A medical diagnosis intelligent agent system and method under privacy protection

CN122266735APending Publication Date: 2026-06-23SHANDONG JIANZHU UNIV

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
SHANDONG JIANZHU UNIV
Filing Date
2026-05-28
Publication Date
2026-06-23

AI Technical Summary

Technical Problem

Existing technologies in multidisciplinary consultations suffer from data privacy and security issues, data silos, increased cognitive load and medical illusions due to lengthy model dialogues, and a lack of collaborative frameworks between hospitals, the cloud, and patients, making it difficult to balance diagnostic accuracy and privacy protection.

Method used

A three-way collaborative closed-loop architecture is constructed between the hospital, the cloud, and the patient. An adaptive feature noise addition mechanism based on medical importance scoring and a dynamic adjacency list text masquerading mechanism on the client side are adopted. Combined with a residual context mechanism guided by the attending physician's intelligent agent, the high-value medical features are accurately preserved and sensitive information is effectively masked. The context of the diagnostic report is restored through a lightweight semantic reconstruction model.

Benefits of technology

It effectively prevents the destruction of key medical semantics by traditional desensitization techniques, reduces the cognitive load of multi-intelligence diagnosis, improves diagnostic accuracy and security, and ensures a balance between privacy protection and diagnostic utility.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122266735A_ABST
    Figure CN122266735A_ABST
Patent Text Reader

Abstract

The application discloses a medical diagnosis intelligent agent system and method under privacy protection, and belongs to the cross field of artificial intelligence and medical health. In view of the problems that privacy protection and diagnosis utility are difficult to balance, and medical illusion is easy to occur in multi-agent consultation in the prior art, the application comprises the following steps: a hospital local end extracts electronic medical record bottom features and evaluates medical importance, and transmits the features to a cloud end after self-adaptive noise adding to fine-tune a multi-agent system; a patient local end carries out safe word replacement, generates a disguised prompt word, and uploads the prompt word to the cloud end; a cloud server uses a general practitioner intelligent agent for triage, and guides each specialist intelligent agent to carry out multi-round consultation by a attending physician intelligent agent, generates a disguised diagnosis report, and issues the report; and finally, a patient local end uses a semantic reconstruction model to restore and output a final diagnosis report. The application constructs a three-party collaborative closed loop, overcomes medical illusion and context fragmentation under the premise of protecting privacy, and significantly improves the accuracy and landing feasibility of the diagnosis system.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the intersection of artificial intelligence and healthcare, specifically to a privacy-preserving intelligent medical diagnostic system and method. Background Technology

[0002] The statements in this section are merely background information related to the present invention and do not necessarily constitute prior art.

[0003] Multidisciplinary consultation refers to a medical collaboration model that integrates the professional perspectives of doctors from different specialties to provide comprehensive and accurate decision support for the diagnosis of complex or rare diseases. In recent years, with the development of large-scale data pre-training technology, large language models have been introduced into this field. Multi-agent systems based on large language models can simulate the roles of different specialists and complete the diagnostic reasoning of complex cases through mutual collaboration and cross-discussion, demonstrating powerful semantic understanding and zero-shot generalization capabilities.

[0004] However, such systems face significant challenges in practical implementation. First, data privacy and security, along with the "data silo" problem, are prominent: hospitals possess a large number of high-quality, authentic electronic medical records, but compliance requirements make it difficult to upload this data to the cloud for model training or fine-tuning; simultaneously, patients worry about the leakage of sensitive information such as their real names and lifestyle habits during online consultations. Second, single models are prone to "medical illusions" in complex medical reasoning, and the introduction of multi-agent cross-discussion generates extremely lengthy contextual histories as the number of dialogue rounds increases. This not only significantly increases the cognitive load on the model and causes logical deviations but also incurs high computational and token costs. To leverage the reasoning capabilities of large models while protecting privacy, text semantic obfuscation and multi-agent collaboration technologies have been widely explored. However, existing privacy protection methods (such as text semantic obfuscation and homomorphic encryption) struggle to balance privacy and utility, often lacking explicit modeling of the importance of medical semantics and the strength of the obfuscation. This results in the destruction of both key symptom words and ordinary sensitive words, making it impossible for cloud-based models to be effectively fine-tuned, and directly returning rigid anonymized reports creates a severe sense of contextual disconnect. Existing multi-agent discussion mechanisms (such as turn-based dialogue and majority voting) cannot establish an effective convergence path from the content of the speech to the structured consensus. Redundant information and conflicting opinions continue to accumulate, which can easily lead to blind following. Furthermore, they lack residual state truncation and calibration mechanisms, making it difficult to balance the breadth of multidisciplinary perspectives with the accuracy of reasoning results.

[0005] Furthermore, existing solutions are mostly fragmented, focusing only on model fine-tuning encryption or prompt word role-playing optimization. They have consistently failed to establish a three-way collaborative framework that spans the hospital, cloud, and patient ends. They cannot achieve secure fine-tuning of multi-agent systems in the cloud while ensuring that hospital data does not leave the domain, nor can they seamlessly reconstruct and restore online privacy disguise and diagnostic context on the patient end. Therefore, they are unable to meet the stringent requirements of privacy compliance, high accuracy, and a good user experience. Summary of the Invention

[0006] To address the shortcomings of existing technologies, such as the difficulty in balancing privacy protection and medical semantics, the tendency for multi-agent diagnosis to generate medical illusions, and the lack of a collaborative framework among the end-user, cloud, and patient, this invention provides a privacy-preserving medical diagnostic intelligent agent system and method. By constructing a closed-loop architecture for collaboration among the hospital, cloud, and patient, and employing adaptive feature noise enhancement based on medical importance scoring and a dynamic adjacency list text masking mechanism on the end-user side, it achieves accurate preservation of high-value medical features and effective masking of sensitive information. Through a residual context mechanism guided by the attending physician agent and multi-dimensional structured aggregation, it effectively suppresses redundant information accumulation and medical illusion phenomena in long multi-agent dialogues. Simultaneously, it establishes a complete process for secure fine-tuning of data without data leaving the domain, seamless reconstruction of online privacy consultations and diagnostic results, significantly improving the accuracy, security, and clinical application experience of medical diagnosis.

