CN-120727309-B - Medical data management method, system, equipment and medium based on blockchain

Abstract

A medical data management method, system, equipment and medium based on block chain relates to the field of information management. The method comprises the steps of obtaining medical data, analyzing content attributes and context information of the medical data through a first intelligent contract on a blockchain to generate a first sensitivity grade identification, carrying out differentiated encryption on the medical data through a second intelligent contract on the blockchain based on the first sensitivity grade identification to generate verification information, partitioning the differentiated encrypted medical data, constructing a data structure together with the verification information, storing the data structure into the blockchain, responding to an access request, verifying authority certificates in the access request and types of the access request through a third intelligent contract on the blockchain to generate access authorization certificates, and outputting target medical data corresponding to the access request based on the access authorization certificates. By implementing the technical scheme provided by the application, the full life cycle safety management and control from the collection and storage to sharing of medical data is realized.

Inventors

• ZHANG HONGJUAN
• ZHANG SIYANG
• WANG ZIJIAN
• HUANG SHUO

Assignees

• 北京全科在线科技有限责任公司

Dates

Publication Date

20260512

Application Date

20250630

Claims (7)

1. 1. A blockchain-based medical data management method, applied to a server, the method comprising: Acquiring medical data, analyzing content attributes and context information of the medical data through a first intelligent contract on a blockchain, and generating a first sensitivity level identifier, wherein the context information comprises geographic position information of data access equipment, epidemic early warning state based on a blockchain timestamp and access behavior characteristics in an operation log; based on the first sensitivity level identification, differentially encrypting the medical data by a second smart contract on the blockchain, and generating verification information; the medical data after differential encryption is segmented, and a data structure is built together with the verification information and then stored into the block chain; In response to receiving an access request, verifying a permission credential in the access request and a type of the access request through a third intelligent contract on the blockchain, and generating an access authorization credential; outputting target medical data corresponding to the access request based on the access authorization credential; The acquiring medical data, analyzing content attributes and context information of the medical data through a first intelligent contract on a blockchain, and generating a first sensitivity level identification comprises: analyzing the structured metadata tag of the medical data through the first intelligent contract to obtain a data type classification result; Acquiring real-time context characteristics associated with the medical data through the first intelligent contract to obtain a dynamic scene assessment result; generating the first sensitivity level identification through a preset sensitivity mapping rule based on the data type classification result and the dynamic scene evaluation result; the differentially encrypting the medical data by a second smart contract on the blockchain based on the first sensitivity level identification, and generating verification information includes: Matching a target encryption strategy from a predefined encryption strategy library according to the first sensitivity level mark, wherein the target encryption strategy comprises an encryption algorithm, a key length and an access control strategy; encrypting the medical data based on the target encryption policy; Generating the verification information based on the encrypted medical data; the step of blocking the differentially encrypted medical data, constructing a data structure together with the verification information, and storing the data in the blockchain comprises the following steps: Determining a data block size from a predefined fragmentation policy library according to the first sensitivity level identification; splitting the differentially encrypted medical data into successive data blocks based on the data block size; calculating a corresponding cryptographic hash value for each of the data blocks; constructing a hash tree based on all the data blocks and the corresponding cryptographic hash values, and associating the verification information to non-leaf nodes; and storing the hash tree into a transaction data field of the blockchain.
2. 2. The method of claim 1, wherein in response to receiving an access request, verifying the rights credential in the access request and the type of the access request by a third smart contract on the blockchain, generating an access authorization credential comprises: Analyzing the access request to obtain a target medical data identifier, a role grade attribute and a data purpose statement; Acquiring a second sensitivity level identifier bound with the target medical data identifier from a preset blockchain state database; judging whether the character grade attribute meets the lowest authority threshold required by the second sensitivity grade identification; If the character grade attribute meets the lowest authority threshold, matching the operation type of the access request with the data use statement through a preset compliance rule base to obtain a matching result; And generating access authorization credentials according to the matching result.
3. 3. The method of claim 1, wherein outputting the target medical data corresponding to the access request based on the access authorization credential comprises: Extracting a target data index and a decryption key identification from the access authorization credential; Locating a corresponding set of encrypted data blocks from the blockchain based on the target data index; obtaining a decryption key from a preset distributed key management database according to the decryption key identification; Decrypting and reorganizing the encrypted data block set based on the decryption key to obtain original medical data; extracting a target field from the original medical data according to the data type requirement in the access request; and desensitizing the target field through a preset privacy calculation engine to obtain the target medical data.
4. 4. The method according to claim 1, wherein the method further comprises: Acquiring a data access event stream through a fourth intelligent contract on the blockchain; Analyzing the data access event stream based on a preset anomaly detection model; generating an authority recycling instruction when the data access event stream is in an abnormal access mode; and freezing the corresponding access authorization credential through the third intelligent contract based on the rights reclamation instruction.
5. 5. A blockchain-based medical data management system, comprising in particular: The data grading module is used for acquiring medical data, analyzing content attributes and context information of the medical data through a first intelligent contract on a blockchain, and generating a first sensitivity grade identifier, wherein the context information comprises geographic position information of data access equipment, epidemic situation early warning states based on a blockchain timestamp and access behavior characteristics in an operation log; The encryption module is used for differentially encrypting the medical data through a second intelligent contract on the blockchain based on the first sensitivity level identification and generating verification information; The block storage module is used for blocking the medical data subjected to differential encryption, constructing a data structure together with the verification information and storing the data structure into the block chain; the query authorization module is used for responding to the received access request, verifying the authority credential in the access request and the type of the access request through a third intelligent contract on the blockchain, and generating an access authorization credential; A data output module for outputting target medical data corresponding to the access request based on the access authorization credential, The data grading module is further used for analyzing the structured metadata tag of the medical data through the first intelligent contract to obtain a data type classification result; Acquiring real-time context characteristics associated with the medical data through the first intelligent contract to obtain a dynamic scene assessment result; generating the first sensitivity level identification through a preset sensitivity mapping rule based on the data type classification result and the dynamic scene evaluation result; The encryption module is further configured to match a target encryption policy from a predefined encryption policy library according to the first sensitivity level identifier, where the target encryption policy includes an encryption algorithm, a key length, and an access control policy; encrypting the medical data based on the target encryption policy; Generating the verification information based on the encrypted medical data; The block storage module is further configured to determine a data block size from a predefined fragmentation policy repository according to the first sensitivity level identification; splitting the differentially encrypted medical data into successive data blocks based on the data block size; calculating a corresponding cryptographic hash value for each of the data blocks; constructing a hash tree based on all the data blocks and the corresponding cryptographic hash values, and associating the verification information to non-leaf nodes; and storing the hash tree into a transaction data field of the blockchain.
6. 6. An electronic device comprising a processor, a memory, a user interface, and a network interface, the memory for storing instructions, the user interface and the network interface each for communicating with other devices, the processor for executing instructions stored in the memory to cause the electronic device to perform the method of any of claims 1-4.
7. 7. A computer readable storage medium storing instructions which, when executed, perform the method of any one of claims 1-4.

