Healthcare Policy Compliance: A Blockchain Smart Contract-Based Approach
- URL: http://arxiv.org/abs/2312.10214v1
- Date: Fri, 15 Dec 2023 21:25:07 GMT
- Title: Healthcare Policy Compliance: A Blockchain Smart Contract-Based Approach
- Authors: Md Al Amin, Hemanth Tummala, Seshamalini Mohan, Indrajit Ray,
- Abstract summary: Despite stringent regulations like HIPAA, significant gaps in policy compliance often remain undetected until a data breach occurs.
To bridge this gap, we propose a novel blockchain-powered, smart contract-based access control model.
Our approach integrates components of informed consent into PPAs, employing blockchain smart contracts to automate and secure policy enforcement.
- Score: 0.312488427986006
- License: http://creativecommons.org/licenses/by/4.0/
- Abstract: This paper addresses the critical challenge of ensuring healthcare policy compliance in the context of Electronic Health Records (EHRs). Despite stringent regulations like HIPAA, significant gaps in policy compliance often remain undetected until a data breach occurs. To bridge this gap, we propose a novel blockchain-powered, smart contract-based access control model. This model is specifically designed to enforce patient-provider agreements (PPAs) and other relevant policies, thereby ensuring both policy compliance and provenance. Our approach integrates components of informed consent into PPAs, employing blockchain smart contracts to automate and secure policy enforcement. The authorization module utilizes these contracts to make informed access decisions, recording all actions in a transparent, immutable blockchain ledger. This system not only ensures that policies are rigorously applied but also maintains a verifiable record of all actions taken, thus facilitating an easy audit and proving compliance. We implement this model in a private Ethereum blockchain setup, focusing on maintaining the integrity and lineage of policies and ensuring that audit trails are accurately and securely recorded. The Proof of Compliance (PoC) consensus mechanism enables decentralized, independent auditor nodes to verify compliance status based on the audit trails recorded. Experimental evaluation demonstrates the effectiveness of the proposed model in a simulated healthcare environment. The results show that our approach not only strengthens policy compliance and provenance but also enhances the transparency and accountability of the entire process. In summary, this paper presents a comprehensive, blockchain-based solution to a longstanding problem in healthcare data management, offering a robust framework for ensuring policy compliance and provenance through smart contracts and blockchain technology.
Related papers
- Securing Legacy Communication Networks via Authenticated Cyclic Redundancy Integrity Check [98.34702864029796]
We propose Authenticated Cyclic Redundancy Integrity Check (ACRIC)
ACRIC preserves backward compatibility without requiring additional hardware and is protocol agnostic.
We show that ACRIC offers robust security with minimal transmission overhead ( 1 ms)
arXiv Detail & Related papers (2024-11-21T18:26:05Z) - Block MedCare: Advancing healthcare through blockchain integration [0.0]
This paper investigates the integration of blockchain technology in healthcare.
It focuses on its potential to revolutionize Electronic Health Records (EHR) management and data sharing.
We propose a novel system that empowers patients to securely store and manage their medical data.
arXiv Detail & Related papers (2024-10-07T17:54:13Z) - Secure and Transparent Medical Record Management System Using Python and Blockchain [0.0]
We propose a robust health record storage and management system built on blockchain technology.
Unlike traditional databases, blockchain distributes data across a network of nodes, ensuring redundancy and resilience against cyber-attacks.
Our system prioritizes patient empowerment by granting individuals complete control over their health records.
arXiv Detail & Related papers (2024-08-04T16:29:13Z) - Balancing Patient Privacy and Health Data Security: The Role of Compliance in Protected Health Information (PHI) Sharing [0.312488427986006]
Protected Health Information (PHI) sharing significantly enhances patient care quality and coordination, contributing to more accurate diagnoses, efficient treatment plans, and a comprehensive understanding of patient history.
Compliance with strict privacy and security policies, such as those required by laws like HIPAA, is critical to protect PHI.
We propose a blockchain technology that integrates smart contracts to partially automate consent-related processes and ensuring that PHI access and sharing follow patient preferences and legal requirements.
arXiv Detail & Related papers (2024-07-03T02:49:33Z) - Generative AI-enabled Blockchain Networks: Fundamentals, Applications,
and Case Study [73.87110604150315]
Generative Artificial Intelligence (GAI) has emerged as a promising solution to address challenges of blockchain technology.
In this paper, we first introduce GAI techniques, outline their applications, and discuss existing solutions for integrating GAI into blockchains.
arXiv Detail & Related papers (2024-01-28T10:46:17Z) - A Survey and Comparative Analysis of Security Properties of CAN Authentication Protocols [92.81385447582882]
The Controller Area Network (CAN) bus leaves in-vehicle communications inherently non-secure.
This paper reviews and compares the 15 most prominent authentication protocols for the CAN bus.
We evaluate protocols based on essential operational criteria that contribute to ease of implementation.
arXiv Detail & Related papers (2024-01-19T14:52:04Z) - A User-Driven Framework for Regulating and Auditing Social Media [94.70018274127231]
We propose that algorithmic filtering should be regulated with respect to a flexible, user-driven baseline.
We require that the feeds a platform filters contain "similar" informational content as their respective baseline feeds.
We present an auditing procedure that checks whether a platform honors this requirement.
arXiv Detail & Related papers (2023-04-20T17:53:34Z) - Having your Privacy Cake and Eating it Too: Platform-supported Auditing
of Social Media Algorithms for Public Interest [70.02478301291264]
Social media platforms curate access to information and opportunities, and so play a critical role in shaping public discourse.
Prior studies have used black-box methods to show that these algorithms can lead to biased or discriminatory outcomes.
We propose a new method for platform-supported auditing that can meet the goals of the proposed legislation.
arXiv Detail & Related papers (2022-07-18T17:32:35Z) - A Blockchain-Based Consent Mechanism for Access to Fitness Data in the
Healthcare Context [0.966840768820136]
This study introduces an architecture for a human-centric, legally compliant, decentralized and dynamic consent system based on blockchain and smart contracts.
The security properties of the proposed system were evaluated using the formal security modeling framework SeMF.
arXiv Detail & Related papers (2022-02-25T09:51:02Z) - GDPR Compliance for Blockchain Applications in Healthcare [0.9590956574213347]
Health data is highly regulated to ensure privacy of patients.
Features of blockchain can improve interoperability and access control to health data.
Developers need to make design choices to be compliant with G domain.
arXiv Detail & Related papers (2020-09-27T18:05:25Z) - Regulation conform DLT-operable payment adapter based on trustless -
justified trust combined generalized state channels [77.34726150561087]
Economy of Things (EoT) will be based on software agents running on peer-to-peer trustless networks.
We give an overview of current solutions that differ in their fundamental values and technological possibilities.
We propose to combine the strengths of the crypto based, decentralized trustless elements with established and well regulated means of payment.
arXiv Detail & Related papers (2020-07-03T10:45:55Z)
This list is automatically generated from the titles and abstracts of the papers in this site.
This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.