2021 International Conference on Decision Aid Sciences and Application (DASA)
Data Security in Healthcare
Using Blockchain Technology
Sandhiya Baskar Kaladevi Ramar
Associate Professor,
P.G student, CSE,
SaveethaEngineering College,
Saveetha Engineering College, Chennai, India
2021 International Conference on Decision Aid Sciences and Application (DASA) | 978-1-6654-1634-4/21/$31.00 ©2021 IEEE | DOI: 10.1109/DASA53625.2021.9682300
Chennai, India [email protected]
[email protected]
Abstract—Data are the most important assets in all kinds of
industries, as every organization is moving to cloud storage but still
data security is a challenging one in many fields. One of the most
important fields is Healthcare because it handles with most
sensitive information. Since the data in healthcare includes
patient's medical information, prescriptions, their medical
insurance, etc. Due to the sensitive nature of the information stored
within the EHRs(Electronic Health Records) data security is very
essential. Blockchain is a technology that is developed based on two
major mathematical concepts such as hashes and cryptography.
Blockchain stores data as an immutable ledger that is duplicated
and shared throughout all networks in a delegation from a central
authority. In this paper, we provide how data can securely be
stored and accessed in healthcare. Since one node blockchain is
often used for worldwide electronic health records (EHR) it will
store and manage patient data in a very verifiable manner &
blockchain can be in public gettable in real time by anyone within
the aid service supplier chain. This paper aims to discuss the issues
in the existing systems and solutions to the challenges of using
blockchain technology.
Keywords—Data Security, healthcare, Blockchain, EHR.
I. INTRODUCTION
This Healthcare organizations collect information of patients
as social security number (SSN), name, age, address, blood
group, account details. In healthcare organizations that get
sensitive information, the chance of cyber attacks is very high.
This makes data security in health care an important element.
According to the HIPAA (Healthcare Insurance Portability Act)
journal, 91% of cyber attacks come from phishing emails. As a
result of growing regulations in healthcare organizations are
taking a proactive approach for executing the best way for
healthcare security that lowers the risk of costly data breaches.
HIPAA has two main components for the security and
protection of medical information. The first is HIPAA security
rules, which focus on the creation and maintenance of
electronic personal health information by organizations
covered by HIPPA. The second is HIPAA privacy rules, which
are designed to protect personal health data, including patient
records, insurance information, etc. In healthcare, cyber-
security focuses to keep pace with the advanced threats in
healthcare industries, which need to address threats related to
privacy and data protection in the cloud, and also need to
safeguard data while data is in transit, at rest, or in use [19].
This solution should educate healthcare staff, permission-based
Authorized licensed use limited to: J.R.D. Tata Memorial Library Indian Institute of Science Bengaluru. Downloaded on February 28,2024 at 03:15:47 UTC from IEEE Xplore. Restrictions apply.
978-1-6654-1634-4/21/$31.00 ©2021 IEEE
Hariharan Shanmugasundaram
Professor, Shadan Women’s College of
Engineering and Technology,
Hyderabad, India
[email protected]
access, encryption of data in all phases. There are three types
of records in the healthcare system, they are Personal Health
Record (PHR) includes a complete summary of medical
history, Electronic Medical Record (EMR) is supported by
healthcare practitioners who manage healthcare delivery and
Electronic Health Record (EHR) has the complete patient
information that can be shared across multiple healthcare
organizations on demand[17]. Blockchain is a shared ledger
technology that is stored in a decentralized network.
Blockchain has various applications, especially in healthcare,
since it uses ledger technology that securely transfers patient's
record details, medicine, supply-chain, healthcare development
& researchers to break genetic code information. Blockchain's
ability to keep transparency details of every patient data in
decentralized nodes makes blockchain technology important
for the security app. Blockchain conceals the identity of
individual records with complexity and secures the codes that
can shield and protect important medical data. The
decentralized technology allows patient's medical details,
doctor's data, & hospital management to share information
quickly & safely. It provides members in a group to access
data securely share with each other without a second party and
track records of what was exchanged with the timestamp.
