Design and Implementation of a Blockchain-Based Access Control Framework to Mitigate Vulnerabilities in Electronic Health Records and Enhance Healthcare Cyber security
Keywords:
Blockchain in Healthcare, Electronic Health Records (EHRs), Data Privacy and Security, Smart Contracts, Healthcare Interoperability.Abstract
The increasing adoption of Electronic Health Records (EHRs) in the healthcare industry has brought significant benefits, including improved patient care, enhanced data accessibility, and streamlined workflows. However, traditional EHR systems, relying on centralized architectures, face critical challenges such as data breaches, unauthorized access, and regulatory compliance. This study proposes a blockchain-based framework to address these issues by leveraging blockchain's decentralized, immutable, and cryptographically secure features. The framework employs smart contracts for dynamic access control, ensuring data integrity and accountability while adapting to real-time access requirements. Patient data is encrypted and stored off-chain, with only hashed references recorded on the blockchain, providing robust privacy and scalability. Additionally, the framework facilitates interoperability by integrating standardized healthcare data formats, enabling secure data exchange across disparate systems while adhering to regulations such as HIPAA and GDPR. Performance evaluation demonstrates the framework's superiority over traditional models in terms of transaction throughput, latency, and scalability, with practical applications in hospitals and telemedicine platforms. While challenges such as scalability and legacy system integration remain, this study establishes a foundation for secure, efficient, and patient-centric healthcare data management using blockchain technology.
Downloads
References
Azaria, Asaph & Ekblaw, Ariel & Vieira, Thiago & Lippman, Andrew. (2016). MedRec: Using Blockchain for Medical Data Access and Permission Management. 25-30. 10.1109/OBD.2016.11.
HealthIT.gov. (2018). What are the advantages of electronic health records? Retrieved from https://www.healthit.gov/faq/what-are-advantages-electronic-health-records
Huang, Guangjian & Foysal, Abdullah Al. (2021). Blockchain in Healthcare. Technology and Investment. 12. 168-181. 10.4236/ti.2021.123010.
Kruse, C. S., Frederick, B., Jacobson, T., & Monticone, D. K. (2017). Cybersecurity in healthcare: A systematic review of modern threats and trends. Technology and health care : official journal of the European Society for Engineering and Medicine, 25(1), 1–10. https://doi.org/10.3233/THC-161263
American Medical Association (AMA). (2020). Privacy and security in healthcare: Challenges and solutions. Retrieved from https://www.ama-assn.org
Xu, Xiwei & Weber, Ingo & Staples, Mark. (2019). Architecture for Blockchain Applications. 10.1007/978-3-030-03035-3.
Hu, V. C., Kuhn, R., & Yaga, D. (2017). Verification and Test Methods for Access Control Policies/Models (NIST Special Publication 800-192). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-192
Ferraiolo, David & Sandhu, Ravi & Gavrila, Serban & Kuhn, D. & Chandramouli, Ramaswamy. (2001). Proposed NIST Standard for Role Based Access Control. ACM Trans. Inf. Syst. Secur.. 4. 224-274. 10.1145/501978.501980.
Hu, V. C., Ferraiolo, D. F., & Kuhn, D. R. (2007). Assessment of access control systems. National Institute of Standards and Technology. doi:10.6028/NIST.SP.800-192
Park, Jaehong & Sandhu, Ravi. (2002). The UCON ABC usage control model. ACM Transactions on Information and System Security. 7. 128-174.
Dubovitskaya A, Xu Z, Ryu S, Schumacher M, Wang F. Secure and Trustable Electronic Medical Records Sharing using Blockchain. AMIA Annu Symp Proc. 2018 Apr 16;2017:650-659. PMID: 29854130; PMCID: PMC5977675.
Chakrabarty, Shambhu & Mukherjee, Souvik. (2021). Blockchain Technology in Medical Data Management and Protection in India. 10.1201/9781003141471-13.
Chukwu, Emeka & Garg, Lalit. (2020). A Systematic Review of Blockchain in Healthcare: Frameworks, Prototypes, and Implementations. IEEE Access. PP. 1-1. 10.1109/ACCESS.2020.2969881.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.