医疗健康数据信息安全和隐私保护是区块链技术在医疗领域应用最广的领域。利用区块链,能够使医疗数据的存储与访问记录被记录且不可篡改,从而保障了医疗数据的隐私安全。
Health data security and privacy protection are the most widely applied areas of block-chain technology in the medical field.
目前我们历史积累的、产生的数据仍然被中心化的存储在各个机构中,“以个体为中心”的医疗区块链项目目前的力量尚不能撼动传统的数据中心地位,但可喜的是,这些医疗数据存储中心并不排斥区块技术,还有不少活跃者尝试采用区块链技术解决目前中心化信息存储访问中存在的安全问题,将数据更安全便捷的回归个体,促进医疗数据从信息向价值的转换。
While the current capacity of the “individual-centred” medical block chain project, which is still centrally stored in various institutions, cannot yet shake the status of traditional data centres, it is gratifying that these medical data storage centres do not exclude block technology, and that many activists have attempted to use block chain technology to solve the security problems that exist in the current centralized information storage access, to make the data safer and easier to return to the individual, and to facilitate the conversion of medical data from information to value.
目前机构在信息存储与访问中的问题
Current agency problems in the storage of and access to information
1. 医疗信息存储机构不够重视数据储存的安全性
1. & nbsp;
目前的医疗信息存储机构不重视数据存储安全主要表现在信息安全建设投入不足,医疗数据的存储未加密,信息安全维护人员缺位,系统漏洞众多,系统使用和维护者安全意识薄弱。
互联网+、物联网、大数据分析、人工智能等新技术与应用的发展都对信息网络安全提出了更高的要求,尤以科技为先的企业对防范网络安全的威胁意识在不断增强,中国内地与香港的企业在网络安全方面的平均投入比全球数值高出近四分之一,平均每年630万美元。
The development of new technologies and applications such as the Internet+, physical networking, big data analysis and artificial intelligence all places higher demands on information network security. Technology-based enterprises, in particular, are becoming more aware of threats to cybersecurity, with the average investment in cybersecurity in mainland China and Hong Kong being nearly a quarter above the global value, an average of $6.3 million a year.
但安全的建设解决不仅仅是增加投入这么简单,安永一项对1735位企业首席信息官的调查显示网络攻击日益复杂,88%的受访者表示其网络安全职能不能完全满足企业的需求;接近半数的受访者认为落后的信息安全管控或架构已经成为漏洞的高发地带;仅有38%的受访者表示在系统身份和访问控制管理上比较成熟;在保护用户知情权上并不主动,46%的受访者称不会通知客户,即使客户数据遭到暴露。
But building security is more than simply a matter of increasing investment, and a survey of 1735 business chief information officers in Ernst and Young shows that cyberattacks are becoming more complex, with 88 per cent of respondents saying that their cybersecurity functions do not fully meet the needs of the enterprise; nearly half of the respondents believe that poor information security controls or structures have become porous high-rises; only 38 per cent of respondents indicate that they are more mature in system identity and access control management; and 46 per cent of respondents are not proactive in protecting users'right to know, even if client data are exposed.
大型互联网企业在安全投入巨大的前提下,仍然面临着众多风险,相比较而言,掌握着众多个人高度隐私的医疗信息存储机构的安全维护显得明显不足,一项关于37家医院信息系统信息安全现状的调查结果显示,医院用于信息安全防护设备的资金投入占整个项目投入比例在5%以下的医院高达29家(78.4%)。
Large Internet companies still face a number of risks in the face of large security investments, which, in contrast, appear to be inadequate in the maintenance of medical information storage facilities with a high degree of personal privacy. A survey of the status of information security in the information systems of 37 hospitals shows that hospitals account for up to 29 (78.4 per cent) of the total project's investment in information security and protection equipment.