Instead of keeping it single-cloud storage, it can maintain
multiple computer systems, which makes the data extremely
tough to tamper with. It also ensures that information put into
the blockchain is genuine and creates faith between the
participants.
Previously various solutions have been proposed for
achieving data security using blockchain technology. The next
generation in a blockchain-based framework was presented
that provides a solution to solve the limitations of cloud service
providers (CSP) and improve the implementation of efficient
and effective health technology solutions [1]. A framework
with lightweight blockchain architecture for medical data that
has low algorithmic and connections overhead as compared to
the Bitcoin network [2]. A similar illustrative study was
developed using a framework using blockchain technology that
integrates blockchain and machine learning to identify the
behavior of patient health data [3].
An ideology bringing out of new idea of healthcare where
users as full control in access data and control it has also been
thought off. Here, additionally provoked protection guidelines
for sharing records with precise hospitals or establishments,
following full coverage at any time demonstrated significant
study illustartions. The blockchain makes use of public key
354
 2021 International Conference on Decision Aid Sciences and Application (DASA)
cryptography to create a new node, that's immutable, add-only,
timestamp records content. Our system will initially authorize
the user identity using social security network, based on the
authentication data will be allowed to access and using this
social security number all the data of the user will link
irrespective of the healthcare organization.
This paper is organized as follows, in Section II information
security intending connected works are reviewed to assess
numerous security problems featured in healthcare. Section III
discusses the various issues in the existing systems. Section IV
discusses the key issues which are needed to be addressed in
healthcare. Section V explains our proposed architecture for
healthcare using blockchain technology. Section VI concludes
the proposed work and directs it for future use.
II. LITERATURE REVIEW
In healthcare, blockchain-primarily based totally answers
were initiated to collaborate the hospitality, with medical
doctors and sufferers with the point of interest of presenting
advanced well-known offerings and excessive security.
The authors provided an architecture for linking electronic
medical records using pseudonymization [4]. The architecture
is based on the layer model with a minimum of three security
layers act for the authorization. Each layer has one or more
different symmetric & asymmetric key pairs. But the problem
is data are not encrypted, security is done only using the link
between patient’s identification encryption data with a
pseudonymization key. Standardized data definition and
quality of captured EHR are not available.
An approach completely focusing on different forms of
security threats in care industries leads to interesting result and
illustrations. Conjointly a number of the common encoding
strategies like DES, 3DES, bluefish and AES was reviewed
because of the basis for manufacturing new follow that suit
the dynamic IoT framework [5,6].
The summary report presenting the challenges and security
issues facing in the big data environment was outlined in
detail [7]. From this, illustration with standard directions to
solve the big data issue and also stated the importance of the
act and privacy practice in healthcare industries is narrated [8]
as approached in homomorphic encryption to cryptographic
model for Big Data Analytics in cloud storage addressing
related to confidentiality and privacy [9,10]. Techniques for
execution and idea on cryptographic solutions for Big Data in
the cloud have been discussed.
Several authors have compared various Public Key
Encryption technique's strengths and weaknesses [11].
Universal Designated verifier Signatures (UDVS) that creates
a DVS to make certain patient file utilization is constrained to
legal records. Few downsides within the system, that the
confidentiality file is compromised because the fitness records
are, to begin with, constructed through a provider who has
Authorized licensed use limited to: J.R.D. Tata Memorial Library Indian Institute of Science Bengaluru. Downloaded on February 28,2024 at 03:15:47 UTC from IEEE Xplore. Restrictions apply.
355
information approximately the information of records, hash
values, and signatures.
The authors in their work have stated that billing expense
for hospitality has risen with health insurance premiums,
which need for pro-active hospitality and wellness center [12].
This turns reactive to proactive healthcare which ends up a
high-satisfactory of attention & care, a lower in healthcare
expense, which in the end result in monetary increase scale
rise. Here, segenerations play a critical position in permit
healthcare to step ahead.
The proposed system illustrating the growing technique of
making blockchain is primarily based totally on PSN
applications. Since pervasive social networks (PSN) are
primarily based totally healthcare operates, customers to
proportion information acquired from clinical sensors.