[0007] On the one hand, a privacy-preserving medical diagnostic intelligent agent system is provided, including: a patient local terminal, a cloud server, and a hospital local terminal; the cloud server communicates with the patient local terminal and the hospital local terminal. The patient's local terminal is configured to: obtain the original consultation text, perform secure word replacement on non-medical sensitive tags to obtain the disguised prompt text and upload it to the cloud server; receive the disguised preliminary report from the cloud server, use a lightweight semantic reconstruction model to jointly align and extract it with the original consultation text to obtain a medical diagnosis report; The cloud server is configured to: receive a feature matrix from the hospital's local terminal for fine-tuning a multi-agent system, which includes a general practitioner agent, a specialist agent, and an attending physician agent built based on a large language model; receive a disguised prompt text from the patient's local terminal; awaken the specialist agent through the general practitioner agent to conduct a multidisciplinary consultation; and guide the specialist agents to conduct multiple rounds of structured discussions based on a residual context mechanism, reach a consensus, generate a disguised preliminary report, and send it to the patient's local terminal. The hospital's local terminal is configured to: acquire real electronic medical record data, encode feature vectors using a low-level feature extraction model, inject adaptive noise into the feature vectors based on medical importance scores, and upload the feature matrix formed by combining the noisy feature vectors to the cloud server.

[0008] On the other hand, it provides a patient-local, privacy-preserving medical diagnostic method, including: Obtain the original consultation text and generate a dynamic local adjacency list based on the non-medical sensitive markers in the original consultation text; Extract safe alternative words from the dynamic local adjacency list, replace non-medical sensitive tags with safe lexical replacements, and generate spoofed warning text. The disguised warning text will be uploaded to the cloud server; Receive preliminary reports of spoofing from the cloud server; Using a lightweight semantic reconstruction model, the original consultation text and the disguised preliminary report are jointly aligned and extracted, and the final medical diagnosis report is obtained after semantic reconstruction.

[0009] Furthermore, a dynamic local adjacency list is generated, specifically including: In a pre-built secure semantic vector library, the distance between the vectors of non-medical sensitive tags and other secure lexical vectors is calculated. Lexical vectors with a distance less than a threshold are selected, and a semantic isomorphic masquerading pool is dynamically constructed. The semantic isomorphic masquerading pool is used as a dynamic local adjacency list.

[0010] Furthermore, secure alternative words are extracted from the dynamic local adjacency list, and secure token replacements are performed on non-medical sensitive markers to generate spoofed warning text, specifically including: A semantic utility-based anti-inference sampling algorithm is used to extract safe alternatives according to a probability distribution, which is positively correlated with the semantic affinity scoring function. The extracted safe alternative words replace non-medical sensitive markers to generate disguised warning text; Establish a bidirectional mapping dictionary in local memory between safe alternatives and non-medical sensitive tags.

[0011] Furthermore, using a lightweight semantic reconstruction model, the original consultation text and the disguised preliminary report are jointly aligned and extracted. After semantic reconstruction, the final medical diagnosis report is obtained, including: The original, undisguised consultation text is used as the real context benchmark, the disguised preliminary report is used as the medical logic input, and a pre-established bidirectional mapping dictionary between safe alternatives and non-medical sensitive tags is obtained. By utilizing cross-attention mechanisms, the core medical decision-making logic in disguised preliminary reports can be identified; Based on a bidirectional mapping dictionary, the safe alternatives in the preliminary report are replaced with the real entities in the original consultation text; The replaced text is then smoothed and refined to obtain the final medical diagnosis report.

[0012] On the other hand, a privacy-preserving medical diagnostic method using a cloud server is provided, including: The system receives a feature matrix from the local hospital and uses the feature matrix to fine-tune a multi-agent system deployed in the cloud. The multi-agent system includes a general practitioner agent, a specialist agent, and an attending physician agent. Receive disguised notification text from the patient's local terminal; Utilize general practitioner AI agents to dynamically wake up corresponding specialist AI agents based on disguised prompt text for multidisciplinary consultations; During multidisciplinary consultations, the attending physician's intelligent agent guides the intelligent agents of various specialists to conduct multiple rounds of discussions and structured aggregation based on the residual context mechanism, and after reaching a consensus, a disguised preliminary report is generated. The spoofed preliminary report was sent to the patient's local device.

[0013] Furthermore, the general practitioner intelligent agent, the specialist intelligent agent, and the attending physician intelligent agent are all intelligent agents built based on a large language model.

[0014] Furthermore, the attending physician's agent guides the specialist physicians' agents to conduct multiple rounds of discussion and structured aggregation based on residual context mechanisms. After reaching a consensus, a disguised preliminary report is generated, including: In the current round of discussion, the awakened specialist physician agents only refer to the structured conclusions of the previous two rounds to revise or supplement their viewpoints. At the end of each round of discussion, the attending physician agent receives the statements of all specialist physician agents and summarizes and maps them into structured conclusions containing four dimensions: consistency, conflict, independence, and comprehensiveness, forming a multidimensional residual state matrix. Based on iterative revisions of multiple rounds of structured conclusions, until the specialist physician agents reach a consensus on the conflict dimension, the disguised preliminary report is output, which includes pathological analysis and medication recommendations.

