Classifications

• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/321—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving a third party or a trusted authority
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
  • H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
  • H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
• • H—ELECTRICITY
  • H04—ELECTRIC COMMUNICATION TECHNIQUE
  • H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
  • H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
  • H04L2209/60—Digital content management, e.g. content distribution

Definitions

• the present invention relates to data transmission networks and more particularly to those in which the data must be accessible in a differentiated manner according to the parties involved. It would be highly desirable to have a data transmission network available, in particular for the medical profession and health insurance establishments, in which the insured persons' medical data would be kept and kept permanently up to date so that they could be consulted by doctors and other health workers and, while maintaining medical confidentiality, by the manager,
• the invention provides for this by a data transmission network which comprises a memory having an identification file with n sheets and a data file with n sheets, each sheet of the identification file being chained by an identification chaining code. data to a corresponding sheet in the data sheet file.
• the n sheets correspond to the number n of patients who are treated by the network. It also includes m transmitter / receiver devices corresponding to the number of doctors using the network.
• Each transmitter / receiver device is connected to the memory and has a reader of one of n smart cards, a means of writing among n codes and a means of checking the concordance of a x th written code and a x th smart card read, the control means sending, if there is a match, an authorization message to the identification file, which has means for then authorizing a write / read link between the x th ; sheet of the data file and the device that sent the authorization message.
• each patient has their own smart card and code.
• this memo also includes a biometric identification system.
• the means of checking the concordance notes the concordance of the card and the code, it sends, preferably at the same time as an identification code specific to each transmitting / receiving device, an authorization message.
• the identification file authorizes the doctor to consult the patient's file, i.e. the x th sheet of the data file, and the case appropriate to write new data there.
• the network also includes a manager computer connected to the memory and having access to these two files, but not to the identification-data chaining code. The manager can thus manage the memory, establish statistics according to diseases, prescribed drugs and others, but he cannot attribute such medical act, or such disease, or any other data to a particular patient. Medical confidentiality is thus protected.
• the memory has an archive file having m sheets, on which is recorded, for each device, the instants of start and end of connection between the device and the memory .
• the manager has access to this file and this allows him to exercise a posteriori monitoring over the duration of the acts performed by the doctor holding the transmitting / receiving device.
• a plurality of n reception terminals is provided, each terminal being connected to the authorization means of the authorization file and the latter, on receiving the y ee code authorizing only read the connection between the y th terminal and the y th layer of the data file.
• Each patient can thus consult the sheet assigned to him • but without being able to modify it.
• FIGS. 1 to 6 of the accompanying drawings illustrate a network according to the invention.
• the network shown diagrammatically in the figures comprises a memory 1 having an identification file 2 with n sheets and a data file 3 with n sheets, each sheet of the identification file being chained by an identification chaining code given to a sheet Correspondent from data sheet file 3.
• the memory further includes an archive file 4 and a write file 5.
• the memory is accessed by a recognition system 6.
• Each terminal is assigned to a patient, it being understood that certain patients may not have their own terminal and thus be unable to consult the memory.
• Each TCK device is assigned to a doctor.
• Each TCK device has a smart card reader L, a keyboard C making it possible to write a code and a control means M1 consisting of a memory which makes it possible to check the agreement of a code entered by the patient on the keyboard C and of the code appearing on the chip card that the patient has entered in the chip card reading L.
• the two memories M1 and M2 send an ET P logic gate an authorization signal which is transmitted to the recognition system 6 by a line 8.
• the recognition system 6 recognizes that the TCK in question is authorized to access the x th sheet of data file 3. It sends a signal corresponding to the identification file 2 which, by the given identification chaining code, and puts the TCK in question in communication link by a line 9 with the x th sheet of the data file 3. This communication via line 9 authorizes both a reading and a writing in the x th sheet of file 3.
