Blockchain and smart contract for access control in healthcare: A survey, issues and challenges, and open issues

Abstract

Emerging technologies are playing a critical role in the evolution of healthcare systems by presenting eHealth to provide high-quality services and better health to wide-range of patients. Achieving the eHealth goals highly depends on employing modern information and communication technologies (ICTs) to securely and efficiently collect and transmit electronic health records (EHRs) and make them accessible to authorized users and healthcare providers. However, the adoption of EHRs in healthcare providers puts the patients’ privacy and their information security at risk of data breaches. The advent of smart contracts and blockchain technology paves a way for developing efficient EHR access control methods to support secure identification, authentication, and authorization of the clients. This paper delineates an extensive survey on the state-of-the-art blockchain-based access control methods in healthcare domain as a basis for categorizing the existing and future developments in access control area. A thematic taxonomy of the blockchain-based access control methods is also presented to recognize the security issues of the existing methods and highlight the fundamental security requirements to design a granular access control method. This paper also aims for examining the similarities and differences of the traditional access control methods and describes some substantial and outstanding issues and challenges as further directions.

Introduction

Nowadays, by developing the smart technologies, such as Internet of Things (IoT) and virtual and augmented reality, the majority of healthcare providers are interested in replacing the conventional healthcare systems with eHealth. The main objective of eHealth is to revolutionize health information management and improve the healthcare system through modern information and communication technologies (ICTs) (Pagliari et al., 2005). Delivering the health services and information, through smart IoT devices by using the Internet with the aim of reducing the cost, and enhancing the scalability and time efficiency is an application of eHealth (Sebestyen et al., 2014, Ahern et al., 2006).

To achieve these potential benefits of eHealth, it is essential for healthcare providers and industries to regulate and optimize the electronic distribution and transmission of medical information to the physicians. Undoubtedly, the key component of eHealth systems is Electronic Health Record (EHR), which refers to storing a patient’s paper chart digitally, with the purpose to promptly and securely make the information available for authorized third part (Iakovidis, 1998, Giannelos, 2019). EHRs, as a vital part of eHealth, may include all required information of a patient regarding medical history, diagnoses and treatments, laboratory results, and images (i.e., X-ray and MRI) (Shickel et al., 2018). They help to simplify the healthcare providers’ work-flow by providing an access to evidence-based tools and practices to improve patient’s care services. Indeed, the core feature of EHRs for healthcare providers is to create and manage the digital format of health information, which can be shared across multiple authorized healthcare providers (What is an electronic health record (EHR), 2019). As a result, developing a secure and efficient medical data access control to validate the permissions and share the EHRs is a fundamental prerequisite for healthcare providers.

The National Coordinator for Health Information Technology (ONC) provided a list of guidelines and regulations to meet the medical data access control requirements and overcome the existing security and privacy issues and challenges. These regulations can be categorized into four groups: (1) Identity Verification and Authentication: Patient’s authentication plays a critical role in healthcare providers and origination to preserve the patient data and prevent medical identity fraud. In other words, electronic health information in the health centers and care providers should be easily authenticable and identity proofing. However, the majority of health organizations suffer from the lack of consistent identity proofing and authentication (DeSalvo, 2015). (2) Data storage and transmission: Managing and storing huge amount of EHRs locally along with secure data sharing are known as critical challenges of electronic data in healthcare providers. (3) Developing privacy rule using computable contracts: Natural language includes legal options, relationships, and constraints, which are used to define daily interactions and transactions. However, applying natural language to legalese will usually affect a negative impact on both parties due to its incompleteness and ambiguity (Rosenberg and Xu, 2015). (4) Consistent Data Formats: Healthcare providers and IT venders usually encounter different standard format for clinical data transmission. To share the healthcare information between healthcare IT venders, the Continuity of Care Document (CCD) was developed as an XML-based standard considering with Health Level Seven International (HL7) Clinical Document Architecture (CDA) elements (, which are interoperability, understandability, security, quality and reliability, and efficiency). Due to inefficiency of CCD, in 2014, the Consolidated-Clinical Document Architecture (C-CDA) was developed as a base standard for creation and transmission of patients’ EHRs, which consists of diverse file types, progress reports, clinical summaries, and consult notes (Ali et al., 2019).

