurement fields after random segmentation, the original data with different lengths of each batch can be matched with the measurement fields with different lengths, and then the data compression and communication encryption are sequentially carried out on the original data of each batch to form each encrypted data packet, and a specific communication protocol is set at the identification position of each encrypted data packet.
In one embodiment, the communication encryption specifically adopts a set single key and/or public key communication encryption algorithm, and the communication encryption is carried out on each batch of original data after data compression through the set single key and/or public key communication encryption algorithm.
In the implementation process, the cloud end can adopt a set single key communication encryption algorithm or a public key communication encryption algorithm to carry out communication encryption on each batch of raw data after data compression so as to ensure the safety of medical privacy data of patients.
More specifically, the single-key and/or public-key communication encryption algorithm can be set by adopting data encryption standard algorithm, digital signature algorithm algorithm and the like.
In one embodiment, a decryption module corresponding to the set single key and/or public key communication encryption algorithm is further arranged in the verification group.
In the implementation process, since the verification group and the data group are in one-to-one correspondence, the specific data group can be verified through the specific verification group, that is, the decryption module is arranged in the verification group, and after the verification group successfully verifies the data group, the data group can be decrypted through the corresponding decryption module.
Referring to FIG. 2, an embodiment of the present invention provides a logical schematic of an iterative validation of a data set by a validation set.
In one embodiment, the iterative verification of the data set by the verification group comprises the following specific procedures:
carrying out specific communication protocol verification on the identification bits of each piece of sectional aggregate data and the identification bits of each batch of original data;
if the verification is a specific communication protocol, the verification is performed again through a named field, if the verification is passed, data decryption and data decompression are sequentially performed on each batch of original data, iterative matching is performed on each batch of original data and each segmented measurement field until the matching of each batch of original data and each segmented measurement field is completed, and then the data overlap ratio is obtained based on the matching result;
if the verification is the specific communication protocol, the verification is performed again through the named field, if the verification of the named field fails, the verification is judged to fail, and the flow is ended;
if the identification bit of each piece of segment aggregate data and/or the identification bit of each batch of original data is verified to be not in a specific communication protocol, judging that verification fails, and carrying out warning marking on the identification bit which is not in the specific communication protocol, and ending the flow.
In the implementation process, the specific hospital and/or the specific doctor firstly judges whether the specific communication protocol set by the identification bit of each piece of sectional aggregation data of the verification group is consistent with the specific communication protocol set by the identification bit of each batch of raw data, namely, the first screening is carried out in the embodiment, if the identification bit of each piece of sectional aggregation data and/or the identification bit of each batch of raw data are judged to be not the specific communication protocol, the specific hospital and/or the specific doctor judges that the verification fails, the specific hospital and/or the specific doctor carries out warning marking on the identification bit which is not the specific communication protocol, and uploads the identification bit to the cloud, if the verification is the specific communication protocol, the verification is carried out again through the named field of the verification group, the verification is carried out specifically to judge whether the verification is the specific hospital and/or the specific doctor, if the verification is failed through the named field, the verification is judged to be failed, the specific hospital and/or the specific doctor submits the data group to the cloud, if the verification is successful through the named field, the specific doctor and/or the specific doctor sequentially carries out decryption module in the verification on each piece of raw data in the data group, the decryption module in each piece of the data group carries out decryption on each piece of raw data, and the data are matched with each piece of raw data in the iteration quantity until the piece of raw data is matched with each piece of raw data, and the quality of the data is matched with each piece of raw data.
More specifically, the data overlap ratio is set to a threshold value, and because the electronic medical record at the patient end and the related data of the history medical treatment are easy to be lost due to processing errors in the processing process, the overlap ratio is used as a key factor for verifying whether the original data of the data set is completely matched with the measurement field, and therefore, in the embodiment, the threshold value is set to 0.998-1.
In the implementation process, the embodiment is applied to a safe operation method for remotely retrieving an electronic medical record, and provides a safe operation system for remotely retrieving an electronic medical record, which comprises the following steps:
the sending end packages the electronic medical record and the corresponding medical data, names the sending end and the receiving end for the packaged data, and transmits the processed packaged data to the receiving end after sequentially carrying out protocol identification and setting processing on the named packaged data;
the receiving end sequentially verifies the protocol identification and the name of the sending end and the receiving end of the packed data, and after the verification is passed, the processed packed data is restored and the restored packed data is received.
The above is only a preferred embodiment of the present invention, and is not intended to limit the present invention, but various modifications and variations can be made to the present invention by those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present invention should be included in the protection scope of the present invention.