美国41%的医疗机构没有对医疗数据进行加密处理;50%的医疗机构无法有效预防和应对信息安全泄露;美国47%的医疗机构没有足够的信息安全专家。另外在中国国家信息安全漏洞共享平台上以医疗为关键词查找到,获得了160多条安全漏洞,被曝光的漏洞中大量和身份验证、访问权限漏洞相关,这些漏洞极大的增加了系统信息泄露的风险。
Forty-one per cent of health-care facilities in the United States do not have encrypted medical data; 50 per cent do not effectively prevent and respond to information security leaks; and 47 per cent do not have sufficient information security specialists. The risk of system information leaks is greatly increased by the fact that more than 160 security gaps have been discovered on China’s national platform for sharing information security gaps, which are linked to significant gaps in identification and access.
2. 针对医疗信息的黑客攻击行为猖獗
2. Hacker attacks against medical information are rampant
由于系统本身的安全保护不足和个人医疗信息的高价值,使得医疗信息机构成为了黑客攻击的重点。
The inadequate security protection of the system itself and the high value of personal medical information have made medical information institutions the focus of hacking attacks.
威瑞森电信公司(Verizon)发布的《2017年的数据泄露调查报告》显示在数据泄露上,医疗保健行业是仅次于金融行业的行业,占15%;在数据泄露原因方面,62%的数据泄露与黑客攻击有关;全球电子医疗保健记录系统中的数据在以每年5.5%的速度增长,医疗数据包含着病人的众多敏感数据,使得医疗行业成为黑客攻击的重灾区。
The data leak survey for 2017, published by Verizon, shows that the health-care industry is second only to the financial sector, accounting for 15 per cent of the data; that 62 per cent of the data leaks relate to hacker attacks in terms of the causes of data leaks; and that data from the global electronic health-care records system are growing at a rate of 5.5 per cent per year, and that medical data contain a large number of patient-sensitive data, making the medical sector a critical area for hacker attacks.
在黑市上,个人医疗信息的价值比信用卡信息要高50倍。因为它里面包括了患者的个人基本信息、财务信息和健康信息等多种敏感数据。不法分子可以利用这些信息进行诈骗、勒索等行为。
On the black market, the value of personal medical information is 50 times higher than that of credit card information. It includes a wide range of sensitive data, such as the patient’s basic personal information, financial information, and health information.
2017年仅在美国出现的重大医疗信息泄露事件就有15次,保守估计,共有约300万名病人的信息被泄露。2017年9月《法制日报》报道我国某部委医疗服务信息系统遭“黑客”入侵,就有超过7亿条公民信息遭泄露,8000余万条公民信息被贩卖。
In 2017 alone, 15 major medical information leaks occurred in the United States, with a conservative estimate that about 3 million patients were leaked. In September 2017, the Rule of Law Daily reported that one of our ministries' health-care information systems had been hacked into, more than 700 million citizen information had been leaked and over 80 million citizen information had been trafficked.
就在最近,新加坡保健服务集团数据库遭大规模网络攻击,包括总理李显龙在内150万人的个人资料失窃,患者的姓名、生日、身份证号码和地址等信息被泄露,其中更有约16万人的门诊开药记录被偷。
Just recently, the Singapore Health Services Group database was hit by a massive cyber attack, with 1.5 million people, including Prime Minister Lee Hsien Loong, having their personal data stolen and their names, birthdays, identity card numbers and addresses leaked, and about 160,000 more of them had their clinical prescription records stolen.
3. 数据访问和接入方式安全性仍需提升
3. Security of data access and access still needs to be improved
目前的医疗信息存储机构对于用户的访问主要在对用户认证功能上进行了控制,在用户授权访问控制、隐私保护上还存在欠缺。
The current medical information repository controls user access mainly with regard to user authentication functions, and there are deficiencies in user-authorized access control and privacy protection.
基础医疗信息平台的建设一个重要目的是提高个人对个体健康数据的使用,开放是信息存储机构的发展趋势。国家卫生健康委员会卫生与信息规划司在2018年7月发布的《关于深入开展“互联网+医疗健康”便民惠民活动的通知》中就要求健康信息服务更普及,推动居民电子健康档案在线查询和规范使用。
In July 2018, the Health and Information Planning Department of the National Health Council issued a circular on the further development of “Internet + Health” activities for the benefit of the population, which calls for greater access to health information services and the promotion of online access to and regular use of electronic health files.