Received healthcare information permits customers to apply
app access faraway hospital treatment and public fitness
offerings like tracking the disease. In [13] forms of protocols
are designed. Protocol Type I is used for connecting stable
hyperlinks for sensor nodes and contact devices within the
WBAN region. This protocol Type I is primarily based totally
on IEEE 802.15.6. And Protocol Type II affords a blockchain-
primarily based totally method for sharing clinical information
in the PSN region via way of means of passing it as nodes.
A new way to combine cloud storage and blockchain
technology to get the advantage of data sharing was
introduced. This way has satisfied the requirement for data
immutability and unforgeability. Author designed a system
that is based on OD-ABE (Outsourced Decryption Attribute-
Based Encryption) and DABS (Decentralizing Attribute-
Based Signature), which is a scheme of sharing medical data
by Blockchain technology and attribute
cryptosystem prevented cipher text attack(CCA) [14,15].
Even though blockchain is a potential application in the
financial and banking sectors, it is not utilized well in
healthcare industries. When we move to the blockchain, the
healthcare industry would face some potential challenges and
obstacles that are needed to address before moving to
blockchain technology which addresses the challenges in
adopting blockchain technology [16]. The major challenge
will be scalability since healthcare is going to handle huge
data. The completed blockchain solution is not developed yet
so developed a complete blockchain-based healthcare system
will have high development and operation cost.
The numerous literature that has been reviewed on this
segment does now no longer offers precise facts on how to
make use of the total capability of the blockchain within the
healthcare industry. With the above information is from the
papers, a system which utilizes the features of blockchain and
also provides security using social security number so the user
only has the permission to access and share their data was
 2021 International Conference on Decision Aid Sciences and Application (DASA)
proposed. Inspired by the way of means of the above literature,
we recommend a structure for storing and sharing digital
clinical information the usage of a social security number.
Fig. 1. Workflow of blockchain
III. ISSUES IN EXISTING SYSTEM
There are various healthcare system has been proposed and
implemented in real-time using blockchain. But every model
has their own pros and cons in that. In this section, we discuss
issues in the existing system.
The introduced a new version of blockchain called the
lightweight blockchain [2] was designed with an architecture
for lightweight blockchain which uses HBCM (Head
BlockChain Manager) to generate a blockchain and make the
transaction. It also creates the replication of the ledger to
ensure data security in the authorized network. This will
integrate data from all kinds of systems like IoT, cloud-based,
and peer-to-peer. Author also analyzed the performance of the
system by comparing the processing time of blockchain using
bitcoin with the new architecture and stated processing time is
constant even though the number of nodes in the system
increase. One major issue in this architecture is, it is not
completely integrated and real-time implemented to evaluate
the security and performance of the system.
A new security system have been developed that provides
data security and authenticity of the EHR [18]. This system
provides two types of nodes: trusted and un-trusted. During
the transaction, the peer network checks the validity of the
node. After the check, the original node creates a new block
and adds the transaction to the main chain, and then sends the
updated ledger to the entire peer network. All nodes from the
main chain to real-time applications only depends on the
geographic location of health areas, clinics, etc.
For sharing the health care across the network
Authorized licensed use limited to: J.R.D. Tata Memorial Library Indian Institute of Science Bengaluru. Downloaded on February 28,2024 at 03:15:47 UTC from IEEE Xplore. Restrictions apply.
designed an efficient data management framework called
“EdgeMediChain” [1]. Instead of traditional blockchain,
EdgeMediChain reduces the time for the concurrent
transaction and provides higher throughput. Data will be
shared and accessed based on a Role-based authorization
mechanism. The experiment was also conducted in the
generation of transactions of IoT device data but real-time
decision-making and diagnosis on the data from IoT are not
done yet [20].
IV. KEY REQUIREMENTS
This section should address the key requirements needed to
propose a blockchain-based healthcare system.
A. Lack of knowledge
Since blockchain is an emerging technology knowledge
about the technology is very less and in the healthcare
industry handle all kinds of users, we should provide solutions
to how uneducated people access the system. This is a big
concern when we deal with the healthcare industry.
