A blockchain-based preserving and sharing system for medical data privacy
Introduction
Hospital information system (HIS) is the infrastructure of modern hospitals. It plays a vital role in numerous aspects such as patient management, diagnosis and treatment decision. HIS manages the hospital with modern, scientific, and standardized means, which can effectively improve the hospital’s work efficiency and medical quality [1]. The patient’s medical data contains the patient’s historical physiological information, which has important reference value for the patient’s disease diagnosis and treatment, and daily health care [2]. Li et al. [3] summarized the common medical data types as electronic health records (EHR), electronic medical records (EMR) and personal health records (PHR). The patient’s medical data is the basis for the normal operation of the HIS, so the HIS usually collects, stores and manages various types of medical data of the patient. However, some problems exist in traditional HIS: (1) System security issues and difficulties in medical data sharing. Traditional HIS stores medical data in private or cloud servers, which exposes the system to the risk of malicious attacks, data leakage and tampering, and the possibility of losing private medical data. Besides, these systems usually operate independently in hospitals, which is difficult to meet the basic need of patients to share medical data. Some patients will share medical data through some cloud servers or applications, but cloud servers provided by third-party suppliers are semi-trusted and they may steal or tamper with user data. (2) Lack of patient surgical data. The physiological data of patients during surgery generated by medical instruments were not included in the medical data types summarized by Li et al. [3]. These patient health records during surgery (SHR) reflect the patient’s surgical process and facilitates the postoperative treatment and recovery of patients. The traditional method of manually recording SHR has the problems of limited storage and data collection inaccuracy. (3) Lack of analysis and application of medical data. The medical data in traditional HIS is solely managed by hospital and patients cannot access their own medical data at will, which prevents patients from effectively analyzing and using their own data. Most of the medical data is idle, resulting in a waste of valuable data resources. Internet of Things has been widely used in many fields [4]. Its real time and accuracy make it very suitable for medical data collection [5]. Blockchain is a distributed digital ledger based on encryption technologies [6], which is represented as a decentralized peer-to-peer network. Once data is confirmed and stored in the blockchain, it is difficult to tamper with. The immutability, decentralization and anonymity of the blockchain ensure the safe storage of medical data. The combination of IoT and blockchain technology provides a new way for solving the above problems.
Blockchain technology had been applied to various fields, and medical information system is among the main focuses at present [7], [8], [9], [10]. Kassab et al. [11] and Abu-Elezz et al. [12] have conducted research on common data protection mechanisms and analyzed the advantages of blockchain in the security protection and sharing of medical data. There have been many studies on introducing blockchain technology into electronic medical record systems, medical image systems, etc. [13], [14], [15], [16], [17]. The systems proposed in [13], [14], [15], [16], [17] only use blockchain for secure medical data storage. They focused on architectural design but lacked of system implementation details and data sharing procedures. Some researchers proposed schemas or frameworks for medical data storage based on blockchain and various cryptographic mechanisms [18], [19], [20], [21]. They designed specific system workflows to realize the sharing or access control of medical data. However, the proposed systems were implemented based on Ethereum, even normal transactions in these systems require a certain number of tokens, which is not applicable in hospital information systems. Besides, Xu et al. [22] adopted the PBFT consensus algorithm and LIU et al. [23] adopted the DPOS consensus algorithm in their systems, which were relatively complex for reaching a systematic consensus and ensure the security of the data. The systems proposed in [18], [19], [20], [21], [22], [23] have the weakness of low transaction efficiency, because traditional public blockchain architectures such as Bitcoin and Ethereum need to use high-power or relatively complex algorithms to reach a system consensus. Therefore, some researchers had adopted the more lightweight Hyperledger Fabric(HF) architecture for blockchain network implementation in their systems [24], [25], [26], [27]. They had developed smart contracts for system access control and data management but had less research on data sharing. Proxy re-encryption algorithm had been applied to different scenarios to achieve secure data sharing on semi-trusted cloud servers [28], but its application in the medical system based on blockchain was relatively insufficient. The Internet of Things technology has been applied to improve the efficiency of medical data collection generated by the medical instruments or personal health monitoring sensors [29], [30], [31], [32], [33], [34]. But the focus of these studies are on the construction of data collection system or data analysis. There is a lack of research on the secure storage and sharing of medical data. Many systems also analyzed and mined medical data and make contributions to disease prediction and medical quality improvement [35], [36], [37].
Taking into account the problems of traditional HIS and the current research status, this paper proposed a medical data information system model based on blockchain, Internet of Things, cloud storage and proxy re-encryption algorithm to realize the reliable collection, safe storage and sharing of medical data. The contributions and innovations of this work are as follows.
① A Hyperledger Fabric based medical data information system with dual channels and medical chaincode was proposed to realize the goal of safe storage, management and access control of medical data.
② An IoT based medical data system was designed to realize real-time data collection for six categories of non-invasive medical instruments, which can effectively improve the data collection efficiency of SHR.
③ A secure medical data sharing scheme based on proxy re-encryption algorithm was proposed to improve the security of medical data sharing.