Claims (5)

1.一种电子病历远程调阅的安全操作方法,其特征在于,该方法的步骤包括:1. A safe operation method for remote access to electronic medical records, characterized in that the steps of the method include: 结合电子病历及对应的医疗数据,以表征为电子病历数据包,并将电子病历数据包划分为验证组与数据组;Combine the electronic medical record and the corresponding medical data to represent the electronic medical record data package, and divide the electronic medical record data package into a verification group and a data group; 依次对验证组与数据组进行数据重组,并将验证组与数据组的标识位设定为特定通信协议,以表征为验证组与数据组之间的通信验证方式,形成重组后的验证组与数据组;Reorganize the data of the verification group and the data group in turn, and set the identification bits of the verification group and the data group to a specific communication protocol to represent the communication verification method between the verification group and the data group, forming the reorganized verification group and data group. data group; 通过验证组对数据组进行迭代验证,以数据重合度作为判定标准,若数据重合度低于阈值,则对验证组与数据组进行完整度识别,基于完整度识别结果进行相应处理后,重新通过验证组对数据组进行迭代验证,直至数据重合度达到阈值;若数据重合度达到阈值,则完成验证并接收电子病历数据包的通信传输;The data group is iteratively verified through the verification group, and the data coincidence degree is used as the judgment standard. If the data coincidence degree is lower than the threshold, the integrity of the verification group and the data group is identified. After corresponding processing based on the integrity identification results, the data group is passed again. The verification group iteratively verifies the data group until the data coincidence reaches the threshold; if the data coincidence reaches the threshold, the verification is completed and the communication transmission of the electronic medical record data packet is received; 其中,所述对验证组与数据组进行完整度识别的目标函数如下:Among them, the objective function for completeness identification of the verification group and the data group is as follows: , 其中,为完整度识别的目标函数,用于衡量模型预测结果与实际结果之间的差距,为数据样本的个数,/>为第i个样本的特征值,/>为第i个样本的完整度,若数据完整,设为1,若数据不完整,设为0,/>为模型对第i个样本的预测结果,/>为模型的参数,/>为正则化参数,用于控制模型复杂度,防止过拟合,/>为模型的第 j 个参数;in, is the objective function of completeness identification, used to measure the gap between the model prediction results and the actual results, is the number of data samples,/> is the characteristic value of the i-th sample,/> is the completeness of the i-th sample. If the data is complete, it is set to 1. If the data is incomplete, it is set to 0./> is the prediction result of the model for the i-th sample,/> are the parameters of the model,/> is a regularization parameter, used to control model complexity and prevent overfitting,/> is the jth parameter of the model; 所述验证组由具名字段与丈量字段所组成,其中,验证组的数据重组具体为:按照预存设置将丈量字段进行随机分段,并将具名字段与各个分段的丈量字段进行数据聚合,形成各个分段的聚合数据,并将特定通信协议设置在各个分段聚合数据的标识位处;The verification group is composed of named fields and measurement fields. The data reorganization of the verification group is specifically: randomly segmenting the measurement fields according to the pre-stored settings, and aggregating the data of the named fields and the measurement fields of each segment to form Aggregate data of each segment, and set the specific communication protocol at the identification bit of the aggregate data of each segment; 所述数据组由原始数据所组成,其中,数据组的数据重组具体为:基于随机分段后的丈量字段将原始数据按批次进行划分,使得划分后的各批次原始数据与各个分段的丈量字段保持一致,将各批次原始数据依次进行数据压缩、通信加密,并将特定通信协议设置在各批次原始数据的标识位处;The data group is composed of original data, wherein the data reorganization of the data group is specifically: dividing the original data into batches based on the randomly segmented measurement fields, so that each divided batch of original data is consistent with each segment. The measurement fields of each batch should be kept consistent, data compression and communication encryption should be performed on each batch of raw data in sequence, and a specific communication protocol should be set at the identification position of each batch of raw data; 所述通过验证组对数据组进行迭代验证,其具体过程为:The specific process of iteratively verifying the data group through the verification group is: 对各个分段聚合数据的标识位与各批次原始数据的标识位进行特定通信协议验证;Perform specific communication protocol verification on the identification bits of each segmented aggregate data and the identification bits of