[0015] On the other hand, it provides a privacy-preserving medical diagnostic method for local hospitals, including: Obtain authentic electronic medical record data from hospitals; Electronic medical record data is encoded using a low-level feature extraction model to obtain feature vectors; Electronic medical record data is segmented into words to obtain word sequences, and the medical importance score of each word is calculated. Based on the medical importance score, noise vectors of the corresponding scale are injected into the features of the corresponding word positions in the feature vector. The features of words with high medical importance are injected with small noise, and the features of words with low medical importance are injected with large noise. The feature matrix formed by combining the noisy feature vectors is uploaded to the cloud server.

[0016] Furthermore, the electronic medical record data is segmented to obtain a word sequence, and a medical importance score is calculated for each word. Based on the medical importance score, a noise vector of the corresponding scale is injected into the feature vector corresponding to the word position, including: The multi-head attention matrix is ​​obtained by extracting and encoding electronic medical record data. Based on the multi-head attention matrix, the information diffusion index of each word is calculated. The information diffusion index is used to characterize the degree of concentration of attention focus for that word. Based on the information diffusion index, the clinical relevance weight of each word is calculated as a medical importance score; An adaptive noise addition mechanism based on sensitivity calibration is constructed, incorporating a Laplacian masquerading term into the features of each lexical unit. The scale parameter of the Laplacian masquerading term is negatively correlated with the clinical relevance weight.

[0017] The above technical solution has the following advantages or beneficial effects: (1) This invention combines the information diffusion index with clinical relevance weights to adaptively add noise to the feature vectors of electronic medical records at the hospital's local end. This injects small noise into medically valuable terms to preserve semantic gradients, while injecting large noise into privacy-sensitive terms to mask identity. Simultaneously, at the patient's local end, a semantic isomorphic masquerading pool is dynamically constructed, and an anti-inference sampling algorithm is used for secure term replacement to generate disguised medical record prompts. This mechanism effectively defends against cloud-based feature reverse engineering attacks and attribute inference attacks while avoiding the destruction of key medical semantics by traditional desensitization techniques, achieving a good balance between medical privacy protection and diagnostic utility.

[0018] (2) This invention introduces a residual discussion architecture led by the attending physician agent in cloud-based multidisciplinary consultations. The statements of each specialist physician agent are summarized and mapped into structured conclusions with four dimensions: consistency, conflict, independence, and comprehensiveness, forming a multidimensional residual state matrix. Each specialist physician agent only uses the state matrices of the two most recent rounds as context for state transitions. This mechanism significantly reduces redundant historical information that grows exponentially with the number of dialogue rounds, lowers the cognitive load of large language models, effectively curbs the "medical illusion" phenomenon caused by excessively long contexts, and simultaneously improves reasoning speed and diagnostic accuracy.

[0019] (3) This invention utilizes a lightweight semantic reconstruction model on the patient's local end. Based on a pre-established bidirectional mapping dictionary, it performs reverse replacement and contextual smoothing on the disguised preliminary diagnostic report sent from the cloud, restoring the diagnostic logic to the original real context for output. This end-to-cloud collaborative semantic reconstruction mechanism eliminates the sense of contextual fragmentation caused by privacy noise, ensuring that the final diagnostic report obtained by the patient not only conforms to their real identity information but also maintains the integrity and logical rigor of medical reasoning. Attached Figure Description

[0020] The accompanying drawings, which form part of this invention, are used to provide a further understanding of the invention. The illustrative embodiments of the invention and their descriptions are used to explain the invention and do not constitute an improper limitation of the invention.

[0021] Figure 1 This is a schematic diagram of the medical diagnostic intelligent agent system in Embodiment 1 of the present invention; Figure 2 This is a flowchart of the medical diagnostic intelligent agent system in Embodiment 1 of the present invention. Detailed Implementation

[0022] To make the objectives, technical solutions, and advantages of the present invention clearer, the embodiments of the present invention will be described in further detail below with reference to the accompanying drawings. Those skilled in the art should understand that the specific embodiments described herein are for illustrative purposes only and are not intended to limit the scope of the invention.

[0023] It should be noted that the following detailed description is illustrative and intended to provide further explanation of the invention. Unless otherwise specified, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention pertains.

[0024] Example 1 This embodiment provides a privacy-preserving intelligent medical diagnostic system. Figure 1 The system diagram of Embodiment 1 of the present invention includes the following parts: a patient local terminal (e.g., an application running on a smartphone or tablet), a cloud server (deployed with a large language model and a multi-agent system), and a hospital local terminal (a private server or data gateway within the hospital). The three communicate with each other through the network to jointly complete the offline security fine-tuning and online assisted diagnosis process.

[0025] Specifically, the patient's local terminal is configured to: acquire the original consultation text, perform secure lexical replacement on non-medical sensitive markers to obtain disguised medical record prompts, and upload them to the cloud; receive the disguised preliminary diagnosis report from the cloud, and use a lightweight semantic reconstruction model to jointly align and extract it with the original consultation text to obtain a medical diagnosis report; the cloud server is configured to: receive the disguised medical record prompts, awaken specialist agent agents through a general practitioner agent to conduct multidisciplinary consultation, and guide the specialist agents to conduct multiple rounds of structured discussions based on residual context mechanisms to reach a consensus, generate the disguised preliminary diagnosis report, and send it to the patient's local terminal; the hospital's local terminal is configured to: acquire real electronic medical record data, encode feature vectors using a low-level feature extraction model, inject adaptive noise into the feature vectors based on medical importance scores, and upload the noisy feature vectors to the cloud for fine-tuning of the cloud multi-agent system.

