Redactable Blockchain and Its Applications in Medical Field: History
View Latest Version
Please note this is an old version of this entry, which may differ significantly from the current revision.
Contributor:
Jianwei Hu
,
Kaiqi Huang
,
Genqing Bian
,
Yanpeng Cui

Electronic Health Records (EHRs) are a relatively new computer technology that can help major medical systems cope with the complex problems of traditional medical records, such as storage and sharing. As blockchain technology evolves, it has become a crucial component in medical data sharing.

  • redactable blockchain
  • data sharing
  • electronic health record

1. Introduction

Electronic Health Records (EHRs) are a relatively new computer technology that can help major medical systems cope with the complex problems of traditional medical records, such as storage and sharing [1]. The COVID-19 pandemic has also led independent healthcare organizations to develop their own EHR management systems [2][3].
The traditional EHR model relies on a centralized storage center. With the application of cloud services, more and more medical institutions are transferring data to cloud service providers [4][5]. The traditional EHR model also allows for data sharing within a limited range of healthcare organizations. However, the conventional EHR model faces several challenges:
1.
Health data is exceedingly sensitive and necessitates robust protection. Storage servers, however, may compromise user privacy for financial gain. For instance, although users authorize professional healthcare staff to access their health data, storage servers could leak users’ personalized EHRs for medical research, drug advertising, and other purposes without obtaining users’ consent, thereby enhancing their profits [6].
2.
When medical disputes arise, users may suspect that the original EHRs stored in the storage systems have been tampered with due to their mistrust of third parties. Moreover, sharing data stored in these systems across different platforms with specific access control policies is challenging [7].
Blockchain technology provides a public, digitized, distributed ledger, as first proposed by Nakamoto [8]. It has been widely used in cryptocurrency transactions, such as Bitcoin [8], Ether [9], HyperLedger [10], and ZeroCash [11], and has become the key technology for data-sharing systems [12]. All nodes in the blockchain construct a peer-to-peer (P2P) network to interconnect. All participating nodes are equal, collaboratively providing services without a single central point, which can avoid the risk of the single-point bottleneck.
Due to its excellent characteristics of decentralization, openness, and so on, the blockchain-based EHR model can widely carry out data sharing [13][14]. It is worth noting that the blockchain-based EHR model has the characteristics of decentralization and openness compared with the traditional EHR model, which is very suitable for multi-party medical data sharing. The blockchain-based EHR model is the future trend of EHR model development. However, introducing a blockchain-based EHR model with the possibility of third-party storage institutions leads to not completely decentralized storage, and the related privacy protection scheme is still worth perfecting [15][16].
With the introduction of the General Data Protection Regulation (GDPR), the concept of the user’s “right to be forgotten” has been widely recognized, and the immutability of blockchain is contrary to this. Therefore, redactable blockchain has been widely proposed [17][18][19]. Presently, redactable blockchains primarily find application in the Internet of Things (IoT) [20][21][22].

2. Traditional EHR Models

Cloud-based Electronic Health Record (EHR) models form the foundation of most contemporary healthcare data management systems. For instance, Zhou et al. introduced a cloud storage-based multi-copy medical data storage scheme [4]. This solution enables multiple parties to share medical data. However, it heavily relies on a third-party auditor, necessitating a shift towards decentralization.
Furthermore, Hua et al. proposed CINEMA, a framework that allows users to query medical data at the service provider level without requiring decryption [5]. Notably, the decryption process is exclusive to users, enhancing access to online medical services while mitigating data leakage risks. However, CINEMA requires cloud servers with high computing and storage performance to enable simultaneous queries from millions of users.
Additionally, Wei et al. developed RS-HABE, a revocable hierarchical encryption storage scheme leveraging Attribute-Based Encryption (ABE) [23]. This scheme incorporates user revocation, key delegation, and ciphertext update functionalities. However, RS-HABE is encumbered by lengthy key generation times and sizable key lengths, necessitating substantial storage space for key retention.
It is worth noting that traditional EHR models are becoming increasingly aligned with the medical needs of the current era. For example, traditional EHR models adopt cloud services, eliminating the data-sharing issues prevalent in previous EHR models. Moreover, the implementation of encryption makes traditional EHR models more secure.
While these schemes provide secure storage and fine-grained access control in the cloud, they still face challenges, such as preventing internal malicious attacks and cloud server crashes.
Hence, this research proposes a distributed blockchain-based system as an alternative to cloud servers for data storage and privacy protection.

