[Retracted] Electronic Healthcare Data Record Security Using Blockchain and Smart Contract

Nishi, Farjana Khanam; Shams-E-Mofiz, Mahizebin; Khan, Mohammad Monirujjaman; Alsufyani, Abdulmajeed; Bourouis, Sami; Gupta, Punit; Saini, Dinesh Kumar

doi:https://doi.org/10.1155/2022/7299185

Journal of Sensors

On this page

Abstract Introduction Analysis Conclusion Data Availability Conflicts of Interest Acknowledgments References Copyright Related Articles

Research Article Retraction

!

This article has been Retracted. To view the article details, please click the ‘Retraction’ tab above.

Special Issue

Smart and Wearable Sensors Technologies for Digital Healthcare

View this Special Issue

Research Article | Open Access

Volume 2022 | Article ID 7299185 | https://doi.org/10.1155/2022/7299185

[Retracted] Electronic Healthcare Data Record Security Using Blockchain and Smart Contract

Farjana Khanam Nishi,¹Mahizebin Shams-E-Mofiz,¹Mohammad Monirujjaman Khan,¹Abdulmajeed Alsufyani,²Sami Bourouis,³Punit Gupta,⁴and Dinesh Kumar Saini⁴

Academic Editor: Pradeep Kumar Singh

Received27 Sept 2021

Revised19 Apr 2022

Accepted15 May 2022

Published29 May 2022

Abstract

An electronic health record (EHR) is a technology that allows you to keep track of your health information. It keeps computerized records of several healthcare organizations. Records are exchanged via enterprise-wide data systems as well as other networking technologies and exchanges. Patients nowadays expect immediate access to their health information. However, the health sector comes with immediate access to data, and there are worries about the privacy and security of medical records of patients. As a result, a blockchain-based solution can assist in resolving this issue. The blockchain has the potential to beat the conventional centralized system, which suffers from a severe lack of accessibility. This is a decentralized technology that has recently been presented to provide a new viewpoint on data security and system efficiency. This paper presents a blockchain-based system that helps the patient’s data be managed and secured into a single record held by the patient. This system was developed using the Ethereum network using Ganache, as well as programming languages, tools, and techniques such as Solidity and web3.js. The measured approach suggested in this paper uses this platform to store patients’ data and execute functions in a decentralized system using blockchain smart contracts. Transactions are communicated through the smart contract once it has been launched, providing security and privacy features. Furthermore, the transaction’s desired alterations can be verified and transmitted to the entire distributed network. There is also a cryptocurrency wallet (MetaMask) that holds a centrally controlled, private information system in which records can be quickly accessed and secured by authorities. Doctors and patients can access the system through the wallet. Moreover, all the data of the doctor and patient will be secured and managed through this system. This proposed system is aimed at doing things such as the following: blockchain technology allows users to obtain the same data at the same time, increasing efficiency, developing credibility, and reducing barriers. It enables the secure storage of data by setting specific access for users. Additionally, this proposed system facilitates the secure transfer of patient medical records. Finally, this paper describes a health-record system and a new protocol that are quick and secure to use. It allows greater openness and ownership of sensitive data to be recorded and secured and also promotes the healthcare sector with blockchain.

1. Introduction

A blockchain is a decentralized network that uses peer-to-peer (p2p) technology to track all transactions. It lacks a centralized authority or a single point of contact. Rather, it is a group of nodes that keep the system functioning [1]. Each transaction is extremely safe because of the network’s nodes. Encryption provides an additional level of security to the connection. The digital record is duplicated at every node in the system [2]. Each node must verify the authenticity of a transaction before adding it back. A number of blocks make up a digital ledger. Each block gives a detailed report of each transaction [3]. Education, manufacturing, and the healthcare industry are just a few of the domains where blockchain has piqued interest. It contributes to the health sector in a variety of ways because it is a distributed and decentralized technology [4]. The Ethereum blockchain is powered by ETH, Ethereum’s native cryptocurrency. Ethereum is a decentralized blockchain technology that creates a peer-to-peer network for securely executing and verifying a smart contract code. It allows developers to build new sorts of ETH-based tokens that are used to power decentralized apps (dapps) via smart contracts. Participants can transact with one another without relying on a trusted central authority. A smart contract differs from blockchain technology in that it is a computer mechanism that operates automatically when specific circumstances are met. From a blockchain viewpoint, it brings logic to the blockchain. Smart contracts are identity contracts that include a peer-to-peer agreement’s terms of service [5]. It is a collection of code and data discovered at a specific position on the Ethereum blockchain. Smart contracts are used in our suggested approach to transfer records, grant access to medical care experts to see client records, or restrict access to medical care employees [6]. In the healthcare industry, there are various obstacles, such as keeping track of the huge volumes of data created by hospitals. Patient information will be highly secure with the implementation of smart contracts in medical associations. It will limit the number of data leaks caused by hackers [7].

Decentralization, security, privacy, and resilience through cryptographic algorithms are all elements of blockchain that have the potential to tackle the present difficulties in the healthcare industry. The digital healthcare service plays a critical role in keeping and storing data. However, it has a big issue with patient information leaking out. The existing healthcare system is insecure among several medical services because of data availability delays and the danger of data theft. Hospital records can be archived without the patient’s knowledge. Due to several challenges, such as security and accessibility of data, there has been no exploration or experimentation in the healthcare industry.

