Privacy Preservation and Access Control for Sharing Electronic Health Records Using Blockchain Technology

Anotace: Sharing of Electronic Health Records (EHRs) is of significant importance in health care. Lately, a cloud-based electronic health record sharing scheme has been used extensively to share patient records among various healthcare organizations. However, cloud centralization may compromise patients’ privacy and security. Due to the special features of blockchain, it is important to see this technology as a promising solution to resolve these issues. This article proposes a privacy-preserving, secure EHR sharing and access control framework based on blockchain technology. The proposal aims to implement EHR blockchain technology and ensure that electronic records are stored safely by specifying user access permissions. We emulate the cryptographic primitives and use smart contracts to describe the relationships between the EHR owner and EHR user through the proposed system on the Ethereum blockchain. We assess the proposal results based on encryption and decryption time and the costs of the smart contract. The encryption and decryption times are proportional to the size of the EHR, which varies from 128 KB to 128 MB. When it comes to encryption, the smallest EHR takes 0.0012 s to encrypt, while the largest EHR, which is 128 MB, takes 1.4149 s. On the other hand, a 128 KB EHR takes 0.0013 s to decrypt, whereas a 128 MB EHR requires 1.6284 s. As a result, performance evaluation and security analysis confirm that the proposal is secure for practical application.