• Each TCK has a memory making it possible to store the data it receives so that it can then be read on a screen or directly on a screen and , in the same way, transmission means, both data in the form of alphanumeric characters and "images.
• the instant of the start and end of the link between the TCK device and the identification file 2 or possibly the file 3 of data is recorded in the file 4 of filing and, at the same time also, the file 5 of writing records, classified according to the TCK devices, therefore in this case for the TCK device in question, the data which are entered in the data file 3 by the TCK device.
• the manager computer G can be recognized by the recognition system 6 by sending a signal via a line 10 and this gives it access to all the files 2, 3, 4, 5 of the memory, but no to identification-data chaining code.
• a terminal T is connected by a line 11 to the recognition system 6.
• the latter by simple telephone call, but preferably after recognition of an identification code, authorizes the terminal T to read the sheet of the data file 3 allocated to it, and if necessary the sheet of the file 2 d identification assigned to him, but without being able to write on these sheets. His call is also recorded in file 4.
• a computer A controller is connected to memory 1 by 12 in call and by 13 in response with the possibility of reading files 2 and 3 with their chaining but without the possibility of writing.
• computer A cannot write medical data to file 3, but can write administrative data to it.
• the specificity of this system resides in securing a simultaneous double entry in real time of the access codes without the possibility of falsification, all the information being stored indelibly.
• the requester will always be identified through the matching of his telephone number and his identification number, the date, the time and the parameters consulted or entered, will be automatically recorded in the database. indelibly.
• the insured is identified by his VITAL card or its equivalent and his personal call number. He must then indicate his secret code previously supplied by the manager / host.
• the doctor or the medical or paramedical worker is recognized by his professional number.
• the RSI thus recognizes the function of the IMP and allows it to access its reserved area.
• the RSI data are accessible after this double identification carried out by means of a specific terminal called TCK.
• the TCK is an autonomous unit composed of a user-friendly digital screen (internal memory) and alphanumeric keys allowing successive entry of identifications and codes.
• the IMP After validation through the TCK. the IMP can open the patient file and, depending on their qualification, use the functionalities of the RSI.
• the file architecture is simple.
• the RSI database includes five groups of files.
• the patient's coordinates and medical data files can only be connected after activation of a key generated by the addition of the Vitale card and the secret personal code.
• the RSI is accessible at different levels by both the patient and the medical staff.
• the patient is free to consult his file in the RSI without being able to modify the content.
• the manager / host responsible for maintenance, non-medical updating of the system and statistical processing, accesses the area of his competence freely and remains under the control of an external authority.
• Entries in the system are dated, stored and irreversibly identified.
• the RSI file allows the compilation of statistics at all levels concerning health or demography.
• This system integrates the writing of the medical prescription as well as its execution by a pharmacist and more generally any paramedical worker in his field of activity.
• the workers are made up of patients (all resident in France), medical and paramedical workers and managers / hosts of the RSI base. Patient
• Manager / host The manager is assigned a national telephone number.
• the "patient contact details" file is disconnected from the other files in order to preserve medical confidentiality.
• Pathologist He is the only one to intervene without the patient's agreement and at the "request of the prescriber whose contact details he must indicate in order to be able to validate his entry into the RSI. His field remains strictly limited to his specialty.

Landscapes

• Engineering & Computer Science (AREA)
• Computer Security & Cryptography (AREA)
• Computer Networks & Wireless Communication (AREA)
• Signal Processing (AREA)
• Management, Administration, Business Operations System, And Electronic Commerce (AREA)

Applications Claiming Priority (1)

Publications (1)

Family

ID=34958056

Family Applications (1)

Country Status (2)

Family Cites Families (2)

• 2004
  • 2004-04-14 WO PCT/FR2004/000915 patent/WO2005112339A1/fr not_active Ceased
  • 2004-04-14 EP EP04742498A patent/EP1738516A1/de not_active Withdrawn

Non-Patent Citations (1)

Also Published As

Similar Documents

Legal Events