In today’s healthcare sector, securely accessing data within the network is a top focus of the proposed system. The blockchain-based system can generate excellent outcomes in many ways if used appropriately. It is an efficient and effective way to secure authentic information. The information is maintained as a ledger feature in blockchain technology with the smart contract, controlling the patient’s access to medical records. It guarantees security, ease of access, and other manufacturing aspects of administration, as well as privacy, validity, and authentication for this system.

In the near term, there will be a focus on building a helpful website based on blockchain technology that will secure all information gathered by doctors and patients. However, numerous research articles on the system of blockchain in healthcare have been published, with some of the most notable works included below.

Rathee et al. [8] described their application of IoT in healthcare. Their invented application allows for storage, processing, and transmission of patient data in a number of formats such as photos, text, and voice over the internet, utilizing a range of smart objects. However, many intruders can cause a variety of dangers to IoT devices. For this reason, they presented a security architecture for healthcare multimedia data using the blockchain approach in this publication. Sharma et al. [9] examined several directions that decentralization and smart contracts will take the Internet of Things in e-healthcare. They also offer a new architecture and discuss the benefits, problems, and future trends of combining all three. When compared to standard techniques, their suggested architecture beats them in terms of the average packet delivery ratio, average latency, and average energy savings. Poorni et al. [10] addressed a blockchain-based certificate concept for more authentication. It uses the blockchain’s integrity, so the serial numbers of certificates are saved on the blockchain rather than on the original certificates. The design incorporates alpha-blending of unique impressions to prevent further counterfeiting. Agbo et al. [11] performed an analysis of the current blockchain development in the healthcare industry. According to their findings, blockchain could be a feasible solution for a range of healthcare applications such as medicine management, biological research, and electronic health record administration. Sharma et al. [12] suggested a cyber-physical system for e-healthcare data transmission services that is both energy and service-level agreement (SLA) efficient. Through developments in the ad hoc on-demand distance vector (AODV) protocol, the suggested phenomena will be upgraded to assure security by identifying and deleting unwanted devices/nodes participating throughout the communication process. The framework targets two security concerns that have a significant impact on network services: grey and black holes. Pariselvam and Swarnamukhi [13] discussed the issues and various protective strategies for securing the privacy of health information in the cloud. A new cloud-based strategy for protecting patient information based on difficulties and varying security has been proposed. This approach provides for the encryption of strong and secure indicators using separate cryptographic keys, as well as the merging of protected data from many sources in the cloud without the content being known. It also provides reliable data access, allowing users to send an individual data request to the cloud before knowing what it will respond to. The proposal by Sharma and Rajiv [14] for an application of the cyber-physical system (CPS) for critical-healthcare data transfer services is discussed. CPS sensors provide patient health data to a medical practitioner at a remote location through a communication network. Simulations were run to demonstrate the suitability of the data transmission system’s quality according to a well-defined service-level agreement (SLA) formula. CPS performance characteristics such as the mean number of QSS s-t pathways, average hop counts, and average energy efficiencies are severely affected when other limitations such as energy and SLAs are taken into account. With the suggested trustworthy and energy-efficient data transfer, a medical practitioner can monitor a patient in real time. Lambay and Pakkir Mohideen [15] performed a comprehensive analysis of Big Healthcare Data, to explain how this may enhance outcomes for patients, detect disease breakouts, gather useful data, minimize avoidable illnesses, reduce healthcare expenditures, and maintain a healthy lifestyle. On the other hand, choosing the optimal use of data while respecting patient privacy and security is a difficult task. Existing technology’s restrictions must be recognized, and future study requirements must be evaluated. Zalloum and Alamleh [16] used the notion of e-healthcare in the conventional health system. Existing e-healthcare platforms, on the other hand, are not properly established and stable and, hence, lack the level of privacy, authenticity, identity, and user confidence that are required for universal use. The level of patient attention in the healthcare industry, as well as the quality of healthcare services provided, are two critical factors of any successful healthcare operation. In order to solve privacy issues, security issues like data access, identification, and transparency must be addressed, as end-to-end security is difficult to achieve without them. Hossein et al. [17] presented a blockchain-technology design for e-health systems that provides an efficient authentication protocol while retaining security, using blockchain’s unique properties such as data integrity and consumer security, while modifying the conventional blockchain structure to solve IoT application challenges (lack of performance, complexity, and unpredictability). The authors of paper [18] developed a blockchain-based electronic health record monitoring system and data security. Study [19] describes how to manage smart supply chains using blockchain and smart contracts. A secured insurance framework using blockchain and smart contract has been presented in [20].

After reviewing all the papers, it has been noticed that there is a lack of blockchain design and application in the healthcare sector, because they are not user-friendly and have no particular website that is merged with blockchain technology. However, the novelty of our system is that it improves the efficiency of the healthcare sector. It is also a less time-consuming method of healthcare than traditional healthcare because patients may receive services while still at home.

The major goal of this suggested system is to safely save all medical information in the cloud. It also assures the safe preservation of data and makes it available for doctors and patients. Another aspect to be confirmed is the Ethereum management framework’s ability to precisely implement complex computer models, which are required for the implementation of genuine smart contracts in the healthcare industry. Furthermore, the scope of this system allows the user to have quick access to documents and share medical records with their doctor. The contributions are listed below. (i)EHR web portal front-end platform design and execution(ii)Combining the EHR described above with the Ethereum blockchain platform and the smart contract(iii)Establishing that a patient’s medical record is safe, consistent, and accessible across all healthcare providers, as determined by the patient(iv)Experimentation with the suggested blockchain enables security, privacy, and interoperability

The objective of this study is to develop a blockchain-based system that helps in the security and management of patient data. This system uses blockchain technology with smart contracts to establish an iterative, secure, accessible, and decentralized healthcare ecosystem. People will be able to freely and securely share their medical records with doctors, hospitals, research institutions, and other groups while having complete control over their medical data privacy. Besides, this research looks towards the use of blockchain technology in a variety of uses that are growing rapidly.

