基于区块链HyperledgerFabric的共享电子病历方法与流程

本发明属于计算机软件领域，特别是涉及一种基于区块链技术的共享电子病历方法。

This invention falls within the domain of computer software and, in particular, involves a shared electronic medical record methodology based on block chain technology.

背景技术：

background technology:

近年来，医疗卫生领域的改革一直收效甚微，城镇居民依然面临许多的看病难问题。现阶段，国内医疗机构内的数据只是在内部流转。因为各级医院间的信息不畅通，同时缺乏正确的数据共享机制作为指导，使得诊治医生因为不能看到病人完整的就诊记录，增加了精准施治的难度；同时病历存储在医院系统内，中心化的存储方式使得病人的隐私很容易被不法分子窃取。不管是从安全性和系统性上来说，目前还没有一个既能保证病历数据存储安全，同时也能促进电子病历在各个医院间共享传递的模型和应用。只有将病历实现多医疗组织间的有效共享和流转，才能更大程度地帮助和改善我国居民的医疗就诊状况。

In recent years, reforms in the field of health care have been very ineffective, with urban residents still facing many problems of access to health care. At this stage, data in the country’s health-care institutions are being transmitted internally. The lack of information at all levels of hospitals and the lack of a proper data-sharing mechanism to guide them have made it more difficult for doctors to see the patient’s complete record of attendance, and the centralization of medical records within the hospital system has made it easier for patients’ privacy to be stolen by outlaws. Whether safe or systematic, there is currently no model and application that would guarantee the safe storage of medical records and facilitate the sharing and transmission of electronic records among hospitals.

传统的技术很难做到这两点要求，但区块链技术的出现很好地解决了医疗信息的安全和共享的难题。一方面，区块链数据的不可篡改性，保证了存储在区块链中的数据都是安全可靠的；另一方面，区块链数据的可追溯性，也保证每一个写入区块链的数据都是有迹可循的，任何伪造很难实现。此外，因为区块链中的数据是分布式存储的，不会被某一机构独占，这为组织间的数据共享提供了条件。在基于区块链的系统开发中，进一步可以将智能合约部署到区块链中，使得病人可以直接对自己病历做有效的管理。同时对于医生来说，如果可以从就诊病人处查看到病人的完整就诊信息，这对于医生的精准诊断也提供了科学的依据。

While traditional technologies make it difficult to do these two things, the emergence of block-chain technology is a good solution to the problem of the security and sharing of medical information. On the one hand, the inexorable nature of block-chain data ensures that data stored in block-chains are safe and reliable; on the other hand, the traceability of block-chain data ensures that every data included in the block-chain is traceable and that any forgery is difficult to achieve.

技术实现要素：

technology realization factor:

本发明要解决的技术问题是，提供一个基于区块链的、实现跨组织间电子病历信息分布式存储和读取的共享电子病历方法。

The technical issue to be addressed by this invention is the provision of a shared electronic medical record method based on block chains that enables the distribution of and access to electronic inter-organizational medical records.

本发明在分析传统医院中科室管理、病人挂号就诊、医生问诊等就诊环节的基础上，提出一套能够利用区块链分布式存储特性来处理电子病历的具体流程和授权管理方法。该方法既能保障病人个人隐私安全、又能为医生查看电子病历提供足够权限，实现电子病历的共享。在方法的业务逻辑设计中，将电子病历的所有权归还给病人，病人对自己的病历拥有授权权限，因此电子病历可以随着病人的就诊地点的转移而转移，最大化地实现信息共享。

The invention proposes a specific process and authorization management method that can handle electronic medical records using block-based storage features, based on an analysis of the consultation process in traditional hospitals for room management, patient registration, medical consultations, etc. This method provides patients with sufficient privacy and access to electronic medical records to enable them to share electronic records. In the logical design of the methodology, ownership of electronic medical records is returned to the patient, the patient has authority over his or her medical records, so that electronic medical records can be transferred to maximize information sharing as the patient's place of visit is moved.

针对该方法的设计与实现，包括如下步骤：

For the design and implementation of the methodology, the following steps will be taken:

步骤一：建立针对医疗组织间的区块链网络；

Step one: establishment of a network of blocks targeting medical organizations;

步骤二：设定组织间实施的用户各类主体，并设计满足各类用户需求的功能用例；

Step two: Set the categories of users to be implemented between organizations and design functional examples to meet the needs of the various categories of users;

步骤三：设计为保护区块链网络内病人电子病历隐私的访问控制策略；

Step three: Designed as an access control strategy for patient privacy of electronic medical records in the protected area cluster network;

