Blockchain-Based Secure and Privacy-Preserving Clinical Data Sharing and Integration
This paper is an exploration to securely integrate geo-scattered medical data silos and to provide privacy-preserving data sharing via blockchain and cryptography. We leverage broadcast encryption, key regression, data privacy classification, blockchain and smart contract holistically to address such a challenge. In our design, a patient’s medical records are divided into multiple parts with different sensitivities according to personal privacy requirements. Each part is encrypted with a symmetric encryption key and it is broadcast encrypted to a pre-defined user set. Data encryption keys are generated by a key regression scheme, where keys used to encrypt low-sensitivity data parts can be derived from keys used to encrypt high-sensitivity data parts. With such a mechanism, we can enforce strict access and privacy control on medical data. Furthermore, we use Ethereum blockchain to connect various institutions to provide efficient data sharing, and we design smart contracts to implement the business logic of medical data sharing.