[0026] The following is combined with Figure 2 This paper provides a detailed description of the workflow of the medical diagnostic intelligent agent system, which mainly includes four stages: offline security fine-tuning on the hospital's local end, online text masquerading on the patient's local end, cloud-based multidisciplinary consultation, and semantic reconstruction on the patient's local end.

[0027] S1: Offline security tweaks for the hospital's local terminal.

[0028] The system is currently in the offline initialization and security fine-tuning phase. To enable the cloud-based large-scale model to possess professional medical capabilities without disclosing the hospital's actual electronic medical records (EHR) data, a "feature truncation transmission and adaptive encryption" mechanism is adopted. Specifically, this embodiment uses an open-source large language model based on the Transformer architecture (such as LLaMA-2 or ChatGLM), decoupling the overall large language model system into two parts at the network layer: a low-level feature mapping network deployed on the hospital's local host. (For example, the model's embedding layer and the first L Transformer encoding layers, such as layers 1 to 4), and the top-level inference network deployed on a cloud server. (For example, the remaining Transformer layers and the output layer). Under this architecture, the local hospital only needs to perform forward propagation computation up to layer L; the cloud cannot directly access the original text.

[0029] The hospital's local terminal reads authentic electronic medical record data that has not been anonymized, and first performs word segmentation to obtain a word sequence. ,in, This represents the discrete word sequence obtained after segmenting the original electronic medical record text. This represents the total length of the sequence. Each token can be a complete word, a subword, or a character, depending on the tokenizer used by the system (e.g., a byte-pair encoding BPE tokenizer). For example, given the input medical record text 'Patient Zhang San suffers from coronary heart disease', the token sequence after segmentation is: ['Patient', 'Zhang', 'San', 'suffers from', 'coronary heart disease'].

[0030] The aforementioned word sequence is forward encoded using a low-level feature mapping network. During forward propagation, the multi-head self-attention mechanism in the network calculates the attention weight matrix between words for each layer and each attention head. This embodiment extracts the multi-head attention matrix generated by the low-level network. This matrix represents the first d Layer k In each attention head, word elements for lexical elements The degree of correlation.

[0031] After obtaining the above multi-head attention matrix, in order to accurately distinguish between core medical terms and privacy-restricted redundant terms in medical records, this embodiment uses each lexical unit... Define the Information Dispersion Index. The calculation formula is: ; Typically, for key medical terms such as disease names and targeted drugs, the corresponding lexical units... Their attention is highly focused on the specific medical symptom context, therefore the calculated... The value is relatively small; while for the lexical units corresponding to common privacy terms such as dates and patient names... Their attention is usually evenly distributed across the entire area, leading to their The value is too high.

[0032] Based on the information diffusion index, further analysis is performed on each lexical unit. Constructing clinical relevance weights (Clinical Relevance Weight) serves as the medical importance score for this term: ; in, To prevent extremely small constants with a denominator of zero, D K represents the number of Transformer layers in the underlying feature mapping network, and K represents the total number of attention heads set in each layer. Representative word element The information diffusion index is calculated separately at the d-th layer and the k-th attention head. The closer this value is to 1, the higher the medical decision-making value of this term.

[0033] After the underlying feature mapping network completes the computation of all layers, the system obtains the hidden state sequence of its last layer output and extracts the sequence corresponding to each word. The original hidden layer feature vector After obtaining the original hidden layer feature vector and the aforementioned clinical relevance weights, the system constructs an adaptive differential encryption mechanism locally, specifically: for each feature vector Introducing Laplace dummy terms Its noise scale and A negative correlation can be represented as: ; in, This serves as the upper bound for the global sensitivity of the underlying vector space. This serves as a baseline coefficient for privacy strength. The ingenuity of this mechanism lies in the fact that when a feature has high clinical relevance ( The injected noise scale decays exponentially, thus perfectly preserving the semantic gradient required for medical fine-tuning. When dealing with privacy features that have no medical value, large-scale noise is injected to achieve data masking.

[0034] The hospital's local terminal combines the noisy feature vectors into a feature matrix. The data is transmitted to a cloud server, which then utilizes... Perform gradient backpropagation to achieve collaborative fine-tuning of cloud-based general practitioner and specialist physician intelligent agents.

[0035] S2: Patient's local online text spoofing.

[0036] When an online consultation is initiated, the patient enters the original consultation text, which contains personal privacy information, on their local smart device. To defend against potential malicious data theft in the cloud, the system activates a Natural Language Entity Recognition (NER) engine on the device side. For example, it uses a lightweight named entity recognition model based on the BERT-CRF architecture to automatically identify non-medical sensitive entities in the text. , where U is the total number of sensitive entities.

