This section highlights a brief background of the study and the underlying foundations for executing the research through specifying the context of the study, the research objectives, contributions of the research, and finally, in outlining the structure of the entire thesis. The chapter is designed to offer suitable information to the background of the study and highlight the diverse implications of data sharing done currently and through Blockchain technology in the healthcare sector, often requiring healthcare dissertation help to navigate these complex topics effectively.
Characteristically, healthcare is a domain that is data intensive that has vast amounts of data that is generated, disseminated and accessed on a daily basis. However, typically, the records of patients are isolated in institution-centric health records (EHRs). That brings about fragmentation with consequences that range from poor coordination of care to lack of critical information in the event of emergencies. As a remedy, the requirements of interoperability were instituted even though systems that support the comprehensive integration of patient record remain elusive. As a result of this, data holders create barriers that dissuade information exchange and patient engagement. 0ne of the three following models are followed in the traditional exchange of health information. Pull, which involves extraction of information from sources, push which involves the sending of information from one source to another and view which involves peering into systems. While these on a practical basis achieve the effective exchange of information health, they are not sustainable, en masse solutions to care that is centered on the patient. As such, block chains were presented as a fourth model with the stated goals of restoring patient agency. Block chains are repositories of information that are distributed and decentralised and that are secured by different cryptographic primitives. The participants who are the providers, patients and payers upload data to the chains in a fashion that is secure and authenticated. That results in medical records that are comprehensive and that are accessible by all those who have the permission of the patients. Smart contracts enforce that. According to Xia et al. (2017), data sharing in the healthcare sector is executed with the involvement of various stakeholders. With the increasing scope and complexity of healthcare operations, diverse healthcare providers are involved in the execution of different healthcare processes associated with the patients and their information. With the involvement of various healthcare providers in the treatment of patients and healthcare service delivery, patient information is transferred and communicated through using the different information systems. According to the notion delivered by Gordon and Catalini (2018), sharing of colossal amount of data among healthcare sector stakeholders could results in improving the process of biomedical research, medical diagnosis, and also for the process of policy development. For decision making related to quality service delivery in the healthcare sector, healthcare providers are often in search of the medical history of patients. Massive data sharing for constructive purposes in the healthcare sector have led towards influencing the economy, however, on the other, hand user trust and data breach are some of the critical hurdles in the execution of successful data sharing.
Kohli and Tan (2016) indicated that mistakes in the process of data sharing in the healthcare sector could lead to distrust among patients related to the credibility of online and digital platforms for data sharing. In this regard, different cloud-based healthcare data sharing settings have been introducing addressing the economic, flexibility, and scalability issues of data sharing. These cloud computing settings for sharing healthcare information, according to Ribitzky et al. (2018), have been introduced through the anonymization and encryption of data and operations. However, on the other hand, it is argued by Nepal, Ranjan, and Choo, (2015) that healthcare users possess hesitant behaviors towards the use of traditional or modern channels for sharing their personal information. That is because of the different potential risks related to data breach and leakage of data. According to Kostkova et al. (2016), personal information of the patients is a valuable asset and is considered highly sensitive and a safety net in preventing exposure to the patients' health. Esposito et al. (2018) indicated that the data breaches which have occurred in the past have led to a variety of issues, including disclosure of patient data, loss of credentials, malware infections, amongst others. The health and human service breach report state that approximately 15 million health records were hacked or accessed breaching the current data storage standards prevalent in the health sector. Kim, Joseph, and Ohno-Machado (2015) proclaimed that newer models of technology rely on new robust and secure technology infrastructure and thus have been more crucial for healthcare providers and organizations to maintain the confidentiality of the patient records. Moreover, the process of documentation, sharing, and storing the healthcare data should be executed with the assurance of authentication and taking into consideration all ethical aspects around it. Though using digital platforms and advanced technology like Blockchain for sharing information of patients amplifies the integration of advanced technology, challenges relating to privacy, confidentiality, security, and integrity should be addressed to start adopting Blockchain technology. With the drawbacks in the current technology evident and data breaches galore combined with the emergence and usage of Blockchain in other industries healthcare industry, too, has seen the need to use Blockchain as a tool to share medical data. Medical applications that do clinical trials, monitoring of adverse events, and management of data collected from medical devices, management of product liability, and contractual relationships can benefit the most with the implementation. The implementation of Blockchain, according to Liang et al. (2017), would play a vital role in developing new products and services, improving patient experience, and making life-critical decisions. Blockchain will be used as a compelling tool to overcome current data-sharing issues; however, it is still early to decide if Blockchain is the way to go in the future. Fabian, Ermakova, and Junghanns, (2015) in the healthcare industry state that the use of Blockchain technology raises obvious problems of privacy, safety, and patient consent and bring with them the highest risks to privacy and security.
Rodrigues et al (2015), presented a decentralised personal system for management of data. The system had the capabilities of ensuring that users were able to own and further manage their data. The block chain is in the system converted into an automatic access control manager in the protocol without trusted third parties. To deal with HER, on the basis of block chain, a decentralised “MedRec” system was proposed. Data economics have come about as a result of MedRec. MedRec also provided researchers with big data that allowed providers and patients to settle on publishing metadata. In 2017, a block-chain based model for sharing of data was developed by Xue et al. The scheme was capable of solving the problems of saving, checking and synchronising across different medical institutions through improvement of the consensus mechanism. A block chain framework for sharing data was developed by Xia et al that takes advantage of the immutability of block chain to address the challenges of control that are related to all the sensitive data that is stored in the cloud.
The research objectives aimed to answer the following research questions:
What are the current research trends for Blockchain in health data sharing?
What is the current limitation in healthcare data sharing?
To what extent that Blockchain technology diminishes current healthcare data sharing limitations?
What security advantages can Blockchain provide over conventional data sharing?
What are the strengths of the existing Blockchain-based data-sharing framework?
The thesis comprises of five portions. The introduction or Section-1 highlights the background of the research establishes research objectives, and determines the further need for the study. Section-2 includes existing data-sharing approaches and frameworks related to Blockchain technology in Healthcare. Section-3 of the thesis converges on the integration of information related to designing and implementing a data-sharing framework. This section of the study highlights the architecture of Blockchain-Based Data Sharing (BBDS). Section-4 of the research comprises data\results analyzing the diverse findings of the research and advancing the current knowledge base through meaningful information. The conclusion or Section-5 details the results of the study and the comparative analysis and discussion and practical implications of it.