The introduction of the paper has been provided in Section 1. The architecture for the suggested solution is provided in Section 2, which is named “Method and Methodology.” Section 3 focuses on the outcomes and discussion of performance parameters, describing the fundamentals of how blockchain contributes to e-healthcare before concluding with a system grouping and comparison of existing blockchain works. In Section 4, a conclusion is given on what we have done so far to invent the system that we want to build. Finally, Section 5 is a discussion of new technologies and potential applications as addressed by future work.

2. Method and Methodology

The proposed frameworks are formally described in this section. It explains the software platform that was utilized to create this framework and its benefits. The most well-known and important components of this framework’s implementation, Ethereum and Interplanetary File System (IPFS), are also described in the next section.

2.1. Fundamental Framework

2.1.1. Ethereum

Ethereum is a decentralized network that is built on blockchain technology. It was first deployed on the popular cryptocurrency Blockchain. Ethereum was created with the goal of creating an open-source and smart contract platform with blockchain functionalities. This technology also uses peer-to-peer networking to distribute itself. This network also uses Ethers, which are its own cryptocurrency. Ethereum also enables programmers with a language called Solidity that allows them to design their own blockchain. It was created for Ethereum’s smart contracts, which are the final feature.

Transactions are the means by which external entities connect with Ethereum. External users can use it to change the status of a document or set of data on the Ethereum blockchain network. There are some pieces that make up an Ethereum transaction, such as the sender–author, with a 20-byte address, and the receiver, who also has a 20-byte address. Even though there is a cost (the quantity of money transferred from the source to the destination and gas), each transaction on the blockchain network necessitates the payment of a cost by the author. Gas is the name given to this cost. The gas limitations and costs are included in every transaction, and the price of gas is the amount of money that the author of the transaction is willing to pay for gas. There is a lot of gas that can be spent on this transaction.

2.1.2. The Smart Contract

A smart contract is a set of commands that can be used to carry out any transaction on the blockchain. When users send transactions, this piece of code is run. They operate directly on the blockchain, rendering them impervious to manipulation and modification. Smart contracts deploy the Solidity programming language to program any form of activity on the blockchain. The programmers can compile the required operations after they have been programmed. They could then be run and deployed on the Ethereum blockchain after being compiled. JavaScript is a programming language that implements Ethereum’s Solidity language for writing the smart contract code.

2.1.3. Interplanetary File System (IPFS)

IPFS is a distributed data storage technology with a peer-to-peer network. Because IPFS data is safe from alteration and assures secure data storage, any attempt to alter data saved on IPFS can only be performed by changing the identifier. Hence, it provides a cryptographic identity to protect data from manipulation. Every data file stored on IPFS contains a cryptographically generated hash value. It only has one value and is used to identify data files stored on IPFS. The IPFS protocol makes use of a peer-to-peer (P2P) connection that includes an IPFS object, which contains data and linkages. The data is an array of disorganized binary values, while the link is a disorderly binary value. The IPFS protocol functions as follows: (i)IPFS files have a unique cryptographic hash allocated to them(ii)On the IPFS network, duplicate files are not permitted

2.2. Software Required

2.2.1. Ganache

It is a local Ethereum blockchain for the rapid creation of decentralized programs. Ganache can be used to deploy, develop, and test in a predictable and secure environment throughout the development cycle. It works both ways: as a desktop program and as a command-line tool (Ethereum).

2.2.2. MetaMask

It is an entry point that allows you to view the decentralized web of the future in your browser right now. It allows you to execute Ethereum decentralized applications without having to run a full Ethereum node in your browser.

2.2.3. Web3

Verification of transactions should be done in the chain in order to interact with the modules in the chain. To generate and verify a transaction, a participant in the network of another offline framework must relay it to the peer-to-peer (p2p) connection, which is an actual network. It also includes a library collection that makes it easier for Ethereum nodes and in-chain components to communicate. It is utilized on the server side for Node.js.

Web3 uses the Hypertext Transfer Protocol (HTTP) connection to connect to the Ethereum network via an Ethereum node. This could be a node in ETH wallets from the local system. MetaMask is an in-browser extension that allows you to operate from Ethereum accounts and can be used to integrate Ethereum with the website. MetaMask is a browser-based Ethereum wallet that connects the browser to a Web3 provider class. A Web3 provider is a data structure that provides a link to Ethereum nodes that are publicly available. A user can utilize, save, and maintain public and private keys that are unique to their account with the use of MetaMask. The combination of Ethereum, MetaMask, and web3.js, as well as a web interface, allows for back-end–front-end communication.

2.2.4. Truffle

It is a strong Ethereum Virtual Machine development environment that uses blockchains, as well as an asset pipeline and a test framework for the same. It has some features, such as computation, implementation, and maintenance of smart contracts, as well as binary dependency management. It also has an environment for testing smart contracts that is fully automated and a deployment and migration framework that can be scripted and expanded. It can create direct communication with the contract and a pipeline with tight integration. The Truffle environment is used to run programs.

2.2.5. VS Code

Microsoft’s Visual Studio Code is an editor for Windows, Linux, and macOS. Troubleshooting, Git management, GitHub, syntax underlining, smart code completion, samples, and bug fixes are all available.