each batch of raw data; 若验证均为特定通信协议,则再次通过具名字段进行验证,若上述验证均通过,则依次对各批次原始数据进行数据解密、数据解压,并将各批次原始数据与各个分段的丈量字段进行迭代匹配,直至各批次原始数据与各个分段的丈量数据匹配完毕后,基于匹配结果获取数据重合度;If the verification is for a specific communication protocol, verify again through the named field. If all the above verifications pass, perform data decryption and data decompression on each batch of original data in turn, and combine each batch of original data with the measurement of each segment. The fields are iteratively matched until the original data of each batch and the measurement data of each segment are matched, and the data coincidence degree is obtained based on the matching results; 若验证均为特定通信协议,则再次通过具名字段进行验证,若具名字段验证失败,则判定为验证失败,流程结束;If the verification is for a specific communication protocol, verify again through the named field. If the verification of the named field fails, it is determined that the verification failed and the process ends; 若验证各个分段聚合数据的标识位和/或各批次原始数据的标识位不为特定通信协议,则判定验证失败,并对该不为特定通信协议的标识位进行警告标记,流程结束。If it is verified that the identification bits of each segmented aggregate data and/or the identification bits of each batch of raw data are not for a specific communication protocol, it will be determined that the verification has failed, and a warning mark will be issued for the identification bits that are not for a specific communication protocol, and the process ends. 2.根据权利要求1所述的电子病历远程调阅的安全操作方法,其特征在于,所述通信加密具体采用设定单钥和/或公钥通信加密算法,通过设定单钥和/或公钥通信加密算法对经数据压缩后的各批次原始数据进行通信加密。2. The safe operation method for remote retrieval of electronic medical records according to claim 1, characterized in that the communication encryption specifically adopts a single key and/or a public key communication encryption algorithm. The public key communication encryption algorithm performs communication encryption on each batch of original data after data compression. 3.根据权利要求2所述的电子病历远程调阅的安全操作方法,其特征在于,所述验证组内还设置有对应设定单钥和/或公钥通信加密算法的解密模块。3. The safe operation method for remote access to electronic medical records according to claim 2, characterized in that the verification group is also provided with a decryption module corresponding to the single key and/or public key communication encryption algorithm. 4.根据权利要求1所述的电子病历远程调阅的安全操作方法,其特征在于,所述电子病历数据包在划分前,还包括对其进行数据预处理步骤,所述数据预处理步骤依次为:4. The safe operation method for remote retrieval of electronic medical records according to claim 1, characterized in that, before dividing the electronic medical record data package, it also includes a data preprocessing step, and the data preprocessing steps are in sequence. for: 采用K邻近算法,用以对电子病历数据包进行数据补全及数据修正;The K-nearby algorithm is used to complete and correct data in electronic medical record data packages; 采用中值法,用以对电子病历数据包进行数据缺失修正。The median method was used to correct missing data in electronic medical record data packages. 5.一种电子病历远程调阅的安全操作系统,其特征在于,应用于权利要求1-4任一所述的方法,具体包括:5. A secure operating system for remote access to electronic medical records, characterized in that it is applied to the method described in any one of claims 1-4, specifically including: 发送端,打包电子病历及对应的医疗数据,对打包数据在发送端及接收端进行具名验证,并依次对具名验证后的打包数据进行协议标识及设定处理后,将处理后的打包数据传输至接收端处;The sender packages electronic medical records and corresponding medical data, performs signature verification on the sender and receiver of the packaged data, and sequentially performs protocol identification and setting processing on the packaged data after signature verification, and then transmits the processed packaged data. to the receiving end; 接收端,依次验证打包数据的发送端及接收端的协议标识与具名,经上述验证通过后,将处理后的打包数据进行还原处理,并接收还原后的打包数据。The receiving end verifies the protocol identification and signature of the sending end and receiving end of the packaged data in turn. After passing the above verification, the processed packaged data is restored and receives the restored packaged data.
CN202311031963.3A 2023-08-16 2023-08-16 A safe operation method and system for remote access to electronic medical records Expired - Fee Related CN116743513B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311031963.3A CN116743513B (en) 2023-08-16 2023-08-16 A safe operation method and system for remote access to electronic medical records