The inception of Blockchain technology has created new possibilities for businesses to provide high-quality products and services to consumers. Carson et al. (2018), reports published by McKinsey and company state that Blockchain offers numerous short-term and long-term benefits for businesses that include cost saving and complete transformation of business models. Healthcare is one of those sectors which has highly benefitted due to the potential benefits of Blockchain technology in providing better healthcare services to the patients. According to Mettler (2016), the principles of Blockchain technology such as high transparency, instant access to information, decentralized services, and convenience are the significant benefits that Blockchain technology holds over the current system. Initially, Blockchain technology was limited to the financial institutions; lately, its benefits have been realized by several other industries. Numerous researchers have attempted to understand theoretical concepts and have proposed frameworks for different non-financial sectors. Moreover, the healthcare industry has its own set of challenges that are unique and requires the help of innovation to overcome its present obstacles. Bennett (2018) stated health care compliance standards and regulations as a significant challenge for healthcare institutions and workers due to the sensitivity of the information. Electronic health records existed before the emergence of Blockchain; however, amidst security and accessibility issues due to the vulnerability of the digital systems. It is believed that Blockchain technology, due to its inherent characteristics, has the potency to overcome the healthcare compliance issues in terms of security and accessibility and can be used to share information to the more extensive network of healthcare institutions efficiently and safely (Linn and Koo, 2016). Nevertheless, all these aspects of Blockchain can only be achieved through the development of a Blockchain-based data-sharing network that can be implemented within the healthcare sector for efficient data management and sharing processes.
According to Taylor et al. (2019), Blockchain is gaining grounds at a rapid pace in various aspects of information and communication technology (ICT). One of the main reasons behind the increasing interest of business is the growth of cryptocurrencies such as Bitcoin. However, Bitcoins is just a small portion of the broader-scoped Blockchain technology (Carson et al., 2018). Nevertheless, it can be argued that the Blockchain emerged because of a ground-breaking whitepaper submitted by Satoshi Nakamoto based on the transaction model used by Bitcoin. Peterson et al. (2016) defined Blockchain as a distributed transactional ledger that involves blocks, which represents a set of transactions that can be verified permanently. As traditional currencies required a third party to transfer funds, Blockchain came into existence to deprive of this third party. It developed as a financial ledger, which allows a new way to transact on a generalized framework for decentralized computer resources. The blocks are immutable, which adds to the security of the system. Each block comprises of hashes based on numerical digits used for the verification of the transaction. Moreover, the system is highly decentralized as the trusted authority is distributed notes (Angraal et al., 2017). The distribution of authority to the nodes leads to the different types of Blockchain: A Public Blockchain, a Private Blockchain, and a Consortium Blockchain (Kikitamara et al., 2017).
In a public Blockchain, all the transactions are accessible and visible to all the nodes in the network. However, some parts of the Blockchain can be encrypted to protect the information. Any individual who lacks any or considerable security aspects can join such type of Blockchain (Hölbl et al., 2018). On the other hand, in case of a private Blockchain, only those certain nodes that are authorized by the system managing the Blockchain can access the private Blockchain. This type of Blockchain is usually managed by a single organization and is highly secured (Hölbl et al., 2018). The third type of Blockchain is consortium Blockchain, which allows a specific group of people to join its network and is usually utilized by industries as can be managed by more than one organization/s if required (Hölbl et al., 2018).
Carson et al. (2018) defined smart contracts as a set of conditions that are programmed and made part of the Blockchain system. It’s similar a continuation to the If-Else condition logic in any programming language where once the conditions in the smart contracts are fulfilled, the transactions are automatically triggered. Smart contracts are codes specifically defined to establish a set of rules on which the parties undergoing contract agree and interact with one other. These smart contracts are considered decentralized automation, and through them, the digital assets to the parties are based in the agreement. The smart contracts are of vital importance in various sectors, including the medical sector, where it can play a pivotal role in delivering the health records of patients. According to McGhin et al. (2019), the patients’ information is highly sensitive and requires a highly secure system for its transaction. Simple encryption of data is ineffective for the management of patient records. In healthcare organizations such as hospitals, the retrieval of patient records is vital for effective and timely medical interventions. However, the patients are required to authorize access to their health records, which can be obtained through smart contracts. According to Ouaddah et al. (2016), smart contracts help in developing and managing authorization control as it provides the requirements to be fulfilled before granting access to the recognized personnel to either read data or modify depending upon his or her identity. Moreover, Buterin (2014) stated that Ethereum has the potential to assist the healthcare sector in utilizing smart contracts. The main intention of utilizing smart contracts for the healthcare industry, especially for the patient’s information is to ensure the patient’s authorization to be codified and executable. The utilization of the smart contracts for the healthcare sector is identified by Luu et al. (2015), in which it was stated that a patient might only want his or her data to be used for specific research. The smart contracts can be enforced on the top of the Blockchain, which validates the conditions and passes the information only when all the conditions of the smart contracts are fulfilled. The smart contracts not only validate the situation but also act as an auditing mechanism for the sharing of data that can be externally helpful in the healthcare sector.
According to Ekblaw et al. (2016), there are three main types of smart contracts in Blockchain technology: registrar contract, patient-provider relationship contract, and summary contract. The registrar contract specifically designed for the Ethereum platform of the Blockchain identifies strings to an address available on the Blockchain network. The policies that can be coded through the registrar contracts have the potency to regulate and register new entries into the system. On the other hand, the Patient-Provider Relationship Contract (PPR) is usually issued between the two nodes in which one node assist in storing and managing the medical records (Ekblaw et al., 2016). The nodes can be two different healthcare institutions. That could also involve the patient and the care provider. It is an assortment of pointers (data-related) that deals with providing permission and identifying the records of the patients to carry out the other process involved in data sharing. Summary contracts also play a vital role in healthcare-affiliated systems. The contract deals with a list of references about the patient records. This reference list helps in locating the correct information that plays a pivotal role in the deliverance of highly accurate and timely information to the retriever (healthcare practitioner). In highly advanced systems, such systems can also be used for users' notification (Ekblaw et al., 2016).
