Table of Contents
Fetching ...

Empower Healthcare through a Self-Sovereign Identity Infrastructure for Secure Electronic Health Data Access

Antonio López Martínez, Montassar Naghmouchi, Maryline Laurent, Joaquin Garcia-Alfaro, Manuel Gil Pérez, Antonio Ruiz Martínez, Pantaleone Nespoli

TL;DR

This work tackles the problem of secure, patient-controlled access to electronic health records by proposing an open-source Self-Sovereign Identity framework that combines Decentralized Identifiers, Verifiable Credentials, and a permissioned blockchain (Hyperledger Fabric). It emphasizes a patient-centric data model where health data reside on personal devices and are shared via privacy-preserving credentials exchanged through edge-cloud agents. The authors detail the system architecture, core processes (certificate creation, authorization, mutual authentication, information sharing), and additional features (wallet recovery, data/VC revocation, emergency access), and validate the approach with a proof-of-concept demonstrating end-to-end SSI workflows between patient and physician. Performance evaluations indicate low latency for core operations and scalable transaction throughput, supporting practical deployment concepts. The framework aims to be open source, extensible to additional actors (pharmacies, insurers), and capable of improving privacy, interoperability, and patient empowerment in healthcare data management.

Abstract

Health data is one of the most sensitive data for people, which attracts the attention of malicious activities. We propose an open-source health data management framework, that follows a patient-centric approach. The proposed framework implements the Self-Sovereign Identity paradigm with innovative technologies such as Decentralized Identifiers and Verifiable Credentials. The framework uses Blockchain technology to provide immutability, verifiable data registry, and auditability, as well as an agent-based model to provide protection and privacy for the patient data. We also define different use cases regarding the daily patient-practitioner-laboratory interactions and specific functions to cover patient data loss, data access revocation, and emergency cases where patients are unable to give consent and access to their data. To address this design, a proof of concept is created with an interaction between patient and doctor. The most feasible technologies are selected and the created design is validated. We discuss the differences and novelties of this framework, which includes the patient-centric approach also for data storage, the designed recovery and emergency plan, the defined backup procedure, and the selected blockchain platform.

Empower Healthcare through a Self-Sovereign Identity Infrastructure for Secure Electronic Health Data Access

TL;DR

This work tackles the problem of secure, patient-controlled access to electronic health records by proposing an open-source Self-Sovereign Identity framework that combines Decentralized Identifiers, Verifiable Credentials, and a permissioned blockchain (Hyperledger Fabric). It emphasizes a patient-centric data model where health data reside on personal devices and are shared via privacy-preserving credentials exchanged through edge-cloud agents. The authors detail the system architecture, core processes (certificate creation, authorization, mutual authentication, information sharing), and additional features (wallet recovery, data/VC revocation, emergency access), and validate the approach with a proof-of-concept demonstrating end-to-end SSI workflows between patient and physician. Performance evaluations indicate low latency for core operations and scalable transaction throughput, supporting practical deployment concepts. The framework aims to be open source, extensible to additional actors (pharmacies, insurers), and capable of improving privacy, interoperability, and patient empowerment in healthcare data management.

Abstract

Health data is one of the most sensitive data for people, which attracts the attention of malicious activities. We propose an open-source health data management framework, that follows a patient-centric approach. The proposed framework implements the Self-Sovereign Identity paradigm with innovative technologies such as Decentralized Identifiers and Verifiable Credentials. The framework uses Blockchain technology to provide immutability, verifiable data registry, and auditability, as well as an agent-based model to provide protection and privacy for the patient data. We also define different use cases regarding the daily patient-practitioner-laboratory interactions and specific functions to cover patient data loss, data access revocation, and emergency cases where patients are unable to give consent and access to their data. To address this design, a proof of concept is created with an interaction between patient and doctor. The most feasible technologies are selected and the created design is validated. We discuss the differences and novelties of this framework, which includes the patient-centric approach also for data storage, the designed recovery and emergency plan, the defined backup procedure, and the selected blockchain platform.
Paper Structure (32 sections, 11 figures, 3 tables)

This paper contains 32 sections, 11 figures, 3 tables.

Figures (11)

  • Figure 1: SSI architecture divided into two parts: (1) user wallet, encompassing all the components directly or indirectly used by the users to interact with the framework, and (2) blockchain platform, to provide authentication, authorization, and verifiable data registry.
  • Figure 2: Creation of a user certificate.
  • Figure 3: User authorization.
  • Figure 4: Information sharing alternatives.
  • Figure 5: Data access revocation workflow.
  • ...and 6 more figures