3. Blockchain-Based EHR Models

Traditional EHR models have shortcomings, and many researchers are exploring using blockchain to address challenges in medical data sharing. The primary applications of blockchain technology in this context revolve around patient privacy protection and efficient patient data management.
Firstly, blockchain-based healthcare data-sharing schemes show potential for adequate patient privacy protection. For instance, Xu et al. proposed a blockchain-based medical IoT privacy protection scheme named HealthChain [24]. Though effective, HealthChain’s double-chain structure escalates computational costs. Meanwhile, Wang et al. developed MedShare, a trusted data-sharing platform utilizing innovative contracts, offering fine-grained access control to enhance patient privacy [6]. However, Xu et al.’s blockchain-based scheme for COVID-19 pandemic tracing relies on third-party storage services, introducing potential privacy leakage risks [12].
Secondly, blockchain technology promises advantages in healthcare data management. A data-sharing scheme in the consortium blockchain illustrates how users can initiate search requests to data owners [25]. Nonetheless, this system lacks full decentralization. Wang’s blockchain-based data management scheme for the Internet of Medical Things (IoMT) calls for nuanced user privacy distinction to prevent potential information leaks [26]. Zhang and Poslad [16] utilized Shamir’s secret sharing to authenticate users and doctors for fine-grained access authorization. However, in Zhang et al.’s scheme, EMRs are stored in a blockchain, which is maintained in a trusted cloud, leading to centralization. Zaabar et al. proposed a decentralized storage scheme called HealthBlock [27]. In HealthBlock, the introduction of blockchain and IPFS technology has enabled a decentralized medical system, and this decentralized storage is conducive to preventing data leaks and sharing medical data.
It is worth noting that the blockchain-based EHR model has the characteristics of decentralization and openness compared with the traditional EHR model, which is very suitable for multi-party medical data sharing. Moreover, with continuous research improvement, a blockchain-based EHR model can effectively protect patients’ medical privacy data. It can be said that the blockchain-based EHR model is the future trend of EHR model development [28][29].
Although blockchain-based EHR models are the emerging trend in this field, numerous challenges must be addressed. The primary issues involve achieving maximum decentralization and protecting user privacy to the greatest extent possible. These problems require our immediate attention and resolution [13][14][30].
Furthermore, it is critical to highlight that blockchain-based EHR models can safeguard users’ privacy effectively. However, there is ample room for improvement, particularly in balancing privacy protection with operational efficiency. Blockchain-based EHR models must also prevent the privacy issues third parties pose whenever possible [15][31].
Thus, the central question posed in this research is how can we strengthen privacy protection without compromising efficiency and how can we decentralize related systems to the greatest possible degree?

4. Redactable Blockchain and Its Applications in the Medical Field

The unique properties of blockchain technology, including decentralization, immutability, and anonymity, have attracted significant attention from researchers [32][33][34]. However, malicious actors can also exploit these characteristics for illicit activities, such as inserting unlawful information and taking advantage of blockchain’s immutability [35][36]. In light of the emerging concept of the “right to be forgotten”, the immutable nature of blockchain necessitates adaptation to contemporary needs [37]. Consequently, the field of redactable blockchains has garnered substantial attention. Redactable blockchain has been extensively studied, and many models have emerged [38][39][40].
Redactable blockchains are primarily employed in the Internet of Things (IoT) [20][22]. For instance, Wei et al. propose a redactable blockchain-based framework for federated learning [21]. The method employs a trapdoor distributed management mode, making it difficult to tamper with blockchain data. Additionally, Xu et al. [41] proposed a redactable identity management scheme in which users can delete or modify their identity information on the chain when they exit the network after completing authentication. It is worth noting that these redactable blockchain models used in the IoT field exhibit excellent performance. These solutions enable decentralized management and storage.
However, the redactable blockchain applications mentioned above are specific to the IoT context. The application of redactable blockchain in the medical field necessitates corresponding modifications and adjustments. The primary reason for these changes is that in the IoT environment, blockchain-based applications should prioritize speed [42]. At the same time, the demand for privacy protection in the medical field is more significant than that, in the IoT environment. In the medical field, blockchain-based applications must prioritize user privacy. If user privacy is compromised, it may lead to the disclosure of patients’ disease information, medical data, and other sensitive information, resulting in significant losses for patients [43][44].
However, a scheme outlined in [45] utilized a redactable blockchain in the healthcare sector at a block-level data editing scale. This approach requires modifying all data on the block when only a single piece requires alteration, impeding efficient data maintenance on the redactable blockchain. In contrast, Rahul et al. introduced DS-Chain, an EHR storage system based on a deletable blockchain [46]. However, it lacks the functionality to add and modify medical data. Lastly, Zhang et al. developed a medical data-sharing system using a redactable blockchain with chameleon hashing, maintaining hash consistency pre- and post-block modification [47]. However, this system’s reliance on an administrator for the chameleon hash’s trapdoor raises potential security concerns.

