Information processing device, information processing method, and information processing program
The information processing device and method facilitate user-centric management of diagnostic information by integrating personal and organizational data, improving employee health management and data security.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- UNITED HEALTH COMM CO LTD
- Filing Date
- 2024-12-27
- Publication Date
- 2026-07-09
AI Technical Summary
Existing systems for managing employee diagnostic information, including health checkups and stress checks, fail to conveniently integrate personal healthcare data such as lifestyle records, leading to decreased motivation for employees to manage their health.
An information processing device and method that allows users to manage their diagnostic information independently while enabling organizations to access relevant data, with separate databases for personal and organizational data, and includes features for determining affiliation status and anonymizing personal information when necessary.
Enables users to manage their diagnostic information effectively while protecting personal data and allowing organizations to efficiently manage employee health data without dedicated lists, enhancing user motivation and data security.
Smart Images

Figure 2026115767000001_ABST
Abstract
Description
Technical Field
[0001] The present invention relates to an information processing apparatus, an information processing method, and an information processing program for managing diagnostic information of a subject user who is a user undergoing a predetermined diagnosis.
Background Art
[0002] Conventionally, each company has been conducting regular health checkups for the health management of employees. In recent years, a policy has been clarified to oblige all companies to conduct stress checks to examine the mental state of employees.
[0003] And various systems for managing diagnostic information of health checkups and stress checks for employees have been proposed.
[0004] For example, Patent Document 1 discloses an information processing apparatus and a program that can easily confirm past diagnostic results even when the organization to which the examinee belongs has changed. In this technology, when the first identification information issued by the first organization is associated with the second identification information issued by the second organization, diagnostic information corresponding to the first identification information and diagnostic information corresponding to the second identification information are provided to the user identified by the first identification information and the user identified by the second identification information.
Prior Art Documents
Patent Documents
[0005]
Patent Document 1
Summary of the Invention
Problems to be Solved by the Invention
[0006] Because health checkups and stress checks for employees are mandated for companies, traditional systems for managing this diagnostic information are configured so that employee diagnostic data belongs to the company. On the other hand, employees may also undergo health checkups and stress checks separately from their employers, and record lifestyle data such as weight history and exercise history, managing their own healthcare data. However, since this type of healthcare data is not handled by traditional systems that manage company-owned data, it is less convenient for employees to manage their own health, which may lead to a decrease in their motivation to manage their health.
[0007] Here, according to the technology described in Patent Document 1, if a first identification information issued by a first organization (such as a company, school, or public body) and a second identification information issued by a second organization (such as an organization operating a social networking service or a local government information systems organization) are linked, even if the user leaves the first organization, the user can request to view the diagnostic information using the second identification information. Therefore, even if the user changes the organization to which they belong, they can check past diagnostic results, which seems to improve the convenience for the user in managing their own health. However, this technology enables viewing of past diagnostic information by linking identification information issued by two different organizations, and for example, diagnostic information for stress checks conducted through a first organization such as a company will be managed so that the data belongs to the company.
[0008] The purpose of this disclosure is to provide a technology that allows users who have undergone health checkups or stress checks to manage their diagnostic information in a suitable manner. [Means for solving the problem]
[0009] The information processing device disclosed herein is an information processing device for managing diagnostic information of a test-taker user, who is a user undergoing a predetermined diagnosis. The information processing device comprises a control unit that performs processing for acquiring and managing the diagnostic information, and a storage unit in which the diagnostic information is stored. The control unit has a first acquisition unit that acquires first diagnostic information, including the diagnosis result of the test-taker user, for a predetermined first diagnosis that can be performed regardless of the attributes of the work the test-taker user is engaged in, and a provision unit that provides the acquired first diagnostic information of the test-taker user to an organization user, who is a user of the organization to which the test-taker user belongs. The first acquisition unit stores the first diagnostic information in a first database, which is a database held by the storage unit and is configured to be accessible to the test-taker user who has undergone the first diagnosis. The provision unit provides the first diagnostic information to the organization user by granting the organization user access rights to the first diagnostic information of the test-taker user stored in the first database.
[0010] According to the above-described information processing device, the first diagnostic information stored in the first database is managed to belong to the examinee user themselves, thereby allowing the examinee user to suitably manage the first diagnostic information themselves. On the other hand, organizations such as companies, associations, unions, and schools need to conduct health checkups and stress checks for the personnel belonging to the organization and manage the information, but the above-described first diagnosis is a diagnosis that can be performed regardless of the attributes of the work in which the examinee user is engaged. According to this disclosure, the first diagnostic information for such a first diagnosis is managed to belong to the examinee user themselves. Therefore, by using the above-described information processing device, the organization to which the examinee user belongs can access the first diagnostic information that is managed to belong to the examinee user themselves, and can easily manage the results of the first diagnosis for personnel belonging to the organization. Furthermore, in such an information processing device, the control unit may further include a reception unit that accepts the examinee user's request to take the first diagnosis via a predetermined interface. In this case, the reception unit stores the examinee user who accessed the interface using identification information to identify the organization in a third database, which is a database owned by the storage unit for managing user information, and the provision unit grants the organization user access rights to the first diagnostic information of the examinee user stored in the third database in association with the organization. The identification information may consist of a company code relating to the organization and an implementation code relating to the implementation of the diagnosis.