There are several use cases or applications where Blockchain can be used in healthcare, such as storage of electronic medical records, accounting of services provided in the insurance system, and the sale of prescription drugs (Ouaddah et al. 2016). The most apparent and appropriate option for the application of Blockchain technology in healthcare at the moment is the creation of a single Healthcare base. This will allow, firstly, to collect and make accessible the entire medical history of each patient: prescribed examinations, courses of treatment, diagnoses, test results. Secondly, it will allow the collection of information on the population in one place, and not only from the compulsory health insurance system (MHI) but also voluntary (VHI), as well as data on paid receptions. Today, in most cases, records of how and what disease was diagnosed, or what treatment was prescribed, remain only in the doctor’s computer or in the medical information system (MIS). Creating a unified database of Healthcare on the Blockchain will allow you to see the full history of the patient (Ekblaw et al. 2016) and is a win-win situation for all the parties involved.
To achieve this goal, it is necessary to solve the following tasks:
Identify the features of Blockchain technology.
To analyse the existing projects in the world on the Blockchain in the field of healthcare.
Identify the benefits and outline the prospects for using Blockchain to store medical and health data.
Develop a storage scheme for medical and health data on the Blockchain.
Identify technology deficiencies and identify possible problems with use (Mettler, 2016).
In several countries, pilot Blockchain projects are already being implemented and tested to increase the reliability and transparency of healthcare systems. In Estonia, since 2016, the E-Health Authority has been developing a pilot project on the use of Blockchain technology for tracking electronic medical records with Guardtime, a software security company that developed a digital signature system based on Blockchain. The state has agreed with Guardtime to transfer electronic medical records data to more than 1 million citizens on a Blockchain basis. At the same time, the Blockchain is being integrated into E-Estonia. The patient, as well as other persons who have access to electronic medical records, can track medical information, while the technology identifies the person, date, and time of viewing medical records. That allows the patient to control their data, and also ensures transparency of the medical care process (Carson et al., 2018). In 2016, Netherlands also adopted a Blockchain ecosystem for patients with chronic diseases, developed by Prescrypt (named after the proof of concept they developed), in collaboration with Deloitte and SNS Bank NV. The application based on online authentication iDIN service provided by banks as a means to connect to the Blockchain. IDIN service is based on the same security procedure as that of Internet banking (Luu et al. 2015). In the U.S., a BitHealth start-up that works closely with government agencies on an identical project using Blockchain technology to provide patients with further payment options when associating with insurers. Despite dependence on bitcoin, insurers who offer this method will have a significant advantage over their competitors (McGhin et al. 2019). Recently, a project was announced to introduce Blockchain in Chinese healthcare, in which Alibaba is involved. In Israel, the “Medrec” project is working on a smart contract system for exchanging medical records among different clinics (Luu et al. 2015). The Russian Ministry of Health in partnership with Vnesheconombank (VEB). On September 6, 2017, as part of a health session at the Eastern Economic Forum (WEF), the head of the Health Ministry said that Blockchain technology could be used to store electronic medical records of patients. The Ministry further emphasized that the medical records storage system will be depersonalized to the maximum extent, which will allow keeping medical privacy. That will enable the patients to determine for themselves what part of the information from their medical records they want to disclose. According to the expert, the cards on the Blockchain will allow eliminating paper bureaucratic "red tape" in medical institutions and focusing doctors' efforts on providing medical care. Besides, the Blockchain will contribute to the transparent and safe circulation of medicines issued by prescription. The ministry believes that in this way, you can avoid the facts of falsification of recipes. To preserve medical confidentiality between the patient and the doctor, it is proposed to use biometric data, which in emergency situations, the doctor on duty can get with the patient's fingerprint, even if the patient is unconscious (Kikitamara et al., 2017).
Although the storage of medical and health data and the organization of access to them can be realized without using a Blockchain, this technology ensures the integrity and safety of data and. Due to this, it has several advantages.
Exclusion of unauthorized data changes. The Doctor will not be able to remove the stored medical history of the patient. Therefore, the information will always remain in the system and will be identified and linked to the person who made it.
Exclusion of unauthorized use of data. Blockchain technology will restrict to manipulate data on the patient's medical history to obtain positive medical conclusions. Disease data cannot be entered or deleted in an unauthorized manner without the consent of the person who has the right to enter or correct such data. Thus, the system reduces the risk of corruption of giving a bribe to a medical worker to obtain a medical certificate.
Exclusion of unauthorized access to data. In the Blockchain system of electronic medical records, each patient will receive a digital key for access to personal information that will not be publicly available. Patients independently control access to their data, determining which medical institutions and doctors can see the information.
Unification and standardization of case history data and clinical trials (analyzes). Since the system is global and has a single structure, users can provide their data to doctors in any clinic.
Collection of reliable statistics. Blockchain eliminates the possibility of data manipulation.
Large data on clinical cases will allow any healthcare practitioner from anywhere around the globe to look at an existing instance of recovery and put it into practice and utilize it to provide the best possible treatment.
New opportunities for using data for research purposes. Such a system of electronic medical records will provide scope for research into the causes of diseases and new therapies. Many will gladly share their genetic code or data from wearable devices (gadgets, bracelets, etc.), provided that anonymity is easily implemented on the Blockchain (Hölbl et al., 2018).
Despite having strong security capabilities, Blockchain possesses certain limitations. Some of the significant concerns regarding the Blockchain system are mentioned below:
The problem with key management. In the case of transferring the patient’s health data to the Blockchain, the patient and the doctor will receive private access keys - however, it is not clear how access will be organized in case of patient incapacity with the key(Peterson et al. 2016).
Data security is only in theory. There is no apparent certainty that the Blockchain storage system will be safe. Managing access to medical data is more complicated than managing payments or access to crypto-wallets, and the latter regularly turn out to be targets for hackers, moreover, successful. At the same time, medical data on the black market are valued much higher than credit card or banking details, which may see a spike in hacking attacks and more sophisticated ones (Taylor et al. 2019).
