An Overview of Blockchain-Based Electronic Health Records and Compliance with GDPR and HIPAA
DOI:
https://doi.org/10.56294/dm2023166Keywords:
Blockchain, Healthcare, Electronic Health Record, GDPR, HIPPA, Hyperledger Fabric, IPFSAbstract
The healthcare sector plays a pivotal role in both generating and relying on vast amounts of data, emphasizing the significance of collecting, managing, and sharing information. Technological advancements have facilitated the transformation of healthcare data into electronic health records (EHRs). These digital records are disseminated among various stakeholders, including patients, healthcare professionals, providers, insurance companies, and pharmacies. Given the sensitivity of healthcare information, the assimilation of new technologies is paramount. Blockchain technology, with its immutable nature and decentralized features, has emerged as a promising solution to instigate changes in the healthcare system. In the healthcare domain, where confidentiality is crucial, strict regulations are in place to safeguard patient privacy. Frameworks like the General Data Protection Regulation (GDPR) and the Health Insurance Portability and Accountability Act (HIPAA) are designed to mitigate the risks associated with health data breaches. Although blockchain's characteristics, such as enhanced interoperability, anonymity, and access control, can improve the overall landscape of health data management, it is imperative for blockchain applications to adhere to existing regulatory frameworks for practical implementation. This paper delves into the examination of the compliance of blockchain-based EHR systems with regulations like HIPAA and GDPR. Additionally, it introduces a Blockchain-based EHR model specifically crafted to seamlessly align with regulatory requirements, ensuring its viability and effectiveness in real-world scenarios
References
1. Hasselgren, P. K. Wan, M. Horn, K. Kralevska, D. Gligoroski, et A. Faxvaag, « GDPR Compliance for Blockchain Applications in Healthcare ». arXiv, 27 septembre 2020. Consulté le: 28 avril 2023. [En ligne]. Disponible sur: http://arxiv.org/abs/2009.12913
2. Zhou, M. Barati, et O. Shafiq, « A compliance-based architecture for supporting GDPR accountability in cloud computing », Future Generation Computer Systems, vol. 145, p. 104‑120, août 2023, doi: 10.1016/j.future.2023.03.021.
3. Shahnaz, U. Qamar, et A. Khalid, « Using Blockchain for Electronic Health Records », IEEE Access, vol. 7, p. 147782‑147795, 2019, doi: 10.1109/ACCESS.2019.2946373.
4. H. S. A. Fang, T. H. Tan, Y. F. C. Tan, et C. J. M. Tan, « Blockchain Personal Health Records: Systematic Review », J Med Internet Res, vol. 23, no 4, p. e25094, avr. 2021, doi: 10.2196/25094.
5. Gonzalez-Argote J. Patterns in Leadership and Management Research: A Bibliometric Review. Health Leadership and Quality of Life 2022;1:10-10. https://doi.org/10.56294/hl202210.
6. Mohan, « State of Public and Private Blockchains: Myths and Reality », in Proceedings of the 2019 International Conference on Management of Data, in SIGMOD ’19. New York, NY, USA: Association for Computing Machinery, juin 2019, p. 404‑411. doi: 10.1145/3299869.3314116.
7. Romero-Carazas R. Prompt lawyer: a challenge in the face of the integration of artificial intelligence and law. Gamification and Augmented Reality 2023;1:7–7. https://doi.org/10.56294/gr20237.
8. X. Liu, Z. Wang, C. Jin, F. Li, et G. Li, « A Blockchain-Based Medical Data Sharing and Protection Scheme », IEEE Access, vol. 7, p. 118943‑118953, 2019, doi: 10.1109/ACCESS.2019.2937685.
9. E. Chukwu et L. Garg, « A Systematic Review of Blockchain in Healthcare: Frameworks, Prototypes, and Implementations », IEEE Access, vol. 8, p. 21196‑21214, 2020, doi: 10.1109/ACCESS.2020.2969881.
10. S. Srivastava, M. Pant, S. K. Jauhar, et A. K. Nagar, « Analyzing the Prospects of Blockchain in Healthcare Industry », Comput Math Methods Med, vol. 2022, p. 3727389, déc. 2022, doi: 10.1155/2022/3727389.
11. Auza-Santiváñez JC, Díaz JAC, Cruz OAV, Robles-Nina SM, Escalante CS, Huanca BA. mHealth in health systems: barriers to implementation. Health Leadership and Quality of Life 2022;1:7-7. https://doi.org/10.56294/hl20227.
12. R. Hussein et al., « General Data Protection Regulation (GDPR) Toolkit for Digital Health », Stud Health Technol Inform, vol. 290, p. 222‑226, juin 2022, doi: 10.3233/SHTI220066.