[0011] Furthermore, in the information processing device of the present disclosure, the control unit may further include a second acquisition unit that acquires second diagnostic information, including the diagnostic results of a test-taker user, for a predetermined second diagnostic test that can be uniquely performed within the organization. The second acquisition unit stores the second diagnostic information in a second database, which is a database held by the storage unit and is configured to be accessible to the organization user who has had the test-taker user undergo the second diagnostic test. In this way, the second diagnostic information stored in the second database is managed to belong to the organization, and the organization can manage information regarding diagnostic tests that can be uniquely performed within the organization without disclosing it to external parties. Furthermore, in such an information processing device, the control unit may further include a reception unit that accepts the test-taker user's request to take the second diagnostic test via a predetermined interface. In this case, the reception unit stores the examinee user who accessed the interface using identification information for identifying the organization in a third database, which is a database owned by the storage unit for managing user information, and the provision unit grants the organization user access rights to the first diagnostic information of the examinee user who is stored in the third database in association with the organization.
[0012] Furthermore, in the above-described information processing device, the control unit may further include a determination unit that determines whether the examinee user stored in the third database is continuously affiliated with the organization. The provision unit may be configured to provide the first diagnostic information to the organization user when the determination unit determines that the examinee user is affiliated with the organization. In this case, the organization user can grasp the diagnostic information of personnel belonging to the organization without having to manage it using a dedicated list.
[0013] In this case, the determination unit may obtain a personnel list of persons belonging to the organization and compare the personnel list with the examinee user stored in the third database at predetermined intervals or timings to determine whether the examinee user belongs to the organization. Alternatively, with respect to the examinee user stored in the third database linked to a predetermined first organization, if the examinee user is newly granted access rights to the first diagnostic information of the examinee user to a second organization different from the first organization, the determination unit may determine that the examinee user does not belong to the first organization. This allows for a more accurate determination of whether an examinee user stored in the third database linked to an organization continues to belong to that organization, enabling the organization user to more efficiently grasp diagnostic information about personnel who continue to belong to the organization.
[0014] Furthermore, in this case, if the determination unit determines that the examinee user does not belong to the organization, the provision unit may be configured to prevent the provision of the first diagnostic information to the organization user in an personally identifiable form by anonymizing the personally identifiable information contained in the examinee user's first diagnostic information. Alternatively, if the determination unit determines that the examinee user does not belong to the organization, the provision unit may disable the organization user's access rights to the examinee user's first diagnostic information. This allows the examinee user to manage the first diagnostic information in a way that protects their personal information.
[0015] Furthermore, this disclosure can be viewed from the perspective of a computer-based information processing method. Specifically, the information processing method of this disclosure is an information processing method for managing diagnostic information of a test-taker user, who is a user who undergoes a predetermined diagnosis, and the computer performs a first acquisition step of acquiring first diagnostic information, including the diagnosis result of the test-taker user, for a predetermined first diagnosis that can be performed regardless of the attributes of the work the test-taker user is engaged in, and a provision step of providing the acquired first diagnostic information of the test-taker user to an organization user, who is a user of the organization to which the test-taker user belongs.The computer then stores the first diagnostic information in a first database configured to be accessible to the test-taker user who has undergone the first diagnosis in the first acquisition step, and provides the first diagnostic information to the organization user in the provision step by granting the organization user the right to access the first diagnostic information of the test-taker user stored in the first database.
[0016] Furthermore, in the above information processing method, the computer may further execute a reception step in which it accepts the applicant user taking the first diagnosis via a predetermined interface, and in the reception step, it may store in a third database for managing user information the applicant user who accessed the interface using identification information for identifying the organization, associating the applicant user with the organization, and in the provision step, it may grant the organization user access rights to the applicant user's first diagnosis information for the applicant user stored in the third database as being associated with the organization. Furthermore, in this case, the computer may further execute a determination step in which it determines whether the applicant user stored in the third database is still affiliated with the organization, and in the provision step, if it is determined by the determination step that the applicant user is affiliated with the organization, it may make the first diagnosis information available to the organization user.
[0017] Furthermore, this disclosure can be viewed from the perspective of an information processing program. Specifically, the information processing program of this disclosure is an information processing program that manages diagnostic information of a test-taker user, who is a user who undergoes a predetermined diagnosis, and causes a computer to perform a first acquisition step of acquiring first diagnostic information, including the diagnosis result of the test-taker user, for a predetermined first diagnosis that can be performed regardless of the attributes of the work the test-taker user is engaged in, and a provision step of providing the acquired first diagnostic information of the test-taker user to an organization user, who is a user of the organization to which the test-taker user belongs.The computer then causes the computer to store the first diagnostic information in a first database configured to be accessible to the test-taker user who has undergone the first diagnosis in the first acquisition step, and to provide the first diagnostic information to the organization user by granting the organization user the right to access the first diagnostic information of the test-taker user stored in the first database in the provision step.
[0018] Furthermore, in the above-described information processing program, the computer may be instructed to execute a reception step in which it accepts the applicant user taking the first diagnosis via a predetermined interface, and in the reception step, the computer may be instructed to store in a third database for managing user information the applicant user who accessed the interface using identification information for identifying the organization, in association with the organization, and in the provision step, the computer may be instructed to grant the organization user access rights to the applicant user's first diagnosis information for the applicant user stored in the third database in association with the organization. In addition, in this case, the computer may be instructed to execute a determination step in which it determines whether the applicant user stored in the third database continues to belong to the organization, and in the provision step, if it is determined by the determination step that the applicant user belongs to the organization, the computer may be instructed to make the first diagnosis information available to the organization user. [Effects of the Invention]
[0019] According to the present disclosure, a subject user who has undergone a health check or a stress check can appropriately manage the diagnostic information by himself / herself.