Lack of practical experience in use. Most technological solutions using the Blockchain are only a few years old; they have not been tested in production conditions. Smart contracts, distributed storage systems are at a very early stage of development, and this increases the security risks and development costs (Angraal et al., 2017).
With the combination of proper security and the technological advantages, Blockchain possesses and has opened new doors to tackle several security concerns that exist in cyberspace. The technology is being adopted to provide better and secure healthcare facilities to patients. However, as the technology is still not mature enough, we will need further analysis and time so it can be optimized. But in general, Blockchain provides the basis for a breakthrough in healthcare. Using Blockchain can aid the sector in delivering better, secure, and safer medical data storage. The Blockchain can further provide a unified health register to patients, which can be utilized at any healthcare facility to analyse the case of a patient from the very initial level. In addition to that, the Blockchain can also provide a single go-to solution for the storage of all types of medical reports of the patient, including MRI, X-rays, and test results. The patient will also be able to control the flow of his/her medical information and will be protected from any data manipulations which occur and be able to obtain the best medical advice and treatment.
The health service system is a domain with high data intensity where several data are created, tested, stored, and accessed daily. For example, there is a new row of data generated each time a patient performs tests such as E.C.G, tomography, etc., this data will then be analyzed by a radiographer and then by a doctor. The results will then be stored in the hospital, which will then be accessible when required (Zhang, Xue, and Huang, 2016; Esposito et al. 2018). Unfortunately, not all medical records are available in electronic form and can be accessed from different hospitals or health clinics. Thus, often, more than one medical test may be required to analyze the same symptoms (Khan et al., 2014). That adds to the health costs borne by patients and the insurance industry. Medical records containing personal and sensitive data are very likely to be targeted for cybercrime attacks. Data integrity services should ensure that the privacy of the patients is protected not only from external hacktivists but also internally within the ecosystem from rogue employees or through cloud providers (Sharma, Chen and Sheth, 2018).
Emphasizing the theme of the thesis and the goal of the research, various aspects, and implications will be taken into consideration for recommending, designing, and implementing the framework in the healthcare industry serviced every institution aligned with the Blockchain technology (Theodouli et al., 2018). Following is the graphical representation of the Blockchain framework proposed for sharing data among different healthcare sector stakeholders.
The graphic illustrated above is the depiction of a Blockchain-based practice designed to store and share a medical record or other relevant information. Alternatively, the healthcare system is designed to take into account the cooperation of different healthcare organizations and a central database that can be accessed through Blockchain-based networks. The main components included in the entire Blockchain system and also involve databases for various healthcare institutions, including healthcare service delivery institutions and research centers. The healthcare service delivery institutions, including a small or large hospital, are identified as one of the main users of data sharing framework driven by consortium Blockchain technology. The main functions of these healthcare institutions are to generate and develop new information or processing operations for retrieving existing information from existing healthcare databases Xia et al., 2017). All of these issues are linked together with the help of Blockchain technology assisted by top-down P2P collaboration and other centers that are connected to the Blockchain network. In this regard, consortium Blockchain technology is identified as the most favorable Blockchain network for the healthcare sector. According to Guo et al. (2018), the consortium Blockchain network can be accessed by various stakeholders working in the healthcare sector. A clinical database is identified as a home database of an organization or health care Centre. This information can be shared in a health facility that is either a town, county, or state depending on the size of the project. This database will be a cloud-based storage option that will allow secure data storage. The flow of information to create a new patient record includes cloud storage by a small healthcare organization that generates data stored via Blockchain technology in a home database that will be transferred to the primary database through a database Blockchain to peer networks (Xia et al., 2017). The information stored in the central security area is unchanged and will be available for inspection of its traffic.
In this domain, it aims to provide information related to different architectural layers, interactions, and components involved in the proposed Blockchain-based data sharing,
The entire medical records and data can be store off Blockchain in a data warehouse called a data lake. High scalability can be utilized through these data lakes, and a variety of data, from documents to images to critical parameters can be stored. Data lakes can be a beneficial tool for health investigations. They can also be used for different examinations, including mining for features that affect results, defining optimum treatment selections based on genetic markers, and finding parameters that effect preventative medicine. These Data lakes will also provide text analytics, text mining, interactive queries, and machine learning. Information stored in these data lakes will be encoded and signed digitally to safeguard the legitimacy and of the data. After a health care practitioner generates a medical report (MRI, pathology result, test report, prescription), a digital signature will be created to authenticate the legitimacy of the medical report (image or document). The medical record will be encrypted and transferred and stored in the data lake. Each time information is stored in the data lake, an indicator to the health record will be registered in the Blockchain together with the user's exclusive identifier. Then, the patient will also be reported that the health record was updated in his Blockchain. Similarly, a patient would also be able to input health data with digital signatures and encryption, from mobile applications and portable sensors.
This section explored the scenario of the implementation of the Blockchain as the basis for a health service system that can be used and involves various stakeholders' participation and interests. This implementation scenario is expected to be considered by those who function as regulators to develop regulations regarding health system services. Some parties that might have benefits as regulators of information include the ministry of health, the ministry of informatics, the financial services authority, and also the ministry of industry.
To address the concerns of the patients related to data sharing, this section focuses on discussing the data breaching and privacy issues related to My Health Records Australia. Moreover, it also aims to assure the factors related to accountability and workflow automation through leveraging the characteristics of Blockchain technology. The MHR is a system that keeps track of all the health information data in one secure place. The MHR can be accessed by different users like doctors, hospitals, and even pharmacists. That is the system's primary use. For secondary use, the system can be used by researchers and other people for academic purposes.
a. THE USE CASES FOR THE MHR:
User login
Write prescriptions
Recommend patients to specialists
View data
Delete data
b. THE MISUSE CASES OF THE MHR:
Alter record data
Alter prescription data
Improper recommendation
Steal data
The “user login” use case is the first step toward accessing this system. The MHR uses authentication to verify that the user is authorized to use it. All the actors interacting with the system must use this use case to gain entry into the system (Bhuiyan, Haque, and Shabnam. 2018). The doctor, hospital, pharmacists, and researchers all use their authentication details to login to the system using this use case. The user inputs the login information into the system. The MHR validates the input and then either allows access to the system if the input information is correct or shows an “Incorrect details. Authentication failed.” message if the input information is wrong. The system allows up to three attempts for login and after that, blocks the user account for 24 hours to prevent any unauthorized access such as brute force attack.
c. USE CASE DESCRIPTION:
User login - (Actors: Doctors, Hospitals, Pharmacists, and Researchers)
Actors enter their login details to login into the system
Actors input authentication details (username and password).
