電子簽名在醫(yī)院信息系統(tǒng)中的應用

1、電子簽名在醫(yī)院信息系統(tǒng)中的應用 The Application of Electronic Signature in the Hospital Information System,廣西壯族自治區(qū)人民醫(yī)院 The People's Hospital Of Guangxi Zhuang Autonomous Region王桂榕May, 20072007年5月,www.gxhospital.com,數(shù)字世界的信息安全要素

2、Information Security Factors in Digital World,PAIN…Privacy（保密性） -確認信息的保密，不被竊取 - Ensure information Privacy and not be stolenAuthentication & Authorization（鑒別與授權）-確認對方的身份并確保其不越權-Authenticate users’ identit

3、y and ensure them don’t exceed their authorityIntegrity（完整性）-確保你收到信息沒有被篡改- Ensure the received information not to be tamperedNon-Repudiation（抗抵賴）-有證據(jù)保證交易不被否認- Evidence to confirm the transaction be undeniable,www.g

4、xhospital.com,,,,,各種安全技術比較 Comparison of all Kinds of Security Technology,,,身份鑒別Authentication,機密性Privacy,完整性Integrity,抗抵賴Non-Repudiation,口令Password,動態(tài)口令Dynamic Password,密碼技術Encrypt Technology,PKI/CAPKI/CA,,

5、52;,ü,ü,ü,ü,ü,ü,ü,,,,,ü,,www.gxhospital.com,PKI成為可信網(wǎng)絡的安全基礎PKI is a Security Infrastructure for Credible Network,,公鑰基礎設施(Public Key Infrastructure ,PKI),,瀏覽器Browser,E-mail,服務器Ser

6、ver,防火墻Firewall,目錄Directory,路由器Router,,,,,,遠程訪問控制Remote acc-ess Control,安全電子郵件security EMAIL,網(wǎng)絡服務器安全security of network server,文件簽名document signature,VPNVirtual Priv-ate Network,,IP 骨干網(wǎng)絡IP backbone net,醫(yī)院信息管

7、理系統(tǒng)（Hospital Information System，HIS ）,www.gxhospital.com,證書頒發(fā)機構：CACertificate issue institution: CA,證書認證權威(Certification Authority:CA) 提供網(wǎng)絡身份認證服務 Provide the identity authentication service for network-證明數(shù)字證書的有效性V

8、erify the validity of the digital certificate負責簽發(fā)和管理數(shù)字證書 Be responsible for issuing and manage the digital certificate -具體簽發(fā)證書Issue certification-對數(shù)字證書進行簽名Sign to digital certificate-并管理數(shù)字證書Manage digital certifi

9、cate,www.gxhospital.com,證書頒發(fā)機構：CACertificate awarding institution:CA,具有權威性和公正性 Authority and Fairness -類似于頒發(fā)身份證的公安局 Be similar to the police station which can issue the ID card -在網(wǎng)絡世界中人人都信任CA all people trust CA in

10、 the network world,公安局,www.gxhospital.com,證書注冊機構：RACertificate registration institution: RA,證書注冊權威(Certificate registration Authority)-Registration Authority受理用戶的數(shù)字證書申請 Accept the user’s application of certificati

11、on-對證書申請者身份進行審核并提交CA制證Verify applicant’s identity and submit applicant related information to CA- 類似于申請身份證的派出所Be similar to the local police station which apply for the ID card,派出所,www.gxhospital.com,證書注冊機構：RACert

12、ificate registration institution: RA,提供證書生命期的維護工作 Offer the maintenance work for the certificate life time-受理用戶證書申請(Accept the certificate application from users)-協(xié)助頒發(fā)用戶證書( Assist to issue the certificate to users)-

13、審核用戶真實身份(Verify the real identity of users)-受理證書更新請求(Update certificates)-受理證書吊銷(Revocation certificate ),www.gxhospital.com,電子文檔的安全需求The Security Requirement of Electronic Document,電子文檔包括(The electronic documents inc

14、lude) :－各單位的申報審批報告、內部通知、公告等 every institution’s reports for application, internal notice, announcement and so on－采用Word、Excel或網(wǎng)頁等形式 Use Word, Excel, homepage, and so on安全需求(security requirement): －需要多人對電子文檔進行審批并

15、簽字 Need more one person to exam and sign the electronic document－需要實現(xiàn)(Needs to realize) ：身份認證 Identity authentication完整性 Integrity抗抵賴 Non-Repudiation,www.gxhospital.com,文檔簽章 Documents signature,針對電子文檔的安全需求，廣西C

16、A提供文檔簽章產(chǎn)品，解決電子文檔的安全需求。開發(fā)了針對Word、Excel或網(wǎng)頁等文檔系統(tǒng)的插件——電子簽章插件。使用電子簽章插件和數(shù)字證書，可以對Word 、Excel或網(wǎng)頁等文檔進行簽名，并添加電子化圖章。點擊文檔上的電子化圖章，可以驗證簽名者是誰，簽名的信息包含哪些，以及電子文檔是否被改動等。,In view of the security requirement of electronic documents , G

17、uangXi CA provides the product for document signature. The plug-in unit for Word, Excel ,homepage and other document system - electronic signature plug-in unit By electronic signature plug-in unit and certificate,

18、 we can sign to word, Excel, homepage or other documents, and add electronic stamp on documents. Click the electronic stamp in this document, and confirm who signed, what information about the signature,as well as whe

19、ther the document had been modified and so on.,www.gxhospital.com,電子文檔簽章實現(xiàn)原理 The Realization Principle about Electronic Documents Signature,unsigned document,Personal identity certificate,Document signature module,Docum