[0037] Non-medical sensitive entities specifically include personal privacy information that is not related to medical matters, such as patient names, geographical locations, ID numbers, contact numbers, and dates of visits. For example, if the input text contains 'Zhang San' or 'Beijing', both of these terms will be identified as sensitive entities. . For each sensitive entity The system calculates distances using a pre-built secure semantic vector library. This library is a local mapping database built offline by the system using pre-trained word vector models (such as Word2Vec or GloVe) to encode a large number of non-sensitive general-purpose words. "Secure lexical units" are general-purpose alternatives in this library that do not involve the real identity of a specific individual (e.g., the common alias "Li Si," the common place name "a certain city," etc.). Specifically, the system calculates sensitive entity vectors. Compared with other secure lexical vectors in the library Euclidean distance between 2 And filter out those with a distance less than a set threshold. (e.g., setting a threshold) Using lexical units with a value of 0.5, a semantic isomorphic masquerading pool is dynamically constructed. The morphemes in this disguise pool are semantically and part-of-speech similar to the original sensitive entities, but they conceal their true identities.

[0038] Subsequently, the system uses a semantic utility-based anti-inference sampling algorithm (i.e., the probability selection process based on the exponential mechanism described below) to perform probability sampling from the masquerade pool.

[0039] Specifically, a semantic affinity scoring function is defined. Its expression can be configured as the negative of the Euclidean distance between the spoofed word and the sensitive entity vector, i.e. 2 This is used to measure the naturalness of the context after the substitution.

[0040] Candidate disguised words The probability of being selected is expressed as: ; in, The privacy budget parameter allocated to the device side is used to balance the strength of privacy protection with semantic preservation. The smaller the value, the more random the sampling, and the better the privacy protection. Represents the scoring function The global sensitivity is the maximum change in the scoring function for any two different sensitive entities. Represents a semantic isomorphic masquerading pool Any candidate dummy word in the list.

[0041] The system selects spoofing words according to the above probability distribution, performs hard replacement on sensitive entities in the original consultation text, and generates a disguised prompt text that conceals the true identity and is semantically coherent. It is then sent to the cloud-based medical system, while a bidirectional mapping dictionary is created in local memory. .

[0042] S3: Cloud-based multidisciplinary consultation.

[0043] The cloud server is pre-configured with three types of intelligent agent architectures based on a large language model: a general practitioner intelligent agent responsible for triage and routing, multiple specialist physician intelligent agents responsible for deep reasoning in specific domains, and an attending physician intelligent agent responsible for overall planning and dimensionality reduction summarization.

[0044] Specifically, the cloud server receives the spoofed warning text. Then, the first layer (i.e., the patient reception entrance layer) connects to the general practitioner intelligent agent. This general practitioner intelligent agent uses preset medical entity extraction instructions to extract data from... Standardized symptom feature vectors are extracted (e.g., text is converted into structured tags such as ["chest pain", "radiation to left arm", "duration > 30 minutes"]). Subsequently, the system performs cosine similarity matching between the extracted symptom feature vectors and pre-built specialty tag libraries in the cloud, dynamically activating a set of specialty agents with relevant medical backgrounds. (For example, activate the cardiology agent, respiratory agent, and gastroenterology agent and put them into standby mode).

[0045] To completely address the shortcomings of large models in lengthy multi-agent dialogues, which can easily lose focus and induce medical hallucinations, this embodiment specifically introduces "multidimensional residual state truncation flow," that is, in the first... During rounds of cross-disciplinary consultations, intelligent agents from various specialties... Based on the initial disguised prompt text Perform independent reasoning and output interim reasoning conclusions. At this point, the attending physician's intelligent agent intervenes, not participating in direct reasoning, but instead performing aggregation mapping operations. The conclusions of all specialized intelligent agents in this round are dimensionality-reduced and projected into a structured multidimensional residual state matrix. : ; in, This refers to extracting the consensus features (Synchronization) of various specialties, that is, extracting completely consistent pathological or medication conclusions from the diagnostic results of doctors in various specialties; This indicates a collision feature, which refers to diagnostic points that are contradictory or divergent among specialists. This indicates a uniqueness feature, which means extracting a viewpoint that is unique to a single specialty and not mentioned by other specialties; It is a comprehensive feature (Summarization), that is, a concise summary of the current condition.

[0046] Among them, aggregation mapping operation It is not simply algebraic operation, but a structured information extraction and cross-semantic comparison mechanism based on a large language model. The specific extraction process is as follows: First, the attending physician agent collects the set of interim reasoning conclusions output by all specialist agents in this round. ,…, Then, the internal semantic comparison engine is invoked to transform the above conclusions into high-dimensional sentence vectors, perform pairwise similarity calculations and logical contradiction detection, and combine them with pre-set structured extraction prompts to reduce the dimensionality of global information into a structured multi-dimensional residual state matrix. .

[0047] In the direction of the During round evolution, the system blocks agents from accessing the global, long historical text, and the state transitions of each specialized agent strictly follow the following equations: ; in, This represents a medical prompt template guiding multi-agent residual reasoning. For example, Promptmed specifically states: "You are a [cardiologist] specialist. Based on the residual state matrices from the last two consultations, please focus on the collisional features..." "Provide your professional rebuttal or corrective opinions, and give further diagnostic suggestions based on the exclusive characteristics." Indicates the first p The large language model inference function for each specialized agent; ⊕ represents a matrix or text-level concatenation operation. That is, each specialized agent uses only the multidimensional residual state matrices from the two most recent rounds as context for logical deduction and divergence correction, through the above... The instruction constraints force the model to focus its attention resources on solving the problem. In terms of collision characteristics.

[0048] After multiple iterations, collision features When the set approaches an empty set, the consultation is considered converged. Based on the current discussion results, the cloud generates a preliminary medical decision report containing misleading information. And then it was sent back to the patient's local area.