Extensions: Entered login details are invalid:
The system cannot validate the actor inputs. The system notifies the actor.
The system allows the user three attempts to give correct login details.
The system locks the account for 24 hours if wrong input details are given three
According to the findings related to Australian MyHealth Records, it is identified that the process of implementing MyHealth Record was one complex procedure that resulted in developing different challenges for the patients and other stakeholders associated with the sharing and utilization of the data (Bhuiyan, Haque, and Shabnam. 2018). On the other hand, the government and regulatory authorities in Australia have been active in the process of effective and successful execution of MyHealth Record and integrating vast patient base in the one entire healthcare system. Careful planning has been completed by implementing MyHealth records in concepts, laws, health care costs, and system training. In the system model and support framework, stakeholders and e-health experts expressed various concerns, as shown in the analysis. Currently, the concerns related to data breaches and preventing these breaches are one of the critical issues with regard to the use of MHR. In addition to this security, aspects are also one of the primary objectives related to data breaches in the execution and utilization of the MHR system by the patients. In current conditions, this system compared to the patient's healthcare records lacks the provision of clear framework related to engaging patients in the decision-making process. That also includes the identification of entities accessing data and the reasons behind accessing the patient data. With regards to the security of patient data and implementation of policies related to the privacy of patient data, it is crucial to assure effective sharing of patient health data among healthcare professionals, it is essential to focus on the implementation of the explicit and controlled framework. In this regard, a Blockchain-based data-sharing framework is proposed for MHR that would result in assuring the privacy and integrity of patient data through the integration of Blockchain and assuring the combination of broad patient information database for improvement in the healthcare sector (Bhuiyan, Haque, and Shabnam. 2018).
In this section of the study, different use case scenarios of proposed system are identified including Registration of Users, Data Sharing of patients and healthcare professional permission request to have easy access for healthcare data of the patients.
a. REGISTRATION OF USERS
Through the use of dedicated application User Interface, the user is involved in the registration process to the Registry Contract through identifying a distinctive field specially generated for them. In the given scenario, if the user is a patient, a unique Patient Data Contract is developed, and this address is used as a reference back to the Registry Contract (Guo et al., 2018).
b. DATA SHARING OF PATIENTS
For the issues related to the anonymity of the patients, the Cloud Clinical Platform or Web Platform can be connected by the patients through which the patient is involved in sharing their data through either using an account or without using any account. With respect to the process of data sharing in the scenario of not using any account, the healthcare data of the user will be uploaded and stored anonymously on the platform. In this process, authentication of user and verification of email will be executed. That would lead towards the identification of a distinctive field of the user along with the storing the patient data. Considering the ethical issue of patient storing information, in the given case scenario, there will be issues related to storage of field, as the patient is not involved in storing the private information of Clinical domain (Xia et al., 2017).
c. REQUEST PERMISSIONS
The foremost and single requirement in this regard is that patients who have attained registration with MHR. This would serve as implied permission of the patients that they are allowing the healthcare entities to access their data, however failing to maintain the anonymity of the data and patient. Each healthcare practitioner can access any data of any patient without the permission of the patient himself (Khan et al., 2014).
Due to the centralized data sharing scheme, patient delicate data can be easily forged or altered and can even be used against the patient himself. This all can be quickly done just by having the credential to access the database. Therefore Block-based data sharing for MHR is limitedly associated with technology vendors and the cybersecurity practices adopted by healthcare entities. Possibly these practices would result in informing the design and implementation of the system. Through taking on a block-based data-sharing framework, MHR could make assure that their data sharing framework possess compliance with roadmap recommendations (Xia et al., 2017).
In this section, two processes of the Australian My Health Record System will be examined. Their actions with the MHR system will also be emphasized. The malicious action activities against the process actions will also be discussed.
To mitigate MHR system threats, the Malicious-Activity Diagram method is not reliable for risk management practices to address the possibility of security threats as it has some restrictions. MAD does not proposal instructions on how to use its concepts (Chowdhury et al. 2012). For example, activity addresses both risks management of an organization's assets as well as cybersecurity assets. MAD is not an effective method for labeling some cybersecurity risks principles, like security measures, vulnerabilities, incidents, and also threats (Chowdhury et al. 2012).
a. “to login into the system” process malicious actions:
• Flood the system
• Spoofing attack
• Brute force attack
• Reveal patient’s sensitive health records
The “to login into the system” process is mostly done to get into the system. After users get successfully logged in within the system, then they can access all the data related to them. Users enter their login information (Bhuiyan, Haque, and Shabnam. 2018). Then the MHR system checks the data entry. If the inputs are accurate, the system permits them to get access to the system. If the login details are inappropriate, the system shows a "Login Failed" message, and therefore, it permits the user up to three attempts to login acceptably and then, it blocks the user’s account for 30 minutes.
A system of data management utilising secure block chain technologies that are secure and that allow patients to retain the ownership of their personal records while providing hospitals with chances of easily accessing the same information. Our system is based on the Ethereum service, a platform that is dcentralised and that facilitates the running of applications by developers on custom-built foundations. Majority of the times, storage that is innately sufficient is not offered by blockchain and that necessitates the storage of actual medical records on decentralised cloud storage like the Ethereum Swarm which is a native base layer service of the Ethereum web3 stack which functions as a distributed platform for storage. Different entities in the block chain that are masked with pseudonyms (addresses), could exchange value between them through sending transactions to those networks that are validated. The biggest advantage of the adoption of Ethereum isthat it has flexible and adaptable features that allow the buildingof any blockchain applications like My Health Records. The Ethereum platform, just like Bitcoin has a block chain that contains data transaction blocks and also smart contracts. An algorithm referred to as proof of work is used by miners for the verification and appending of blocks to the block chain and for the achievement of a tamper-resistant consensus that is also secure in the networks nodes. Every block has a hash of its previous block in an order that is chronological. The platforms harsh algorithm has a cryptography that guarantees that linked blocks are resistant to modification and block chain data is immutable. Ethereum contains two different accounts; contract accounts and externally owned accounts. Al these accounts are indexed by 20-byte addresses and further defined by pairs of keys, a public key and a private key. Every user needs to create accounts to facilitate the interaction with the Ethereum block chain. The creation of an account would enable them to become entities in the network.