2.2.6. Languages

The front-end design of our website has been created using HTML (Hypertext Markup Language), CSS (Cascading Style Sheets), and React.js. The server and back-end of the website are controlled using the Solidity programming language and Node.js. There are two tools, Truffle and Ganache, which are used for generating local Ethereum blockchains to build the system. The Ethereum virtual interface, MetaMask (as a wallet), Truffle (as an IDE), Yarn (command-line interface), Ganache (account creation), and Local Web3 (web interface) are used to establish the blockchain and access or use the system.

2.3. Protocol Layout

Figure 1 demonstrates the layout of the system whenever a patient chooses to view the medical records using MetaMask or the healthcare system’s decentralized website. By accessing the private key from the Ethereum wallet, the user is automatically logged in. The Ethereum wallet is a cold storage wallet. As a result, when compared to other hot wallets, the danger of compromise is quite low. Furthermore, if the gadget is misplaced, the patients can simply be given a new one without being penalized for losing their medical records. The wallet can be used in the same way to sign any document or for any verification needs. This wallet can also be used to perform multiparty patient verification. It can be used to build a role-based access control system for records as well as a blockchain-based distributed property identification system. In the event of a medical emergency, a similar multiple-party permission mechanism can be implemented to gain access to the patient’s records.

2.4. Block Diagram

Figure 2 illustrates the block diagram. Our proposed design has four major components: a user application, a blockchain handshake protocol, a cloud, and a public blockchain network. The system is a virtual representation that serves two purposes. For starters, it provides users with access to application interfaces. Doctors and system administrators are two types of users in our system. Each user has a distinct function. As a result, the user application delivers different user interfaces depending on the user role. Second, based on the data entered by the user, the user application creates an initial transaction. For the purpose of confirmation, the transaction is submitted to the blockchain handshake protocol. Finally, a user interface establishes the relationship between users and the blockchain handshake protocol.

The proposed architecture’s fundamental component is the blockchain handshake (BH) protocol. This component connects the database server, the blockchain network, and the cloud-based health record system, which acts as a wrapper. This proposed architecture makes use of the Ethereum blockchain network. A distributed ledger that connects blockchain nodes is known as the public blockchain network. Blockchain nodes are miners who are in charge of updating the blockchain based on the decision method. Alternatively, blockchain nodes accept transactions and use the network’s smart contracts to authenticate them.

In the proposed design, the cloud provides two services that are similar to those provided by existing cloud-based EHR administration systems. The EHR administration system is hosted as an initial service. Data storage is the next service. All health records can be saved in a database on the cloud. The EHR administration system takes transactions from the blockchain handshake protocol, performs all duties associated with them, and finally stores them in a cloud database. In response to user access requests, the cloud provides the necessary data.

2.5. Use Case Diagram of Proposed System

The use-case diagram is shown in Figure 3. This application’s use-case has three key entities: an administrator, a patient, and a doctor. Now, inputting profile details, which is a unique feature that grants access to all three organizations, is also included in the list of actions. The patient has access to three out of ten operations, while the doctor has access to three out of ten operations. Only the administrator has access to all ten actions, allowing them to examine and monitor all the information. The only operation that can change block data once it has been retrieved is writing the record of the patient, which can only be done by the doctor.

2.6. Flowchart of the Proposed System

Figure 4 shows the process of creating a medical record. The system’s first doctor will produce a medical record. After that, the doctor records each patient’s examination results. The metadata transaction for that medical record will be processed. A portion of data called transaction metadata is appended to a transaction after it has been processed. Regardless of whether a transaction is successful or not, all transactions that are recorded in a ledger have metadata. The transaction information provides a detailed description of the transaction’s conclusion. Following that, the medical file will be uploaded to the IPFS network. IPFS (Interplanetary File System) is a document system that allows transactions to be completed with minimal resources and time. We acquire a content address after a file is uploaded to the IPFS network.

The Ethereum transaction is the next stage. Ganache is required for Ethereum transactions since it provides addresses and private keys. The addresses are kept on file, and the transactions are visible to all. To carry out a transaction, the private keys are utilized to unlock these addresses. The Ethereum Virtual Machine (EVM) is used to process Ethereum transactions. The EVM is primarily used to conduct smart contract interactions, in which all nodes must agree that the transaction occurred every time someone interacts with the contract. After that, the EVM executes an immediate post contract in accordance with the transaction’s rules.

Ethereum retains a record of all previous transactions and the blockchain’s history, which is kept and confirmed through consent. Ethereum’s node operators, on the other hand, keep track of all smart contract interactions that take place on the Ethereum network. In this situation, the miner will be turned into a bot that will process transactions automatically whenever a transaction is received.

2.6.1. Process of Admin Dashboard

Figure 5 shows the process of the admin dashboard. There is a private key for each transaction ID in Ganache Ethereum (ETH wallet) for accessing the system as well as an admin where anyone can use this transaction ID as their own account. After getting the confirmation from the Ethereum wallet, the verified account can enter the admin dashboard. The administrator performs a variety of system management tasks here. The administrator can add and delete users, give confirmation for any update situation, check appointments with the doctor, and keep track of the appointments. Also, you can check and answer all the questions from the chatbot.

2.6.2. Process of Doctor Dashboard

Figure 6 depicts the mechanism of the doctor’s dashboard. With the appropriate information and a transaction ID, a doctor can finish the registration. The dashboard will only be accessible to the doctor; otherwise, access will be blocked. In addition to the admin’s responsibility of viewing appointments, the doctor performs five procedures on the dashboard. On the doctor’s dashboard, a doctor may see his own personal information. Doctors can update personal information such as their name, age, phone number, current address, and photo, as well as their educational qualifications if necessary. The doctor can evaluate a patient’s past medical records and personal information for future therapy. He can add extra data to the patient’s dashboard if he thinks it is essential. A doctor can change a patient’s record the same way an admin can. To avoid misunderstandings, the doctor can also delete any sort of record, including those that are several years old, from the patient’s dashboard. The most recent data is more accurate.

