Data space, as an innovative data management and sharing model, is emerging in the medical and health sectors. This study expounds on the conceptual connotation of data space and delineates its key technologies, including distributed data storage, standardization and interoperability of data sharing, data security and privacy protection, data analysis and mining, and data space assessment. By analyzing the real-world cases of data spaces within medicine and health, this study compares the similarities and differences across various dimensions such as purpose, architecture, data interoperability, and privacy protection. Meanwhile, data spaces in these fields are challenged by the limited computing resources, the complexities of data integration, and the need for optimized algorithms. Additionally, legal and ethical issues such as unclear data ownership, undefined usage rights, risks associated with privacy protection need to be addressed. The study notes organizational and management difficulties, calling for enhancements in governance framework, data sharing mechanisms, and value assessment systems. In the future, technological innovation, sound regulations, and optimized management will help the development of the medical and health data space. These developments will enable the secure and efficient utilization of data, propelling the medical industry into an era characterized by precision, intelligence, and personalization.
Humans ; Computer Security ; Information Dissemination ; Data Management ; Information Storage and Retrieval ; Data Mining

As artificial intelligence technology rapidly advances, its deployment within the medical sector presents substantial ethical challenges. Consequently, it becomes crucial to create a standardized, transparent, and secure framework for processing medical data. This includes setting the ethical boundaries for medical artificial intelligence and safeguarding both patient rights and data integrity. This consensus governs every facet of medical data handling through artificial intelligence, encompassing data gathering, processing, storage, transmission, utilization, and sharing. Its purpose is to ensure the management of medical data adheres to ethical standards and legal requirements, while safeguarding patient privacy and data security. Concurrently, the principles of compliance with the law, patient privacy respect, patient interest protection, and safety and reliability are underscored. Key issues such as informed consent, data usage, intellectual property protection, conflict of interest, and benefit sharing are examined in depth. The enactment of this expert consensus is intended to foster the profound integration and sustainable advancement of artificial intelligence within the medical domain, while simultaneously ensuring that artificial intelligence adheres strictly to the relevant ethical norms and legal frameworks during the processing of medical data.
Artificial Intelligence/legislation & jurisprudence* ; Humans ; Consensus ; Computer Security/standards* ; Confidentiality/ethics* ; Informed Consent/ethics*

Wireless technology has been widely used in medical devices and has brought convenience to medical care. However, wireless medical devices face risks such as data security and radio frequency interference. This study highlights safety and effectiveness evaluation of wireless medical devices, and discusses technical characteristics and regulation requirements, providing references for industry development and regulation.
Computer Security ; Wireless Technology

OBJECTIVES: We analyzed Korea's data privacy regime in the context of protecting and utilizing health and medical big data and tried to draw policy implications from the analyses. METHODS: We conducted comparative analyses of the legal and regulatory environments governing health and medical big data with a view to drawing policy implications for Korea. The legal and regulatory regimes considered include the following: the European Union, the United Kingdom, France, the United States, and Japan. We reviewed relevant statutory materials as well as various non-statutory materials and guidelines issued by public authorities. Where available, we also examined policy measures implemented by government agencies. RESULTS: In this study, we investigated how various jurisdictions deal with legal and regulatory issues that may arise from the use of health and medical information with regard to the protection of data subjects' rights and the protection of personal information. We compared and analyzed various forms of legislation in various jurisdictions and also considered technical methods, such as de-identification. The main findings include the following: there is a need to streamline the relationship between the general data privacy regime and the regulatory regime governing health and medical big data; the regulatory and institutional structure for data governance should be more clearly delineated; and regulation should encourage the development of suitable methodologies for the de-identification of data and, in doing so, a principle-based and risk-based approach should be taken. CONCLUSIONS: Following our comparative legal analyses, implications were drawn. The main conclusion is that the relationship between the legal requirements imposed for purposes of personal information protection and the regulatory requirements governing the use of health and medical data is complicated and multi-faceted and, as such, their relationship should be more clearly streamlined and delineated.
Computer Security ; European Union ; France ; Government Agencies ; Great Britain ; Humans ; Japan ; Korea ; Privacy ; United States