The ideal solution to meet these requirements and improve the scalability and efficiency is to leverage of cloud-based healthcare system (Li et al., 2013, Qian et al., 2014, Zhang et al., 2018b) and in which the EHRs must be outsource to the cloud storage and the management of data will be delegated to cloud service providers. These methods usually use attribute-based encryption (ABE) or identity-based encryption (IBE) to define the access policies and permission revocations (Sookhak et al., 2017). However, the CSPs are not fully trustable (honest but curious) and the patients’ privacy may be at risk. For example, the CSPs may share the EHRs with other organizations for research or drug advertising purposes without taking the data owners’ permissions results in critical information leakage issues. Preserving the integrity of outsourced data in cloud-based system also requires leveraging a remote data auditing schemes that inures considerable computation and communication overhead on users and cloud servers. Moreover, cloud computing can be used to develop centralized applications, which are not secure when the CSPs are under attacked and compromised (Sookhak et al., 2014, Sookhak et al., 2015, Sookhak et al., 2018). The huge number of data breach reports clearly shows the data security and privacy deficiencies, which can be addressed using blockchain technology (HHS Proposes, 2019).

As a matter of fact, implementing a score EHR access control method highly depends on supporting identification, authentication, and authorization (permission verification) (Ausanka-Crues, 2001). Access control methods require to ensure the legitimated users are only able to access resources while they are able to track and audit effectively the users’ activities. The blockchain technology has arisen as a potential solution to meet such requirements, which provides a decentralized, trust-less, tamper-proof, distributed ledgers over pear to pear network (Zheng et al., 2018). The blockchain is also invulnerable against the central point of failure since all nodes in blockchain architecture are correspondingly and collaboratively provides services without relying on a central server. Moreover, the blockchain consists of a set of immutable and distributed digital ledgers that are responsible for tracking the transactions and record them on digital blocks (Halamka et al., 2017). The immutable audit trail feature of blockchain makes it suitable to develop a trustworthy and secure environment against integrity issues. The next reason to apply blockchain in access control methods is enabling transparency of information in which all participants have capability to view all information leads to data leakage prevention and higher possibility of malicious detection. On the other hand, the blockchain technologies are capable of using the smart contract features to facilitate users’ authentication and authorization under programmable policies in a fully distributed nature (Hölbl et al., 2018, Frey, 2018, McLeod and Dolezel, 2018). Smart contracts have been developed as an alternative to translate the legal relationships from natural language to a set of computer standard that can be run effectively by blockchain.

It is worth noting that blockchains are generally categorized in two main classes, namely permissionless and permissioned. In a permissionless (also called public) blockchain, any participant can read and write on the ledger and even can participate in consensus process. In the latter case, participant actions are controlled by a central entity. Permissioned blockchains are further classified into public and private categories. In private permissioned blockchains all actions including read, write and consensus are taken unilaterally by a per-selected group of participant. However, public permissioned blockchains allow all participant to read the ledger (Meng et al., 2018).

The main contributions of the survey are: (1) Providing a detail review on the state-of-the-art EHR access control methods over blockchain, which have not be fully covered in the existing works, (2) Critical analysis and classification of the recent access control methods in healthcare into two diverse groups, namely permissioned and permissionless blockchain, with focusing on smart contracts feature as the core factor to develop such techniques, (3) Presenting a thematic taxonomy of the blockchain-based access control methods on the basis of essential parameters and attributes, such as type of blockchain and ledger, consensus protocol, access control development strategy (identification, authentication and authorization, type of EHR storage, and supporting features, and (4) Comparing the existing methods based on the proposed thematic taxonomy to identify the substantial and outstanding issues and challenges as further directions.

The organization of the remainder of the article is as follows. Section 2 reviews on the related works in healthcare domain. Section 3 describes the principal concept of smart contract along with its mechanism and architecture. Section 4 explains the permissionless blockchain technology and provides a critical review on the EHR access control using permissionless-based smart contract. The permissioned blockchain as well as the comprehensive survey on permissioned-based EHR access control methods are presented in Section 5. Section 6 describes a thematic taxonomy of the traditional access control method in healthcare system to compare these methods based on the designed taxonomy. Section 7 discusses security issues and challenge of current approaches and finally Section 8 concludes the survey and provide some future directions.