Fully Decentralized Multi-Party Consent Management for Secure Sharing of Patient Health Records

Madine, Mohammad; Jayaraman, Raja; Yaqoob, Ibrar; Al-Hammadi, Yousof; Ellahham, Samer; Calyam, Prasad

doi:10.1109/access.2020.3045048

Cited by 38 publications

(18 citation statements)

References 22 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…To that end, utilizing a blockchain-based solution in a consent management system has great potential and offers outstanding features, such as transparency, security, immutability, and auditability [45]. Therefore, in light of the potential of blockchain and in response to privacy issues in fitness apps, this study proposes a blockchain dynamic consent mechanism that uses a smart contract to preserve privacy in accessing fitness data, especially with regard to the management of consent.…”

Section: Related Workmentioning

confidence: 99%

A Blockchain-Based Consent Mechanism for Access to Fitness Data in the Healthcare Context

2022

View full text Add to dashboard Cite

Wearable fitness devices are widely used to track an individual's health and physical activities to improve the quality of health services. These devices sense a considerable amount of sensitive data processed by a centralized third party. While many researchers have thoroughly evaluated privacy issues surrounding wearable fitness trackers, no study has addressed privacy issues in trackers by giving control of the data to the user. Blockchain is an emerging technology with outstanding advantages in resolving consent management privacy concerns. As there are no fully transparent, legally compliant solutions for sharing personal fitness data, this study introduces an architecture for a human-centric, legally compliant, decentralized and dynamic consent system based on blockchain and smart contracts. Algorithms and sequence diagrams of the proposed system's activities show consent-related data flow among various agents, which are used later to prove the system's trustworthiness by formalizing the security requirements. The security properties of the proposed system were evaluated using the formal security modeling framework SeMF, which demonstrates the feasibility of the solution at an abstract level based on formal language theory. As a result, we have empirically proven that blockchain technology is suitable for mitigating the privacy issues of fitness providers by recording individuals' consent using blockchain and smart contracts.

show abstract

Section: Related Workmentioning

confidence: 99%

A Blockchain-Based Consent Mechanism for Access to Fitness Data in the Healthcare Context

2022

View full text Add to dashboard Cite

show abstract

“…Rupasinghe et al [ 17 ] described a privacy-preserving consent model architecture using blockchain to facilitate patient-data acquisition for clinical data analysis. Blockchain-enabled data-sharing consent schemes have been proposed [ 24 , 25 , 26 , 27 ] for controlling access to individual health data, where smart contracts are used to denote individual consent and allow requesters to seek and access health data. Table 2 reviews the schemes available in the literature, which are compared with our proposed solution.…”

Section: Background and Related Workmentioning

confidence: 99%

A Smart Contract-Based Dynamic Consent Management System for Personal Data Usage under GDPR

Merlec

Lee

Hong³

et al. 2021

Sensors

View full text Add to dashboard Cite

A massive amount of sensitive personal data is being collected and used by scientists, businesses, and governments. This has led to unprecedented threats to privacy rights and the security of personal data. There are few solutions that empower individuals to provide systematic consent agreements on distinct personal information and control who can collect, access, and use their data for specific purposes and periods. Individuals should be able to delegate consent rights, access consent-related information, and withdraw their given consent at any time. We propose a smart-contract-based dynamic consent management system, backed by blockchain technology, targeting personal data usage under the general data protection regulation. Our user-centric dynamic consent management system allows users to control their personal data collection and consent to its usage throughout the data lifecycle. Transaction history and logs are recorded in a blockchain that provides trusted tamper-proof data provenance, accountability, and traceability. A prototype of our system was designed and implemented to demonstrate its feasibility. The acceptability and reliability of the system were assessed by experimental testing and validation processes. We also analyzed the security and privacy of the system and evaluated its performance.

show abstract

“…Similar to the patient, the doctor may also have additional responsibilities, such as sharing their public key with a verifier for PRE. Requiring requests to be initiated by the doctor allows the system to operate under special circumstances, such as cases of emergency or incapacitated patients, where the decision on the request needs to be taken by a third-party entity [33].…”

Section: F Blockchain Entity Definitionsmentioning

confidence: 99%

appXchain: Application-Level Interoperability for Blockchain Networks

et al. 2021

Self Cite

View full text Add to dashboard Cite

Blockchain technology has the potential to revolutionize industries by offering decentralized, transparent, data provenance, auditable, reliable, and trustworthy features. However, cross-chain interoperability is one of the crucial challenges preventing widespread adoption of blockchain applications. Cross-chain interoperability represents the ability for one blockchain network to interact and share data with another blockchain network. Contemporary cross-chain interoperability solutions are centralized and require re-engineering of the core blockchain stack to enable inter-communication and data sharing among heterogeneous blockchain networks. In this paper, we propose an application-based cross-chain interoperability solution named appXchain which allows blockchain networks of any architecture type and industrial focus to inter-communicate, share data, and make requests. Our solution utilizes the decentralized applications as a distributed translation layer that is capable of communicating and understanding multiple blockchain networks, thereby delegating requests and parameters among them. The architecture uses incentivized verifier nodes that maintain the integrity of shared data facilitating them to be readable by the entities of their network. We define and describe the roles and requirements of major entities of inter-operating blockchain networks in the context of healthcare. We present a detailed explanation of the sequence of interactions needed to share an Electronic Medical Record (EMR) document from one blockchain network to another along with the required algorithms. We implement the appXchain solution with Ethereum-based smart contracts for two hospitals and also present its cost and security analysis. We have made our smart contracts code and testing scripts publicly available.

show abstract

Fully Decentralized Multi-Party Consent Management for Secure Sharing of Patient Health Records

Cited by 38 publications

References 22 publications

A Blockchain-Based Consent Mechanism for Access to Fitness Data in the Healthcare Context

A Blockchain-Based Consent Mechanism for Access to Fitness Data in the Healthcare Context

A Smart Contract-Based Dynamic Consent Management System for Personal Data Usage under GDPR

appXchain: Application-Level Interoperability for Blockchain Networks

Contact Info

Product

Resources

About