ACTION-EHR: Patient-Centric Blockchain-Based Electronic Health Record Data Management for Cancer Care (Preprint)
Preprint
- 1 February 2019
- preprint
- Published by JMIR Publications Inc.
Abstract
BACKGROUND With increased specialization of health care services and high levels of patient mobility, accessing health care services across multiple hospitals or clinics has become very common for diagnosis and treatment, particularly for patients with chronic diseases such as cancer. With informed knowledge of a patient’s history, physicians can make prompt clinical decisions for smarter, safer, and more efficient care. However, due to the privacy and high sensitivity of electronic health records (EHR), most EHR data sharing still happens through fax or mail due to the lack of systematic infrastructure support for secure, trustable health data sharing, which can also cause major delays in patient care. OBJECTIVE Our goal was to develop a system that will facilitate secure, trustable management, sharing, and aggregation of EHR data. Our patient-centric system allows patients to manage their own health records across multiple hospitals. The system will ensure patient privacy protection and guarantee security with respect to the requirements for health care data management, including the access control policy specified by the patient. METHODS We propose a permissioned blockchain-based system for EHR data sharing and integration. Each hospital will provide a blockchain node integrated with its own EHR system to form the blockchain network. A web-based interface will be used for patients and doctors to initiate EHR sharing transactions. We take a hybrid data management approach, where only management metadata will be stored on the chain. Actual EHR data, on the other hand, will be encrypted and stored off-chain in Health Insurance Portability and Accountability Act–compliant cloud-based storage. The system uses public key infrastructure–based asymmetric encryption and digital signatures to secure shared EHR data. RESULTS In collaboration with Stony Brook University Hospital, we developed ACTION-EHR, a system for patient-centric, blockchain-based EHR data sharing and management for patient care, in particular radiation treatment for cancer. The prototype was built on Hyperledger Fabric, an open-source, permissioned blockchain framework. Data sharing transactions were implemented using chaincode and exposed as representational state transfer application programming interfaces used for the web portal for patients and users. The HL7 Fast Healthcare Interoperability Resources standard was adopted to represent shared EHR data, making it easy to interface with hospital EHR systems and integrate a patient’s EHR data. We tested the system in a distributed environment at Stony Brook University using deidentified patient data. CONCLUSIONS We studied and developed the critical technology components to enable patient-centric, blockchain-based EHR sharing to support cancer care. The prototype demonstrated the feasibility of our approach as well as some of the major challenges. The next step will be a pilot study with health care providers in both the United States and Switzerland. Our work provides an exemplar testbed to build next-generation EHR sharing infrastructures.Keywords
Other Versions
- Published version: Version Journal of Medical Internet Research, 22, preprints
This publication has 13 references indexed in Scilit:
- Handbook of Applied CryptographyPublished by Taylor & Francis Ltd ,2018
- Blockchain: Solving the privacy and research availability tradeoff for EHR data: A new disruptive technology in health data managementPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- Integrating blockchain for data sharing and collaboration in mobile healthcare applicationsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- Blockchain distributed ledger technologies for biomedical and health care applicationsJournal of the American Medical Informatics Association, 2017
- MedRec: Using Blockchain for Medical Data Access and Permission ManagementPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- Keeping Authorities "Honest or Bust" with Decentralized Witness CosigningPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2016
- Secure High-Rate Transaction Processing in BitcoinPublished by Springer Science and Business Media LLC ,2015
- The Role of Health Information Technology in Care Coordination in the United StatesMedical Care, 2015
- Practical homomorphic encryption: A surveyPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2014
- Foundations of Group Signatures: Formal Definitions, Simplified Requirements, and a Construction Based on General AssumptionsLecture Notes in Computer Science, 2003