Smart contracts are types of self-operating computer programs that could be automatically executed when specific conditions are met. A smart contract, in the Ethereum block chain is a special account that contains data and code that has multiple programmable functions. Etheruem accounts can be used by their users for interaction with smart contracts through Application Binary Interfaces (ABI`s). New transactions sent from accounts trigger the functions defined in smart contracts. Through the property, entities are able to implement their job functionalities like handling of requests, transmission of data and access management.
An Ethereum transaction is a data packet that transfers ethers (Ethereum native tokens) to different accounts. Typical transaction structures are as follows; Account Nonce, recepients adress, Gas price, Gas limit, Ether value, signature of sender and data field. In our model, the data field would be used for the declaration of request IDs to smart contracts for data request on cloud storage.
Enterprise Ethereum would enable sharing of data among the medical community that is structured and secure among the medical community through databases that are decentralised. The working of these structures facilitates the protection of the data of patients and also their privacy and also allows for the visibility of doctors over the medical histories of their patients. The structures further empower researchers to use shared data for propelling of scientific progress.
Blockchain solutions also facilitate structured ownership of data through permission and privacy layers that are built on the Ethereum. While patients are not capable of changing nor deleting specific medical information that doctors input into their profiles, they are in a position to control access to their medical records through either granting partial or full visibility to different stakeholders in the healthcare ecosystem. For instance, while patients could share their medical records with different medical specialists, they could also choose to share only the data that is non-identifiable with larger healthcare organisations and also scientific research firms.
With transparency, interoperability and immutability all introduced by Enterprise Ethereum, the management of the drug supply chain becomes increasingly accountable and secure. Coherent interaction of block chain systems and applications along the supply chain is ensured by the interoperability between networks. As such, pharmaceutical companies are capable of registering their products on the block chain and further tracking movements to end consumers from source points.
The risk of data fraud is reduced by ethereum through its consensus mechanism and centralised structures that guard against manipulation and hack. Proofs of existence could be offered to documents together with verification of authenticity on the block chain. Most of the nodes then reach consensus for approval of new transactions and prevention of the modification of data. That promotes trustworthy trial results, protects data`s integrity and further encouraged collaboration among the research community.
As we saw in the section how the MHR system though helpful to the Australian citizens, it can also be accessed, manipulated and distorted if required by people accessing it. On the other hand, the multiple summarized advantages of using the Blockchain-based Data sharing Framework are mentioned below-:
1) Attack Resistance - Resilient to the more common Security attacks such as Masquerade Attacks, Replay attack, Brute Force attacks etc.
2) Maintaining Secrecy
3) Data Integrity
4) Access Control and Privacy Protection
5) Tamper-Proof and Non-Repudiation of Unauthorized Data Access
In this section, we further saw a system design presented to enable sharing of healthcare data for MyHealth Record Australia and also to assure that permission activities are executed in a private, secured and auditable manner through considering the distinctive attributes of the Blockchain. In addition to this, the primary focus was given on improving security systems through integrating entities requesting data in order to assure the integrity of the data through the Blockchain infrastructure. The proposed Blockchain-Based Data Sharing (BBDS) Framework for MHR can be utilized for the purpose of exchanging healthcare data and operability of Blockchain-Based Data Sharing Framework between the Australian government, MHR, patients and healthcare professionals and entities.
This section focuses on the contrastive analysis of the Blockchain mechanism with the conventional system and also provides a brief understanding of the pathways Blockchain offers if the framework discussed in Section-3 gets applied to the healthcare system. The section will also focus on conducting a comparative study on all the key parameters, which are a significant roadblock in implementing health care services in the cyberspace.
Gordon and Catalini (2018) conducted research where they discussed the interoperability issue in Blockchain; stating that a trend of patient-based interoperability has emerged through the conventional electronic data interchange (EDI) mechanism used in the healthcare organizations such as hospitals and laboratories. Though patient interoperability was convenient, it resulted in privacy and security concerns due to additional accesses to the patient's data. This study will further illustrate an essential role in presenting evidence for interpreting the privacy and security concerns due to the emergence of patient-based interoperability.
For this purpose, five attributes were taken into consideration:
Data liquidity,
Data immutability,
Data aggregation,
The research played a crucial role in the identification and resolution of the barriers associated with the patient-based interoperability. The issues addressed were specific to the volume of the data, privacy and security of data, transaction of clinical data and incentives in the system for advocating the benefits of data sharing and patient engagement in systems about sharing of patient's health records. For this purpose, they offered a generic framework that sought to solve the current issues of institutional-based interoperability in the health care sector by incorporating the patient-based interoperability through Blockchain.
Collectively, it can be inferred that Blockchain provides better security for data sharing. Gordon and Catalini (2018) reported that the patient-driven interoperability achieved through Blockchain technology imposes new challenges for security and data privacy. Whereas, Peterson et al., (2016), Patel (2018), Al Omar et al. (2017), Vora et al. (2008), Chen et al. (2019) and Shen et al. (2019) considered it a valuable addition in rendering advanced security to the data-sharing mechanism. In addition to the above-stated arguments made in four different studies, Gaetani et al. (2017) also supported their case by indicating the Blockchain technology has emerged as a new technology that provides better security in data sharing due to its high transparency. Transparency helps track down cyber-attacks due to its ability to provide substantial information for audit. Solanki (2018) also believed that Blockchain is a more secure option due to its high interaction with the role-based access controls that help in providing a secure transaction of data and access to specific individuals in an organisation. The implementation of GDPR further requires the institution accessing the information to strengthen their security through stricter data access control policies on their relevant applications based on GDPR guidelines and business efficacy (Zheng et al., 2018). Based on the articles reviewed under literature survey, Blockchain does provide better privacy and security measures for the data owners. Gordon and Catalini (2018), Peterson et al. (2016), Patel (2018), Al Omar et al. (2017), Vora et al. (2008), Chen et al. (2019) and Shen, Guo and Yang (2019) considered Blockchain technology as pivotal in strengthening the data ownership cases of digital assets.