B. Lack of Universal acts
Every country has its own set of acts for medical and
insurance handling. To build a universal solution for all
healthcare industries have to address all the standard acts.
C. Network Infrastructure
Security has to be maintained at all levels of the application.
Various users to the application include Hospitals, clinics,
pharmacy, patients, IoT devices, insurance companies, we
should assure that security is maintained at all levels.
D. Uniform pattern if authorization
The major user of the application will the patients, doctors
we need to authorize the user while they share the data.
author
356
 2021 International Conference on Decision Aid Sciences and Application (DASA)
V. PROPOSED BLOCKCHAIN
ARCGITECTURE
Fig. 2. Proposed Blockchain Framework
A.Introduction to Blockchain
The proposed framework illustrates how blockchain
features can be utilized which enable users to access their data
using social security numbers and share their data with high
security in Fig 2. Since Blockchain is a shared immutable
record, which stores a sequence of transactions as blocks, each
blocks being held collectively via way of means of
cryptographic keys (hashes). These cryptographic keys are
saved in shared ledgers. Each node has a replica of the entire
chain and every node can be continuously synchronized and
stored as much as date. The benefits of blockchain generation,
in step with the National Institute of Standards and
Technology (NIST), consist of its tamper resistant nature, the
decentralized nature of the virtual ledgers, and the
impossibility of converting a posted transaction ultimately
inside the consumer network that stocks the ledger. This
generation is likewise known as virtual ledger generation
(DLT). DLT may be carried out to healthcare areas, however,
all pastime inside healthcare isn't related to transactions.
However, public blockchain cannot be accustomed to store
non-public info resembling characteristic health data, as a
result of the info in them is widely accessible. This
transparency allows providers to take data protection aspects
into account and also guarantees the protection of medical
information (PHI).
Even though blockchain offers intrinsic protection, it's
prone to some forms of attacks. Blockchain technology
shouldn't be used heterogeneous, since the information is
Authorized licensed use limited to: J.R.D. Tata Memorial Library Indian Institute of Science Bengaluru. Downloaded on February 28,2024 at 03:15:47 UTC from IEEE Xplore. Restrictions apply.
immutable. Large files, or those files that are attending to
BASED amendment often, are also unbroken out of the blockchain. All
distinguishing data ought to be kept off the chain.
B. Features of Blockchain in healthcare
The continuous exchange of patient records between
providers means that the same information is shared with
others on the blockchain. It t makes it easier for individual
patients to unlock their health knowledge with the shareable
personal key and to share it with alternative providers. This
makes Health Information Technology (HIT) interoperable
and collaborative between different health care users.
Blockchain can create a unique system of storing and
updating medical records for safe and fast data recovery by
authorized users, avoiding the lack of communication
between the different healthcare professionals involved in
caring for the same patient, thus preventing errors and
diagnosed and interventions can be performed more quickly,
and care can also be personalized for each patient. The
blockchain represents medical events as they occurred
without the possibility of changing the data later Unique
function of the blockchain helps with diseases in real-time to
report and research disease patterns, which in turn helps to
identify their origin and their transmission parameters.
C.Blockchain workflow
Blockchain is a peer-to-peer dispensed ledger generation
and has 3 predominant components,
a) Distributed community: The decentralized P2P structure
has nodes that include community participants, wherein every
member stores an equal replica of the blockchain and is
allowed to validate and certify virtual transactions for the
community.
357
 2021 International Conference on Decision Aid Sciences and Application (DASA)
b) Shared ledger: Each member within the
community will document the continued virtual transactions
and convert them right into a shared ledger. They run
algorithms and confirm the proposed transaction, and as soon
as a majority of participants validate the transaction, it's far
introduced to the shared ledger.
c) Digital transaction: Any data or virtual asset
which are going to store in a blockchain can be certified as a
digital transaction. Each transaction is a block, and every
block consists of a cryptographic hash with a view to be
brought to the transactions in a linear, chronological order.