[0049] Understandably, the cloud server is pre-configured with a hierarchical multi-agent architecture consisting of general practitioner agents, attending physician agents, and specialist agents from various medical specialties. These agents are independent reasoning instances built on large language models (such as open-source models like LLaMA-3), and are given corresponding role capabilities by injecting specific system prompts and medical knowledge bases for their respective fields. For example, the general practitioner agent is configured as a routing node with general triage capabilities; the specialist agent agents are configured as expert nodes in specific fields such as cardiology, neurology, and respiratory medicine; and the attending physician agent is configured as a coordination node that does not directly issue medical diagnoses but is only responsible for contextual coordination and conclusion aggregation.

[0050] S4: Semantic reconstruction of the patient's local end.

[0051] If the preliminary report from the cloud is directly given Presenting patients with misleading information (such as disguising the patient "Zhang San" as "Li Si") can cause severe cognitive impairment. Therefore, a lightweight two-stream semantic reconstruction network is activated locally on the patient's end. The dual-stream semantic reconstruction network consists of a rule-based hard substitution stream (e.g., utilizing a regular expression engine) and a contextual polishing stream based on a lightweight language model (e.g., a small edge model deployed on mobile devices such as MobileBERT). The network receives locally lossless original diagnostic text. Preliminary report delivered via cloud And the mapping dictionary generated in step S2. The reconstruction process is represented as: ; In the specific implementation, the reconstructed network first uses a cross-attention mechanism to lock... The core medical decision-making logic and medication prescription chain in the system, followed by a mapping dictionary At the syntax tree level, the forged entity is reverse-engineered into... The system identifies real entities within the text. Building upon this, it leverages the autoregressive generation capabilities of a local lightweight model to smooth the context and improve the coherence of the replaced text fragments. Ultimately, it delivers a logically rigorous, personalized final medical diagnosis report to the patient that aligns with their real-life context. .

[0052] In summary, this embodiment, through a complete process of offline security fine-tuning on the hospital's local end, online text masquerading on the patient's local end, multidisciplinary consultation in the cloud, and semantic reconstruction on the patient's local end, effectively overcomes the medical illusion caused by large models in multi-agent long-context consultations while absolutely protecting the hospital's real medical record data and the patient's personal privacy. This significantly improves the accuracy, security, and clinical application experience of medical diagnosis.

[0053] The following case study, using a specific patient consultation, fully demonstrates the entire process of this invention, from offline fine-tuning at the hospital to online diagnosis.

[0054] Prerequisites: The hospital has completed the security fine-tuning of the cloud-based multi-agent system through an offline phase. Patient Zhang San consults online via a mobile app.

[0055] S1: Offline security tweaks for the hospital's local terminal.

[0056] Input (fragment of real medical records from local hospital): The local hospital reads archived real patient medical records, such as: "Patient Wang, male, 55 years old, currently residing in Pudong New Area, Shanghai, chief complaint of persistent chest pain accompanied by profuse sweating, electrocardiogram shows ST segment depression, diagnosed as coronary heart disease, given aspirin...".

[0057] Processing procedure: The underlying feature mapping network performs word segmentation and forward encoding on the text.

[0058] Calculate the medical importance score (clinical relevance weight) of each term. Among them, the information diffusion index of "Wang Moumou" and "Shanghai Pudong New Area" is large and the medical importance score is close to 0; while the medical importance scores of "ST segment depression", "coronary heart disease" and "aspirin" are close to 1.

[0059] An adaptive noise-adding mechanism is introduced: extremely large-scale Laplace noise is injected into the feature vectors of privacy-related terms such as "Wang Moumou"; and extremely small-scale noise is injected into the feature vectors of core medical terms such as "coronary heart disease".

[0060] Output: Generate a noisy security feature matrix. The data is then uploaded to a cloud server, where professional medical knowledge is fine-tuned for the multidisciplinary intelligent agent in the cloud. Throughout the entire process, the cloud does not access any unencrypted real patient privacy.

[0061] S2: Patient's local online text spoofing.

[0062] Input (original consultation text) Patient Zhang San entered the following into the local app: "I am Zhang San, 45 years old, and I live in Chaoyang District, Beijing. I have been experiencing chest tightness and shortness of breath frequently for the past week, especially after climbing stairs."

[0063] Processing procedure: The edge-side NER engine identified a set of non-medical sensitive entities: {"Zhang San", "Beijing Chaoyang District"}.

[0064] Based on an anti-inference sampling algorithm, isomorphic spoofed words are dynamically extracted from a local secure semantic vector library for hard replacement. For example, "Zhang San" is replaced with "Li Si", and "Beijing Chaoyang District" is replaced with "a certain district of a certain city".

[0065] Establish a bidirectional mapping dictionary in local memory. :{"Li Si" "Zhang San", "a certain district in a certain city" "Chaoyang District, Beijing"

[0066] Output: Generates the disguised hint text.

[0067] "I am Li Si, 45 years old, and I live in a certain district of a certain city. For the past week, I have frequently experienced chest tightness and shortness of breath, especially after climbing stairs." Then, Uploaded to the cloud server.

[0068] S3: Cloud-based multidisciplinary consultation.

[0069] Input: Disguised hint text .

[0070] Processing procedure: The general practitioner's intelligent agent extracts symptom feature vectors ("chest tightness, shortness of breath, worsening after exertion"), dynamically calculates and activates the "cardiology intelligent agent" and the "respiratory intelligent agent".

[0071] First round of consultation: Cardiology specialists suspected myocardial ischemia; pulmonology specialists believed exertional asthma might be present. The attending physician's intelligent agent aggregates to generate a multidimensional residual state matrix. Among them, collision characteristics The record reads: "Disagreement between myocardial ischemia and respiratory spasm".