The thesis indicates that the data ownership within the Blockchain assisted framework associated with the healthcare industry depends on the fine details of the framework. One of the critical indicators of data ownership in the Blockchain system is data interoperability. The actors with the highest data interoperability in a data-sharing framework have the ownership of data. In the healthcare industry, one of the main reasons for the lack of implementation of Blockchain is the data ownership issue. Based on the patient-driven data interoperability framework for data sharing (Gordon and Catalini, 2018), the data ownership rest on both patients and the institutions. Whereas, based on the given framework, data ownership entirely rests on the institution's shoulders.
Stephen and Alex (2018) stated that data ownership in the Blockchain is stringent than other available options, especially for the consortium and private Blockchain type systems. The high level of trust and transparency fused with a high sense of data ownership and data access control makes it an appealing option for implementation on a broader scale. However, certain limitations associated with the Blockchain technology have created obstacles in its wide-scale implementation. Similarly, Dias et al. (2018) confirmed the Blockchain technology is the most secure in terms of data ownership by stating that it provides the data ownership back to the users and giving them an option of whether specific information can be shared with others or not. GDPR now also requires individual businesses involved in the healthcare sector to invest in the security of systems using Blockchain technology which strengthens the security aspect of the electronic databases for storing and transferring patients' personal and non-personal information; which involves data ownership rights to the patients themselves (Zheng et al., 2018). Besides, the healthcare system also is designed considering the interaction of various healthcare organization with the central database which is accessed through the Blockchain-based networks. The primary components in a Blockchain system include a database for the clinics and healthcare institutions such as small and large hospitals. These small and large hospitals are the primary users of this healthcare system powered by Blockchain technology. These hospitals either create new information or retrieve the already existing data from the healthcare database. All these databases are linked together with the help of the Blockchain technology assisted by super peers that provide P2P interaction with other institutions connected in a Blockchain network. The Blockchain technology for this system can be of any type.
However, the most favorable type of Blockchain network for healthcare network which can be accessed by numerous healthcare organizations are either consortium or public Blockchain, whereas, the clinical database is the local data storage facility of the healthcare organization or facility. The information is later shared on to the central healthcare database, which can be of a city, district or country-based level depending upon the scope of the project. This database will ideally be a cloud-based storage option allowing storage of a large amount of data conveniently. The flow of information for generating a new patient record involves either a small or a large healthcare organization generating data which is stored through the Blockchain into a local database which is then transferred to the central database through the Blockchain peer to peer network. The information stored in the central database is immutable and will be available for an audit of its trail. This framework is inspired from the one proposed by Shen, Guo and Yang (2019). Moreover, it requires a healthcare data record which needs to be translated into immutable information that is stored into a relevant database based on the Blockchain assisted system.
This thesis review provides a key overview of the Blockchain technology and its related concept which resulted in the generation of motivational and analyzing scenario. Moreover, a literature survey section was also made part of this review in which the key articles related to the Blockchain systems for data sharing in the healthcare industry is discussed. Comparisons have been made and the information pertaining to the frameworks and algorithms are provided. In addition, the advantages and disadvantages of Blockchain technology, data sharing, secure sharing of information; data ownership and data access control have been discussed. The key research were compared and contrasted to answer the Blockchain role in providing security and privacy on data access control, data sharing and data owners. All this information would result in achieving the objective of the research which is to develop a Blockchain based data storing and sharing system capable of being used in healthcare sector for managing patients’ healthcare record. Cruz et al. (2018) stated that there is an element of roles disguise which can be used to gain unauthorised access to the system such as those involved in data storing and sharing in the healthcare industry. This can be prevented with the help of the physical certificates such as cards for identification and passwords. Context-Aware Access Control (CAAC) principles and guidelines play an important role (Kayes at al., 2018) developed a policy framework for the use of blockchain technology as a role based or any other based systems for data sharing and storage application. The Context-Aware Access Control (CAAC) is also used in managing the security of the blockchain systems in which the access to the system is provided to the individuals on the basis of data security policies (Kayes et al., 2019). The context-aware access control systems involve changing roles and authentication rights among different employees. In dynamic environments, contexts are constantly changing such as in healthcare sector. Such a sector requires an authentication and access control system that is based on the changing dynamics. This type of access control is also beneficial for the healthcare industry as any situation of energy may require context-aware access control policy to grant access to the individuals under specific conditions (Kayes et al., 2017).
This extensive study can be utilized as an add-on to further research of this thesis survey towards the development of a better data sharing framework involving Blockchain technology and in the event of a Blockchain-based data storing and sharing mechanism which has the potential to optimize the processes across industries. One of the prospects of adopting Blockchain in the future is in implementing Blockchain-based data storage and sharing mechanisms for improved medical interventions.
Al Omar, A., Rahman, M. S., Basu, A., & Kiyomoto, S. (2017). Medibchain: A Blockchain based privacy preserving platform for healthcare data. In International conference on security, privacy and anonymity in computation, communication and storage (pp. 534-543). Springer, Cham.
Bhuiyan, M., Haque, F. and Shabnam, L., (2018). Integration of organisational models and UML Use Case diagrams. Journal of Computers, 13(1), pp.1-18.
Carson, B., Romanelli, G., Walsh, P. and Zhumaev, A., (2018). Blockchain beyond the hype: What is the strategic business value. McKinsey & Company.
Chowdhury, M. J. M., Matulevičius, R., Sindre, G., & Karpati, P. (2012, March). Aligning mal-activity diagrams and security risk management for security requirements definitions. In International Working Conference on Requirements Engineering: Foundation for Software Quality (pp. 132-139). Springer, Berlin, Heidelberg.
Dias, J. P., Reis, L., Ferreira, H. S., and Martins, . (2018). Blockchain for access control in e-health scenarios. arXiv preprint arXiv:1805.12267.
