Application of Blockchain to Maintaining Patient Records in Electronic Health Record for Enhanced Privacy, Scalability, and Availability / 대한의료정보학회지

OBJECTIVES@#Electronic Health Record (EHR) systems are increasingly used as an effective method to share patients' records among different hospitals. However, it is still a challenge to access scattered patient data through multiple EHRs. Our goal is to build a system to access patient records easily among EHRs without relying on a centralized supervisory system.@*METHODS@#We apply consortium blockchain to compose a distributed system using Hyperledger Fabric incorporating existent EHRs. Peer nodes hold the same ledger on which the address of a patient record in an EHR is written. Individual patients are identified by unique certificates issued by a local certificate authorities that collaborate with each other in a channel of the network. To protect a patient's privacy, we use a proxy re-encryption scheme when the data are transferred. We designed and implemented various chaincodes to handle business logic agreed by member organizations of the network.@*RESULTS@#We developed a prototype system to implement our concept and tested its performance including chaincode logic. The results demonstrated that our system can be used by doctors to find patient's records and verify patient's consent on access to the data. Patients also can seamlessly receive their past records from other hospitals. The access log is stored transparently and immutably in the ledger that is used for auditing purpose.@*CONCLUSIONS@#Our system is feasible and flexible with scalability and availability in adapting to existing EHRs for strengthening security and privacy in managing patient records. Our research is expected to provide an effective method to integrate dispersed patient records among medical institutions.

Patient Consent Management by a Purpose-Based Consent Model for Electronic Health Record Based on Blockchain Technology / 대한의료정보학회지

Objectives@#Currently, patients’ consent is essential to use their medical records for various purposes; however, most people give their consent using paper forms and have no control over it. Healthcare organizations also have difficulties in dealing with patient consent. The objective of this research is to develop a system for patients to manage their consent flexibly and for healthcare organizations to obtain patient consent efficiently for a variety of purposes. @*Methods@#We introduce a new e-consent model, which uses a purpose-based access control scheme; it is implemented by a blockchain system using Hyperledger Fabric. All metadata of patient records, consents, and data access are written immutably on the blockchain and shared among participant organizations. We also created a blockchain chaincode that performs business logic managing patient consent. @*Results@#We developed a prototype and checked business logics with the chaincode by validating doctors’ data access with purpose-based consent of patients stored in the blockchain. The results demonstrate that our system provides a fine-grained way of handling medical staff ’s access requests with diverse intended purposes for accessing data. In addition, patients can create, update, and withdraw their consents in the blockchain. @*Conclusions@#Our consent model is a solution for consent management both for patients and healthcare organizations. Our system, as a blockchain-based solution that provides high reliability and availability with transparency and traceability, is expected to be used not only for patient data sharing in hospitals, but also for data donation for biobank research purposes.

Privacy Enhanced Healthcare Information Sharing System for Home-Based Care Environments / 대한의료정보학회지

OBJECTIVES: Home-based nursing care services have increased over the past decade. However, accountability and privacy issues as well as security concerns become more challenging during care provider visits. Because of the heterogeneous combination of mobile and stationary assistive medical care devices, conventional systems lack architectural consistency, which leads to inherent time delays and inaccuracies in sharing information. The goal of our study is to develop an architecture that meets the competing goals of accountability and privacy and enhances security in distributed home-based care systems. METHODS: We realized this by using a context-aware approach to manage access to remote data. Our architecture uses a public certification service for individuals, the Japanese Public Key Infrastructure and Health Informatics-PKI to identify and validate the attributes of medical personnel. Both PKI mechanisms are provided by using separate smart cards issued by the government. RESULTS: Context-awareness enables users to have appropriate data access in home-based nursing environments. Our architecture ensures that healthcare providers perform the needed home care services by accessing patient data online and recording transactions. CONCLUSIONS: The proposed method aims to enhance healthcare data access and secure information delivery to preserve user's privacy. We implemented a prototype system and confirmed its feasibility by experimental evaluation. Our research can contribute to reducing patient neglect and wrongful treatment, and thus reduce health insurance costs by ensuring correct insurance claims. Our study can provide a baseline towards building distinctive intelligent treatment options to clinicians and serve as a model for home-based nursing care.

The Personal Health Information Reference System based on e-P.O.Box Conception / 대한의료정보학회지

IT Strategic Headquarters of the Japanese government compiled the Priority Policy Program 2007, in which "Establishment of the structure for every citizen to be able to manage and utilize his health information by himself" and "Foundation of the e- Post-Office box for the realization of the social security service in aspects of people" are declared. For this purpose, a health information system is considered that delivers healthcare data to the server, where the data is to be individually self.administered by the owner. A patient can register his data, and download or reference it from any medical institution or home when necessary. We made a prototype system to realize such a personal health data referring system based on the e. post.office box concept. The system is to be used in field trial experiment with the staffs and students of Tokyo Institute of Technology using their ID Card. This prototype system is expected to be available for the policy suggestion in the realization of the e-P.O.Box stated in the Priority Policy Program of the government.