[0072] Second round of consultations: Cardiology and Respiratory Medicine based on The discrepancy was corrected. The cardiology agent added reasoning: "The patient had no cough or wheezing, and the attacks were strictly correlated with physical exertion, which is more consistent with coronary insufficiency." The respiratory agent agreed. The collisional characteristics approached an empty set, and the consultation converged.

[0073] Output: A preliminary report of the spoofing is generated in the cloud. "Mr. Li, 45 years old, residing in a certain district of a certain city. Based on a multidisciplinary consultation, unstable angina is highly suspected. It is recommended that you go to the cardiology department of the hospital as soon as possible for coronary CTA and echocardiography, and start taking aspirin and statins. Please rest and avoid exertion to prevent triggering." This message was then sent to the patient's local office.

[0074] S4: Semantic reconstruction of the patient's local end.

[0075] Input: Original medical history text Preliminary report sent from the cloud server and mapping dictionary .

[0076] Processing procedure: Two-stream semantic reconstruction network activation first utilizes a hard substitution stream, traversing... ,Will The disguised word "Li Si" was accurately reversed to the real identity "Zhang San", and "a certain city and a certain district" was replaced with "Beijing Chaoyang District".

[0077] Subsequently, a lightweight language model on the device side was used to refine the context, ensuring that the replaced address was natural and coherent with the context, eliminating the sense of contextual disconnect caused by mechanical desensitization.

[0078] Output (the final medical diagnosis report presented to the patient) "Mr. Zhang, 45 years old, lives in Chaoyang District, Beijing. Based on a multidisciplinary consultation, we highly suspect unstable angina. We recommend that you go to the cardiology department of the hospital as soon as possible for coronary CTA and echocardiography, and start taking aspirin and statins. Please rest and avoid exertion to prevent it."

[0079] Example 2 This embodiment provides a patient-local privacy-preserving medical diagnostic method, including: Obtain the original consultation text and generate a dynamic local adjacency list based on the non-medical sensitive markers in the original consultation text; Extract safe alternative words from the dynamic local adjacency list, replace non-medical sensitive tags with safe lexical replacements, and generate spoofed warning text. The disguised warning text will be uploaded to the cloud server; Receive preliminary reports of spoofing from the cloud server; Using a lightweight semantic reconstruction model, the original consultation text and the disguised preliminary report are jointly aligned and extracted, and the final medical diagnosis report is obtained after semantic reconstruction.

[0080] Example 3 This embodiment provides a privacy-preserving medical diagnostic method using a cloud server, including: Receive the feature matrix from the local hospital and use the feature matrix to fine-tune the multi-agent system deployed in the cloud. The multi-agent system includes general practitioner agents, specialist agents, and attending physician agents. Receive disguised notification text from the patient's local terminal; Utilize general practitioner AI agents to dynamically wake up corresponding specialist AI agents based on disguised prompt text for multidisciplinary consultations; During multidisciplinary consultations, the attending physician's intelligent agent guides the intelligent agents of various specialists to conduct multiple rounds of discussions and structured aggregation based on the residual context mechanism, and after reaching a consensus, a disguised preliminary report is generated. The spoofed preliminary report was sent to the patient's local device.

[0081] Example 4 This embodiment provides a privacy-preserving medical diagnostic method for local hospital settings, including: Obtain authentic electronic medical record data from hospitals; Electronic medical record data is encoded using a low-level feature extraction model to obtain feature vectors; Electronic medical record data is segmented into words to obtain word sequences, and the medical importance score of each word is calculated. Based on the medical importance score, noise vectors of the corresponding scale are injected into the features of the corresponding word positions in the feature vector. The features of words with high medical importance are injected with small noise, and the features of words with low medical importance are injected with large noise. The feature matrix formed by combining the noisy feature vectors is uploaded to the cloud server.

[0082] It should be noted that each module in this embodiment corresponds one-to-one with each step in Embodiment 1, and their specific implementation process is the same, so it will not be repeated here.

[0083] The above are merely preferred embodiments of the present invention and are not intended to limit the present invention. Various modifications and variations can be made to the present invention by those skilled in the art. Any modifications, equivalent substitutions, improvements, etc., made within the spirit and principles of the present invention should be included within the scope of protection of the present invention.

Claims

1. A privacy-preserving medical diagnostic agent system, characterized in that, include: Patient local terminal, cloud server, and hospital local terminal; the cloud server communicates with the patient local terminal and the hospital local terminal. The patient's local terminal is configured to: obtain the original consultation text, replace non-medical sensitive tags with safe words, obtain the disguised prompt text, and upload it to the cloud server; Receive the disguised preliminary report from the cloud server, use a lightweight semantic reconstruction model to jointly align and extract it with the original consultation text, and obtain the medical diagnosis report; The cloud server is configured to: receive a feature matrix from the hospital's local terminal for fine-tuning a multi-agent system, which includes a general practitioner agent, a specialist agent, and an attending physician agent built based on a large language model; receive a disguised prompt text from the patient's local terminal; awaken the specialist agent through the general practitioner agent to conduct a multidisciplinary consultation; and guide the specialist agents to conduct multiple rounds of structured discussions based on a residual context mechanism, reach a consensus, generate a disguised preliminary report, and send it to the patient's local terminal. The hospital's local terminal is configured to: acquire real electronic medical record data, encode feature vectors using a low-level feature extraction model, inject adaptive noise into the feature vectors based on medical importance scores, and upload the feature matrix formed by combining the noisy feature vectors to the cloud server.