2.6.3. Process of Patient Dashboard

Figure 7 depicts the method of constructing a patient dashboard. With the proper information and a transaction ID, a patient can finish the registration. A patient can only view the dashboard if they have a registered ID and valid information. Otherwise, the patient’s access will be refused, and he or she will be required to input the right password. In addition to booking appointments, the patient performs three procedures on the dashboard. Two of them are the ability to view extensive information and medical records. Only after successful registration can patients read their personal information. Patients can also access their medical records, which have been supplied by their doctor. Patients can make changes to their personal information, such as their name, age, phone number, current address, and photo, if required.

3. Result and Analysis

The process of getting access to the proposed system is discussed in this section. This system is built with Truffle and Ganache, two easy-to-use tools for creating local Ethereum blockchains. The server and back-end of the system have been controlled using the Solidity language and Node.js.

To create a blockchain and access the system, the Ethereum virtual interface, MetaMask (as a wallet), Truffle (as an IDE), Yarn (command-line interface), Ganache (account creation), and Local Web3 (web interface) are used.

3.1. Step-by-Step Process of the System (Front-End Part)

3.1.1. Homepage

Figure 8 illustrates the homepage of the system. To access this homepage, a user needs to create an account. After that, users can access this system through the homepage. There are three portals on this homepage. The system administrator is one, while the patient and doctor are the other users. In addition to the admin, doctor, and patient portals, this website features an appointment bar and a chatbot on the top page. Furthermore, doctors, patients, and admin need a unique account to get access to this homepage. But, if a user uses the wrong information or the same account address to create an admin account, the system will show the access denied message.

Figure 9(a) shows the appointment-making bar. This bar is used for making time slots to visit the hospital, and users can ask for the next appointment or visit the time slot of a doctor through this bar. Figure 9(b) shows a chatbot. A user or patient can contact the hospital authorities from home using this chatbot. Furthermore, patients or anybody who visits the website can make an appointment request or text the hospital with the necessary details. All of the appointments and texts are visible to the doctor and the administrator. They will get back to you as soon as they can.

(a)

(b)

3.1.2. Admin Panel

This system’s admin interface is seen in Figure 10. Admins can add doctors and patients to the system, as well as delete current users, using the admin interface (doctor and patient). The administrator has their own unchangeable and inaccessible account in this system, which has the authority to create and delete users (doctor and patient). For the sake of authenticity and security, no one else has access to this. The Admin can look up appointments and notify doctors about their patient list. He can also plan the appointment based on the number of patients. He can also provide information about appointments and other responses to the questions and appointments.

(1) Add Doctor. Figure 11 shows the process of adding a doctor. Figure 11(a) shows the doctor registration module where you need to fill in the details of a doctor such as name; date of birth; email ID; mobile number; doctor ID, which is an account address from Ganache Ethereum; city; state; and specialty. Figure 11(b) shows the confirmation message from MetaMask that is used as a smart contract. Through MetaMask, all the information about the doctor will be stored, and the system will get the confirmation message for authentication. But, if a user uses the wrong information or the same account address, the system will show an access denied message. Finally, this smart contract ensures the security of the doctor’s data.

(a)

(b)

(2) Add Patient. Figure 12 describes the method of adding a patient. Figure 12(a) depicts the patient registration module, which requires you to input patient information such as names, email addresses, phone numbers, and patient IDs, which is a Ganache Ethereum account address. After filling up all of the spaces with the required information, the user must click the “Add Doctor” button to store the data, then move on to the next process. The confirmation message from MetaMask, which is employed as a smart contract, is shown in Figure 12(b). All of the patient’s information will be saved using MetaMask, and the system will get a confirmation message for authentication. To save all of the data, the MetaMask notification displays the Ethereum currency rate in detail on the screen. It stores all of the data in the Ethereum currency format. The system will display an access forbidden message if a user enters incorrect information or the same account address. Finally, the security of the patient’s data is ensured by this smart contract.

(a)

(b)

(3) Delete User. Figure 13 shows the user deletion process from the system. Figure 13(a) shows the user deletion where only the admin has the right to delete a doctor and patient as a user from the list. To delete any user, you have to select the type of user and the ID of the user, such as the doctor and patient. Figure 13(b) shows the confirmation message from MetaMask that is used as a smart contract. Through MetaMask, all the information about the patient and doctor will be deleted, and the system will get the confirmation message for authentication. Furthermore, the admin can also erase the essential data of a retired doctor and a patient who has been discharged or died a long time ago.

(a)

(b)

3.1.3. Doctor’s Panel

Figure 14 shows the doctor’s panel. In the doctor’s panel, the doctor can view as well as edit their information. Furthermore, doctors can add patient records as well as update the records. When a doctor-patient consultation is over, the doctor has the ability to delete the patient’s record.

(1) Doctor’s View and Edit Information. Figure 15 shows how a doctor can view and edit his personal information. Figure 15(a) shows the confirmation message through MetaMask after searching for the doctor’s ID. Figure 15(b) shows the doctor’s information, such as their name, the area of specialization, and qualifications, after getting a confirmation message. A doctor can also edit their information, like if he or she can edit their qualifications, and so on. After updating, all information will be saved and secured through MetaMask.

