|
1
|
Ullah F, He J, Zhu N, Wajahat A, Nazir A, Qureshi S, Pathan MS, Dev S. Blockchain-enabled EHR access auditing: Enhancing healthcare data security. Heliyon 2024; 10:e34407. [PMID: 39253236 PMCID: PMC11381610 DOI: 10.1016/j.heliyon.2024.e34407] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 06/01/2024] [Revised: 07/08/2024] [Accepted: 07/09/2024] [Indexed: 09/11/2024] Open
Abstract
In the realm of modern healthcare, Electronic Health Records EHR serve as invaluable assets, yet they also pose significant security challenges. The absence of EHR access auditing mechanisms, which includes the EHR audit trails, results in accountability gaps and magnifies security vulnerabilities. This situation effectively paves the way for unauthorized data alterations to occur without detection or consequences. Inadequate EHR compliance auditing procedures, particularly in verifying and validating access control policies, expose healthcare organizations to risks such as data breaches, and unauthorized data usage. These vulnerabilities result from unchecked unauthorized access activities. Additionally, the absence of EHR audit logs complicates investigations, weakens proactive security measures, and raises concerns to put healthcare institutions at risk. This study addresses the pressing need for robust EHR auditing systems designed to scrutinize access to EHR data, encompassing who accesses it, when, and for what purpose. Our research delves into the complex field of EHR auditing, which includes establishing an immutable audit trail to enhance data security through blockchain technology. We also integrate Purpose-Based Access Control (PBAC) alongside smart contracts to strengthen compliance auditing by validating access legitimacy and reducing unauthorized entries. Our contributions encompass the creation of audit trail of EHR access, compliance auditing via PBAC policy verification, the generation of audit logs, and the derivation of data-driven insights, fortifying EHR access security.
Collapse
Affiliation(s)
- Faheem Ullah
- Faculty of Information Technology, Beijing University of Technology, Beijing, China
| | - Jingsha He
- Faculty of Information Technology, Beijing University of Technology, Beijing, China
| | - Nafei Zhu
- Faculty of Information Technology, Beijing University of Technology, Beijing, China
| | - Ahsan Wajahat
- Faculty of Information Technology, Beijing University of Technology, Beijing, China
| | - Ahsan Nazir
- Faculty of Information Technology, Beijing University of Technology, Beijing, China
| | - Sirajuddin Qureshi
- Faculty of Information Technology, Beijing University of Technology, Beijing, China
| | | | - Soumyabrata Dev
- School of Computer Science, University College Dublin, Dublin, Ireland
| |
Collapse
|
|
2
|
Lacson R, Yu Y, Kuo TT, Ohno-Machado L. Biomedical blockchain with practical implementations and quantitative evaluations: a systematic review. J Am Med Inform Assoc 2024; 31:1423-1435. [PMID: 38726710 PMCID: PMC11105130 DOI: 10.1093/jamia/ocae084] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [MESH Headings] [Grants] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 01/16/2024] [Revised: 03/26/2024] [Accepted: 04/16/2024] [Indexed: 05/22/2024] Open
Abstract
OBJECTIVE Blockchain has emerged as a potential data-sharing structure in healthcare because of its decentralization, immutability, and traceability. However, its use in the biomedical domain is yet to be investigated comprehensively, especially from the aspects of implementation and evaluation, by existing blockchain literature reviews. To address this, our review assesses blockchain applications implemented in practice and evaluated with quantitative metrics. MATERIALS AND METHODS This systematic review adapts the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) framework to review biomedical blockchain papers published by August 2023 from 3 databases. Blockchain application, implementation, and evaluation metrics were collected and summarized. RESULTS Following screening, 11 articles were included in this review. Articles spanned a range of biomedical applications including COVID-19 medical data sharing, decentralized internet of things (IoT) data storage, clinical trial management, biomedical certificate storage, electronic health record (EHR) data sharing, and distributed predictive model generation. Only one article demonstrated blockchain deployment at a medical facility. DISCUSSION Ethereum was the most common blockchain platform. All but one implementation was developed with private network permissions. Also, 8 articles contained storage speed metrics and 6 contained query speed metrics. However, inconsistencies in presented metrics and the small number of articles included limit technological comparisons with each other. CONCLUSION While blockchain demonstrates feasibility for adoption in healthcare, it is not as popular as currently existing technologies for biomedical data management. Addressing implementation and evaluation factors will better showcase blockchain's practical benefits, enabling blockchain to have a significant impact on the health sector.
