STS1080 Asma A. et al.
                  According  to  a  panel  of  experts  at  the  digital  health  conference  in  2011,
                  Electronic medical records (EHRs) are valued at $50 at the black market which
                  is extremely high in comparison to $0.25 for a credit card number (Adefala,
                  2018). One incident occurred at Howard University Hospital in 2012, where the
                  medical  technician  released  the  patients’  names,  addresses  and  Medicare
                  numbers to black market, solely for financial gains. Other attack on healthcare
                  industry is the CEO Phishing attacks, where the hacker masquerades as an
                  authority to induce individuals to reveal personal data. These attacks have high
                  risks  as  the  reveal  data  can  include  patients’  information,  or  employees’
                  distinct details including social security number, addresses, salaries etc. One
                  example of CEO Phishing attack is the attack on Magnolia Health Corporation
                  (MHC),  where  the  hacker  was  successful  to  obtain  substantial  information
                  about its employees using a spoofed email from its CEO. Other recent attack
                  incidents include the ransomware attack on National Health Service (NHS) in
                  2017, where, the hackers used malware to encrypt NHS files. In order to access
                  the data, the hackers demand a ransomware of about 300$ in the form of
                  bitcoins (Gayle, 2017). Further, these attacks result in the cancellation of over
                  6,900 NHS appointments.

                  1.2. Related work
                      In order to secure data and prevent attacks, various solutions are proposed
                  to  tackle  such  scenarios.  We  categorize  these  solutions  into  two  major
                  categories:  (1)  Cloud-based  solutions,  and  (2)  Blockchain-based  solutions.
                  Indeed,  various  cloud  applications  have  been  explored  within  healthcare
                  industry specifically for managing EHRs and patient’s information. Clouds can
                  minimize  the  cost  subsequently,  thus  motivating  to  improve  different
                  healthcare  services.  For instance,  prescription  expenses  can  be  reduced by
                  80% while utilizing cloud-based services (Omar Alia, 2018). Due to centralized
                  and ubiquitous nature of  the clouds, it provides a  fantastic opportunity to
                  access data (patient or employee) at any time from any place. One such cloud-
                  based  system  is  proposed  by  Dhatri,  which  allowed  physicians  to  access
                  patients medical data at any given time (Vassiliki Koufi, 2010).  On the other
                  hand, blockchain is in its early stage of development, and there are few use-
                  cases in healthcare industry. For example, applications such as BitHealth and
                  MedRec,  which  are  designed  to  support  healthcare  applications.  BitHealth
                  uses bitcoin for storing and securing healthcare data and focuses on privacy.
                  Bitcoin is used for payments and for insurance companies to retrieve medical
                  history. However, it uses proof of work algorithm and depending on the size
                  of the blockchain it will be slow and energy inefficient. The other use-case,
                  MedRed, is an EHR management system created by MIT which focuses on
                  improving tracking of these records. Patients also have some degree of control
                  with their information and permissions are given to the patients, so they can
                  decide  whether  to  share  data  with  professionals.  MedRed  is  based  on

                                                                     333 | I S I   W S C   2 0 1 9