Brief Description of the Drawings
[0020] [Figure 1] It is a diagram showing a schematic configuration of an information processing system in the first embodiment. [Figure 2] It is a diagram showing in more detail the components of a server included in the information processing system in the first embodiment, and showing the components of a user terminal that communicates with the server. [Figure 3] It is a diagram illustrating the flow of operations of the information processing system in the first embodiment. [Figure 4] It is a first diagram illustrating a screen displayed on an interface for receiving a subject's examination by a subject user. [Figure 5] It is a second diagram illustrating a screen displayed on an interface for receiving a subject's examination by a subject user. [Figure 6] It is a diagram for explaining the first diagnostic information stored in the first database. [Figure 7] It is a diagram for explaining access by an organizational user of an organization to which a subject user belongs to the first diagnostic information of the subject user. [Figure 8] It is a diagram for explaining the second diagnostic information stored in the second database. [Figure 9] It is a diagram illustrating the flow of operations of the information processing system in a modification of the first embodiment. [Figure 10] It is a first diagram for explaining a process to be executed when it is determined that a subject user who is linked and stored in the third database does not already belong to an organization with respect to the first diagnostic information stored in the first database. [Figure 11]The second diagram illustrates the process that is executed when, with respect to the first diagnostic information stored in the first database, it is determined in the third database that the examinee user, who is linked to an organization, is no longer affiliated with that organization. [Modes for carrying out the invention]
[0021] Embodiments of this disclosure will be described below with reference to the drawings. The configurations of the following embodiments are illustrative, and this disclosure is not limited to the configurations of these embodiments.
[0022] <First Embodiment> The outline of the information processing system in the first embodiment will be described with reference to Figure 1. Figure 1 is a diagram showing the schematic configuration of the information processing system in this embodiment. The information processing system 100 according to this embodiment is composed of a network 200, a server 300, and a user terminal 400. The information processing system disclosed herein is a system for managing the diagnostic information of examinee users, and the management of said diagnostic information is performed by the server 300. In the following description, among the users who use the information processing system 100, users who undergo health checkups or stress checks will be referred to as examinee users, and users of the organization to which the examinee user belongs will be referred to as organization users. Both examinee users and organization users may possess a user terminal 400.
[0023] Network 200 is, for example, an IP network. Network 200 can be wireless, wired, or a combination of both, as long as it is an IP network. For example, in the case of wireless communication, the user terminal 400 may access a wireless LAN access point (not shown) and communicate with the server 300 via a LAN or WAN. Furthermore, network 200 is not limited to these examples and may also be, for example, a public switched telephone network, an optical fiber line, an ADSL line, or a satellite communication network.
[0024] Server 300 is connected to user terminals 400 via network 200. Note that in Figure 1, for simplicity of explanation, one server 300 and four user terminals 400 are shown, but it goes without saying that the configuration is not limited to these.
[0025] Server 300 can be any electronic computer equipment with processing capabilities for computational and processing operations such as data acquisition, generation, and updating. For example, it may be a personal computer, server, mainframe, or other electronic device. In other words, Server 300 can be configured as a computer having a processor such as a CPU or GPU, main memory such as RAM or ROM, and auxiliary storage such as an EPROM, hard disk drive, or removable media. The removable media may be, for example, a USB memory stick or a disk recording medium such as a CD or DVD. The auxiliary storage device stores the operating system (OS), various programs, various tables, etc.
[0026] Furthermore, the server 300 may use SaaS (Software as a Service), PaaS (Platform as a Service), or IaaS (Infrastructure as a Service) via a cloud server as appropriate, without providing dedicated software, hardware, or OS for the information processing system 100 according to this embodiment.
[0027] The user terminal 400 may be any electronic device such as a mobile terminal owned by a user (which may be an examinee user or an organizational user) using the information processing system 100. For example, it may be a mobile terminal, tablet terminal, smartphone, wearable device, personal computer, or other terminal device.
[0028] Next, a detailed explanation of the components of the server 300 will be given based on Figure 2. Figure 2 shows in more detail the components of the server 300 included in the information processing system 100 in the first embodiment, as well as the components of the user terminal 400 that communicates with the server 300.
[0029] The server 300 has a communication unit 301, a storage unit 302, and a control unit 303 as functional units. It loads a program stored in the auxiliary storage device into the working area of the main memory and executes it. Through the execution of the program, each functional unit is controlled, thereby enabling each functional unit to perform its respective function according to its predetermined purpose. However, some or all of the functions may be implemented by hardware circuits such as ASICs or FPGAs.
[0030] Here, the communication unit 301 is a communication interface for connecting the server 300 to the network 200. The communication unit 301 consists of, for example, a network interface board and a wireless communication circuit for wireless communication. The server 300 is connected to a user terminal 400 and other external devices for communication via the communication unit 301.
[0031] The storage unit 302 comprises a main memory and an auxiliary storage device. The main memory is the memory where programs executed by the control unit 303 and data used by said control programs are stored. The auxiliary storage device is the device where programs executed by the control unit 303 and data used by said control programs are stored. The storage unit 302 stores the first database, the second database, and the third database, which will be described later. The storage unit 302 also stores data transmitted from the user terminal 400, etc., and these databases may store the first diagnostic information, the second diagnostic information, and user information, which will be described later. The server 300 can acquire data transmitted from the user terminal 400, etc. via the communication unit 301.
[0032] The control unit 303 is a functional unit that manages the control performed by the server 300. The control unit 303 can be implemented by a processing unit such as a CPU. The control unit 303 is further composed of five functional units: a receiving unit 3031, a first acquisition unit 3032, a second acquisition unit 3033, a providing unit 3034, and a determination unit 3035. Each functional unit may be implemented by executing a stored program using the CPU.