2. A privacy preserving medical diagnostic method at a patient local end, characterized in that, include: Obtain the original consultation text and generate a dynamic local adjacency list based on the non-medical sensitive markers in the original consultation text; Extract safe alternative words from the dynamic local adjacency list, replace non-medical sensitive tags with safe lexical replacements, and generate spoofed warning text. The disguised warning text will be uploaded to the cloud server; Receive preliminary reports of spoofing from the cloud server; Using a lightweight semantic reconstruction model, the original consultation text and the disguised preliminary report are jointly aligned and extracted, and the final medical diagnosis report is obtained after semantic reconstruction.

3. The privacy preserving medical diagnostic method at a patient local end according to claim 2, wherein, Generating a dynamic local adjacency list specifically includes: In a pre-built secure semantic vector library, the distance between the vectors of non-medical sensitive tags and other secure lexical vectors is calculated. Lexical vectors with a distance less than a threshold are selected, and a semantic isomorphic masquerading pool is dynamically constructed. The semantic isomorphic masquerading pool is used as a dynamic local adjacency list.

4. The privacy preserving medical diagnostic method at a patient local end according to claim 2, wherein, The system extracts secure alternative words from a dynamic local adjacency list, performs secure token replacements on non-medical sensitive markers, and generates spoofed warning text, specifically including: A semantic utility-based anti-inference sampling algorithm is used to extract safe alternatives according to a probability distribution, which is positively correlated with the semantic affinity scoring function. The extracted safe alternative words replace non-medical sensitive markers to generate disguised warning text; Establish a bidirectional mapping dictionary in local memory between safe alternatives and non-medical sensitive tags.

5. The privacy preserving medical diagnostic method at a patient local end as claimed in claim 2, wherein, Using a lightweight semantic reconstruction model, the original consultation text and the disguised preliminary report are jointly aligned and extracted. After semantic reconstruction, the final medical diagnosis report is obtained, including: The original, undisguised consultation text is used as the real context benchmark, the disguised preliminary report is used as the medical logic input, and a pre-established bidirectional mapping dictionary between safe alternatives and non-medical sensitive tags is obtained. By utilizing cross-attention mechanisms, the core medical decision-making logic in disguised preliminary reports can be identified; Based on a bidirectional mapping dictionary, the safe alternatives in the preliminary report are replaced with the real entities in the original consultation text; The replaced text is then smoothed and refined to obtain the final medical diagnosis report. 6.A privacy-preserving medical diagnosis method of a cloud server, characterized in that, include: The system receives a feature matrix from the local hospital and uses the feature matrix to fine-tune a multi-agent system deployed in the cloud. The multi-agent system includes a general practitioner agent, a specialist agent, and an attending physician agent. Receive disguised notification text from the patient's local terminal; Utilize general practitioner AI agents to dynamically wake up corresponding specialist doctor AI agents based on disguised prompt text for multidisciplinary consultations; During multidisciplinary consultations, the attending physician's intelligent agent guides the intelligent agents of various specialists to conduct multiple rounds of discussions and structured aggregation based on the residual context mechanism, and after reaching a consensus, a disguised preliminary report is generated. The spoofed preliminary report was sent to the patient's local device. 7.The cloud server privacy-preserving medical diagnosis method of claim 6, wherein, The general practitioner agent, the specialist agent, and the attending physician agent are all agents built based on a large language model. 8.The cloud server privacy-preserving medical diagnosis method of claim 6, wherein, The attending physician's agent guides the specialist agents to conduct multiple rounds of discussion and structured aggregation based on residual context mechanisms. After reaching a consensus, a disguised preliminary report is generated, including: In the current round of discussion, the awakened specialist physician agents only refer to the structured conclusions of the previous two rounds to revise or supplement their viewpoints. At the end of each round of discussion, the attending physician agent receives the statements of all specialist physician agents and summarizes and maps them into structured conclusions containing four dimensions: consistency, conflict, independence, and comprehensiveness, forming a multidimensional residual state matrix. Based on iterative revisions of multiple rounds of structured conclusions, until the specialist physician agents reach a consensus on the conflict dimension, the disguised preliminary report is output, which includes pathological analysis and medication recommendations.

9. A privacy preserving medical diagnosis method at a hospital local end, characterized in that, include: Obtain authentic electronic medical record data from hospitals; Electronic medical record data is encoded using a low-level feature extraction model to obtain feature vectors; The electronic medical record data is segmented to obtain a word sequence, and the medical importance score of each word is calculated. Based on the medical importance score, noise vectors of the corresponding scale are injected into the features corresponding to the word positions in the feature vector. The features corresponding to words with high medical importance are injected with small noise, and the features corresponding to words with low medical importance are injected with large noise. The feature matrix formed by combining the noisy feature vectors is uploaded to the cloud server.

10. The privacy preserving medical diagnostic method at a hospital local end according to claim 9, wherein, The electronic medical record data is segmented to obtain a word sequence, and the medical importance score of each word is calculated. Based on the medical importance score, a noise vector of the corresponding scale is injected into the feature vector corresponding to the word position, including: The multi-head attention matrix is ​​obtained by extracting and encoding electronic medical record data. Based on the multi-head attention matrix, the information diffusion index of each word is calculated. The information diffusion index is used to characterize the degree of concentration of attention focus for that word. Based on the information diffusion index, the clinical relevance weight of each word is calculated as a medical importance score; An adaptive noise addition mechanism based on sensitivity calibration is constructed, incorporating a Laplacian masquerading term into the features of each lexical unit. The scale parameter of the Laplacian masquerading term is negatively correlated with the clinical relevance weight.