Dubovitskaya, A., Xu, Z., Ryu, S., Schumacher, M. and Wang, F., (2017). Secure and trustable electronic medical records sharing using Blockchain. In AMIA Annual Symposium Proceedings (Vol. 2017, p. 650). American Medical Informatics Association.
Ekblaw, A., Azaria, A., Halamka, J.D. and Lippman, A., (2016), August. A Case Study for Blockchain in Healthcare:“MedRec” prototype for electronic health records and medical research data. In Proceedings of IEEE open & big data conference (Vol. 13, p. 13).
Esposito, C., De Santis, A., Tortora, G., Chang, H. and Choo, K.K.R., (2018). Blockchain: A panacea for healthcare cloud-based data security and privacy?. IEEE Cloud Computing, 5(1), pp.31-37.
Gaetani, E., Aniello, L., Baldoni, R., Lombardi, F., Margheri, A., and Sassone, V. (2017). Blockchain-based database to ensure data integrity in cloud computing environments.
Gordon, W.J. and Catalini, C., (2018). Blockchain technology for healthcare: facilitating the transition to patient-driven interoperability. Computational and structural biotechnology journal, 16, pp.224-230.
Guo, R., Shi, H., Zhao, Q. and Zheng, D., (2018). Secure attribute-based signature scheme with multiple authorities for Blockchain in electronic health records systems. IEEE Access, 6, pp.11676-11686.
Kayes, A. S. M. & Rahayu, Wenny & Dillon, Tharam & Chang, Elizabeth & Han, Jun. (2017). Context-Aware Access Control with Imprecise Context Characterization Through a Combined Fuzzy Logic and Ontology-Based Approach. 132-153. 10.1007/978-3-319-69462-7_10
Kayes, A., Rahayu, W., Dillon, T., Chang, E. and Han, J. (2019). Context-aware access control with imprecise context characterization for cloud-based data resources. Future Generation Computer Systems, 93, pp.237-255.
Kim, K.K., Joseph, J.G., and Ohno-Machado, L., (2015). Comparison of consumers’ views on electronic data sharing for healthcare and research. Journal of the American Medical Informatics Association, 22(4), pp.821-830.
Kostkova, P., Brewer, H., de Lusignan, S., Fottrell, E., Goldacre, B., Hart, G., Koczan, P., Knight, P., Marsolier, C., McKendry, R.A. and Ross, E., (2016). Who owns the data? Open data for healthcare. Frontiers in public health, 4, p.7.
Liang, X., Zhao, J., Shetty, S., Liu, J. and Li, D., (2017), October. Integrating Blockchain for data sharing and collaboration in mobile healthcare applications. In 2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile Radio Communications (PIMRC) (pp. 1-5). IEEE.
McGhin, T., Choo, K.K.R., Liu, C.Z. and He, D., (2019). Blockchain in healthcare applications: Research challenges and opportunities. Journal of Network and Computer Applications.
Mettler, M. (2016, September). Blockchain technology in healthcare: The revolution starts here. In 2016 IEEE 18th International Conference on e-Health Networking, Applications and Services (Healthcom) (pp. 1-3). IEEE.
Ouaddah, A., Abou Elkalam, A. and Ait Ouahman, A., (2016). FairAccess: a new Blockchain‐based access control framework for the Internet of Things. Security and Communication Networks, 9(18), pp.5943-5964.
Peterson, K., Deeduvanu, R., Kanjamala, P. and Boles, K., (2016), September. A Blockchain-based approach to health information exchange networks. In Proc. NIST Workshop Blockchain Healthcare (Vol. 1, pp. 1-10).
Ribitzky, R., Broedl, U., McFarlane, C. and Clauson, K.A., (2018). Data Sharing? The Case for Blockchain at the Global Convergence of Healthcare, Life sciences, and Consumer Markets. Blockchain in Healthcare Today.
Shen, B., Guo, J., and Yang, Y. (2019). MedChain: Efficient Healthcare Data Sharing via Blockchain. Applied Sciences, 9(6), p. 1207.
Solanki, N., Huang, Y., Yen, I. L., Bastani, F., and Zhang, Y. (2018, July). Resource and role hierarchy based access control for resourceful systems. In 2018 IEEE 42nd Annual Computer Software and Applications Conference (COMPSAC)(Vol. 2, pp. 480-486). IEEE.
Taylor, P.J., Dargahi, T., Dehghantanha, A., Parizi, R.M. and Choo, K.K.R., (2019). A systematic literature review of Blockchain cyber security. Digital Communications and Networks.
Theodouli, A., Arakliotis, S., Moschou, K., Votis, K. and Tzovaras, D., (2018), August. On the design of a Blockchain-based system to facilitate Healthcare Data Sharing. In 2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE) (pp. 1374-1379). IEEE.
Vora, J., Nayyar, A., Tanwar, S., Tyagi, S., Kumar, N., Obaidat, M. S., and Rodrigues, J. J. (2018, December). BHEEM: A Blockchain-Based Framework for Securing Electronic Health Records. In 2018 IEEE Globecom Workshops (GC Wkshps)(pp. 1-6). IEEE.
Zheng, X., Mukkamala, R. R., Vatrapu, R., and Ordieres-Mere, J. (2018, September). Blockchain-based personal health data sharing system using cloud storage. In 2018 IEEE 20th International Conference on e-Health Networking, Applications and Services (Healthcom) (pp. 1-6). IEEE.
Academic services materialise with the utmost challenges when it comes to solving the writing. As it comprises invaluable time with significant searches, this is the main reason why individuals look for the Assignment Help team to get done with their tasks easily. This platform works as a lifesaver for those who lack knowledge in evaluating the research study, infusing with our Dissertation Help writers outlooks the need to frame the writing with adequate sources easily and fluently. Be the augment is standardised for any by emphasising the study based on relative approaches with the Thesis Help, the group navigates the process smoothly. Hence, the writers of the Essay Help team offer significant guidance on formatting the research questions with relevant argumentation that eases the research quickly and efficiently.
DISCLAIMER : The assignment help samples available on website are for review and are representative of the exceptional work provided by our assignment writers. These samples are intended to highlight and demonstrate the high level of proficiency and expertise exhibited by our assignment writers in crafting quality assignments. Feel free to use our assignment samples as a guiding resource to enhance your learning.