OBJECTIVES: Home-based nursing care services have increased over the past decade. However, accountability and privacy issues as well as security concerns become more challenging during care provider visits. Because of the heterogeneous combination of mobile and stationary assistive medical care devices, conventional systems lack architectural consistency, which leads to inherent time delays and inaccuracies in sharing information. The goal of our study is to develop an architecture that meets the competing goals of accountability and privacy and enhances security in distributed home-based care systems. METHODS: We realized this by using a context-aware approach to manage access to remote data. Our architecture uses a public certification service for individuals, the Japanese Public Key Infrastructure and Health Informatics-PKI to identify and validate the attributes of medical personnel. Both PKI mechanisms are provided by using separate smart cards issued by the government. RESULTS: Context-awareness enables users to have appropriate data access in home-based nursing environments. Our architecture ensures that healthcare providers perform the needed home care services by accessing patient data online and recording transactions. CONCLUSIONS: The proposed method aims to enhance healthcare data access and secure information delivery to preserve user's privacy. We implemented a prototype system and confirmed its feasibility by experimental evaluation. Our research can contribute to reducing patient neglect and wrongful treatment, and thus reduce health insurance costs by ensuring correct insurance claims. Our study can provide a baseline towards building distinctive intelligent treatment options to clinicians and serve as a model for home-based nursing care.
Asian Continental Ancestry Group ; Certification ; Computer Security ; Delivery of Health Care ; Electronic Health Records ; Health Information Exchange ; Health Personnel ; Health Smart Cards ; Home Care Services ; Home Health Nursing ; Humans ; Information Dissemination ; Insurance ; Insurance, Health ; Methods ; Nursing ; Nursing Care ; Privacy ; Social Responsibility

We constructed the family tree database (DB) by using a new family code system that can logically express interpersonal family relationships and by comparing and complementing health insurance eligibility data and resident register data of the National Health Information Database (NHID). In the family tree DB, Parents and grandparents are matched for more than 95% of those who were born between 2010 and 2017. Codes for inverse relationships and extended relationships are generated using sequences of the three-digit basic family codes. The family tree DB contains variables such as sex, birth year, family relations, and degree of kinship (maximum of 4) between subjects and family members. Using the family tree DB, we find that prevalence rates of hypertension, diabetes, ischemic heart disease, cerebrovascular disease, and cancer are higher for those with family history. The family tree DB may omit some relationships due to incomplete past data, and some family relations cannot be uniquely determined because the source data only contain relationships between head and members of the household. The family tree DB is a part of the NHID, and researchers can submit requests for data on the website at http://nhiss.nhis.or.kr. Requested data will be provided after approval from the data service review board. However, the family tree DB can be limitedly provided for studies with high public value in order to maximize personal information protection.
Cerebrovascular Disorders ; Complement System Proteins ; Computer Security ; Family Characteristics ; Family Relations ; Grandparents ; Head ; Humans ; Hypertension ; Insurance, Health ; Interpersonal Relations ; Korea ; Logic ; Myocardial Ischemia ; Parents ; Parturition ; Pedigree ; Prevalence

It aimed to present the definition of personal information based on Korean laws that protect personal information and the process of protection of personal information in journal publishing based on the guidelines of the International Committee of Medical Journal Editors and Committee of Publication Ethics. Two Korean laws relate to the protection of personal information in human subject research: the Personal Information Protection Act and the Bioethics and Safety Act. These laws were enacted to prevent the unauthorized use of Koreans’ personal information including medical information. Personal information can be divided into personally identifiable information including resident registration numbers and sensitive information including health information. To protect personal information in journal publishing, institutional review board (IRB) approval and obtaining informed consent from patients is recommended or mandatory in clinical studies. However, retrospective chart reviews may be exempted from IRB approval, while obtaining informed consent is recommended for all case reports. Journal policies may vary with regard to whether a copy of the informed consent form is collected from authors, since the Committee of Publication Ethics guideline does not specifically recommend collecting it. In discussions of adopting clinical data-sharing policies, transfer of data including nonidentifiable personal information to another country is an unresolved issue. Furthermore, a public data repository site should be established in Korea for data to be deposited. To protect subjects’ privacy and to prevent legal issues potentially arising from privacy concerns, editors and publishers should do their best to publish articles with appropriate oversight on subjects’ personal information.
Bioethics ; Computer Security ; Consent Forms ; Ethics ; Ethics Committees, Research ; Humans ; Informed Consent ; Jurisprudence ; Korea ; Personally Identifiable Information ; Privacy ; Publications ; Republic of Korea ; Retrospective Studies