20、ents signature operation,signed document,Signature icon,www.gxhospital.com,HIS應用的障礙HIS application barrier,,www.gxhospital.com,HIS應用的障礙HIS application barrier,www.gxhospital.com,HIS與電子簽名相結合的意義the Significance of HIS C

21、ombination with Electronic Signatures,,保密性Privacy,身份鑒證Identity Authentication,授權Authorization,完整性Integrity,,,,,,抗抵賴Non-Repudiation,www.gxhospital.com,醫(yī)療行業(yè)：電子病歷以及各種醫(yī)院信息管理系統(tǒng)； Medical profession: electronic medical recor

22、d and all kinds of hospital information management system;藥品監(jiān)督行業(yè)：網(wǎng)上電子訂單、藥品監(jiān)管； Drugs surveillance profession: electronic order form on-line, drugs supervised;網(wǎng)站運營：安全站點、網(wǎng)絡維護權限管理系統(tǒng)等； Web station maintenance: Securi

23、ty web site, network maintenance authorization management system, and so on;網(wǎng)上交易平臺：網(wǎng)絡交易系統(tǒng)； Transaction platform on-line: Network transaction system;,PKI在信息化系統(tǒng)中的應用The PKI applications for information system,www.gxho

24、spital.com,數(shù)字證書為醫(yī)療信息系統(tǒng)解決的問題,保證了登錄醫(yī)療信息系統(tǒng)用戶的真實身份 Ensure user identity of system administrator for login the medical service information system 保證臨床醫(yī)療數(shù)據(jù)的保密性、完整性、可靠性 Ensure the clinical medical data secrecy, integrit

25、y and reliability 保證臨床醫(yī)療數(shù)據(jù)的真實性、不可抵賴性 Ensure the clinical medical data authenticity and undeniableness 為醫(yī)學研究提供基礎平臺 Provide the foundation platform for the medical research,Digital Certificate Offers One of the M

26、ost Effective Means of Solving Medical Service Information System Trust,www.gxhospital.com,醫(yī)療信息系統(tǒng)安全問題的解決方案The Solution for the Medical Service Information System Security,通過對醫(yī)療信息系統(tǒng)進行以下技術,要求解決醫(yī)療信息系統(tǒng)的各種安

27、全隱患,以及為臨床醫(yī)療數(shù)據(jù)真實性提供法律依據(jù)： Based on the following technical requirements, the reliable medical information system offers means of escaping from all kinds of security hidden danger, and provides the legal basis for the au

28、thenticity of the clinical medical data 對用戶登錄模塊進行身份認證； Identity authentication for users through the login module;對用戶錄入的數(shù)據(jù)進行數(shù)字簽名； Digital signature to user’s input data;對相關機密信息進行加密保存； Encryption and prese

29、rvation of the related Confidential information ; 對保存的記錄進行時間認證。 The preserved records’ Time Stamp verified.,www.gxhospital.com,,HIS的安全應用HIS safe application,,CA中心Guangxi CA,,,,后臺服務器backstage server,醫(yī)生,safe audit

30、database安全審計數(shù)據(jù)庫,醫(yī)院服務器application server,SSL安全通道,,數(shù)據(jù)庫database server,提交電子病歷數(shù)據(jù)…(data),醫(yī)生從CA中心申請證書 Doctor apply for certificate from CA center CA中心給醫(yī)院應用系統(tǒng)服務器頒發(fā)服務器證書，證明接收電子病歷系統(tǒng)（服務器）的身份 The CA center issues serve

31、r certificate to the hospital application system server, authenticate the sever which received electronic medical record,申請證書,the application certificate,doctor,www.gxhospital.com,醫(yī)生使用證書登錄應用系統(tǒng)，由服務器驗證證書的有效性，建立SSL連接 Do

32、ctor login application system by certificate and server verify the validity of certificate and establishes the SSL connection醫(yī)生向應用系統(tǒng)提交電子病歷數(shù)據(jù)，用自己的證書進行簽名，經(jīng)SSL通道加密傳輸 Doctor signs to electronic medical record data and

33、submits it to the application system , all the data transmitted by SSL channel are encrypted and authentic.醫(yī)生的數(shù)字簽名由服務器驗證，將保存在安全審計數(shù)據(jù)庫中，實現(xiàn)驗證完整性、抗抵賴性 Server verify Doctor's digital signature, which will be preserve

34、d in the safe audit database in order to verify the data integrity and anti-repudiation.,HIS的安全應用HIS safe application,www.gxhospital.com,電子病歷、電子醫(yī)囑實現(xiàn)的意義The significance of realization electronic medical record and elect

35、ronic doctor's advice,電子病歷、電子醫(yī)囑具有如下特點：The electronic medical record, the electronic doctor‘s advice have the following characteristics：具備信息共享系統(tǒng)，醫(yī)院的各個部門在任何地方、任何時候都可以調閱到所在醫(yī)院病人的全部病歷記錄； Have the information sharing

36、 system, in anyplace and on anytime, every department can read patient's record data in hospital;,www.gxhospital.com,電子病歷、電子醫(yī)囑實現(xiàn)的意義The significance of realization electronic medical record and electronic doctor'

37、s advice,具備預警系統(tǒng)，能夠揭示藥物的配伍禁忌，甚至不恰當?shù)尼t(yī)療措施等，是醫(yī)療智能化的具體表現(xiàn)； Have a warning system, which can reveal the incompatibility of medicines, inappropriate medical treatment, and so on. These are concrete manifestation of medical in

38、tellectualization;具備醫(yī)療信息資料庫支持功能，內有電子圖書、電子雜志以及治療疾病的最新方法。 Support the function of medical information library,in which there are electronic books,magazines as well as the newest methods to treat the disease.,Thank You