Applying Blockchain Technology to Security-Related Aspects of Electronic Healthcare Record Infrastructure

Authors

DOI:

https://doi.org/10.23962/10539/32211

Keywords:

Healthcare, Electronic health records (EHRs), Blockchain, Information security

Abstract

The centralised architecture employed by electronic health records (EHRs) may constitute a single point of failure. From the perspective of availability, an alternative cloud-based EHR infrastructure is effective and efficient. However, this increased availability has created challenges related to the security and privacy of patients’ medical records. The sensitive nature of EHRs attracts the attention of cyber-criminals. There has been a rise in the number of data breaches related to EHRs. The infrastructure used by EHRs does not assure the privacy and security of patients’ medical records. Features of blockchain platforms, such as decentralisation, immutability, auditability, and transparency, may provide a viable means of augmenting or improving services related to the security of EHRs. This study presents a series of experimental data flow configurations to test the application of blockchain technology to aspects of EHRs. The insights gained from these experiments are founded on a theoretical base to provide recommendations for applying blockchain technology to services related to the security of EHR infrastructure. These recommendations may be employed by developers when redesigning existing EHR systems or deploying new EHR systems.

References

Adlam, R., & Haskins, B. (2019). A permissioned blockchain approach to the authorization process in electronic health records. In IEEE (Ed.), 2019 International Multidisciplinary Information Technology and Engineering Conference (IMITEC) (pp. 1–8). https://doi.org/10.1109/IMITEC45504.2019.9015927

Bashir, I. (2017). Mastering blockchain. Packt Publishing. Bergquist, J. H. (2017). Blockchain technology and smart contracts privacy-preserving tools. Master’s thesis, Uppsala University, Sweden. http://uu.diva-portal.org/smash/get/diva2:1107612/FULLTEXT01.pdf

Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., & Maxwell, G. (2017). Bulletproofs: Short proofs for confidential transactions and more. In IEEE (Ed.), 2018 IEEE Symposium on Security and Privacy (pp. 315–334). https://doi.org/10.1109/SP.2018.00020

Cilliers, L. (2017). Exploring information assurance to support electronic health record systems. In IEEE (Ed.), 2017 IST-Africa Week Conference (IST-Africa) (pp. 1–8). https://doi.org/10.23919/ISTAFRICA.2017.8102363

Dagher, G. G., Mohler, J., Milojkovic, M., & Marella, P. B. (2018). Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology. Sustainable Cities and Society, 39, 283–297. https://doi.org/10.1016/j.scs.2018.02.014

Dekker, M. A. C., & Etalle, S. (2007). Audit-based access control for electronic health records. Electronic Notes in Theoretical Computer Science, 168(1), 221–236. https://doi.org/10.1016/j.entcs.2006.08.028

Emmadi, N., Vigneswaran, R., Kanchanapalli, S., Maddali, L., & Narumanchi, H. (2019). Practical deployability of permissioned blockchains. In W. Abramowicz, & A. Paschke (Eds.), Business information systems workshops (pp. 229–243). Springer International. https://doi.org/10.1007/978-3-030-04849-5_21

Ferdous, M. S., Chowdhury, F., & Alassafi, M. O. (2019). In search of self-sovereign identity leveraging blockchain technology. IEEE Access, 7, 103059–103079. https://doi.org/10.1109/ACCESS.2019.2931173

Ferraiolo, D., Kuhn, D. R., & Chandramouli, R. (2003). Role-based access control. Artech House.

Franqueira, V. N. L., & Wieringa, R. J. (2012). Role-based access control in retrospect. IEEE Computer, 45(6), 81–88. https://doi.org/10.1109/MC.2012.38

Griggs, K. N., Ossipova, O., Kohlios, C. P., Baccarini, A. N., Howson, E. A., & Hayajneh, T. (2018). Healthcare blockchain system using smart contracts for secure automated remote patient monitoring. Journal of Medical Systems, 42(7), 130. https://doi.org/10.1007/s10916-018-0982-x

Guo, R., Shi, H., Zhao, Q., & Zheng, D. (2018). Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems. IEEE Access, 6, 11676–11686. https://doi.org/10.1109/ACCESS.2018.2801266

Health Professions Council of South Africa (HPCSA). (2016). Booklet 9: Guidelines on the keeping of patient records.

