1. Field of the Invention
The present invention relates to a document management system, information processing device and method, and a computer program. More particularly, the present invention relates to a document management system that can prevent leakage of important information, such as individual information and the like, and that permits only a specified user to access, to information processing device and method, and to a computer program.
2. Description of the Related Art
In recent years, the computerization of various kinds of information is rapidly progressing. For example, charts used in a hospital or image data, such as roentgen photographs or the like imaged for a medical treatment are being computerized. In respective medical institutions, such data is stored in a database in electronic form to be used. Recently, with the reformation of a medical system, the specialization of each medical institution is apparent. Therefore, there are many cases in which the medical treatment for each person is performed by the cooperation of plural hospitals, not by one hospital. For example, there may be a case in which a patient, who has undergone the first medical examination at a small hospital, undergoes a next medical examination at a large medical institution, such as a specialized hospital, a university hospital, or the like, which is introduced by a doctor in charge.
As such, when the patient uses the plural hospitals, conventionally, the patient has brought a chart recorded in a paper medium, a letter of introduction, image data imaged for the medical treatment, an X-ray photograph film, and the like with himself and has submitted them to an introduction destination medical institution.
In recent years, a system has been suggested in which data is stored in a shared server on a computer network, which can be accessed by the respective medial institutions, such that medical information is managed and shared. In this system, various kinds of data corresponding to a patient can be extracted from information processing devices of the respective medical institutions, such as personal computers (PC) or the like, while the patient does not need to bring a paper, such as a paper medium, or an X-ray film with himself. In such a system using the shared server, it is possible to eliminate intricacy of the patient when he lost his belongings, such as charts, on the way or when he returns his belongings to an introduction source. Further, a medical examination record or the like at an introduction source medical institution can be read, and thus there is no case in which the patient undesirably undergoes the same examination at an introduction destination medical institution again.
As for sharing of medical information via a network, individual information of the patient may leak. That is, there is a problem in that the medical information flows out in view of security. In order to solve the above-described security problem, many configurations have been suggested.
For example, in JP-A-2004-265438, JP-A-2002-259573, JP-A-2000-331101 and JP-A-2002-269243, a configuration in which shared information is encrypted, a configuration in which the introduction source sets the access authority of the introduction destination, and a configuration in which an access is controlled by an ID or password are disclosed. However, in the methods disclosed in the related art, even when the patient is absent, the access to the information may be performed, and thus leakage of the information may occur against the intension of the patient.
In order to solve the above-described problem, for example, in JP-A-2002-92186, a method has been suggested in which information about unique physical features of the patient (the fingerprint, the iris of the eye, the image of the fundus oculi, or the like) is used for an information access control. In this configuration, when the patient is absent, the access to the information cannot be performed, and thus individual information can be prevented from leaking to some degree. However, as for such information, the authentication process of the patient himself is required. Accordingly, at the time of the receipt or medical examination, downloading of the information is performed. In this case, however, downloading may take much time according to the amount of information and the communication capacity or speed, and thus the receipt time or the medical examination time may be delayed.