13. M. Poelman et S. Iqbal, « Investigating the Compliance of the GDPR: Processing Personal Data On A Blockchain », in 2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP), janv. 2021, p. 38‑44. doi: 10.1109/CSP51677.2021.9357590.
14. « Health Insurance Portability and Accountability Act of 1996 (HIPAA) | CDC ». Consulté le: 28 avril 2023. [En ligne]. Disponible sur: https://www.cdc.gov/phlp/publications/topic/hipaa.html
15. W. Moore et S. Frye, « Review of HIPAA, Part 1: History, Protected Health Information, and Privacy and Security Rules », J Nucl Med Technol, vol. 47, no 4, p. 269‑272, déc. 2019, doi: 10.2967/jnmt.119.227819.
16. Gonzalez-Argote J. A Bibliometric Analysis of the Studies in Modeling and Simulation: Insights from Scopus. Gamification and Augmented Reality 2023;1:5–5. https://doi.org/10.56294/gr20235.
17. H. Li, L. Zhu, M. Shen, F. Gao, X. Tao, et S. Liu, « Blockchain-Based Data Preservation System for Medical Data », J Med Syst, vol. 42, no 8, p. 141, juin 2018, doi: 10.1007/s10916-018-0997-3.
18. Azaria, A. Ekblaw, T. Vieira, et A. Lippman, « MedRec: Using Blockchain for Medical Data Access and Permission Management », in 2016 2nd International Conference on Open and Big Data (OBD), août 2016, p. 25‑30. doi: 10.1109/OBD.2016.11.
19. G. G. Dagher, J. Mohler, M. Milojkovic, et P. B. Marella, « Ancile: Privacy-preserving framework for access control and interoperability of electronic health records using blockchain technology », Sustainable Cities and Society, vol. 39, p. 283‑297, mai 2018, doi: 10.1016/j.scs.2018.02.014.
20. W. Zhan, C.-L. Chen, W. Weng, W.-J. Tsaur, Z.-Y. Lim, et Y.-Y. Deng, « Incentive EMR Sharing System Based on Consortium Blockchain and IPFS », Healthcare (Basel), vol. 10, no 10, p. 1840, sept. 2022, doi: 10.3390/healthcare10101840.
21. « A Secure Cloud Storage Framework With Access Control Based on Blockchain | IEEE Journals & Magazine | IEEE Xplore ». Consulté le: 10 décembre 2023. [En ligne]. Disponible sur: https://ieeexplore.ieee.org/document/8770246
22. Gonzalez-Argote D, Gonzalez-Argote J, Machuca-Contreras F. Blockchain in the health sector: a systematic literature review of success cases. Gamification and Augmented Reality 2023;1:6–6. https://doi.org/10.56294/gr20236.
23. T.-F. Lee, I.-P. Chang, et T.-S. Kung, « Blockchain-Based Healthcare Information Preservation Using Extended Chaotic Maps for HIPAA Privacy/Security Regulations », Applied Sciences, vol. 11, no 22, Art. no 22, janv. 2021, doi: 10.3390/app112210576.
24. Hasselgren, K. Kralevska, D. Gligoroski, et A. Faxvaag, « GDPR Compliant Blockchain and Distributed Ledger Technologies in the Health Sector », Stud Health Technol Inform, vol. 270, p. 1293‑1294, juin 2020, doi: 10.3233/SHTI200408.
25. G. Al-Sumaidaee, R. Alkhudary, Z. Zilic, et A. Swidan, « Performance analysis of a private blockchain network built on Hyperledger Fabric for healthcare », Information Processing & Management, vol. 60, no 2, p. 103160, mars 2023, doi: 10.1016/j.ipm.2022.103160.
26. E. S. Babu, I. Kavati, S. R. Nayak, U. Ghosh, et W. Al Numay, « Secure and transparent pharmaceutical supply chain using permissioned blockchain network », International Journal of Logistics Research and Applications, vol. 0, no 0, p. 1‑28, févr. 2022, doi: 10.1080/13675567.2022.2045578.
27. T. V. Doan, Y. Psaras, J. Ott, et V. Bajpai, « Towards Decentralised Cloud Storage with IPFS: Opportunities, Challenges, and Future Directions ». arXiv, 2 avril 2022. doi: 10.48550/arXiv.2202.06315.
Published
Issue
Section
License
Copyright (c) 2023 Nehal Ettaloui, Sara Arezki, Taoufiq Gadi (Author)
This work is licensed under a Creative Commons Attribution 4.0 International License.
The article is distributed under the Creative Commons Attribution 4.0 License. Unless otherwise stated, associated published material is distributed under the same licence.
