MEPCA: a technical model to improve on-chain electronic health records processing

Abstract

The integration of blockchain technology within the healthcare industry has garnered significant attention due to its potential to address critical challenges such as data privacy, interoperability, and the integrity of health records. Although electronic health record (EHR) standards such as HL7 FHIR and OpenEHR have established frameworks for data consistency and system interoperability, concerns remain about the privacy and security of sensitive patient information, particularly in light of regulations such as the Health Insurance Portability and Accountability Act (HIPAA), the General Data Protection Regulation (GDPR), and the Lei Geral de Proteção de Dados (LGPD). Most related work stores only data hash on blockchain nodes, making data validation impossible from a blockchain perspective, which raises the risks of invalid or malicious data being provided. This work introduces the MEPCA model, a novel framework grounded in five core principles that explore the application of blockchain and cryptographic technologies in the management of health records, focusing on maximizing the use of on-chain resources for the processing of EHR data. Our main contribution is to provide guidance and techniques to maximize the adoption of decentralized solutions in the healthcare industry, with practical use cases and technical analysis. Our model introduces novel elements for secure data sharing, called Data Steward and Shared Data Vault, and proposes an innovative method that generates Zero-Knowledge Proofs of HL7 FHIR required fields for hash digests. We run technical experiments with Fully Homomorphic Encryption (FHE) algorithms to evaluate on-chain data analysis using a dataset with 1.3 million records and evaluates on-chain data processing and storage with a 10 thousand HL7 FHIR dataset with plain and hash representation. Our findings suggest that maximizing on-chain processing can improve the security and reliability of health records, offering a robust alternative to traditional off-chain data processing approaches. The adoption of the MEPCA model can bring an evolution to the healthcare industry, allowing society and institutions to have a more secure and efficient digital infrastructure for EHR.