Applying Blockchain Technology to Security-Related Aspects of Electronic Healthcare Record Infrastructure
Keywords:Healthcare, Electronic health records (EHRs), Blockchain, Information security
The centralised architecture employed by electronic health records (EHRs) may constitute a single point of failure. From the perspective of availability, an alternative cloud-based EHR infrastructure is effective and efficient. However, this increased availability has created challenges related to the security and privacy of patients’ medical records. The sensitive nature of EHRs attracts the attention of cyber-criminals. There has been a rise in the number of data breaches related to EHRs. The infrastructure used by EHRs does not assure the privacy and security of patients’ medical records. Features of blockchain platforms, such as decentralisation, immutability, auditability, and transparency, may provide a viable means of augmenting or improving services related to the security of EHRs. This study presents a series of experimental data flow configurations to test the application of blockchain technology to aspects of EHRs. The insights gained from these experiments are founded on a theoretical base to provide recommendations for applying blockchain technology to services related to the security of EHR infrastructure. These recommendations may be employed by developers when redesigning existing EHR systems or deploying new EHR systems.
Adlam, R., & Haskins, B. (2019). A permissioned blockchain approach to the authorization process in electronic health records. In IEEE (Ed.), 2019 International Multidisciplinary Information Technology and Engineering Conference (IMITEC) (pp. 1–8). https://doi.org/10.1109/IMITEC45504.2019.9015927
Bashir, I. (2017). Mastering blockchain. Packt Publishing. Bergquist, J. H. (2017). Blockchain technology and smart contracts privacy-preserving tools. Master’s thesis, Uppsala University, Sweden. http://uu.diva-portal.org/smash/get/diva2:1107612/FULLTEXT01.pdf
Bünz, B., Bootle, J., Boneh, D., Poelstra, A., Wuille, P., & Maxwell, G. (2017). Bulletproofs: Short proofs for confidential transactions and more. In IEEE (Ed.), 2018 IEEE Symposium on Security and Privacy (pp. 315–334). https://doi.org/10.1109/SP.2018.00020
Cilliers, L. (2017). Exploring information assurance to support electronic health record systems. In IEEE (Ed.), 2017 IST-Africa Week Conference (IST-Africa) (pp. 1–8). https://doi.org/10.23919/ISTAFRICA.2017.8102363
Dagher, G. G., Mohler, J., Milojkovic, M., & Marella, P. B. (2018). Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology. Sustainable Cities and Society, 39, 283–297. https://doi.org/10.1016/j.scs.2018.02.014
Dekker, M. A. C., & Etalle, S. (2007). Audit-based access control for electronic health records. Electronic Notes in Theoretical Computer Science, 168(1), 221–236. https://doi.org/10.1016/j.entcs.2006.08.028
Emmadi, N., Vigneswaran, R., Kanchanapalli, S., Maddali, L., & Narumanchi, H. (2019). Practical deployability of permissioned blockchains. In W. Abramowicz, & A. Paschke (Eds.), Business information systems workshops (pp. 229–243). Springer International. https://doi.org/10.1007/978-3-030-04849-5_21
Ferdous, M. S., Chowdhury, F., & Alassafi, M. O. (2019). In search of self-sovereign identity leveraging blockchain technology. IEEE Access, 7, 103059–103079. https://doi.org/10.1109/ACCESS.2019.2931173
Ferraiolo, D., Kuhn, D. R., & Chandramouli, R. (2003). Role-based access control. Artech House.
Franqueira, V. N. L., & Wieringa, R. J. (2012). Role-based access control in retrospect. IEEE Computer, 45(6), 81–88. https://doi.org/10.1109/MC.2012.38
Griggs, K. N., Ossipova, O., Kohlios, C. P., Baccarini, A. N., Howson, E. A., & Hayajneh, T. (2018). Healthcare blockchain system using smart contracts for secure automated remote patient monitoring. Journal of Medical Systems, 42(7), 130. https://doi.org/10.1007/s10916-018-0982-x
Guo, R., Shi, H., Zhao, Q., & Zheng, D. (2018). Secure attribute-based signature scheme with multiple authorities for blockchain in electronic health records systems. IEEE Access, 6, 11676–11686. https://doi.org/10.1109/ACCESS.2018.2801266
Health Professions Council of South Africa (HPCSA). (2016). Booklet 9: Guidelines on the keeping of patient records.
Hyperledger. (2021). Hyperledger-fabricdocs documentation: Release master. Hyperledger. https://buildmedia.readthedocs.org/media/pdf/hyperledger-fabric/release-1.4/hyperledger-fabric.pdf
Hyperledger Architecture Working Group. (2017). Hyperledger architecture, volume 1. https://www.hyperledger.org/wp-content/uploads/2017/08/Hyperledger_Arch_WG_Paper_1_Consensus.pdf
Kshetri, N. (2017). Blockchain’s roles in strengthening cybersecurity and protecting privacy. Telecommunications Policy, 41(10), 1027–1038. https://doi.org/10.1016/j.telpol.2017.09.003
Kshetri, N., & Carolina, N. (2018). Blockchain and electronic healthcare records. IEEE Computer Society, 51(12), 59–63. https://doi.org/10.1109/MC.2018.2880021
Laurence, T. (2017). Blockchain for dummies. Wiley.
Liang, X., Zhao, J., Shetty, S., Liu, J., & Li, D. (2017). Integrating blockchain for data sharing and collaboration in mobile healthcare applications. In IEEE (Ed.), 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC) (pp. 1-5). https://doi.org/10.1109/PIMRC.2017.8292361
Menachemi, N., & Collum, T. H. (2011). Benefits and drawbacks of electronic health record systems. Risk Management and Healthcare Policy, 4, 47–55. https://doi.org/10.2147/RMHP.S12985
Mosakheil, J. H. (2018). Security threats classification in blockchains. Culminating Projects in Information Assurance, 48. https://repository.stcloudstate.edu/msia_etds/48/
Republic of South Africa (RSA). (2013). Protection of Personal Information Act 4 of 2013. Government Gazette, Vol. 581, No. 37067.
Ronquillo, J. G., Winterholler, J. E., Cwikla, K., & Szymanski, R. (2018). Health IT, hacking, and cybersecurity: National trends in data breaches of protected health information. Journal of the American Medical Informatics Association, 1, 15–19. https://doi.org/10.1093/jamiaopen/ooy019
Saraf, C., & Sabadra, S. (2018). Blockchain platforms: A compendium. In IEEE (Ed.), 2018 IEEE International Conference on Innovative Research and Development (ICIRD) (pp. 1–6). https://doi.org/10.1109/ICIRD.2018.8376323
Seol, K., Kim, Y.-G., Lee, E., Seo, Y.-D., & Baik, D.-K. (2018). Privacy-preserving attribute-based access control model for XML-based electronic health record system. IEEE Access, 6, 9114–9128. https://doi.org/10.1109/ACCESS.2018.2800288
Thakkar, M., & Davis, D. C. (2006). Risks, barriers, and benefits of EHR systems: A comparative study based on size of hospital. Perspectives in Health Information Management, 3(5), 1–19.
Ziglari, H., & Negini, A. (2017). Evaluating cloud deployment models based on security in EHR system. In IEEE (Ed.), 2017 International Conference on Engineering and Technology (ICET) (pp. 1–6). https://doi.org/10.1109/ICEngTechnol.2017.8308142
How to Cite
Copyright (c) 2021 Ryno Adlam, Bertram Haskins
This work is licensed under a Creative Commons Attribution 4.0 International License.