Blockchain-based Privacy Protection Mechanism For Electronic Health Records

With the continuous development of Bitcoin,blockchain technology has come into people's perspective.The blockchain was first used only in cryptocurrency,such as zero currency,Bitcoin and so on.With continuous in-depth study of experts on blockchain,it shows that blockchain technology can be applied other industries,such as financial industry,medical industry,and energy industry.In the medical industry,because of the high value of electronic health records(EHRs),the privacy issues of these records have attracted more and more attention.Traditional electronic health records management systems store the records in third-party databases.So,the ownership of electronic health records is controlled by the third party.Patients have no permission to access it,the records may be deleted,modified and leaked by the-third party maliciously.The Blockchain has the characteristics of "Decentralization" and " Unmodifiable",which ensures that the data stored in the blockchain cannot be changed.Most of existing electronic health records management systems pay attention to the user's data privacy,that is,it is stored encrypted data in database,but these systems ignore the safety problem when the patient interacts with other characters.For example,in the process of claim settlement,the insurance company have right to check the patient's electronic health records,which actually violates the privacy of the patient.In this paper,we propose a scheme for patient's privacy protection based on blockchain,which includes patents,hospital,and insurance companies.We aim at to solve the problems of existing electronic health records management systems,such as such as patients cannot access control and unauthorized nodes can view patient's plaintext data.The scheme we proposed uses Smart contract to make patients have right to control access.We enable patients have absolute ownership to control who have right access records.In this paper,we use homomorphic encryption technology to realize the function that insurance company can deal with claim settlement,which insurance company cannot view user ID and plaintext.The proxy re-encryption technology is used to quickly generate the conversion key when transfer records between two hospitals.In the process of interaction,patient have authorized to other nodes,the nodes who was unauthorized cannot view any sensitive data,this strengthens the privacy protection of users ‘privacy data.This thesis focuses on analyzing the interaction process of different roles under different application requirements based on the premise of patients' privacy and carries out security analysis and performance evaluation.We realize the automatic claim smart contract and we simulated the process of automatic claim settlement.In this paper,we introduce the functions,data types and interface design which in claim smart contract.At the same time,we comparedthe mining time,the time of storing data and the cost of deploying contracts under different key lengths.