This entry is adapted from the peer-reviewed paper 10.3390/electronics12204240

References

  1. Kalkman, S.; van Delden, J.; Banerjee, A.; Tyl, B.; Mostert, M.; van Thiel, G. Patients’ and public views and attitudes towards the sharing of health data for research: A narrative review of the empirical evidence. J. Med. Ethics 2022, 48, 3–13.
  2. Tan, L.; Yu, K.; Shi, N.; Yang, C.; Wei, W.; Lu, H. Towards secure and privacy-preserving data sharing for COVID-19 medical records: A blockchain-empowered approach. IEEE Trans. Netw. Sci. Eng. 2021, 9, 271–281.
  3. Abd-Alrazaq, A.A.; Alajlani, M.; Alhuwail, D.; Erbad, A.; Giannicchi, A.; Shah, Z.; Hamdi, M.; Househ, M. Blockchain technologies to mitigate COVID-19 challenges: A scoping review. Comput. Methods Programs Biomed. Update 2021, 1, 100001.
  4. Zhou, L.; Fu, A.; Mu, Y.; Wang, H.; Yu, S.; Sun, Y. Multicopy provable data possession scheme supporting data dynamics for cloud-based electronic medical record system. Inf. Sci. 2021, 545, 254–276.
  5. Hua, J.; Zhu, H.; Wang, F.; Liu, X.; Lu, R.; Li, H.; Zhang, Y. CINEMA: Efficient and privacy-preserving online medical primary diagnosis with skyline query. IEEE Internet Things J. 2018, 6, 1450–1461.
  6. Wang, M.; Guo, Y.; Zhang, C.; Wang, C.; Huang, H.; Jia, X. MedShare: A privacy-preserving medical data sharing system by using blockchain. IEEE Trans. Serv. Comput. 2021, 16, 438–451.
  7. Mishra, R.; Ramesh, D.; Edla, D.R.; Sah, M.K. Binary binomial tree based secure and efficient electronic healthcare record storage in cloud environment. In Proceedings of the I4CS 2020: Innovations for Community Services, Bhubaneswar, India, 12–14 January 2020; pp. 173–186.
  8. Nakamoto, S. (2008) Bitcoin: A Peer-to-Peer Electronic Cash System. Available online: http://www.bitcoin.org/bitcoin.pdf (accessed on 31 October 2008).
  9. Wood, G. Ethereum: A secure decentralised generalised transaction ledger. Ethereum Proj. Yellow Pap. 2014, 151, 1–32.
  10. Aggarwal, S.; Kumar, N. Hyperledger. In Advances in Computers; Elsevier: Amsterdam, The Netherlands, 2021; Volume 121, pp. 323–343.
  11. Sasson, E.B.; Chiesa, A.; Garman, C.; Green, M.; Miers, I.; Tromer, E.; Virza, M. Zerocash: Decentralized anonymous payments from bitcoin. In Proceedings of the 2014 IEEE Symposium on Security and Privacy, Berkeley, CA, USA, 18–21 May 2014; IEEE: Piscataway, NJ, USA, 2014; pp. 459–474.
  12. Xu, H.; Zhang, L.; Onireti, O.; Fang, Y.; Buchanan, W.J.; Imran, M.A. BeepTrace: Blockchain-enabled privacy-preserving contact tracing for COVID-19 pandemic and beyond. IEEE Internet Things J. 2020, 8, 3915–3929.
  13. Hackers Hit Broward Health Network, Potentially Exposing Data on 1.3M Patients, Staff. Available online: https://www.fiercehealthcare.com/tech/hackers-hit-broward-health-network-potentially-exposing-medical-data-1-3m-patients-staff (accessed on 4 January 2022).
  14. Alzahrani, S.; Daim, T.; Choo, K.K.R. Assessment of the Blockchain Technology Adoption for the Management of the Electronic Health Record Systems. IEEE Trans. Eng. Manag. 2023, 70, 2846–2863.
  15. Zou, R.; Lv, X.; Zhao, J. SPChain: Blockchain-based medical data sharing and privacy-preserving eHealth system. Inf. Process. Manag. 2021, 58, 102604.
