- 學位論文
具隱私保護的電子病歷分享系統之設計與實作
Design and Implementation of Electronic Medical Record Sharing System with Privacy Protection
摘要
目前大多數的醫療院所是將病歷以電腦化的方式輸入,紙本方式輸出存放,因此就以現況來說,大多還是依賴紙本的方式儲存和保管。紙本病歷有諸多的不便,紙本病歷可能因環境潮濕而損毀,保存不易。另外,若歷史資料龐大攜帶上也不易。相較之下,電子病歷即有著不易損毀保存容易、攜帶方便等優點,此外也因為病歷為電子化的模式,在醫院間的交流與分享就顯得方便許多。 然而隱私性在電子病歷中成為了一個重要的議題。根據美國的健康保險流通與責任法案(HIPAA)中的定義,電子病歷中較為私密的部分是需要被保護的,因此在進行電子病歷交換或共享時,必須具有保護病人隱私的機制。隱私保護機制可以分為匿名、化名、無連結性和非觀察性這四種。在過去的相關研究利用一些數學轉換式或對照表的方式,來將電子病歷具有病人隱私性的部分隱藏來達到隱私,但這些方法對於無連結性與非觀察性較無法達到。因此,在本論文中則對於此加以改進,加強病人與病歷間的無連結性。 雲端運算以他的計算能力快、儲存空間大為著名。本論文藉由雲端技術可以整合醫院的電子病歷系統,利用上傳電子病歷為統一格式,便利於電子病歷交換與共享,此外也能提供資源較小的醫院診所儲存電子病歷的空間,而省去另外建置的硬體空間的花費。另外為了加強電子病歷的安全性,本論文亦利用智慧卡來加密電子病歷文件,以達到保護電子病歷安全。
並列摘要
Most hospitals and clinics now record the medical records computerized, and output the paper-based medical records to store. For now on, most hospitals and clinics store their medical records which are paper-based. There are some disadvantages of using paper-based medical records. For example, the paper-based medical records may be damaged cause of the muggy day. It is not convenient to carry the paper-based medical records if the file is huge. By contrast, the electronic medical records can be well-preserved and convenient to carry. Besides, it is easy to share and exchange between the hospitals and clinics by using electronic medical records. Privacy is a very important issue when storing electronic medical records. According to the definition set out in the Health Insurance Portability and Accountability Act (HIPPA), the confidential section of the electronic medical record needs to be protected. Thus, a mechanism to protect the patient’s privacy is needed during exchange and sharing of electronic medical records. The privacy protection mechanism can be categorized into four types, namely anonymity, pseudonymity, unlinkability, and unobservability. In previous researches in this area, mathematical conversions and cross reference tables have been utilized to conceal the confidential part of the electronic medical records to achieve privacy protection. However, it is harder to use these methods with respect to the unlinkability and unobservability mechanisms. Thus, this thesis tries to improve on this aspect, and improves the unlinkability mechanism between the patient and the electronic medical record. Cloud computing is known for its fast computation capability and provides large storage space. Through cloud computing, the electronic medical record system in a hospital can be integrated, to facilitate the exchange and sharing of electronic medical records by updating them to be the unified forms, and to provide smaller hospitals or clinics that have fewer resources with adequate electronic medical record storage space. Besides, in order to enhancing the safety of electronic medical records, we utilize the smart card to encrypt them to achieve protecting this goal.
參考文獻
延伸閱讀
- 許寬宏、黃耀民、吳鎮宇、陳澤雄(2020)。電子化醫療資訊系統的安全策略與隱私權保障。資訊安全通訊,26(3),20-50。https://www.airitilibrary.com/Article/Detail?DocID=a0000270-202008-202009170014-202009170014-20-50
- 王議偉(2021)。藉助同態加密方案的隱私保護病症檢索系統〔碩士論文,國立臺灣大學〕。華藝線上圖書館。https://doi.org/10.6342/NTU202101681
- 黃維民(2016)。醫療隱私保護的法律規範-以電子病歷系統為核心。真理財經法學,(17),123+125-175。https://www.airitilibrary.com/Article/Detail?DocID=P20201102002-201609-202011030023-202011030023-123+125-175
- 莊玉如、曹怡茹(2012)。醫療資料庫之隱私權保護技術探討。電腦稽核,(25),30-43。https://doi.org/10.30007/JICTA.201201.0003
- 童俊欽(2013)。Electronic medical record reporting and prevention of adverse drug reactions〔碩士論文,中山醫學大學〕。華藝線上圖書館。https://doi.org/10.6834/CSMU.2013.00105