[0033] The reception unit 3031 executes a process to accept the first and second diagnoses from the test-taker user via a predetermined interface. Here, the first diagnosis is a diagnosis that can be performed regardless of the attributes of the work the test-taker user is engaged in, and is, for example, a basic diagnosis of stress (such as stress sensitivity and stress tolerance due to an individual's internal factors) or a well-being diagnosis (such as happiness sensitivity due to an individual's internal factors). The second diagnosis is a diagnosis that can be performed specifically within an organization such as a company, group, union, or school, and is, for example, a diagnosis of organizational or work factors that affect stress and well-being, a diagnosis of satisfaction with the organization, or a pulse survey. The reception unit 3031 accepts the test-taker user to take these diagnoses by sending an interface for taking the first and second diagnoses to the test-taker user's user terminal 400 via the interface.
[0034] In this embodiment, the user terminal 400 has a communication unit 401, an input / output unit 402, and a storage unit 403 as functional units. The communication unit 401 is a communication interface for connecting the user terminal 400 to the network 200, and is configured to include, for example, a network interface board and a wireless communication circuit for wireless communication. The input / output unit 402 is a functional unit for displaying information transmitted from the outside via the communication unit 401, and for inputting information when transmitting information to the outside via the communication unit 401. The storage unit 403 is configured to include a main memory and an auxiliary memory, similar to the storage unit 302 of the server 300.
[0035] The input / output unit 402 further includes a display unit 4021, an operation input unit 4022, and an image / audio input / output unit 4023. The display unit 4021 has the function of displaying various information and is implemented by, for example, an LCD (Liquid Crystal Display) display, an LED (Light Emitting Diode) display, or an OLED (Organic Light Emitting Diode) display. The operation input unit 4022 has the function of receiving operation input from the user and is specifically implemented by soft keys such as a touch panel or hard keys. The image / audio input / output unit 4023 has the function of receiving image input such as still images and videos and is specifically implemented by a camera using an image sensor such as Charged-Coupled Devices (CCD), Metal-oxide-semiconductor (MOS), or Complementary Metal-Oxide-Semiconductor (CMOS). The image / audio input / output unit 4023 also has the function of receiving audio input and output and is specifically implemented by a microphone or speaker.
[0036] In this configuration, the test-taker user can use the user terminal 400 to display the test guidance interface sent from the server 300 on the display unit 4021 and input their test application via the operation input unit 4022.
[0037] The first acquisition unit 3032 acquires first diagnostic information, which includes the diagnostic results of the examinee user for the first diagnosis. Here, the first acquisition unit 3032 acquires the first diagnostic information by acquiring information transmitted from the examinee user's user terminal 400 and stores the first diagnostic information in the first database. The first database is a database stored in the storage unit 302 and is configured to be accessible to the examinee user who has taken the first diagnosis.
[0038] The second acquisition unit 3033 acquires second diagnostic information, which includes the diagnostic results of the examinee user for the second diagnosis. Here, the second acquisition unit 3033 acquires the second diagnostic information by acquiring information transmitted from the examinee user's user terminal 400 and stores the second diagnostic information in the second database. The second database is a database stored in the storage unit 302 and is configured to be accessible to organizational users who have had the examinee user take the second diagnosis.
[0039] The provisioning unit 3034 performs the process of providing the first diagnostic information of the examinee user, which has been acquired by the first acquisition unit 3032, to the organization user. Here, the provisioning unit 3034 provides the first diagnostic information to the organization user by granting the organization user access rights to the first diagnostic information of the examinee user stored in the first database. Details of the process performed by the provisioning unit 3034 will be explained later based on Figure 3.
[0040] The determination unit 3035 determines whether the examinee user, who is linked to an organization and stored in the third database (described later), is still continuously affiliated with that organization. Details of the processing performed by the determination unit 3035 will be described later.
[0041] Furthermore, the control unit 303 functions as the control unit according to this disclosure by executing the processing of the reception unit 3031, the first acquisition unit 3032, the second acquisition unit 3033, the provision unit 3034, and the determination unit 3035.
[0042] Here, the operation flow of the information processing system 100 in this embodiment will be described. Figure 3 is a diagram illustrating the operation flow of the information processing system 100 in this embodiment. Figure 3 illustrates the operation flow between the server 300 and the user terminal 400 in the information processing system 100 in this embodiment, and the processing performed by the server 300 and the user terminal 400. Note that the flow illustrated in Figure 3 illustrates the operation flow between the server 300 and the user terminals 400 of examinee users and organizational users, and the processing performed by the server 300 and the user terminals 400 of examinee users and organizational users.
[0043] In this embodiment, first, the server 300 transmits an interface for taking the first and / or second diagnostic test to the user terminal 400 of the test-taker user (S101). Here, the processing in S101 may be performed in response to a request from the test-taker user. For example, in response to a request from the test-taker user, the server 300 can transmit the test-taker test guide interface to the user terminal 400 by sending the test-taker user an email with link information to access a website that functions as the interface for taking the first and / or second diagnostic test.
[0044] Then, the user terminal 400 of the test taker user displays the above test guidance interface sent from the server 300 (S102). The test taker user can then enter their application for the test via the user terminal 400 (S103).
[0045] Here, Figure 4 is the first example illustrating the screen displayed in the interface for accepting a test-taker user's request to take the diagnostic test.
[0046] In the process of S102 shown in Figure 3 above, the screen SC1 exemplified in Figure 4(a) is first displayed on the display unit 4021 of the examinee user's terminal 400. Here, the screen SC1 exemplified in Figure 4(a) shows an input field SC11 for the organization identification code, and the examinee user can enter the organization identification code according to the instructions in the input field SC11. The organization identification code is identification information for identifying an organization and may consist of a company code related to the organization and an implementation code related to the implementation of the diagnosis (this implementation code is a code related to the timing of the diagnosis and a code related to the type of diagnosis). When the examinee user enters the organization identification code provided by their organization and presses the confirmation button, the screen transitions to the screen SC1 exemplified in Figure 4(b).
