Chenthara, Shekha ORCID: 0000-0003-0338-8728 (2021) Privacy Preservation of Electronic Health Records Using Blockchain Technology: Healthchain. PhD thesis, Victoria University.

Abstract

The right to privacy is the most fundamental right of a citizen in any country. Electronic Health Records (EHRs) in healthcare has faced problems with privacy breaches, insider outsider attacks and unauthenticated record access in recent years, the most serious being related to the privacy and security of medical data. Ensuring privacy and security while handling patient data is of the utmost importance as a patient’s information should only be released to others with the patient’s permission or if it is allowed by law. Electronic health data (EHD) is an emerging health information exchange model that enables healthcare providers and patients to efficiently store and share their private healthcare information from any place and at any time as required. Generally, cloud services provide the infrastructure by reducing the cost of storing, processing and updating information with improved efficiency and quality. However, the privacy of EHRs is a significant hurdle when outsourcing private health data in the cloud because there is a higher risk of health information being leaked to unauthorized parties. Several existing techniques can analyse the security and privacy issues associated with e-healthcare services. These methods are designed for single databases, or databases with an authentication centre and thus cannot adequately protect the data from insider attacks. In fact, storing EHRs on centralized databases increases the security risk footprint and requires trust in a single authority. Therefore, this research study mainly focuses on how to ensure patient privacy and security while sharing sensitive data between the same or different organisations as well as healthcare providers in a distributed environment. This research successfully proposes and implements a permissioned blockchain framework named Healthchain, which maintains the security, privacy, scalability and integrity of the e-health data. The blockchain is built on Hyperledger Fabric, a permissioned distributed ledger solution by employing Hyperledger Composer and stores EHRs by utilizing InterPlanetary File System (IPFS) to build the decentralized web applications. Healthchain builds a two-pronged solution (i) an on-chain solution implemented on the secure network of Hyperledger Fabric which utilizes the state database Couch DB, (ii) an off-chain solution to securely store encrypted data via IPFS. The Healthchain architecture employs Practical Byzantine Fault Tolerance (PBFT) as the distributed network consensus processes to determine which block is to be added to the blockchain. Healthchain Hyperledger Fabric leverages container technology to host smart contracts called “chaincode” that comprises the application logic of this system. This research aimed at contributing towards the scalability in blockchain by storing the data hashes of health records on chain and the actual data is stored cryptographically off chain in IPFS, the decentralized storage. Moreover, the data stored in the IPFS will be encrypted by using special public key cryptographic algorithms to create robust blockchain solutions for EHD. This research study develops a privacy preserving framework with three main core contributions to the e-Health ecosystem: (i) it contributes a privacy preserving patient-centric framework namely Healthchain; (ii) introduces an efficient referral mechanism for the effective sharing of healthcare records; and (iii) prevents prescription drug abuse by performing drug tracking transactions employing smart contract functionality to create a smart health care ecosystem. The results demonstrates that the developed prototype ensures that healthcare records are not traceable to illegal disclosure as the model only stores the encrypted hash of records and is proven to be effective in terms of enhanced data privacy, data security, improved data scalability, interoperability and data integrity when accessing and sharing medical records among stakeholders across the Healthchain network. This research develops a foolproof security solution against cyber-attacks by exploiting the inherent features of the blockchain, thereby contributing to the robustness of healthcare information sharing systems and also unravels the potential for blockchain in health IT solutions.

Search Google Scholar

Repository staff login