1. Field of the Invention
The present invention relates to a security management system, a medical device and a security managing method, the device and method being capable of ensuring security management in accordance with the authority of a user (operator) or a user group when the user or user group logs into or logs off an operating terminal, or releases an operating screen lock, and more particularly, the system, device and method being capable of responding to demands specific to medical services
2. Description of the Related Art
Hitherto, security management for access to data (information) stored in various systems, such as computers, has been performed. According to known security management techniques, a user or a group that the user belongs to is permitted to operate predetermined functions. In other words, the user or group is authorized to login to a predetermined device and perform processing, e.g., read, write, or delete data, or execute other processing.
According to one of the above-mentioned techniques (e.g., Non-patent Document 1), security policies are managed and a login prompt accompanying authentication by the identical code(ID) and password of a user is performed. When an operating terminal of a computer is not operated for predetermined time, the screen of a display device is locked so that others cannot operate the computer, thus preventing unauthorized access to various pieces of data.
For instance, a commercial operating system capable of setting an executable function every group to which a user belongs to is realized. According to this system, a user or a user group, which is authorized to log in to the system and perform processing, e.g., write, read, or delete data, or execute other processing, can be set every file or directory. In this case, to operate the system through an operating terminal, the user or user group has to login with authentication. When the user terminates the system operation, the user has to logout. To operate the system next time, the user has to again login with authentication.
In addition to the above login/logout functions, the operating terminal provides a function of activating a screen saver to lock the screen of a display device when the operating terminal of the system is not operated for predetermined time or a predetermined key is operated. According to this function, any other users cannot operate the system unless the logined (logged-in) user releases the screen lock with authentication in the same way as in login.
However, to protect information, e.g., personal information regarding patients, stored in a medical device, such as a medical image diagnostic device or a hospital information system (HIS), or restrict persons permitted to operate the medical device, when a user (operator) or a group that the user belongs to is authenticated to login to the device and the authority corresponding to that logined user is authorized to login or release an screen lock in a manner similar to the known security management techniques, various problems occur.
First, in general medical image diagnostic devices, an examination or a diagnosis has to be available at any time. Therefore, the following security management is impermissible: While a screen saver is activated on an operating terminal and an operating screen is locked, an only logined user can release the screen lock. In the above security management, if the user who operates the operating terminal omits to release the screen lock and leaves the terminal, an examination or a diagnosis using the medical image diagnostic device cannot be performed.
According to the known security management techniques, an only logined user can release the screen lock. Disadvantageously, security management responding to demands specific to the above-mentioned medical services cannot be ensured.
Second, differently from general electronic equipment, in many medical image diagnostic devices, it is undesirable to turn off the device or terminate a system because the operating screen of an operating terminal is locked. The reason is as follows: In the medical image diagnostic device, it is necessary to immediately start an examination when a patient arrived. If the device is turned off or the system is terminated, it takes much time to restart the system. Disadvantageously, it is difficult to immediately start an examination.
According to the known security management techniques, when a different user wants to use the system while an operating screen is locked, that user cannot release the screen lock. Therefore, in order to permit a different user to operate the medical image diagnostic device, the device has to be turned off, alternatively, the system has to be terminated.
Third, it is necessary to permit a non-enrolled user, who is not authorized to login yet, to operate the medical image diagnostic device and urgently perform an examination using the device. However, according to the known security management techniques, even when the non-enrolled user has to urgently perform an examination, the user cannot login to the medical image diagnostic device because he or she is not authorized to login.
Fourth, according to the known security management techniques, if a user wants to logout the medical image diagnostic device and again login to the device, a diagnostic application of the medical image diagnostic device has to be restarted each time the user logins to the device. Disadvantageously, it takes much time to restart the diagnostic application. It is difficult to immediately start an examination.
For the reason that the above-mentioned problems exist, the most of the former medical image diagnostic device is automatically ready to start an examination on the operation manual after a power supply of medical image diagnostic device was turned on. In this case, anyone can touch the operation terminal and information such as patient's individual information can be read with such the known medical image diagnostic device. Therefore, the former medical image diagnostic device has a security risk for leakage of the information.