[0047] The screen SC1 illustrated in Figure 4(b) shows a button SC12 for applying to take the first diagnosis and a button SC13 for applying to take the second diagnosis. In the example shown in Figure 4(b), the test-taker user has not yet taken either the first or second diagnosis. In this case, the information processing system 100 grays out the button SC13 for applying to take the second diagnosis to guide the test-taker user to take the first diagnosis first, thus preventing the application for the second diagnosis from being accepted. The test-taker user can then enter their application for taking the first diagnosis by pressing the button SC12 for applying to take the first diagnosis.
[0048] On the other hand, if the test-taker user has already taken the first diagnosis, when the confirmation button for the organization identification code is pressed on screen SC1 as exemplified in Figure 4(a), the screen transitions to screen SC1 as exemplified in Figure 4(c). In this case, the application button SC12 for the first diagnosis is marked as completed, and the information processing system 100 accepts the test-taker user's application for the second diagnosis.
[0049] Figure 5 is a second diagram illustrating the screen displayed in the interface for accepting applications for diagnostic tests from test-takers. As shown in Figure 5(a), when the skip button is pressed on screen SC1, the application button SC13 for the second diagnostic test is grayed out, as shown in Figure 5(b). In this case, since the application for the test is made without using an organization identification code, the information processing system 100 does not accept the application for the second diagnostic test, which is a diagnostic test that can be performed specifically within the organization.
[0050] Returning to Figure 3, once an application for taking the exam is entered via the user terminal 400 in this manner, the server 300 accepts the application (S104). At this time, the server 300 stores the examinee user who accessed the interface using the organization identification code in the third database, linking them to the organization corresponding to the company code associated with the organization identification code. The third database is a database stored in the storage unit 302 and is used to manage user information of users (examinee users, organization users) who use the information processing system 100. Users who use the information processing system 100 have previously registered with the system. For example, an examinee user who accesses the interface using the organization identification code enters their issued user ID along with the organization identification code. In this case, the server 300 can link the examinee user identified by the user ID with the organization identified by the organization identification code and store user information including these in the third database.
[0051] Then, in the example shown in Figure 3, when the server 300 first receives a request from the examinee user to take the first diagnosis, the server 300 sends an interface for taking the first diagnosis to the examinee user's user terminal 400. The examinee user can then take the first diagnosis via the user terminal 400, and the diagnosis information is entered into the examinee user's user terminal 400 (S105).
[0052] The server 300 acquires the above-mentioned diagnostic information and its diagnostic results entered into the user terminal 400 of the examinee user as first diagnostic information and stores it in the first database (S106). Here, the diagnostic results of the first diagnosis taken via the user terminal 400 of the examinee user may be generated by the server 300 based on the information entered into the user terminal 400, or they may be generated by an external device. Furthermore, the information stored in the first database as first diagnostic information includes, for example, diagnostic results related to basic stress diagnoses (such as stress sensitivity and stress tolerance due to an individual's internal factors) and well-being diagnoses (such as happiness sensitivity due to an individual's internal factors).
[0053] Next, the server 300 determines whether the application for examination performed in the process of S103 was made via an interface accessed using the organization identification code (S107). If the determination in S107 is positive, that is, if the application for examination performed in the process of S103 was made via an interface accessed using the organization identification code, the server 300 proceeds to the process of S108. If the determination in S107 is negative, the server 300 terminates the execution of this flow.
[0054] If a positive result is obtained in S107, the server 300 then performs the process of providing the organization user with the first diagnostic information of the examinee user, which was obtained by the process in S106 and stored in the first database (S108).
[0055] Here, the first database is configured to be accessible to test-takers who have taken the first diagnosis, as described above. The first database stores the first diagnosis information of multiple test-takers. This will be explained with reference to Figure 6.
[0056] Figure 6 is a diagram illustrating the first diagnostic information stored in the first database. As shown in Figure 6, the first database stores the first diagnostic information of multiple test-taker users (for example, the first diagnostic information of test-taker user A, the first diagnostic information of test-taker user B, and the first diagnostic information of test-taker user C), and the first database is configured so that test-taker users can access only their own first diagnostic information. In this way, a test-taker user can access their own first diagnostic information stored in the first database without restriction by, for example, logging into the information processing system 100 using their user ID, and can view the first diagnostic information at any time. In other words, the first diagnostic information stored in the first database is managed to belong to the test-taker user themselves, thereby allowing the test-taker user to manage their first diagnostic information appropriately.
[0057] On the other hand, organizations such as companies, associations, unions, and schools are required to conduct health checkups and stress checks for their personnel and manage the information. However, the first diagnosis described above can be conducted regardless of the attributes of the work performed by the examinee user. According to this disclosure, the first diagnosis information for such a first diagnosis is managed to belong to the examinee user themselves. In this case, if an organization can access the first diagnosis information that is managed to belong to the examinee user themselves, it can manage the first diagnosis performance of its personnel.
[0058] Therefore, in this embodiment, the server 300 grants the organization's organization user access rights to the first diagnostic information of a test-taker user, who is stored in the third database in association with the organization.
[0059] As a result, as shown in Figure 3, organizational users of the organization to which the examinee user belongs are granted access rights to the examinee user's first diagnostic information (S109). In other words, organizational users can access the first diagnostic information of examinee users belonging to the organization via the user terminal 400.