  16. Zhang, X.; Poslad, S. Blockchain Support for Flexible Queries with Granular Access Control to Electronic Medical Records (EMR). In Proceedings of the 2018 IEEE International Conference on Communications (ICC), Kansas City, MO, USA, 20–24 May 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 1–6.
  17. Jia, M.; Chen, J.; He, K.; Du, R.; Zheng, L.; Lai, M.; Wang, D.; Liu, F. Redactable Blockchain From Decentralized Chameleon Hash Functions. IEEE Trans. Inf. Forensics Secur. 2022, 17, 2771–2783.
  18. Ye, T.; Luo, M.; Yang, Y.; Choo, K.K.R.; He, D. A Survey on Redactable Blockchain: Challenges and Opportunities. IEEE Trans. Netw. Sci. Eng. 2023, 10, 1669–1683.
  19. Xu, Y.; Xiao, S.; Wang, H.; Zhang, C.; Ni, Z.; Zhao, W.; Wang, G. Redactable Blockchain-based Secure and Accountable Data Management. IEEE Trans. Netw. Serv. Manag. 2023.
  20. Ren, Y.; Cai, X.; Hu, M. Privacy-preserving redactable blockchain for Internet of Things. Secur. Commun. Netw. 2021, 2021, 4485311.
  21. Wei, J.; Zhu, Q.; Li, Q.; Nie, L.; Shen, Z.; Choo, K.K.R.; Yu, K. A redactable blockchain framework for secure federated learning in industrial Internet of Things. IEEE Internet Things J. 2022, 9, 17901–17911.
  22. Huang, K.; Zhang, X.; Mu, Y.; Rezaeibagha, F.; Du, X. Scalable and redactable blockchain with update and anonymity. Inf. Sci. 2021, 546, 25–41.
  23. Wei, J.; Chen, X.; Huang, X.; Hu, X.; Susilo, W. RS-HABE: Revocable-storage and hierarchical attribute-based access scheme for secure sharing of e-health records in public cloud. IEEE Trans. Dependable Secur. Comput. 2019, 18, 2301–2315.
  24. Xu, J.; Xue, K.; Li, S.; Tian, H.; Hong, J.; Hong, P.; Yu, N. Healthchain: A blockchain-based privacy preserving scheme for large-scale health data. IEEE Internet Things J. 2019, 6, 8770–8781.
  25. Wang, Y.; Zhang, A.; Zhang, P.; Wang, H. Cloud-assisted EHR sharing with security and privacy preservation via consortium blockchain. IEEE Access 2019, 7, 136704–136719.
  26. Wang, D.H. IoT based clinical sensor data management and transfer using blockchain technology. J. IoT Soc. Mobile Anal. Cloud 2020, 2, 154–159.
  27. Zaabar, B.; Cheikhrouhou, O.; Jamil, F.; Ammi, M.; Abid, M. HealthBlock: A secure blockchain-based healthcare data management system. Comput. Netw. 2021, 200, 108500.
  28. Chen, Y.; Meng, L.; Zhou, H.; Xue, G. A blockchain-based medical data sharing mechanism with attribute-based access control and privacy protection. Wirel. Commun. Mob. Comput. 2021, 2021, 6685762.
  29. Liu, Y.; Du, Y.; Zhang, Y.; Li, Y.; Cyril, L.; Miao, C.; Tan, Q.; Tian, Z. A Blockchain-Based Personal Health Record System for Emergency Situation. Secur. Commun. Netw. 2022, 2022, 4941214.
  30. Tao, F.; Ying, J.; Junli, F. Medical and health data security model based on alliance blockchain. Comput. Sci. 2020, 47, 305–311.
  31. Qiu, H.; Qiu, M.; Liu, M.; Memmi, G. Secure health data sharing for medical cyber-physical systems for the healthcare 4.0. IEEE J. Biomed. Health Inform. 2020, 24, 2499–2505.
  32. Li, X.; Jiang, P.; Chen, T.; Luo, X.; Wen, Q. A survey on the security of blockchain systems. Future Gener. Comput. Syst. 2020, 107, 841–853.
  33. Berdik, D.; Otoum, S.; Schmidt, N.; Porter, D.; Jararweh, Y. A survey on blockchain for information systems management and security. Inf. Process. Manag. 2021, 58, 102397.
