Koncept privatnosti podataka u elektronskom zdravstvenom sistemu zasnovan na blokčejn tehnologiji

Abstract

Introduction/purpose: Advances in information and communication technologies have enabled the creation of a symbiotic environment of humans and machines in which humans interact with machines to get better quality of everyday life. In that interaction, environment problems of information security and in particular data privacy are at the forefront. In many countries, there is legal regulation that regulates this problem in terms of securing the goals that must be realized when manipulating private data, and the technology itself is the choice of the creators of information systems. Blockchain technology is one of the methods of choice to ensure the integrity of data and undeniable transactions while digital certificates in conjunction with it enable the realization of data privacy of patients. Methods: The cryptographic methods of asymmetric cryptography apply blockchain technology and reliable methods of identification in cyberspace, which enables the preservation of data privacy at a high level. Results: This paper describes the method of patient health data privacy protection in a healthcare system based on digital certificates as an identification method in cyberspace and Blockchain technology as a method for preserving the integrity of transactions and a healthcare information system. The proposed concept enables the separation of private and medical data in such a way that with the accepted principle of patient ownership of medical data, it is possible to achieve primary and secondary use of healthcare data without compromising the patient's privacy. Conclusions: The concept of identity assignment to every element in the healthcare information system and the organization/storage of data in accordance with the principles of Blockchain technology proposed in this paper enable the realization of a high level of data privacy in accordance with the European Union General Data Protection Regulation at the international level. In addition, the proposed concept enables the detection of unregistered devices or entities in the system and thus preserves the integrity of the system and increases its overall information security.