(a)

(b)

(2) Prescription of the Patient. Figure 16 shows the medical record of a patient who can only be operated on by a doctor. It is essentially a patient’s prescription. A doctor can upload a patient’s medical record, which will include the patient’s personal information as well as medical records. Figure 16(a) depicts the section where a doctor will enter the patient’s personal information. The doctor will fill in the empty fields with information such as name, birth year, phone number, and email address. In addition, the doctor might leave a comment for the patient in order to establish a cordial relationship. Part of the prescription is shown in Figure 16(b), which includes a list of essential medical medicines and testing. After a patient has been diagnosed, the doctor can add medication names, doses, clinical tests, and side remarks to motivate the patient. If the patient requires new medicine or a new clinical test, he can update his medical record depending on his prescription. Patients’ records will be removed if the doctor so desires to reduce unwanted congestion. Figure 16(c) illustrates the prescription saving option as well as the smart contract (meta mask). Whatever information a doctor adds, modifies, or deletes from a patient’s medical record, it will all be kept and safeguarded using smart contracts based on the Ethereum wallet (ETH wallet).

(a)

(b)

(c)

3.1.4. Patient’s Panel

Figure 17 shows the patient’s panel. A patient can view and modify their personal information on the patient’s panel if any changes have occurred. Patients can now see their medical records that physicians have uploaded. A patient can examine a doctor’s comprehensive prescription but cannot make any adjustments for any sort of offence.

(1) View Medical Record of the Patient. Figure 18 shows the view of patient medical records. The patient will view all the information that his or her doctor will prescribe. Since there is a unique ID for every patient, every patient’s medication will be different. There is an exact date and time to consult with the doctor, and the doctor’s name is also on the list. There is a list of sickness problems in the category section, such as heart disease, fever, and migraines, where doctors can define the problem of a patient. After finding the patient’s problem, the doctor can take action by suggesting medicine. Finally, patients can print their medical records if they want.

(2) View and Edit of the Patient’s Information. Figure 19 shows how a patient can view and edit his personal information. Patients need to search for their own ID. After that, the confirmation message will be shown through MetaMask. After getting a confirmation message, patients can view their information such as their name, address, age, contact number, blood group, height, and weight. A patient can also edit their info. After updating, all information will be saved and secured through MetaMask.

3.2. Process to Get Access to the Proposed System (Back-End Part)

3.2.1. Deploying Transaction Using Ethereum Blockchain

Figure 20 illustrates the personal Ethereum blockchain, represented by Ganache. It has been used for testing and deployment of the system. For testing and local development, Ganache offers some virtual accounts with 100 ETH. It provides a comparable capability to Ganache when deployed on the Ethereum main net. Some of the fake transactions are executed by virtual accounts on the application, together with transaction hashes and the contract address to which they were deployed. Each transaction’s currency value is also displayed in a column.

The first step on the back-end is to download and install Ganache Ethereum from the Truffle Suite. The Truffle Suite is a world-class development environment for decentralized applications (dapps) and smart contracts on the blockchain. After completing the Ganache installation, you must establish a new workspace named the ehr_project. Then, in the project directory, add the Truffle from truffle-config.js. After that, this will show secure unique addresses, the index, balance, and corresponding private keys to create accounts for accessing the system. The Ganache will keep the accounts’ privacy and serial numbers safe.

3.2.2. Connection to the Server Using Smart Contract

Figure 21 depicts the system’s connection via smart contracts. MetaMask is utilized as a smart contract to connect to the system. Contracts are created that provide metadata about record titles, access, and data integrity. Cryptographically signed instructions for controlling these characteristics are included in this system’s blockchain transactions. Only legal transactions ensuring data alternation are used by the contract’s state-transition functionalities to carry out policies. As long as a medical record can be stored electronically, these laws can be built to enforce any set of rules controlling it.

This smart contract, which is run on blockchain technology, might be designed to include all of the conditions such as handling various permits and data access. It can be observed that a number of stakeholders are involved in this scheme, each performing different tasks. This will make it easier for doctors and patients to communicate. Smart contracts include data authorization rules. It can also assist in tracing all activities associated with a unique ID from the point of origin to the point of submission. Different situations have been created and explained, as well as all of the functions and procedures that are included in the smart contracts.

The function can be supervised and approved directly through the smart contract. There is no need for a centralized authority to do so, which decreases the cost of the administration significantly. To enhance efficiency, all medical record data are saved in a local database storage.

3.2.3. Creating Account through Smart Contract

Figure 22 shows the process of creating an account step-by-step, where Figure 22(a) shows account information from Ganache Ethereum, which allows users to use a browser to access a decentralized system without having a full node of the blockchain. Figure 22(b) shows the importing of private keys through MetaMask that eliminates the requirement for a multiparty and ensures that contracts can be implemented quickly. This MetaMask, an Ethereum wallet, is to solve the issue of misusing crypto keys. A password-protected Ethereum wallet is a piece of software that may be used to store secret keys and to sign, authorize, and manage transactions using electronic health records. The secret keys of the admin, doctor, and patient will be stored in the MetaMask wallet, which may be used anywhere private key permission is required. Figure 22(c) shows the account ID from Ganache to the Ethereum wallet where the full MetaMask wallet will then connect to the system and function in accordance with the ehr_project, and the admin will get instant access to enter the system through this account.

(a)

(b)

(c)

3.2.4. Installation Dependencies to Run the System on the Local Server

Figure 23 illustrates the package installation and execution process of the system using Yarn dependencies. Yarn package management is used to run the system from the command line. It is simple to use and share. Yarn handles this procedure fast, safely, and consistently. It will complete the process of connecting the system to the server at a local level.

