skip to main content

Title: Blockchain Framework for Secured On-Demand Patient Health Records Sharing
The healthcare sector is constantly improving patient health record systems. However, these systems face a significant challenge when confronted with patient health record (PHR) data due to its sensitivity. In addition, patientโ€™s data is stored and spread generally across various healthcare facilities and among providers. This arrangement of distributed data becomes problematic whenever patients want to access their health records and then share them with their care provider, which yields a lack of interoperability among various healthcare systems. Moreover, most patient health record systems adopt a centralized management structure and deploy PHRs to the cloud, which raises privacy concerns when sharing patient information over a network. Therefore, it is vital to design a framework that considers patient privacy and data security when sharing sensitive information with healthcare facilities and providers. This paper proposes a blockchain framework for secured patient health records sharing that allows patients to have full access and control over their health records. With this novel approach, our framework applies the Ethereum blockchain smart contracts, the Inter-Planetary File System (IPFS) as an off-chain storage system, and the NuCypher protocol, which functions as key management and blockchain-based proxy re-encryption to create a secured on-demand patient health records sharing system effectively. Results show that the proposed framework is more secure than other schemes, and the PHRs will not be accessible to unauthorized providers or users. more » In addition, all encrypted data will only be accessible to and readable by verified entities set by the patient. « less
Authors:
; ; ;
Award ID(s):
2029295 1818884
Publication Date:
NSF-PAR ID:
10303705
Journal Name:
IEEE UEMCON2021
Sponsoring Org:
National Science Foundation
More Like this
  1. Patients often have their healthcare data stored in centralized systems, leading to challenges when reconciling or consolidating their data across providers due to centralized databases that store patient identities. The challenges disrupt the flow of patient care where time is sensitive for both patients and providers. Decentralized technologies have enabled a new identity modelโ€“Self-Sovereign Identity (SSI)โ€“that grants individuals the right to freely control, access, and share their own data. This work proposes a system that achieves SSI in a semi-permissioned blockchain network using an open protocol as the certificate of authority and several guidelines for securely handling transactions in the network. Open protocols like Keccak can grant access to a permission-based network such as Hyperledger Fabric. The network architecture ensures data security and privacy through mechanisms of multi-signature transactions and guidelines for storing transactions locally, making this architecture ideal for privacy-centered use cases, such as healthcare data-sharing applications. The ultimate goal is to give patients full control over their identity and other data derived from their identity within a semi-permissioned network.
  2. The increase in cyberattacks against the healthcare system, notably Electronic Health Records (EHRs) breaches, has cost the healthcare providers more in recent years. This situation is predicted to increase in the coming years as the healthcare systems are proposing a consortium EHRs repository. Due to this reason, it is crucial to deploy solutions that can ensure the security of shared health records. More specifically, maintaining the integrity and consistency of shared EHRs becomes pertinent. In this on-going research, we propose a blockchain-based solution that facilitates a scalable and secured inter-healthcare EHRs exchange. These healthcare systems maintain their records on individual private blockchain networks, and the blockchains interact to exchange patient health history based on request. The proposed solution verifies the integrity and consistency of requests and replies from other healthcare systems. It presents them in a standard format that can be easily understood by different healthcare nodes. The verification steps guard against malicious activities on both stored and in transit EHRs from insider and outsider threat actors. We evaluate the security analysis against frequently encounter outsider and insider threats within a healthcare system. The preliminary result shows that the architecture can detect and prevent threat actors from uploading compromising EHRsmore »into the network and prevents unauthorized retrieval of patient's information.« less
  3. Irfan Awan ; Muhammad Younas ; Jamal Bentahar ; Salima Benbernou (Ed.)
    Multi-site clinical trial systems face security challenges when streamlining information sharing while protecting patient privacy. In addition, patient enrollment, transparency, traceability, data integrity, and reporting in clinical trial systems are all critical aspects of maintaining data compliance. A Blockchain-based clinical trial framework has been proposed by lots of researchers and industrial companies recently, but its limitations of lack of data governance, limited confidentiality, and high communication overhead made data-sharing systems insecure and not efficient. We propose ๐–ฒ๐—ˆ๐—๐–พ๐—‹๐—‚๐–บ, a privacy-preserving smart contracts framework, to manage, share and analyze clinical trial data on fabric private chaincode (FPC). Compared to public Blockchain, fabric has fewer participants with an efficient consensus protocol. ๐–ฒ๐—ˆ๐—๐–พ๐—‹๐—‚๐–บ consists of several modules: patient consent and clinical trial approval management chaincode, secure execution for confidential data sharing, API Gateway, and decentralized data governance with adaptive threshold signature (ATS). We implemented two versions of ๐–ฒ๐—ˆ๐—๐–พ๐—‹๐—‚๐–บ with non-SGX deploys on AWS blockchain and SGX-based on a local data center. We evaluated the response time for all of the access endpoints on AWS Managed Blockchain, and demonstrated the utilization of SGX-based smart contracts for data sharing and analysis.
  4. In the era of cloud computing and big data analysis, how to efficiently share and utilize medical information scattered across various care providers has become a critical problem. This paper proposes a new framework for sharing medical data in a secure and privacy-preserving way. This framework holistically integrates multi-authority attribute based encryption, blockchain and smart contract, as well as software defined networking to define and enforce sharing policies. Specifically in our framework, patients' medical records are encrypted and stored in hospital databases, where strict access controls are enforced with attribute based encryption coupled with privacy level classification. Our framework leverages blockchain technology to connect scattered private databases from participating hospitals for efficient and secure data provision, smart contracts to enable the business logic of clinical data usage, and software defined networking to revoke sharing privileges. The performance evaluation of our prototype demonstrates that the associated computation costs are reasonable in practice.
  5. Artificial Intelligence (AI)-driven Digital Health (DH) systems are poised to play a critical role in the future of healthcare. In 2021, $57.2 billion was invested in DH systems around the world, recognizing the promise this concept holds for aiding in delivery and care management. DH systems traditionally include a blend of various technologies, AI, and physiological biomarkers and have shown a potential to provide support for individuals with various health conditions. Digital therapeutics (DTx) is a more specific set of technology-enabled interventions within the broader DH sphere intended to produce a measurable therapeutic effect. DTx tools can empower both patients and healthcare providers, informing the course of treatment through data-driven interventions while collecting data in real-time and potentially reducing the number of patient office visits needed. In particular, socially assistive robots (SARs), as a DTx tool, can be a beneficial asset to DH systems since data gathered from sensors onboard the robot can help identify in-home behaviors, activity patterns, and health status of patients remotely. Furthermore, linking the robotic sensor data to other DH system components, and enabling SAR to function as part of an Internet of Things (IoT) ecosystem, can create a broader picture of patient health outcomes. Themore »main challenge with DTx, and DH systems in general, is that the sheer volume and limited oversight of different DH systems and DTxs is hindering validation efforts (from technical, clinical, system, and privacy standpoints) and consequently slowing widespread adoption of these treatment tools.« less