步骤四：设计病人病历本与病历详细信息分离的保护策略，为创建病历的医生提供方便且安全的查询方案；

Step four: Design a protection strategy that separates patients'medical records from detailed information on medical records and provides easy and safe access to doctors who create medical records;

步骤五：将上述两种策略应用到方法的整体架构中，设计为各类用户操作电子病历、并实现共享的业务执行流程；

Step five: Application of the two strategies to the overall structure of the methodology, designed to operate electronic medical records for all categories of users and to achieve shared business implementation processes;

步骤六：依据已设计的整体执行流程，编写并部署智能合约到区块链网络中，通过对智能合约的调用来操作各类用户的功能和执行流程；

Step six: Development and deployment of smart contracts to the block chain network to operate the functionality and implementation processes of all categories of users through the transfer of smart contracts, based on the overall implementation process that has been designed;

步骤七：建立http服务器调用智能合约，并通过配合前端页面的表单数据操作，来实现电子病历的可视化操作。

Step seven: Create a smart contract for the use of the http-server and achieve visualization of the electronic medical records by working with the data of forms on front-end pages.

附图说明

Annotations to the figure

图1是本发明系统组织架构图。

Figure 1 provides an organizational chart of the system.

图2是本发明系统实施架构图。

Figure 2 provides a chart of the implementation architecture of the system.

图3是本发明系统总体业务流程图。

Figure 3 provides a business process map of the system as a whole.

具体实施方式

Modalities of implementation

以下结合说明书附图对本发明作进一步的详细说明。

Further details of the invention are given below in conjunction with the diagram attached to the note.

本发明提出一种基于区块链、以病人为核心来管理共享电子病历方法，所设计方法的具体实施方案如下：

The invention proposes a patient-centred approach to the management of shared electronic medical records based on block chains, which is designed to be implemented as follows:

步骤一：建立hyperledgerfabric区块链网络，该网络串联起各个医院机构，如附图1所示，并设定本方法实施的组织架构是由三个医院组织org1、org2、org3内的同一科室节点peer1组成，同时这三个科室节点peer0.org1、peer0.org2、peer0.org3处在同一个通道channel(一种fabric区块链内部的通信链路)内，同时为各科室节点peer1内部设定包括病人client_pt、医生client_dr、以及科室管理员client_mgr等三类用户主体，区块链中的账本数据都是由这三类用户来操作；

Step one: The establishment of a network of hyperledgerfabric blocks, which connects the various hospital institutions, as shown in figure 1 below, and sets the organizational structure for the implementation of this methodology, consisting of three hospital organizations, org1, org2, org3, the same unit nodepeer 1, peer0.org2, peer0.org3, which is located in the same channel, Charnel (a communication link within the fabric block chain), and the intra-section node Peer1, which includes patient _pt, doctor clit _dr, and the three main user groups of the unit administrator, namely, clit _mgr, in which the booking data are operated;

步骤二：设计本方法的系统实施架构，如附图2所示，本发明方法将系统的实施分为表示层、逻辑业务层、数据访问层等三层结构：表示层是各类用户可以操作的前端页面；逻辑业务层为系统内的三类用户分别设定不同的操作功能，并以此来对各类用户的用例进行进一步的划分；数据访问层主要是建立http服务器与fabric交互的数据信息操作层；

Step two: Design the system implementation architecture of this methodology, which, as shown in figure 2, divides system implementation into three layers: the expression layer, the logical business layer, and the data access layer, which indicates that the layer is the front end page that can be operated by all categories of users; the logical business layer sets different operating functions for each of the three categories of users in the system, thereby further classifying the usage of the various categories of users; the data access layer is mainly a data information operating layer where the http server interacts with Fabric;

步骤三：设计电子病历的隐私访问控制策略，由于电子病历本身包含病人的隐私信息，必须设计一套既能保护网络内病人client_pt的个人隐私，又能为医生client_dr提供授权的访问控制策略；

Step three: The design of a privacy access control strategy for electronic medical records, which, as such, contain patient privacy information, must be designed to protect the personal privacy of patients on the Internet, and to provide an authorized access control strategy for doctors;

主要的思路为：医生client_dr在访问病人client_pt的病历前，必须向病人client_pt请求能查看病历的授权码；病人client_pt接受到医生client_dr请求后，为医生client_dr匹配新的病历授权码，并将病历授权码写入到自己病历本的授权列表中，写入成功后病人client_pt向医生client_dr发送授权码；医生client_dr获取到病历授权码后，就可利用该授权码访问到病人client_pt的病历详细信息；