3.2.5. Truffle Migration and Deployment to Compile and Execute the Contracts

Figure 24 illustrates a snapshot of the implementation in which a Truffle migrates and deploys on a blockchain with a smart contract, as well as the execution on the Ethereum network. Truffle migrations allow you to upload smart contracts to the Ethereum blockchain (local) and set up the essential procedures for integrating transactions with other transactions and providing contracts with initial data.

Users also need to require the new contract and add a deployer statement inside the function if they want to deploy another contract from the same migration file. Two different smart contracts will be deployed as a result of this migration. Moreover, this process executes the smart contract for the system.

3.3. Discussion

We reviewed the current demands of the health sector, the flaws in the present system, and our suggested Ethereum-based healthcare management solutions in this paper, providing an overview of the state of new treatments, highlighting issues with the present healthcare system that hamper personalized medicine implementation, and illustrating how our proposed approach addresses these issues. We also looked at the cost of deploying smart contracts in different healthcare settings and discovered that the cost rises linearly with the number of outpatients. As a result of these factors, healthcare departments such as gynecology and surgery have increased charges as a result. However, it can be observed quantitatively that the cost of deploying smart contracts is relatively affordable, and as a result, such an Ethereum-based system for the deployment of smart contracts is a viable option.

By improving the accessibility, accuracy, security, and cost of creating and maintaining electronic health records (EHRs), care coordination, data security, and interoperability concerns are just a few of the challenges that blockchain in healthcare can solve. Healthcare facilities remain a primary target of cybercriminals because they allow medical researchers to share their work, collaborate, and gain consent for data collection and access. According to data collected by the security firm, the rate of cyberattacks on hospitals increased during the COVID-19 pandemic. During the COVID-19 pandemic, shortages of critical medical equipment and supplies revealed how vulnerable healthcare professionals are to supply chain interruptions. In healthcare, one interesting application of blockchain is in the management of patient data.

3.4. Comparison with Existing Papers

Table 1 compares the deficiencies of this proposed work and its materials to the flaws of other papers. Several very strong security mechanisms have been implemented in this article, making the system extremely safe and reliable. Other studies, on the other hand, have mostly ignored these issues, which has resulted in their systems becoming unsafe and vulnerable to hacking. Because it has an immutable ledger, smart contracts, proper transactions, and straightforward refund and return mechanisms, this paper is up to par. There is a problem with every point made in the previous article. The fundamental cause of the website’s failure was the inability of some of them to properly integrate smart contracts.

4. Conclusion

The standard medical record-keeping method is inefficient, and it necessitates a tremendous amount of storage space to retain the results of all medical tests for all patients. The data in prior systems was unstructured, making it impossible to transmit information. Because of the massive volume of data produced by the healthcare industry, we need to start thinking about improving our data management methods without risking the data’s security and privacy. Because of the confidentiality data, there will be additional changes. This change brings many issues that need to be addressed, and blockchain successfully addresses the fundamental issues.

This system allows the patient to grant and withdraw any record-specific authorization to the authorities with a single tap. This automation has been made much easier to deploy due to Ethereum and smart contracts. The suggested wallet serves as a bridge for providing secure and convenient access to the blockchain, as well as hassle-free secret key maintenance. It can also act as a link for patients who are uncertain about migrating their information to electronic health records (EHRs). The system’s cryptographic encryption methods, which are difficult and impossible to crack, will offer security and dependability. It has been determined that this system has achieved the majority of the project’s objectives, namely, authentication data exchange of medical reports utilizing blockchain security, and it is expected that the project’s implementation will meet the users’ needs. As a result, the authentication, data exchange, and security of medical reports have already been completed successfully utilizing blockchain. The system also deals with the problems caused by direct disease transmission in hospitals, like the ongoing COVID-19 situation, mainly through physical copies of medical records and the increased risk associated with additional human chain contamination.

5. Future Work

A blockchain, in which records are maintained in a linked sequence of blocks, has made it feasible to create and deploy new programs based on a distributed and decentralized ideology rather than traditional cloud-based apps. The present smart contract will be extended to improve the lookup and provide the advanced features required by an EHR administration system. Future development could most likely aim at providing a real-time video conference communication feature. In this COVID-19 outbreak, it is highly recommended.

Another possibility is that the payment module will eventually be integrated into the existing architecture. This can be accomplished via a decentralized architecture based on blockchain technology, in which a patient pays for a specialist’s consultation with a credit or debit card. In the event of verification, the NID number can be included.

With the introduction of Ganache, we now have the opportunity to experiment with a similar technique utilizing a private blockchain. It will involve enhancing lookup and supporting the extra capabilities required by an EHR management solution. In addition, there will be a comparison of present and future methodologies.

Data Availability

No data was utilized to support this research findings.

Conflicts of Interest

The authors declare that they have no conflicts of interest to report regarding the present study.

Acknowledgments

The authors are thankful for the support from Taif University Researchers Supporting Project (TURSP-2020/115), Taif University, Taif, Saudi Arabia.