Each digital transaction or record on the ledger is stored in
a block. The information contained in a block is dependent
on and linked to the information in a previous block and,
over time, forms a chain of transactions. There are four
types of blockchains:
1) Public Blockchains
Public blockchains are open, decentralized networks of
computers accessible to anyone wanting to request or validate
a transaction.
2) Private Blockchains
Private blockchains are not open, they have access
restrictions. The system administrator can grant permission to
the new member after validation. They are typically governed
by one entity, meaning they’re centralized.
3) Hybrid Blockchains or Consortiums
Consortiums are a combination of public and private
blockchains and contain centralized and decentralized features.
4) Sidechains
A sidechain is a blockchain running parallel to the main
chain. It allows users to move digital assets between different
blockchains, which improves the scalability and efficiency of
data.
Fig. 1 illustrates on how each digital transaction will
happen whatever may be the blockchain type when a user
submits a transaction, the transaction will be created as a new
block with the current timestamp and the cryptographic hash
of the previous block and the medical data of the transaction.
The new block created is transmitted to all network nodes.
The shared algorithm used by all nodes verifies the current
block and transaction. Once a block has been verified by all
blocks, it will be added to the existing chain, otherwise, the
block will be ignored.
E. Proposed Framework
Fig. 2 shows our proposed architecture for a healthcare system.
It shows the different components and sets of relationships
between the component are described using blockchain. This
section describes how various components communicate with
Authorized licensed use limited to: J.R.D. Tata Memorial Library Indian Institute of Science Bengaluru. Downloaded on February 28,2024 at 03:15:47 UTC from IEEE Xplore. Restrictions apply.
358
each other. This section describes how various components
communicate with each other. The user plays a major role in
the architecture, all the key operations will run around users.
Data security will be achieved using either OTP or biometric
since the user will be linked to the social security number,
authorization will be achieved using that model. Wherever the
patient uses the system it will be maintained as a centralized
one. Initially, the user will be authorized using biometric and
then the patient consult the healthcare, those data will be
between patient and hospital1 when the patients visit hospital 2
means, the patient only have the access to their history, the
patient will share the history of medical records with that
particular hospital. Overall admin for the patient records will
be the patients. It also helps to automate insurance claim
functions by verifying coverage between companies and
reinsurers.
VI. CONCLUSION AND FUTURE ENHANCEMENTS
Blockchain is a potential game-changer for the healthcare
industry, but the path to implementation is not clear and
easy. Several technologies and crypto currency companies are
currently focusing on blockchain and having systems launched.
Blockchain-based systems help both practitioners and patients
to improve the healthcare industry. Blockchain is becoming a
valuable healthcare tool that decentralizes patient health
records, monitoring pharmaceutical products, and expanding
payment options. In this paper, we have proposed a new
architecture to maintain all patient medical records as global
and providing authentication using social security numbers.
Since cryptography is used for securing all blockchain
transactions, each transaction will be encrypted using the
private signing key, and then it will be verified by the public
key to the hash message. If the transaction is modified/ altered
the signature change the hash of the block header. This makes
the block headers hash to be invalid. If the block is validated
as invalid then the block will not be added to the chain and it is
ignored. Patient history will be shared only by the patient to
the doctor when they need to check the previous history of
medical records.
Even though blockchain provides more security, due to lack of
knowledge in the blockchain and properly implemented
framework is not available yet. A future study has to
implement the designed framework on blockchain and train
staff of hospitals and users on this technology.
REFERENCES
[1] Raifa Akkaoui, Xiaojun Hei, Wenqing Cheng: “EdgeMediChain: A
Hybrid Edge Blockchain- Based Framework for Health Data
Exchange”, IEEE, 2019.
[2] Leila Ismail, Huned Materwala, Sherali Zeadally: “Lightweight
Blockchain for Healthcare”, IEEE, 2019.
[3] Sabyasachi Chakraborty, Satyabrata Aich, Hee-Cheol Kim: “A Secure
Healthcare System Design Framework using Blockchain Technology”,
International Conference on Advanced Communications
 2021 International Conference on Decision Aid Sciences and Application (DASA)

Technology(ICACT), 2019.
