Page 347 - Special Topic Session (STS) - Volume 4
P. 347
STS1080 Asma A. et al.
patients the ability to remove read rights from reading the EHR and deleting
the EHR. The GDPR states the user must have the right to be forgotten.
Consequently, this scenario tests the removal of patient data.
Scenario 4 - Data type scenario: This scenario tests how Hyperledger
blockchains interact with different kinds of data. Within this scenario, the
blockchain will have to cope with images and text to mimic the data used
within the healthcare industry such as X-Ray’s and their annotations.
Scenario 5- Encryption Scenario: This scenario tests the cryptographic
capabilities available on the Hyperledger. To ensure that connection to the
blockchain is secure and protected from man in the middle attacks a level of
security must be available.
Finally, to run these scenarios we have created different roles with different
permissions. These permissions and roles will mirror some of the different
roles used in the healthcare sector and will illustrate how a permissioned
blockchain can be utilised in different use case scenarios.
- Admin: complete access to all users and system resources.
- Member: Create, delete, read and update their own participant
information.
- Medical institution: Create, delete, read and update their own
participant information. A medical institution such as a hospital can
view their employees’ participant information and manage medical
practitioners such as doctors, pharmacists, surgeons…etc.
- Medical practitioner: Create, delete, read and update their own
participant information, Read/ update permissioned HER (If authorised
by the patient) or refer it to other practitioners (granting access rights
for other practitioner on HER they have been authorised to manage).
- Patient: Create, delete, read and update their own participant
information and HER, grant or remove access rights to practitioners on
their HER.
3. Results
This section will compile all the results from the implemented blockchain
environment.
2.1. Security
Throughout each scenario, validation has been used to increase the fault
tolerance of the developed blockchain. Even though, Hyperledger Fabric is
described as fault tolerant; it does not enforce any fault tolerance within
chaincode leaving it up to the developer.
Basic Scenario used access control to restrict resource utilisation to
named roles (patients, medical practitioners and medical institutions). This
achieves a superficial level of confidentiality by keeps personal data private to
blockchain participants. Further to this, Basic Scenario showcases 2 key
336 | I S I W S C 2 0 1 9