References

K. Tiwari, S. Kumar, and R. K. Tiwari, “SURAKSHIT: a blockchain enabled healthcare model for privacy assurance and data security,” Journal of Critical Reviews, vol. 7, no. 13, pp. 2493–2511, 2020.
View at: Google Scholar
L. Academy, “Consensus protocols,” 2019, https://lisk.io/academy/blockchain-basics/how-does-blockchain-work/consensus-protocols.
View at: Google Scholar
J. Yli-Huumo, D. Ko, S. Choi, S. Park, and K. Smolander, “Where is current research on blockchain technology-a systematic review,” Plos One, vol. 11, no. 10, 2016.
View at: Google Scholar
P. A. Laplante, M. Kassab, N. L. Laplante, and J. M. Voas, “Building caring healthcare systems in the Internet of Things,” Systems Journal, vol. 12, no. 3, pp. 3030–3037, 2018.
View at: Publisher Site | Google Scholar
A. Gharat, P. Aher, P. Chaudhari, and B. Alte, “A framework for secure storage and sharing of electronic health records using blockchain technology,” ITM Web of Conferences, vol. 40, article 03037, 2021.
View at: Publisher Site | Google Scholar
R. Sreeraj, A. Singh, and V. Anbarasu, “Preserving EMR records using blockchain,” Annals of Romanian Society for cell Biology, vol. 25, no. 6, pp. 5344–5350, 2021.
View at: Google Scholar
R. Harika and B. ThirumalaRao, “Survey on smart healthcare using blockchain,” Journal of Critical Reviews, vol. 7, no. 14, pp. 615–621, 2020.
View at: Google Scholar
G. Rathee, A. Sharma, H. Saini, R. Kumar, and R. Iqbal, “A hybrid framework for multimedia data processing in IoT-healthcare using blockchain technology,” Multimedia Tools and Applications, vol. 79, no. 15-16, pp. 9711–9733, 2020.
View at: Publisher Site | Google Scholar
A. Sharma, Sarishma, R. Tomar, N. Chilamkurti, and B. G. Kim, “Blockchain based smart contracts for internet of medical things in e-Healthcare,” Electronics, vol. 9, no. 10, p. 1609, 2020.
View at: Publisher Site | Google Scholar
R. Poorni, M. Lakshmanan, and S. Bhuvaneswari, “DIGICERT: a secured digital certificate application using blockchain through smart contracts,” in 2019 International Conference on Communication and Electronics Systems (ICCES), pp. 215–219, Coimbatore, India, 2019.
View at: Google Scholar
C. C. Agbo, Q. H. Mahmoud, and J. M. Eklund, “Blockchain technology in healthcare: a systematic review,” Multidisciplinary Digital Publishing Institute, In Healthcare, vol. 7, no. 2, p. 56, 2019.
View at: Publisher Site | Google Scholar
A. Sharma, G. Rathee, R. Kumar et al., “A secure, energy- and SLA-efficient (SESE) E-healthcare framework for quickest data transmission using cyber-physical system,” Sensors, vol. 19, no. 9, p. 2119, 2019.
View at: Publisher Site | Google Scholar
S. Pariselvam and M. Swarnamukhi, “Encrypted cloud based personal health record management using DES scheme,” in IEEE International Conference on System, Computation, Automation and Networking (ICSCAN), pp. 1–6, Pondicherry, India, 2019.
View at: Google Scholar
A. Sharma and R. Kumar, “Service level agreement and energy cooperative cyber physical system for quickest healthcare services,” Journal of Intelligent & Fuzzy System, vol. 36, no. 5, pp. 4077–4089, 2019.
View at: Google Scholar
M. A. Lambay and S. Pakkir Mohideen, “Big data analytics for healthcare recommendation systems,” in International Conference on System, Computation, Automation and Networking (ICSCAN),, pp. 1–6, Pondicherry, India, 2020.
View at: Google Scholar
M. Zalloum and H. Alamleh, “Privacy preserving architecture for healthcare information systems,” in IEEE International Conference on Communication, Networks and Satellite (Comnetsat), pp. 429–432, Batam, Indonesia, 2020.
View at: Google Scholar
K. M. Hossein, M. E. Esmaeili, T. Dargahi, and A. Khonsari, “Blockchain-based privacy-preserving healthcare architecture,” in IEEE Canadian Conference of Electrical and Computer Engineering (CCECE), pp. 1–4, Edmonton, AB, Canada, 2019.
View at: Google Scholar
K. T. A. M. Hasib, I. Chowdhury, S. Sakib et al., “Electronic health record monitoring system and data security using blockchain technology,” Security and Communication Networks, vol. 2022, Article ID 2366632, 15 pages, 2022.
View at: Publisher Site | Google Scholar
M. D. Turjo, M. M. Khan, M. Kaur, and A. Zaguia, “Smart supply chain management using the blockchain and smart contract,” Scientific Programming, vol. 2021, Article ID 6092792, 12 pages, 2021.
View at: Publisher Site | Google Scholar
A. Hassan, M. I. Ali, R. Ahammed, and M. M. Khan, “Secured insurance framework using blockchain and smart contract,” Scientific Programming, vol. 1155, Article ID 2366632, 2022.
View at: Publisher Site | Google Scholar
M. G. Kim, A. R. Lee, H. J. Kwon, J. W. Kim, and I. K. Kim, “Sharing medical questionnaires based on blockchain,” in 2018 IEEE International Conference on Bioinformatics and Biomedicine (BIBM), pp. 2767–2769, Madrid, Spain, 2018.
View at: Publisher Site | Google Scholar
M. Gupta, “PR wallet based blockchain access protocol to secure EHRs,” Blockchain and IoT Integration, Auerbach Publications, pp. 65–76, 2021.
View at: Google Scholar

Copyright

Copyright © 2022 Farjana Khanam Nishi et al. This is an open access article distributed under the Creative Commons Attribution License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

PDF Download Citation

Download other formats

Order printed copies

Views

8301

Downloads

2140

Citations