Description

Medical data management method, system, equipment and medium based on blockchain Technical Field The application relates to the technical field of information management, in particular to a medical data management method, system, equipment and medium based on a blockchain. Background Blockchain technology has seen a recent years crossing from cryptocurrency infrastructure to multi-industry application infrastructure as a core representative of distributed ledger technology. The anti-tampering transparent traceable data center has the characteristics of decentralization, non-tampering and transparent traceability, and provides a brand new paradigm for solving the data trust problem. In the medical field, the blockchain technology is gradually applied to the scenes of electronic medical record sharing, medicine tracing, clinical trial data management and the like, automatic rule execution is realized through intelligent contracts, and technical support is provided for breaking the traditional medical data island and improving the cross-mechanism cooperation efficiency. In the prior art, a scheme of combining a static encryption strategy with coarse-granularity authority management is adopted, wherein medical data is generally stored in a centralized database or a blockchain node with uniform encryption intensity, access control depends on a preset role authority model, dynamic sensitivity of data content and fine adaptation of a use scene are lacking, static encryption cannot be matched with dynamic risk characteristics of the medical data (such as updating protection of infectious disease data during epidemic situation), and excessive encryption influences data availability or leakage risk is caused by insufficient encryption. Disclosure of Invention In order to realize the full life cycle safety management and control of medical data from acquisition and storage to sharing, the application provides a medical data management method, a system, equipment and a medium based on a blockchain. In a first aspect of the application, there is provided a blockchain-based medical data management method: acquiring medical data, analyzing content attributes and context information of the medical data through a first intelligent contract on a blockchain, and generating a first sensitivity level identifier; based on the first sensitivity level identification, differentially encrypting the medical data by a second smart contract on the blockchain, and generating verification information; the medical data after differential encryption is segmented, and a data structure is built together with the verification information and then stored into the block chain; In response to receiving an access request, verifying a permission credential in the access request and a type of the access request through a third intelligent contract on the blockchain, and generating an access authorization credential; And outputting target medical data corresponding to the access request based on the access authorization credential. According to the technical scheme, the multi-dimensional feature analysis is performed on medical data by utilizing a first intelligent contract and sensitivity levels are automatically marked according to a sensitivity grading mechanism based on dynamic content perception, a precise decision basis is provided for a differentiated encryption strategy, then an encryption granularity control system matched with sensitivity is established through a second intelligent contract, processing efficiency of non-sensitive data is optimized while core privacy data is protected strongly, verifiable integrity credentials are generated, a data structuring design combining block storage and chained storage is adopted, quick retrieval and compliance access are realized on the basis of ensuring medical data atomic storage, finally a multi-dimensional authority verification engine is established through a third intelligent contract, and tamper-proof and traceable access control closed loops are formed under the premise of adding tamper-proof characteristics of a blockchain. According to the technical scheme, through a dynamic sensitivity grading and scenerization encryption adaptation mechanism, the binary dilemma that the traditional static encryption scheme is used for either over encryption to sacrifice usability or insufficient encryption to cause leakage in medical data protection is effectively solved, and the accurate balance of the data security intensity and the service requirement is realized. Optionally, the acquiring the medical data, analyzing the content attribute and the context information of the medical data through a first intelligent contract on the blockchain, and generating the first sensitivity level identifier includes: analyzing the structured metadata tag of the medical data through the first intelligent contract to obtain a data type classification result; Acquiring real-time context characteristics associated wit