[0060] Here, Figure 7 illustrates how organizational users of the organization to which a test-taker user belongs can access the test-taker user's first diagnostic information. As described above, the first diagnostic information stored in the first database is managed to belong to the test-taker user themselves. Therefore, as shown in Figure 7, test-taker user A can access their own first diagnostic information stored in the first database without restriction. Organizational users of the organization that has an employment relationship with test-taker user A are granted access rights as described above, and can access test-taker user A's first diagnostic information stored in the first database. As a result, the organization to which test-taker user A belongs can easily manage the first diagnostic performance of its personnel by using the information processing system 100.
[0061] Then, in the example shown in Figure 3, when the server 300 receives a request from a test-taker user for the second diagnosis following the request for the first diagnosis, the server 300 sends an interface for taking the second diagnosis to the test-taker user's user terminal 400. The test-taker user can then take the second diagnosis via the user terminal 400, and the diagnosis information is entered into the user terminal 400 (S110).
[0062] The server 300 acquires the above-mentioned diagnostic information and its diagnostic results entered into the user terminal 400 of the examinee user as second diagnostic information and stores it in the second database (S111). Here, the diagnostic results of the second diagnosis taken via the user terminal 400 of the examinee user may be generated by the server 300 based on the information entered into the user terminal 400, or they may be generated by an external device. The information stored in the second database as second diagnostic information may include, for example, diagnostic results related to the diagnosis of organizational and work factors that affect stress and well-being, the diagnosis of satisfaction with the organization, and the diagnosis of pulse surveys.
[0063] As mentioned above, the second database is configured to be accessible to organizational users who have administered the second diagnostic test to individual users. Figure 8 is a diagram illustrating the second diagnostic information stored in the second database.
[0064] As shown in Figure 8, the second database stores the second diagnostic information of multiple test-taker users, and the second database is configured so that only organizational users who have had a test-taker user undergo the second diagnostic test can access the second diagnostic information of that test-taker user. On the other hand, even test-taker users who have taken the corresponding second diagnostic test cannot access the second diagnostic information stored in the second database. In other words, the second diagnostic information stored in the second database is managed to belong to the organization. This allows the organization to manage information related to diagnostic tests that can be uniquely performed within the organization without disclosing it to external parties. Information that should be fed back to the test-taker user in the second diagnostic information may be provided to the test-taker user by means other than accessing the second database.
[0065] The server 300 may then obtain the first and second diagnostic information of the examinee user through the above flow, and after granting access rights to the first diagnostic information to the organization user of the organization to which the examinee user belongs, determine whether or not the examinee user continues to belong to the organization.
[0066] Here, the server 300 obtains a personnel list of the personnel belonging to the organization from the organization user, and by comparing the personnel list with the examinee users stored in the third database in association with the organization at predetermined intervals or timings, it can determine whether or not the examinee user belongs to the organization. The above interval is, for example, a predetermined time in a day or a predetermined day of the week, and the above timing is, for example, the timing when the personnel list is sent from the organization user's terminal 400 to the server 300.
[0067] Furthermore, the server 300 may determine that a test-taker user stored in the third database linked to the above-mentioned organization no longer belongs to the above-mentioned organization if a new organization different from the said organization is granted access rights to the test-taker user's first diagnostic information. In other words, if a test-taker user already stored in the third database linked to a predetermined first organization accesses the test guidance interface using an organization identification code for identifying a second organization that is different from the organization identification code for identifying the first organization, the server 300 can determine that the test-taker user no longer belongs to the first organization by newly linking the test-taker user to the second organization in the third database, thereby granting the second organization new access rights to the test-taker user's first diagnostic information.
[0068] Furthermore, if the server 300 determines that the test-taker user belongs to the above-mentioned organization, it can make the first diagnostic information available to the organization user. This allows the organization user to obtain diagnostic information about the personnel belonging to the organization without having to manage it using a dedicated list.
[0069] Furthermore, using the discrimination method described above, it becomes possible to more accurately determine whether or not a test-taker user, who is linked to an organization and stored in the third database, is continuously affiliated with that organization. As a result, organization users can more efficiently grasp diagnostic information about personnel who are continuously affiliated with the organization.
[0070] According to the information processing system 100 described above, users who have undergone health checkups or stress checks can manage their diagnostic information appropriately themselves.
[0071] <Modified form of the first embodiment> A modification of the first embodiment will now be described. In the first embodiment described above, an example was described in which the server 300 first accepts the application for the first diagnosis from the test-taker user. In contrast, in this modification, an example will be described with reference to Figure 9 in which the test-taker user has already taken a diagnosis equivalent to the first diagnosis described in the first embodiment above, such as a basic diagnosis of stress (stress sensitivity and stress tolerance due to individual internal factors, etc.) or a well-being diagnosis (happiness sensitivity due to individual internal factors, etc.).
[0072] Figure 9 is a diagram illustrating the flow of operation of the information processing system 100 in this modified example. Figure 9 explains the flow of operation between the server 300 and the user terminal 400 in the information processing system 100 in this modified example, and the processes executed by the server 300 and the user terminal 400. In Figure 9, processes that are substantially the same as those shown in Figure 3 are denoted by the same reference numerals, and their detailed explanations are omitted.
[0073] In this modified example, first, the first diagnostic information is input to the user terminal 400 of the examinee user (S201). Here, in the process of S201, the examinee user can transmit to the server 300 as the first diagnostic information by inputting, for example, information regarding the diagnostic results of a diagnosis that corresponds to the first diagnosis described in the first embodiment above and that the examinee has already taken, into an interface provided by the server 300 via the user terminal 400.