Lung cancer is the most commonly diagnosed cancer and the leading cause of cancer-related deaths worldwide. Globally, there were an estimated 1.8 million new cases and 1.59 million deaths in 2012. In Korea, the incidence of lung cancer is increasing and 24,267 (47.6/100,000) patients with lung cancer were registered at the Korea Central Cancer Registry in 2015. Previous nationwide surveys of lung cancer were performed in 1998 by the Korean Academy of Tuberculosis and Respiratory Diseases and in 2007 by the Korean Association for Lung Cancer (KALC), but the studies faced difficulties in maintaining lung cancer registry because of limitations regarding the Private Information Protection Act. To produce unbiased and reliable epidemiological data, the KALC and Korean Central Cancer Registry developed a detailed lung cancer registry (KALC-R) data structure. Following a pilot survey of 489 lung cancer cases in 2013, about 10% of the sampled lung cancer cases from the Korean Central Cancer Registry are surveyed each year. With the analysis of detailed data from the KALC-R, an important epidemiological background for scientific research or policy development is expected to be generated.
Computer Security ; Humans ; Incidence ; Korea ; Lung Neoplasms ; Lung ; Policy Making ; Registries ; Tuberculosis

A wireless blood pressure measurement system was designed to facilitate the measurement of the patient's blood pressure and to transmit the measured data safely and reliably. Through PDA, radio frequency identification technology (RFID) and bluetooth technology, the function of reading patients' information and statistics and analysis of blood pressure, heart rate data was realized. The IDEA and RSA joint algorithms were used to encrypt the patients' data and the key of the IDEA algorithm to ensure the security of the patient' data. The test results showed that the system had high accuracy of measurement data, safe and reliable transmission, and improved the nurses' work efficiency.
Algorithms ; Blood Pressure Determination ; Blood Pressure Monitors ; Computer Security ; Humans ; Radio Frequency Identification Device ; Wireless Technology

OBJECTIVES: Information technology involves a risk of privacy violation in providing easy access to confidential information,such as personal information and medical information through the Internet. In this study, we investigated medical information security to gain a better understanding of trends in research related to medical information security. METHODS: We researched papers published on ‘의료정보’ and ‘medical information’ in various Korean journals during a 10-year period from 2005 to 2015. We also analyzed these journal papers for each fiscal year; these papers were categorized into the areas of literature research and empirical research, and were further subdivided according to themes and subjects. RESULTS: It was confirmed that 48 papers were submitted to 35 academic journals. There were 33 (68.8%) literature review articles, and analysis of secondary data was not carried out at all. In terms of empirical research, 8 (16.7%) surveys and 7 (14.6%) program developments were studied. As a result of analyzing these papers according to the research theme by research method, 17 (35.4%) papers on laws, systems, and policies were the most numerous. It was found that among the literature research papers on medical personnel were the most common, and among the empirical research papers, research on experts in information protection and medical personnel were the most common. CONCLUSIONS: We suggest that further research should be done in terms of social perception, human resource development, and technology development to improve risk management in medical information systems.
Computer Security ; Electronic Health Records ; Empirical Research ; Hospital Information Systems ; Humans ; Industrial Development ; Information Systems ; Internet ; Jurisprudence ; Korea ; Medical Informatics ; Methods ; Privacy ; Risk Management ; Social Perception