Section snippets
System design for participants
In order to meet the regulatory requirements of government medical institutions on medical systems and comply with the organization and management of traditional hospitals, this system was designed to include a system administrator group (SA) composed of government medical institutions and managers of hospitals (HM). SA supervises the system and issues digital certificates to legitimate registered users who have passed identity authentication. HM manages doctors and patients in the hospital.
Implementation of the data collection system and cloud service layer
In order to solve the OHR data recording problem in traditional HIS, this system had developed a data collection system based on the Internet of Things to realize real-time collection of physiological data generated by various non-invasive medical monitoring instruments. The architecture design of the data collection system is shown in Fig. 5(a).
The data collector was designed based on STM32 microcontroller to realize medical instrument communication, data collection and parsing. The embedded
Performance evaluation
The performance test of the system was carried out to evaluate the efficiency of medical data processing and sharing. In order to simulate the production environment, network construction and business development were implemented according to the design in the previous chapters. A total of seven virtual machines were deployed in the test. The installation relationships between different types of server nodes and virtual machines are shown in Table A.3. And the software and hardware environment
Conclusion
In order to solve the problems of traditional medical information system, this paper proposed a blockchain-based medical data information system to realize the secure collection, storage and sharing of EMR and SHR data. A IoT based medical data collection system was proposed to collect the data generated by medical instruments during surgery, which can improve the efficiency and reliability of SHR data collection. The blockchain based data storage system and the proxy re-encryption algorithm
CRediT authorship contribution statement
Zeng Chen: Conceptualization, Methodology, Software, Resources, Writing - original draft. Weidong Xu: Data curation, Formal analysis. Bingtao Wang: Validation, Investigation. Hua Yu: Supervision, Writing - review & editing, Funding acquisition.
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgments
The research was supported by the National Key Research and Development Program of China (Grant No. 2018YFC0117202), the National Nature Science Foundation of China (Grant No. 61874015), and the Chongqing Venture & Innovation Support Program for Chongqing Overseas Returnees, China .
Zeng Chen received the B.S. degree from Chongqing University (CQU) of China in 2018. He is currently pursuing the Master degree at CQU. His research interests include the medical Internet of things (MIoT) and blockchain.
References (38)
- et al.
A review of the smart world
Future Gener. Comput. Syst.
(2019) - et al.
IoT Security: Review blockchain solutions open challenges
Future Gener. Comput. Syst.
(2018) - et al.
A medical records managing and securing blockchain based system supported by a genetic algorithm and discrete wavelet transform
Cogn. Sys. Res.
(2018) - et al.
Privacy-friendly platform for healthcare data in cloud based on blockchain environment
Future Gener. Comput. Syst.
(2019) - et al.
Proxy re-encryption: Analysis of constructions and its application to secure access delegation
J. Netw. Comput. Appl.
(2017) - et al.
A disease diagnosis and treatment recommendation system based on big data mining and cloud computing
Inform. Sci.
(2018) - et al.
COVID-19 and healthcare system in China: Challenges and progression for a sustainable future
Glob. Health
(2021) - et al.
Big data in health care: Using analytics to identify and manage high-risk and high-cost patients
Health Aff. (Millwood)
(2014) - et al.
A blockchain based data aggregation and group authentication scheme for electronic medical system
IEEE Access
(2020) - et al.
Structural health monitoring framework based on internet of things: A survey
IEEE Internet Things J.
(2017)
A blockchain-based medical data preservation scheme for telecare medical information systems
Int. J. Inf. Secur.
When Internet of Things meets blockchain: Challenges in distributed consensus
IEEE Netw.
A review of secure and privacy-preserving medical data sharing
IEEE Access
Applications of blockchains in the Internet of Things: A comprehensive survey
IEEE Communications Surveys & Tutorials
Exploring research in blockchain for healthcare and a roadmap for the future
IEEE Trans. Emerg. Top. Comput.
The benefits and threats of blockchain technology in healthcare: A scoping review
Int. J. Med. Inf.
Blockchain-based medical records secure storage and medical service framework
J. Med. Syst.
Privacy-preserving image retrieval for medical IoT systems: A blockchain-based approach
IEEE Netw.
A framework for secure and decentralized sharing of medical imaging data via blockchain consensus
Health Inform. J.
Cited by (0)
Zeng Chen received the B.S. degree from Chongqing University (CQU) of China in 2018. He is currently pursuing the Master degree at CQU. His research interests include the medical Internet of things (MIoT) and blockchain.
Weidong Xu is a graduate student at Chongqing University (CQU) in China. He received the B.S. degree from CQU in 2018. His research interests include text mining and data analysis.
Bingtao Wang received the B.S. degree from Chongqing University of China in 2019. He is currently pursuing the Master degree at CQU. His research interest is the application of the Internet of things.
Dr. Hua Yu is currently a full professor affiliated with College of Optoelectronic Engineering, Chongqing University. He received his Ph.D. degree from Huazhong University of Science & Technology, China. He is a head of Department of Electronics Science & Technology. He is an IEEE member, senior member of Chinese Institute of Electronics, senior member of Chinese Society of Micro-Nano Technology, Committee member of the Youth Committee of Chinese Society of Micro-Nano Technology, Council member of China instruments and Control Society. His main research interests focus on the IoT, Big data analysis and Sensors.