ACTION-EHR: Patient-Centric Blockchain-Based Electronic Health Record Data Management for Cancer Care

Abstract

Journal of Medical Internet Research - International Scientific Journal for Medical Research, Information and Communication on the Internet #Preprint #PeerReviewMe: Warning: This is a unreviewed preprint. Readers are warned that the document has not been peer-reviewed by expert/patient reviewers or an academic editor, may contain misleading claims, and is likely to undergo changes before final publication, if accepted, or may have been rejected/withdrawn. Readers with interest and expertise are encouraged to sign up as peer-reviewer, if the paper is within an open peer-review period. Please cite this preprint only for review purposes or for grant applications and CVs (if you are the author). Background: With increased specialization of healthcare services and high mobility of patients, accessing healthcare services across multiple hospitals or clinics has become very common for diagnosis and treatment, in particular, for patients with chronic diseases such as cancer. With informed knowledge of a patient’s history, physicians can make prompt clinical decisions for smarter, safer, and more efficient care. However, due to the privacy and high sensitivity of Electronic Health Records (EHR), most EHR data sharing still happens through fax or mail due to the lack of systematic infrastructure support for secure and trustable health data sharing, which can also incur major delays for patient care. Objective: Our goal is to develop a system that will facilitate secure and trustable management, sharing, and aggregation of EHR data. Our patient centric system, although generalizable, is specifically designed for cancer care allowing patients to conveniently manage their own health records across multiple hospitals. The system will ensure patient privacy protection and security guarantees with respect to the requirements to the healthcare data management, including the access control policy specified by the patient. Methods: We propose a permissioned blockchain-based system for EHR data sharing and integration. Each hospital will provide a blockchain node integrated with its own EHR system to form the blockchain network. A web based interface will be used for patients and doctors to initiate EHR sharing transactions. We take a hybrid data management approach, where only management metadata will be stored on the chain. Actual EHR data, on the other hand, will be encrypted and stored off-chain in a HIPAA compliant cloud-based storage. The system provides patients with full access control of EHR sharing, and uses PKI-based asymmetric encryption and digital signatures to secure shared EHR data. Results: In collaboration with Stony Brook University Hospital, we developed ACTION-EHR, a system for patient-centric blockchain-based EHR data sharing and management for patient care, in particular, radiation treatment for cancer. The prototype was built on Hyperledger Fabric, an open source permissioned blockchain framework. Data sharing transactions were implemented using chaincode, and exposed as REST APIs used for the Web portal for patients and users. HL7 FHIR standard was adopted to represent shared EHR data, making it easy for interfacing with hospital EHR systems, and integration of a patient’s EHR data. We tested the system in a distributed environment at Stony Brook University using de-identified patients’ data. Conclusions: We studied and developed the critical technology components to enable patient-centric, blockchain based EHR sharing to support cancer care. The prototype demonstrated the feasibility of our approach, as well as some of the major challenges. The next step will be a pilot study with healthcare providers in both US and Switzerland. Our work provides an exemplar testbed to build next generation EHR sharing infrastructures.