Enabling secure health information sharing among healthcare organizations by public blockchain

Abstract

AbstractThe facilitation of sharing and exchanging patients’ health records is a paramount opportunity in e-health, enabling healthcare providers to garner a comprehensive and clear perspective of patients’ medical histories without necessitating direct inquiries. Besides this great advantage, it introduces substantial issues on security and privacy, mainly related to unauthorized access to e-health records when different healthcare service providers maintain records. In this paper, we deal with this problem and propose using the blockchain technology (1) to obfuscate the linkage between patients’ identities and their e-health records and (2) to grant access to e-health records exclusively to entities authorized by patients themselves. Key outcomes include using a digital identity based on the Electronic Identification, Authentication, and Trust Services Regulation (eIDAS) to control access to these records, and a concrete implementation by adopting the Ethereum blockchain. Our solution relies on using a public blockchain, which is an improvement for the state of the art, in which only private or consortium blockchains have been proposed. The resulting solution has been analyzed, and the effectiveness and affordability of the proposal have been shown.