一般情况下,区域卫生信息平台系统数据中心会汇集包括电子健康档案、电子病历数据库、人口信息数据库等医疗卫生行业的各方面信息,任何安全风险、违规操作都可能造成严重的社会影响和给医疗卫生机构造成重大损失。
In general, the regional health information platform system data centres bring together information on various aspects of the health sector, including electronic health files, electronic medical records databases, population information databases, etc., and any safety risk, irregular operation may have serious social consequences and damage to health institutions.
目前,各级卫生局陆续在门户网站上开通了个人健康信息服务系统。由于该网站直接发布在互联网上,同时又与卫生专网进行数据交互,系统面临的风险也显著提升。而目前系统访问多采用弱口令的验证方式,也进一步加大了数据泄露的风险。
The risk to the system has increased significantly as a result of the website’s direct posting on the Internet, as well as its interaction with the health network. The risk of data disclosure is further increased by the use of weak passwords for validation of current system access.
Verizon研究显示81%的数据泄露都与账号密码被盗用有关。另外个体的认证信息也是中心化的存储,这导致单点故障或者单把私钥的信息泄漏,可能导致数据库安全防线的整体性崩溃。
Verizon studies show that 81% of the data leaks are related to the theft of the account code. The authentication information of other individuals is also centrally stored, resulting in single-point malfunctions or leaks of private-key information, which could lead to a complete breakdown of the database’s security defense.
4. 中心化数据采集更新方式维护数据成本高
4. High cost of maintaining data for centralised data acquisition update
数据在目前的中心化存储的结构中会由于更新不及时、不完整、有误等多种问题而“失活”,最终导致了数据无法被利用。
Data are “live” in the current centralized structure because of various problems such as untimely updating, incompleteness and errors, which ultimately result in data not being used.
为了解决医疗信息孤岛问题,提高卫生信息共享交互,在“十二五”期间,国家卫生计生委提出了“36312”工程,大力推进建设区域信息平台。区域信息平台的分为国家级、省级和地市级三级卫生信息平台。在区域卫生信息平台中,数据是通过统一的交换接口从生产系统中抽取,或有各级医疗机构按照统一的数据标准规范上传。数据的交互通过平台实现。
In order to address the problem of silos of health information and improve the interaction of health information sharing, during the Twelfth Five-Year Plan, the National Council for Health Planning and Planning launched a project entitled “36312” to promote the development of a regional information platform. The regional information platform is divided into three health information platforms, at the national, provincial and municipal levels. In the regional health information platform, data are extracted from the production system through a single interface or uploaded by health institutions at all levels in accordance with harmonized data standards.
传统的医疗机构数据交换需要通过大量的接口调用实现,这种点对点的数据交换在医疗系统这种软件众多且标准不一的体系下,交换成本极高,中心化的数据交换方式能够较好的解决这个问题,但是同样的数据在多个地方进行了存储,如何保持这些数据的一致性是一个信息化建设难点。
Traditional data exchange in health-care institutions needs to be called through a large number of interfaces. The point-to-point data exchange is extremely costly under a system with numerous and inconsistent software, with centralized data exchange methods that can better address this problem, but the same data is stored in multiple locations, and how to maintain consistency is an information-building challenge.
平台中数据的实时更新,准确性和完整性都直接影响了交互的质量,然而由于网络中断、接口问题、医疗机构系统故障等问题,数据在这种中心化存储的结构中会由于数据更新不及时、不完整、有误等多种问题而“失活”,最终导致了数据无法被利用。由于数据质量等原因导致卫生信息平台无法发挥更大的价值,目前这种现象并不少见。
Real-time updates of data in the platform, accuracy and completeness have a direct impact on the quality of interactions, but data are “lost” in this centralized storage structure because of problems such as network interruptions, interface problems, medical institutional system malfunctions, etc., which ultimately result in data not being used. Health information platforms are not often used for reasons such as data quality.