[4] Bipin Kumar Rai,A.k. Srivastava: "Security and privacy issues in
Healthcare Information System”, International Journal of Emerging
Trends & Technology in Computer Science(IJETTC), 2014.
[5] Aysha K Alharam, Wael El-madany: “The Effects of Cyber security on
healthcare industry”, IEEE-Gc Conference and Exhibition (GCCCE),
2017.
[6] Seyedmostafa Safavi, Ahmad Moaaz Meer, Ed Keneth Joel Melanie,
Zarina Shukur: “Cyber Vulnerabilities on Smart Healthcare, Review
and Solutions”, Cyber Resilience Conference (CRC), 2018.
[7] Marci Meingast, Tanya Roosta, Shankar Sastry: “Security and Privacy
Issues with Healthcare Information Technology”, IEEE - 28th IEEE
EMBS Annual International Conference, 2006.
[8] Patience E. Idoga, Mary Agoyi, Elizabeth Y. Coker-Farrell, Ogazi L.
Ekeoma: “Review of security issues in e-Healthcare and solutions”,
IEEE Xplore: 24 November 2016.
[9] Sudipta Chandra, Soumya Ray, R.T.Goswami: “Big Data Security in
Healthcare”, IEEE 7th International Advance Computing
Conference(IACC), 2017.
[10] Minerva Panda, Syed Mohd Ali, Sanjog Kumar Panda: “Big data in
health care: A mobile based solution”, International Conference on
Big Data Analytics and Computational Intelligence (ICBDAC), 2017.
[11] Shekha Chenthara, Khandakar Ahmed, Hua Wang, Frank Whittaker:
“Security and privacy- Preserving Challenges of e-Health Solutions in
Cloud Computing”, IEEE, 2019.
[12] Harsh Kupwade patil , Ravi Seshadri: “Big data security and privacy
issues in Healthcare”, IEEE- International Congress on Big Data, 2014.
[13] Jie Zhang,Nian Xue, Xin Huaung: “A Secure System For Pervasive
Social Network- based Healthcare”, IEEE, 2016.
[14] Xiaodong Yang, Ting Li, Xizhen Pei, Long Wen, Caifen Wang:
“Medical data Sharing Scheme Based on Attribute Cryptosystem and
Blockchain Technology”, IEEE, 2020.
[15] JinSun, Xiamin Yao, ShangPing Wang, Ying Wu: “Blockchain- Based
Secure Storage and Access Scheme For Electronic medical Records in
IPFS”, IEEE, 2020.
[16] Tanesh Kumar , Vidhya Ramani , Ijaz Ahmad , An Braeken , Erkki
Harjula , Mika Ylianttila: “Blockchain Utilization in Healthcare: Key
Requirements and Challenges”, IEEE 20th International Conference
on e-Health Networking, Applications and Services (Healthcom), 2018.
[17] Omer Aslan, Refik Samet: “A Comprehensive Review on Malware
Detection Approaches”, IEEE, 2019.
[18] Liviu Hirtan, Piotr Krawiec, Ciprian Dobre, Jordi Mongay Batalla:
“Blockchain-Based Approach for e-Health Data Access Management
with Privacy Protection”, EEE 24th International Workshop on
Computer Aided Modeling and Design of Communication Links and
Networks (CAMAD), 2019.
[19]Alexandru Soceanu, Maksym Vasylenko, Alexandru Egner, Traian
Muntean : “Managing the Privacy and Security of eHealth Data”,
IEEE -20th International Conference on Control System and Computer
Science, 2015.
[20] Zainab Alhadhrami, Salma Alghfeli, Mariam Alghfeli, Juhar Ahmed
Abedlla and Khaled Shuaib: “Introducing Blockchains for Healthcare”,
International Conference on Electrical and Computing Technologies
and Applications (ICECTA), 2017.

Authorized licensed use limited to: J.R.D. Tata Memorial Library Indian Institute of Science Bengaluru. Downloaded on February 28,2024 at 03:15:47 UTC from IEEE Xplore. Restrictions apply.
359