[0074] Then, the server 300 acquires the first diagnostic information transmitted from the examinee user's user terminal 400 and stores it in the first database. The server 300 then sends an interface for guidance on taking the second diagnostic test to the examinee user's user terminal 400 (S101), and when the examinee user applies to take the test as described in the explanation of Figure 3 above, the server 300 accepts the application for taking the second diagnostic test (S104). When the server 300 accepts the application for taking the second diagnostic test from the examinee user, it stores the examinee user, who accessed the system using the organization identification code, in the third database, linked to the organization corresponding to the company code of the organization identification code, and in processing S107 to S109, it grants the organization user access rights to the examinee user's first diagnostic information for the examinee user stored in the third database linked to the organization.
[0075] Furthermore, the information processing system 100 described above allows examinee users who have undergone health checkups or stress checks to manage their diagnostic information appropriately themselves.
[0076] <Second Embodiment> A second embodiment will be described with reference to Figures 10 and 11.
[0077] In this case, if it is determined in the third database that a test-taker user stored in association with a specific organization no longer belongs to that organization, allowing that organization to access the test-taker user's first diagnostic information could raise issues from a personal information protection standpoint.
[0078] Therefore, in this embodiment, when the server 300 determines that a test-taker user stored in the third database and associated with an organization no longer belongs to that organization, it anonymizes the personally identifiable information contained in the first diagnostic information of the test-taker user, thereby making it impossible to provide the first diagnostic information to the organization user in a format that identifies the individual, in response to access from the organization user.
[0079] Here, Figure 10 is the first diagram illustrating the process that is executed when it is determined in the third database, linked to an organization, that a test-taker user stored in the first database is no longer affiliated with that organization, with respect to the first diagnostic information stored in the first database.
[0080] The first diagnostic information stored in the first database is managed to belong to the examinee user themselves. Therefore, examinee user A can access their own first diagnostic information stored in the first database without restriction. Furthermore, organizational users of an organization that has an employment relationship with examinee user A can access examinee user A's first diagnostic information stored in the first database as long as the employment relationship continues.
[0081] In contrast, as shown in Figure 10, if the employment relationship between examinee user A and the organization is terminated, access to examinee user A's first diagnostic information by the organization's users will be made possible by anonymizing the personally identifiable information contained in the first diagnostic information. This allows organization users to obtain statistical information, including historical data, about personnel belonging to the organization while protecting personal information.
[0082] Furthermore, in this embodiment, if the server 300 determines that a test-taker user stored in the third database and associated with an organization no longer belongs to that organization, it may invalidate the organization's access rights to the first diagnostic information of the test-taker user by the organization's user.
[0083] Here, Figure 11 is a second diagram illustrating the process that is executed when it is determined in the third database, linked to an organization, that a test-taker user stored in the first database is no longer affiliated with that organization, with respect to the first diagnostic information stored in the first database.
[0084] In the example shown in Figure 11, if the employment relationship between examinee user A and the organization is terminated, the organization's users will have their access rights to examinee user A's first diagnostic information revoked. In other words, the aforementioned organization users will no longer be able to access examinee user A's first diagnostic information. This will help protect the personal information of examinee users who were previously affiliated with the organization.
[0085] In this case, in order to enable the aforementioned organizational users to obtain statistical information including past data about personnel belonging to the organization, the server 300 may store a table for statistical processing in the storage unit 302 and store statistical information about examinee users who previously belonged to the organization.
[0086] According to the information processing system 100 described above, examinee users who have undergone health checkups or stress checks can appropriately manage their diagnostic information in a manner that protects their personal information.
[0087] <Other variations> The embodiments described above are merely examples, and this disclosure may be modified as appropriate without departing from its essence. For example, the processes and means described in this disclosure can be freely combined and implemented as long as no technical inconsistencies arise.
[0088] Furthermore, the processing described as being performed by one device may be divided and executed by multiple devices. For example, the first acquisition unit 3032 may be formed in another arithmetic processing unit. In this case, these arithmetic processing units are preferably configured to cooperate. Also, the processing described as being performed by different devices may be executed by a single device. In a computer system, the hardware configuration (server configuration) by which each function is implemented can be flexibly changed.
[0089] The present disclosure can also be realized by supplying a computer program implementing the functions described in the embodiments above to a computer, and having one or more processors in the computer read and execute the program. Such a computer program may be provided to the computer by a non-temporary computer-readable storage medium that can be connected to the computer's system bus, or it may be provided to the computer via a network. Non-temporary computer-readable storage mediums include, for example, any type of disk such as magnetic disks (floppy disks, hard disk drives (HDDs), etc.), optical disks (CD-ROMs, DVDs, Blu-ray discs, etc.), read-only memory (ROM), random access memory (RAM), EPROM, EEPROM, magnetic cards, flash memory, optical cards, and any type of medium suitable for storing electronic instructions. [Explanation of Symbols]
[0090] 100... Information Processing Systems 200 Network 300 servers 301... Communications Department 302...Storage section 303... Control Unit 400...User terminals
Claims
1. An information processing device for managing diagnostic information of a test-taker user, who is a user undergoing a prescribed diagnosis, The system comprises a control unit that performs processing for acquiring and managing the diagnostic information, and a storage unit in which the diagnostic information is stored. The control unit, A first acquisition unit acquires first diagnostic information, including the diagnostic results of the examinee user, for a predetermined first diagnosis that can be performed regardless of the attributes of the work the examinee user is engaged in. The system includes a provisioning unit that provides the acquired first diagnostic information of the examinee user to an organizational user who is a user of the organization to which the examinee user belongs, The first acquisition unit stores the first diagnostic information in a database owned by the storage unit, which is configured to be accessible to the examinee user who has undergone the first diagnostic test. The provisioning unit provides the first diagnostic information to the organizational user by granting the organizational user the right to access the first diagnostic information of the examinee user stored in the first database. Information processing device.