5. 行业普遍潜规则:储存权=应用权
5. Industry-wide subterfuge rules: right of storage = right of application
虽然法规允许脱敏数据的使用,但目前行业对个体数据的使用远不止这些。
Although legislation permits the use of de-sensitivity data, the industry currently uses more than that for individual data.
2018年年初比雷埃夫斯大学研究人员对安卓生态中20款最受欢迎的医疗、健康类产品调研结果显示80%的产品涉嫌擅自传播用户数据。这些产品中有50%都和第三方共享用户文本、多媒体甚至医疗影像方面的数据,而且有20%的应用没有推出包含隐私问题的用户须知文件。
Early in 2018, researchers at the University of Bireevs found that 80% of the products in the 20 most popular medical and health products in Andres were suspected of transmitting user data without authorization. 50% of those products shared data with third parties on user text, multimedia and even medical images, and 20% of the applications did not produce user information documents covering privacy issues.
2017年7月英国信息委员会(ICO)宣布,由于GoogleDeepMind在患者不知情的情况下获取其资料和数据,违反了数据保护法。英国国民医疗保健系统(NHS)中伦敦皇家自由医院的一个基金会与GoogleDeepMind开展的一项医学实验合作项目中,NHS向GoogleDeepMind部门提供了约160万患者的详细资料且没有明确告知患者其数据正在被使用,用于测试一款新的移动应用。
In July 2017, the British Information Council (ICO) announced that GoogleDeepmind had violated the data protection laws by gaining access to its information and data without the patient’s knowledge. In a medical experimental collaboration with Google Deepmind, a foundation of the Royal Free Hospital in London in the United Kingdom’s National Health Care System (NHS), NHS provided Google Deepmind with detailed information about 1.6 million patients and did not explicitly inform the patient that its data was being used to test a new mobile application.
区块链解决方案
block chain solution
1. 实现数据的不可篡改、可追溯
1. Irreversible, traceable to .
在传统中心化的医疗健康信息存储机构中,区块链可作为一种安全解决方案,用来改进医疗数据使用的监管。中心化存储机构在保护敏感信息时,遇到的最大威胁来自黑客、恶意软件的系统问题,数据可能因此被篡改、删除,或者出现更新错误等现象。
In traditional centralized health information storage facilities, block chains can be used as a safe solution to improve the regulation of the use of medical data.
但区块链将所有的改动都记录下来,保证了数据的完整性。他们不是使用区块链保护的健康记录,而是将对这些记录执行的所有数据处理活动的日志文件记录到链上,实现数据的活动监管,降低生命关键型个人数据可能被不知情或恶意黑客或欺诈性内部人员泄露的各种风险。
But block chains record all changes and guarantee the integrity of the data. Instead of using the health records protected by block chains, they record the log files of all data-processing activities performed by these records, regulate the activity of the data, and reduce the risk that life-critical personal data may be leaked by uninformed or malicious hackers or fraudulent insiders.
2. 所有数据参与方维护一份数据账本,保障数据的准确性
2. All data participants maintain a data book that guarantees the accuracy of the data
理论上,维护区块链数据库的多份备份不会比一个单一、中心化的数据库更有效率。但实际情况是,多方已经在维护包含同样信息的数据库备份了。多个数据库备份中,关于同一交易的数据互相矛盾——导致成本高昂、耗时冗长的对账程序。跨组织使用区块链这样的分布式数据库可以极大地减少人工对账需求,因此可大量节约成本。
In theory, maintaining multiple backups of block-chain databases would not be more efficient than a single, centralized database. But the reality is that multiple backups already maintain databases containing the same information. In multiple database backups, data on the same transaction are contradictory - leading to costly and time-consuming reconciliation procedures.
此外,某些情况下,区块链可以让各组织获得共同能力,免除重复劳动。医疗信息在多个医疗机构,多个区域平台中的交换共享的价值核心是保障数据的准确性与完整性,区块链技术下,所有参与数据生产和使用的各方均共同维护一份医疗数据账本,通过区块链的共识机制,实现对数据变更的记录,能够更高效的确保数据的准确性。
In addition, in some cases, block chains can provide organizations with a common capability to avoid duplication of effort. The core value of the exchange and sharing of medical information in multiple medical institutions and regional platforms is to safeguard the accuracy and integrity of data. Under block chain technology, all parties involved in data production and use jointly maintain a medical data book that can more efficiently ensure the accuracy of data change through a consensus mechanism in the block chain.