Hyperledger. (2021). Hyperledger-fabricdocs documentation: Release master. Hyperledger. https://buildmedia.readthedocs.org/media/pdf/hyperledger-fabric/release-1.4/hyperledger-fabric.pdf

Hyperledger Architecture Working Group. (2017). Hyperledger architecture, volume 1. https://www.hyperledger.org/wp-content/uploads/2017/08/Hyperledger_Arch_WG_Paper_1_Consensus.pdf

Kshetri, N. (2017). Blockchain’s roles in strengthening cybersecurity and protecting privacy. Telecommunications Policy, 41(10), 1027–1038. https://doi.org/10.1016/j.telpol.2017.09.003

Kshetri, N., & Carolina, N. (2018). Blockchain and electronic healthcare records. IEEE Computer Society, 51(12), 59–63. https://doi.org/10.1109/MC.2018.2880021

Laurence, T. (2017). Blockchain for dummies. Wiley.

Liang, X., Zhao, J., Shetty, S., Liu, J., & Li, D. (2017). Integrating blockchain for data sharing and collaboration in mobile healthcare applications. In IEEE (Ed.), 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC) (pp. 1-5). https://doi.org/10.1109/PIMRC.2017.8292361

Menachemi, N., & Collum, T. H. (2011). Benefits and drawbacks of electronic health record systems. Risk Management and Healthcare Policy, 4, 47–55. https://doi.org/10.2147/RMHP.S12985

Mosakheil, J. H. (2018). Security threats classification in blockchains. Culminating Projects in Information Assurance, 48. https://repository.stcloudstate.edu/msia_etds/48/

Republic of South Africa (RSA). (2013). Protection of Personal Information Act 4 of 2013. Government Gazette, Vol. 581, No. 37067.

Ronquillo, J. G., Winterholler, J. E., Cwikla, K., & Szymanski, R. (2018). Health IT, hacking, and cybersecurity: National trends in data breaches of protected health information. Journal of the American Medical Informatics Association, 1, 15–19. https://doi.org/10.1093/jamiaopen/ooy019

Saraf, C., & Sabadra, S. (2018). Blockchain platforms: A compendium. In IEEE (Ed.), 2018 IEEE International Conference on Innovative Research and Development (ICIRD) (pp. 1–6). https://doi.org/10.1109/ICIRD.2018.8376323

Seol, K., Kim, Y.-G., Lee, E., Seo, Y.-D., & Baik, D.-K. (2018). Privacy-preserving attribute-based access control model for XML-based electronic health record system. IEEE Access, 6, 9114–9128. https://doi.org/10.1109/ACCESS.2018.2800288

Thakkar, M., & Davis, D. C. (2006). Risks, barriers, and benefits of EHR systems: A comparative study based on size of hospital. Perspectives in Health Information Management, 3(5), 1–19.

Ziglari, H., & Negini, A. (2017). Evaluating cloud deployment models based on security in EHR system. In IEEE (Ed.), 2017 International Conference on Engineering and Technology (ICET) (pp. 1–6). https://doi.org/10.1109/ICEngTechnol.2017.8308142

Downloads

Published

06-12-2021

How to Cite

Adlam, R. and Haskins, B. (2021) “Applying Blockchain Technology to Security-Related Aspects of Electronic Healthcare Record Infrastructure”, The African Journal of Information and Communication (AJIC). South Africa, (28). doi: 10.23962/10539/32211.

Issue

No. 28 (2021)

Section

Research Articles

License

Copyright (c) 2021 Ryno Adlam, Bertram Haskins

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.