The main line of thought is that, before visiting the patient's patient's patient's patient's patient's medical history, the patient must request the patient's patient's patient's patient_pt to have access to the medical records' authorization code; once the patient's patient's patient's patient's patient's medical history code has been accepted by the doctor's patient's patient's patient_dr, the patient's patient's record code matches the new medical records' authorization code for the doctor's patient's patient's patient's patient's medical history and has been added to the list of authorized medical records, and after success, the patient's patient's client_pt's authorization code has been sent to the doctor's doctor's patient's patient_dr; the patient's medical record code has been used to access the patient's patient's patient's medical history details as soon as the patient's medical record code has been obtained;

步骤四：设计病人病历本与病历详细信息分离的保护策略，网络内的病人client_pt拥有的病历本中只存储病历编号的索引列表，这有助于为创建该病历的医生client_dr提供一种便利访问方式，该方式允许医生client_dr不需要再次请求进入病人client_pt的病历本就能直接访问自己创建的病历；

Step four: Design a protection strategy to separate patient medical records from detailed information on patient records, and the index list of patient patient files in the network that only store medical records numbers in the patient's patient's patient's patient's patient's patient's patient's patient's patient's patient's patient's patient's patient's patient's patient's record, which will help to provide a user-friendly access for the doctor who created the patient's patient's patient's patient's patient's medical record, which will allow the doctor's patient's patient_dr's medical history to have direct access to the patient's patient's patient's patient's patient_pt's medical record without having to request further access;

主要思路为：医生client_dr创建病历后，将新建的病历编号和与之匹配的授权码(从前面医生向病人请求获得)存入病人client_pt的病历本记录和医生client_dr的问诊记录中，这样下次医生或者病人可以通过获取自己管理的记录来同时查看病历信息，避免了医生client_dr重复向病人client_pt请求授权；

The main line of thought is that, after the doctor created the medical records, the new medical records number and the corresponding authorization code (requested from the previous doctor to the patient) will be placed in the patient's patient's patient's medical records and the doctor's medical records, so that the next doctor or patient will be able to access the records in his own management in conjunction with the patient's medical records, avoiding repeated requests for authorization from the doctor's patient's patient's patient's medical records;

步骤五：依据步骤一的系统架构三类用户的功能用例，并结合步骤三、四中的病历授权访问和保护策略思想，设计出一套为方法系统内三类用户处理共享电子病历的整体执行流程，如附图3所示；

Step five: Based on the functional examples of the three categories of users in the system architecture of step one, and taking into account the concept of a medical calendar access and protection strategy in steps three and four, design an overall implementation process for the three categories of users in the methodology system to handle shared electronic medical records, as shown in figure 3 below;

针对总体业务流程，本方法主要分为三个阶段来做处理，即系统初始化阶段、就诊准备阶段、就诊问诊阶段：在系统初始化阶段中，主要为三类用户的注册和登录、病人初始化病历本、科室管理员初始化管理合约等功能；在就诊准备阶段中，主要包括科室管理医生列表和病人挂号列表；在就诊问诊就阶段，主要包括医生选择病人创建就诊记录，然后请求病人对其进行授权，接收到授权后医生查看病人历史就诊记录，以及医生新建电子病历并保存病历到病人、医生、科室的就诊记录中；

With regard to the overall business process, the methodology is divided into three main phases, namely, the initialization phase of the system, the preparation phase of visits, and the consultation phase: during the initialization phase of the system, the registration and recording of three main categories of users, the patient's initial medical history, the initial management contract for the management of the office administrator, etc.; during the preparation phase of visits, mainly the management of the list of doctors and the listing of patients; and during the consultation phase, mainly the creation of patient records by the doctor who chooses them and then requests their authorization, after receiving the authorization, the receipt of the patient's history records, as well as the creation of a new electronic medical record by the doctor and the preservation of the patient's medical records in the patient's, doctor's and clinic's room;

步骤六：依据步骤五设计的整体执行流程，设计不同的链码chaincode(即智能合约)来操作上述流程，主要是设计各个链码chaincode内的数据结构和具体操作函数，最后，将链码chaincode编写并部署到fabric区块链网络中；

Step six: The design of different chain code chaincodes (i.e. smart contracts) for the operation of the above-mentioned processes, based on the overall implementation process designed in step five, primarily the design of data structures and specific operating functions within each chain code chaincode and, finally, the preparation and deployment of the chain code chaincode into the Fabric block chain network;

步骤七：建立后端的http服务器，编写能调用fabric区块链中已部署的链码chaincode内的账本数据的后端操作代码，并为请求和响应的数据编写前端页面来显示地操作数据，主要依据步骤二中所展示的系统实施架构。

Step seven: Establishment of a backend http server, preparation of backend operating codes that can call account data in the chain code chaincode deployed in the Fabric block chain, and preparation of front-end pages for requested and responded data to display ground operating data, based mainly on the system implementation architecture displayed in step two.