3. 通过身份认证、用户授权控制数据访问实现个人信息的隐私保护
3. Privacy protection of personal information through identification, user authorization to control data access
在区块链技术体系下,存储的医疗信息摘要上链,数据的使用和改变会被记录,因此数据存储机构不再能够在用户不知情的情况下随意使用用户数据,实现了存储和使用的权限分离。个体身份认证信息的分布式存储,避免了中心化存储被篡改、被盗用的的风险。再通过区块链的多私钥的复杂权限保管,将数据使用权回归个体。数据的使用需通过用户授权从而实现个体医疗信息的隐私保护。例如通过智能合约技术可以设置单个病历分配多把私钥,并且制定一定的规则来对数据进行访问,无论是医生、护士或者病人本身都需要获得许可才能够进行。
Under the block chain technical system, the stored medical information is chained up and data use and changes are recorded, so data storage agencies are no longer able to use user data at will without the knowledge of the user and are able to separate storage and use rights. Distributed storage of personal identity information avoids the risk of centralized storage and theft. Data access is returned to individuals through the complex custody of multi-private keys in the block chain. Data use requires user authorization to protect the privacy of individual medical information.
应用案例分析
applied case analysis
爱沙尼亚、阿联酋、澳大利亚等国家的卫生信息部门与区块链技术提供方合作,实现了对卫生信息平台的安全升级,具体的案例梳理详见表1。
Health information services in Estonia, the United Arab Emirates and Australia have worked with block chain technology providers to upgrade the security of health information platforms, as detailed in table 1.
表1 关于医疗健康信息储存的区块链技术应用案例
图1 爱沙尼亚Guardtime VOLTA解决方案
应用场景小结
但需要意识到区块链技术能解决的问题是有限的,区块链性能决定了庞大的原始医疗数据不可能全部上链,这些医疗数据仍然被存储在云平台或本地化服务器中,区块链保护的是上链的访问记录与日志不被篡改,原始数据的安全问题并不在区块链的保护范畴。 However, there is a need to recognize that the technical problems that block chain can solve are limited, that block chain performance determines that the entire chain of raw medical data cannot be fully connected, that they are still stored on cloud platforms or localized servers, that the chain protects access records and logs from the upper chain and that the safety of the raw data is not protected by the chain. 我们可以看到中心化存储数据是无个体意义的群体性数据收集方式,虽然这些数据包含着众多个体信息却无法将价值反馈于个体。实际上如何更好的利用数据创造价值同样也是数据存储机构面临的难题,区块链技术推动的数据所有权回归有望激活这部分“沉睡”的数据,让数据产生更大的价值,让价值与个体共享或许是这些占有着数据金矿却无从开采的机构们的一条路径。 We can see that centralized stored data is a non-individual group-based way of collecting data, although they contain a large number of individual information, but they cannot feed their value back into the individual. In practice, how to make better use of data to create value is also a challenge for data-storage agencies, and the return of ownership of data driven by block-chain technologies is likely to activate this part of “sleeping” data, allowing the data to be of greater value, and allowing value-sharing with individuals may be a path for those institutions that have no access to the gold mines. 如果视传统“中心化”存储对个体医疗健康信息安全与隐私保护升级是一种温和的“改良”,那这个市场还有一群勇士怀着一股破局的气势,希望用区块链建立一个新的医疗健康信息存储与共享体系,“革新”的力量有哪些呢?让我们期待下一期的研究分析。 If traditional “centralized” storage is a mild “improvement” to the safety of individual medical health information and the protection of privacy, there is also a group of brave men in this market who, with a knockout, wish to create a new system of medical health information storage and sharing with a block chain, what is the power of “innovation”? Let us look forward to next issue of research analysis.
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论