  34. Belchior, R.; Vasconcelos, A.; Guerreiro, S.; Correia, M. A survey on blockchain interoperability: Past, present, and future trends. ACM Comput. Surv. (CSUR) 2021, 54, 1–41.
  35. Ma, J.; Xu, S.; Ning, J.; Huang, X.; Deng, R.H. Redactable blockchain in decentralized setting. IEEE Trans. Inf. Forensics Secur. 2022, 17, 1227–1242.
  36. Xu, S.; Ning, J.; Ma, J.; Huang, X.; Deng, R.H. K-time modifiable and epoch-based redactable blockchain. IEEE Trans. Inf. Forensics Secur. 2021, 16, 4507–4520.
  37. Tziakouris, G. Cryptocurrencies—A forensic challenge or opportunity for law enforcement? an interpol perspective. IEEE Secur. Priv. 2018, 16, 92–94.
  38. Ateniese, G.; Magri, B.; Venturi, D.; Andrade, E. Redactable blockchain–or–rewriting history in bitcoin and friends. In Proceedings of the 2017 IEEE European symposium on security and privacy (EuroS&P), Paris, France, 26–28 April 2017; IEEE: Piscataway, NJ, USA, 2017; pp. 111–126.
  39. Deuber, D.; Magri, B.; Thyagarajan, S.A.K. Redactable blockchain in the permissionless setting. In Proceedings of the 2019 IEEE Symposium on Security and Privacy (SP), San Francisco, CA, USA, 19–23 May 2019; IEEE: Piscataway, NJ, USA, 2019; pp. 124–138.
  40. Palm, E.; Schelén, O.; Bodin, U. Selective blockchain transaction pruning and state derivability. In Proceedings of the 2018 Crypto Valley Conference on Blockchain Technology (CVCBT), Zug, Switzerland, 20–22 June 2018; IEEE: Piscataway, NJ, USA, 2018; pp. 31–40.
  41. Xu, J.; Xue, K.; Tian, H.; Hong, J.; Wei, D.S.; Hong, P. An identity management and authentication scheme based on redactable blockchain for mobile networks. IEEE Trans. Veh. Technol. 2020, 69, 6688–6698.
  42. Remaining Challenges of Blockchain Adoption and Possible Solutions. Available online: https://www.finextra.com/blogposting/18496/remaining-challenges-of-blockchain-adoption-and-possible-solutions (accessed on 27 May 2020).
  43. Alfaidi, A.; Semwal, S. Privacy Issues in mHealth Systems Using Blockchain. In Proceedings of the Future of Information and Communication Conference, San Francisco, CA, USA, 3–4 March 2022; Springer: Cham, Switzerland, 2022; pp. 877–891.
  44. Yaqoob, I.; Salah, K.; Jayaraman, R.; Al-Hammadi, Y. Blockchain for healthcare data management: Opportunities, challenges, and future recommendations. Neural Comput. Appl. 2021, 34, 11475–11490.
  45. Wang, X.; Zheng, D.; Guo, R. Electronic Medical Record Sharing Solution for Editable Blockchain. In Proceedings of the 2021 3rd International Conference on Natural Language Processing (ICNLP), Beijing, China, 26–28 March 2021; IEEE: Piscataway, NJ, USA, 2021; pp. 93–103.
  46. Mishra, R.; Ramesh, D.; Edla, D.R.; Qi, L. DS-Chain: A secure and auditable multi-cloud assisted EHR storage model on efficient deletable blockchain. J. Ind. Inf. Integr. 2022, 26, 100315.
  47. Zhang, T.; Zhang, L.; Wu, Q.; Mu, Y.; Rezaeibagha, F. Redactable blockchain-enabled hierarchical access control framework for data sharing in electronic medical records. IEEE Syst. J. 2023, 17, 1962–1973.
More
© Text is available under the terms and conditions of the Creative Commons Attribution (CC BY) license; additional terms may apply. By using this site, you agree to the Terms and Conditions and Privacy Policy.
This entry is offline, you can click here to edit this entry!
Video Production Service
Feedback