2. The control unit, The system further includes a second acquisition unit that acquires second diagnostic information, including the diagnostic results of the test-taker user, for a predetermined second diagnostic test that can be uniquely performed within the aforementioned organization. The second acquisition unit stores the second diagnostic information in a database owned by the storage unit, which is configured to be accessible to the organizational user who caused the examinee user to undergo the second diagnostic test. The information processing apparatus according to claim 1.
3. The control unit, The system further includes a reception unit that accepts the request for the first diagnosis from the test-taker user via a predetermined interface, The reception unit stores, in the database of the storage unit, a third database for managing user information, the examinee user who accessed the interface using identification information for identifying the organization, linked to the organization. The provisioning unit grants the organization user access rights to the first diagnostic information of the examinee user, with respect to the examinee user stored in the third database in association with the organization. The information processing apparatus according to claim 1.
4. The control unit, The system further includes a reception unit that accepts the request for the second diagnosis from the test-taker user via a predetermined interface, The reception unit stores, in the database of the storage unit, a third database for managing user information, the examinee user who accessed the interface using identification information for identifying the organization, linked to the organization. The provisioning unit grants the organization user access rights to the first diagnostic information of the examinee user, with respect to the examinee user stored in the third database in association with the organization. The information processing apparatus according to claim 2.
5. The aforementioned identification information comprises a company code relating to the organization and an implementation code relating to the implementation of the diagnosis. The information processing apparatus according to claim 3 or claim 4.
6. The control unit, The system further includes a determination unit that determines whether the examinee user stored in the third database is continuously affiliated with the organization. The provisioning unit is configured to provide the first diagnostic information to the organization user when the determination unit determines that the examinee user belongs to the organization. The information processing apparatus according to claim 3 or claim 4.
7. The determination unit obtains a personnel list of persons belonging to the organization, and by comparing the personnel list with the examinee user stored in the third database at predetermined intervals or timings, determines whether or not the examinee user belongs to the organization. The information processing apparatus according to claim 6.
8. The determination unit determines, with respect to the examinee user stored in the third database in association with a predetermined first organization, that the examinee user does not belong to the first organization if a second organization different from the first organization is newly granted access rights to the examinee user's first diagnostic information. The information processing apparatus according to claim 6.
9. If the determination unit determines that the examinee user does not belong to the organization, the provision unit is configured to prevent the organization user from accessing the first diagnostic information by anonymizing the personally identifiable information contained in the examinee user's first diagnostic information, thereby making it impossible to provide the first diagnostic information to the organization user in a format that identifies the individual. The information processing apparatus according to claim 6.
10. If the determination unit determines that the examinee user does not belong to the organization, the provision unit will disable the organization user's access rights to the examinee user's first diagnostic information. The information processing apparatus according to claim 6.
11. An information processing method for managing diagnostic information of a test-taker user who is a user undergoing a prescribed diagnosis, Computers A first acquisition step of acquiring first diagnostic information, including the diagnostic results of the examinee user, for a predetermined first diagnosis that can be performed regardless of the attributes of the work the examinee user is engaged in; The process includes providing the acquired first diagnostic information of the examinee user to an organizational user who is a user of the organization to which the examinee user belongs, and then executing the provision step. The aforementioned computer, In the first acquisition step, the first diagnostic information is stored in a first database that is configured to be accessible to the examinee user who has undergone the first diagnostic test. In the provision step, the organization user is provided with the first diagnostic information by granting the organization user the right to access the first diagnostic information of the examinee user stored in the first database. Information processing methods.
12. The aforementioned computer, The process further involves performing a reception step in which the applicant user requests to take the first diagnostic test via a predetermined interface. In the aforementioned reception step, the third database for managing user information is used to store the examinee user who accessed the interface using identification information for identifying the organization, linked to the organization. In the provision step described above, with respect to the examinee user stored in the third database in association with the organization, the organization user is granted access rights to the first diagnostic information of the examinee user. The information processing method according to claim 11.
13. The aforementioned computer, Further, a determination step is performed to determine whether the examinee user stored in the third database is still affiliated with the organization. In the provision step, if the determination step determines that the examinee user belongs to the organization, the first diagnostic information is made available to the organization user. The information processing method according to claim 12.
14. An information processing program that manages the diagnostic information of a test-taker user, who is a user undergoing a prescribed diagnosis, On the computer, A first acquisition step of acquiring first diagnostic information, including the diagnostic results of the examinee user, for a predetermined first diagnosis that can be performed regardless of the attributes of the work the examinee user is engaged in; The system performs a provision step of providing the acquired first diagnostic information of the examinee user to an organizational user who is a user of the organization to which the examinee user belongs. To the aforementioned computer, In the first acquisition step, the first diagnostic information is stored in a first database that is configured to be accessible to the examinee user who has undergone the first diagnostic test. In the provision step, the organization user is granted access rights to the first diagnostic information of the examinee user stored in the first database, thereby providing the organization user with the first diagnostic information. Information processing program.
15. To the aforementioned computer, Further, the system executes a reception step in which it accepts the request for the first diagnosis from the test-taking user via a predetermined interface. In the aforementioned reception step, the third database for managing user information is used to store the examinee user who accessed the interface using identification information for identifying the organization, linked to the organization. In the provision step described above, with respect to the examinee user stored in the third database in association with the organization, the organization user is granted access rights to the first diagnostic information of the examinee user. The information processing program according to claim 14.
16. To the aforementioned computer, Further, a determination step is performed to determine whether the examinee user stored in the third database is still affiliated with the organization. In the provision step, if the determination step determines that the examinee user belongs to the organization, the first diagnostic information is made available to the organization user. The information processing program according to claim 15.