using blockchain for medical data access
TRANSCRIPT
MedRec: Using Blockchain for Medical Data Access and Permission Management
BY: MAGED MOHAMED ELGAZZAR@MMELJAZZAR
LINKEDIN.COM/IN/MMJAZZAR
10/24/2016 1
Conference 2016 2nd International Conference on Open and Big Data IEEE computer society.
10/24/2016 2
Agenda Introduction Problem statement. System Implementation. Smart contracts. The relationship between provider, patient nodes.
10/24/2016 3
Introduction Bureaucratic inefficiency. Data privacy. Scattered data across various Hospitals. Weak Archiving system.
10/24/2016 4
Problem statement Fragmented data. Slow access to medical data. System interoperability. Health information blocking. Improved data quality for medical research.
10/24/2016 5
The MedRec (Medical Records ) implementation
10/24/2016 6
The MedRec implementation the MedRec based on:- Smart contracts. Hash of the record. Identity confirmation. A syncing algorithm
10/24/2016 7
Smart contracts Log patient-provider relationships. Viewing permissions. Data retrieval instructions.
10/24/2016 8
Hash of the record Guaranteeing data integrity. Add a new record associated with a particular patient.
10/24/2016 9
Identity confirmation Public key cryptography. A DNS-like implementation
10/24/2016 10
A syncing algorithm Handles data exchange “off-chain” between a patient database and a provider database.
confirm permissions via database authentication server.
provide a reference to check for any updates.
10/24/2016 11
The contract function, structures, and relationships
10/24/2016 12
MedRec smart contracts architecture Registrar Contract (RC).
Patient-Provider Relationship Contract (PRR).
Summary Contract (SC).
10/24/2016 13
The contract function Enable advanced functionality (bidding, reputation, etc.).
Contain metadata about the record ownership, permissions.
Carry out policies.
10/24/2016 14
MedRec smart contracts architecture
10/24/2016 15
Registrar Contract Maps patient ID strings to their address identity (equivalent to a public key).
Maps identity strings to an address on the blockchain.
ID can be restricted only to certified institutions.
10/24/2016 16
Patient-Provider Relationship Contract Issued between two nodes in the system.
Defines data pointers and access permissions that identify the records held by the care provider.
Each pointer consists of a query string when executed, it returns a subset of patient data.
10/24/2016 17
Patient-Provider Relationship Contract A (hash table) maps viewers’ addresses to a list of additional query strings.
It specify which data the third party viewer is allowed access.
System formulates SQL queries and uploads them to the PPR on the blockchain.
10/24/2016 18
Summary Contract Locate patient medical record history.
It holds a list of references to PatientProvider Relationship contracts (PPRs).
It populate with references to all care providers they havebeen engaged with.
10/24/2016 19
Summary Contract Persists in the distributed network.
Adding backup and restore functionality
Access to their history by downloading the latest blockchain from the network.
10/24/2016 20
The relationship between provider, patient nodes
10/24/2016 21
Node Server Node server consist of four software components: Backend Library.Ethereum Client.Database Gatekeeper.EMR Manager.
These can be executed on servers, combining to create a distributed system.
10/24/2016 22
The data transferflow between provider node and patient node.
10/24/2016 23
Backend Library Exports a function-call API.
Handles the uncertainty of when transactions.
Do the low level formatting and parsing of the Ethereum protocol.
10/24/2016 24
Ethereum Client Implements the full functionality required to join in the network.
Implement a service to locate the node’s Summary Contract (SC) to monitor real-time changes to the SC.
10/24/2016 25
Ethereum ClientI f new block is created with the newly linked PPR, the client issues a signal which results in a user notification.
The user can then acknowledge or decline her communication with the provider.
If the accepted, it automatically issues a query request to obtain the new medical data.
10/24/2016 26
Database Gatekeeper runs a server listening to query requests from clients on the network.
A request contains a query string, as well as a reference to the blockchain PPR.
Once the issuer’s signature is certified, it verify if the address issuing the request is allowed access to the query.
10/24/2016 27
EMR Manager A web-based interface that presents the users with Update notifications. Data sharing . Retrieval options.
10/24/2016 28
Patient Nodes Contain the same basic components as providers.
An implementation of these can be executed on a local PC or even a mobile phone.
storage of the patient’s medical meta data.
10/24/2016 29
Future work Mining and ether curreny.
Medical researchers and health care authorities to mine in the network.
10/24/2016 30
Conclusion Gives patients a log of their medical history, which is not only comprehensive, but also accessible and credible. Allows for specific authorizations. Different metadata fields within a single record Facilitate continued use of their existing systems. Gives several key properties of decentralization.
10/24/2016 31