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311031963.3A CN116743513B (en) 2023-08-16 2023-08-16 A safe operation method and system for remote access to electronic medical records

Publications (2)

Publication Number Publication Date
CN116743513A CN116743513A (en) 2023-09-12
CN116743513B true CN116743513B (en) 2023-10-20

Family

ID=87903028

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311031963.3A Expired - Fee Related CN116743513B (en) 2023-08-16 2023-08-16 A safe operation method and system for remote access to electronic medical records

Country Status (1)

Country Link
CN (1) CN116743513B (en)

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6874085B1 (en) * 2000-05-15 2005-03-29 Imedica Corp. Medical records data security system
JP2008015820A (en) * 2006-07-06 2008-01-24 Masahiko Yoshihara Method and device for referring to electronic medical chart information by mobile phone
WO2014201599A1 (en) * 2013-06-17 2014-12-24 上海华和得易信息技术发展有限公司 Method and system for information authentication authorization and secure use
CN109886027A (en) * 2019-01-14 2019-06-14 湘潭大学 A method for secure sharing of medical data based on blockchain
WO2020186823A1 (en) * 2019-03-21 2020-09-24 深圳壹账通智能科技有限公司 Blockchain-based data querying method, device, system and apparatus, and storage medium
CN113488128A (en) * 2021-07-28 2021-10-08 平安国际智慧城市科技股份有限公司 Block chain-based electronic medical record retrieval method and device and related equipment
CN115700887A (en) * 2021-07-29 2023-02-07 京东方科技集团股份有限公司 Electronic medical record processing method and device, storage medium and electronic equipment

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6874085B1 (en) * 2000-05-15 2005-03-29 Imedica Corp. Medical records data security system
JP2008015820A (en) * 2006-07-06 2008-01-24 Masahiko Yoshihara Method and device for referring to electronic medical chart information by mobile phone
WO2014201599A1 (en) * 2013-06-17 2014-12-24 上海华和得易信息技术发展有限公司 Method and system for information authentication authorization and secure use
CN109886027A (en) * 2019-01-14 2019-06-14 湘潭大学 A method for secure sharing of medical data based on blockchain
WO2020186823A1 (en) * 2019-03-21 2020-09-24 深圳壹账通智能科技有限公司 Blockchain-based data querying method, device, system and apparatus, and storage medium
CN113488128A (en) * 2021-07-28 2021-10-08 平安国际智慧城市科技股份有限公司 Block chain-based electronic medical record retrieval method and device and related equipment
CN115700887A (en) * 2021-07-29 2023-02-07 京东方科技集团股份有限公司 Electronic medical record processing method and device, storage medium and electronic equipment

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
一种确保电子病历传输安全性的模型;胡建理;李小华;周斌;;微电子学与计算机(11);全文 *

Also Published As

Publication number Publication date
CN116743513A (en) 2023-09-12

Similar Documents

Publication Publication Date Title
US20160294555A1 (en) System and method for hierarchical cryptographic key generation using biometric data
CN107678763A (en) Electric energy meter upgrade method and system based on digital signature technology
CN116015766B (en) Computer Data Security Transmission System
CN114297728B (en) Cloud edge cooperative federal learning integrity authentication method based on Merkle tree
CN111884813A (en) Malicious certificate detection method
CN117319517B (en) Multi-protocol-based water supply equipment data integration and forwarding method
CN118921161A (en) Data security gateway method and system based on edge privacy calculation
CN117592555A (en) A federated learning method and system for multi-source heterogeneous medical data
WO2023059501A1 (en) Statistically private oblivious transfer from cdh
CN112153045B (en) Method and system for identifying encrypted field of private protocol
CN119249493A (en) A data classification control method based on artificial intelligence
CN116743513B (en) A safe operation method and system for remote access to electronic medical records
CN112347513A (en) Block chain node identity authentication method and system based on channel state information
CN119675865A (en) An encryption and decryption method suitable for quantum database
CN118590328B (en) Data encryption method based on artificial intelligence
CN119675967A (en) A file transmission protection method, system and device based on multiple encryption algorithms
CN118211272B (en) Block chain-based traditional Chinese medicine safety tracing method and system
CN118741436A (en) SMS signature title real-name automation method and system
CN111601288A (en) Safe and efficient agricultural environment data communication method
CN118300855A (en) Credit data security management system based on cloud service
CN115632800A (en) Method and device for storing Internet of Things source data based on block chain consensus
CN113259122B (en) Full-scene network security intelligent decision handling method based on artificial intelligence
CN108898708B (en) Smart access control system based on quantum teleportation and wireless local area network
CN112507366A (en) Method and system for efficient data aggregation of multidimensional data in smart power grid
CN114785619B (en) A Dynamic Missing Encryption System

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20231020

CF01 Termination of patent right due to non-payment of annual fee