Collapse
Affiliation(s)
- Roger Lacson
- Department of Biomedical Informatics & Data Science, Yale School of Medicine, New Haven, CT 06510, United States
| | - Yufei Yu
- Division of Biomedical Informatics, Department of Medicine, University of California San Diego, La Jolla, CA 92093, United States
- Department of Biomedical Informatics, University of California San Diego Health, La Jolla, CA 92093, United States
| | - Tsung-Ting Kuo
- Division of Biomedical Informatics, Department of Medicine, University of California San Diego, La Jolla, CA 92093, United States
- Department of Biomedical Informatics, University of California San Diego Health, La Jolla, CA 92093, United States
| | - Lucila Ohno-Machado
- Department of Biomedical Informatics & Data Science, Yale School of Medicine, New Haven, CT 06510, United States
- Division of Biomedical Informatics, Department of Medicine, University of California San Diego, La Jolla, CA 92093, United States
- Department of Biomedical Informatics, University of California San Diego Health, La Jolla, CA 92093, United States
| |
Collapse
|
|
3
|
Chai D, Liu Z, Wang L, Duan H, Zhao C, Xu C, Zhang D, Zhao Q, Ma P. Effectiveness of Medication Reconciliation in a Chinese Hospital: A Pilot Randomized Controlled Trial. J Multidiscip Healthc 2023; 16:3641-3650. [PMID: 38034875 PMCID: PMC10683647 DOI: 10.2147/jmdh.s432522] [Citation(s) in RCA: 0] [Impact Index Per Article: 0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Download PDF] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 08/22/2023] [Accepted: 11/02/2023] [Indexed: 12/02/2023] Open
Abstract
Background Implementing medication reconciliation (MR) was complex and challenging because of the variability in the guidance provided for conducting. The processes of MR adopted in China were different from that recommended by the World Health Organization. A pilot study to inform the design of a future randomized controlled trial to determine the effectiveness of these two workflows was undertaken. Methods Patients taking at least one home/regular medication for hypertension, diabetes, or coronary heart disease were recruited at admission, and then were randomized using a computer-generated random number in a closed envelope. In the study group, the pharmacist reviewed electronic medical record systems before communication with patients. In the control group, pharmacists communicated with patients at patient's admission. The time investment of pharmacists for MR process, the number of unintended medication discrepancies, and physician acceptance were tested as outcome measures. Results One hundred and forty adult patients were randomized, of which 66 patients in the intervention received MR within 24 hours, while 58 patients in control received MR at some point during admission. The most common condition in the study group was hypertension (coronary heart disease in the control group). The workflow of the study group can save an average 7 minutes per patient compared with the WHO recommended process [17.5 minutes (IQR 14.00, 28.25) vs 24.5 minutes (IQR17.75, 35.25), p = 0.004]. The number of unintended discrepancies was 42 in the study group and 34 in the control group (p = 0.33). Physicians' acceptance in the study and control groups were 87.5% and 92.3%, respectively (p = 0.87). Conclusion The results suggest that changes in outcome measures were in the appropriate direction and that the time limit for implementing MR can be set within 48 hours. A future multi-centre RCT study to determine the effectiveness of MR is feasible and warranted.
Collapse
Affiliation(s)
- Dongyan Chai
- Department of Pharmacy, Henan Provincial People’s Hospital, Zhengzhou University People’s Hospital, Henan University People’s Hospital, Zhengzhou, HenanPeople’s Republic of China
- International Medical Center of Henan Province, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
| | - Zhihui Liu
- Department of General Practice, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
| | - Liuyi Wang
- Department of General Practice, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
| | - Hongyan Duan
- International Medical Center of Henan Province, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
- Department of General Practice, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
| | - Chenglong Zhao
- Department of Pharmacy, Henan Provincial People’s Hospital, Zhengzhou University People’s Hospital, Henan University People’s Hospital, Zhengzhou, HenanPeople’s Republic of China
| | - Chengyang Xu
- International Medical Center of Henan Province, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
| | - Dongyan Zhang
- Department of Pharmacy, Henan Provincial People’s Hospital, Zhengzhou University People’s Hospital, Henan University People’s Hospital, Zhengzhou, HenanPeople’s Republic of China
| | - Qiongrui Zhao
- Department of Clinical Research Service Center, Henan Provincial People’s Hospital, Zhengzhou, Henan, People’s Republic of China
| | - Peizhi Ma
- Department of Pharmacy, Henan Provincial People’s Hospital, Zhengzhou University People’s Hospital, Henan University People’s Hospital, Zhengzhou, HenanPeople’s Republic of China
| |
Collapse
|
|
4
|
Liu W, Zhang Y, Yang H, Meng Q. A Survey on Differential Privacy for Medical Data Analysis. ANNALS OF DATA SCIENCE 2023; 11:1-15. [PMID: 38625247 PMCID: PMC10257172 DOI: 10.1007/s40745-023-00475-3] [Citation(s) in RCA: 1] [Impact Index Per Article: 1.0] [Reference Citation Analysis] [Abstract] [Key Words] [Track Full Text] [Subscribe] [Scholar Register] [Received: 02/28/2023] [Revised: 05/16/2023] [Accepted: 05/22/2023] [Indexed: 12/01/2023]
Abstract
Machine learning methods promote the sustainable development of wise information technology of medicine (WITMED), and a variety of medical data brings high value and convenience to medical analysis. However, the applications of medical data have also been confronted with the risk of privacy leakage that is hard to avoid, especially when conducting correlation analysis or data sharing among multiple institutions. Data security and privacy preservation have recently played an essential role in the field of secure and private medical data analysis, where many differential privacy strategies are applied to medical data publishing and mining. In this paper, we survey research work on the applications of differential privacy for medical data analysis, discussing the necessity of medical privacy-preserving, the advantages of differential privacy, and their applications to typical medical data, such as genomic data and wearable device data. Furthermore, we discuss the challenges and potential future research directions for differential privacy in medical applications.
Collapse
Affiliation(s)
- WeiKang Liu
- Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China
| | - Yanchun Zhang
- Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China
- Institute of Sustainable Industries and Liveable Cities, Victoria University, Melbourne, Australia
| | - Hong Yang
- Cyberspace Institute of Advanced Technology, Guangzhou University, Guangzhou, China
| | - Qinxue Meng
- College of Information Engineering, Suzhou University, Suzhou, China
| |
Collapse
|
|
5
|
Lei M, Xu L, Liu T, Liu S, Sun C. Integration of Privacy Protection and Blockchain-Based Food Safety Traceability: Potential and Challenges. Foods 2022; 11:2262. [PMID: 35954029 PMCID: PMC9367899 DOI: 10.3390/foods11152262] [Citation(s) in RCA: 5] [Impact Index Per Article: 2.5] [Reference Citation Analysis] [Abstract] [Key Words] [Grants] [Track Full Text] [Download PDF] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Received: 07/04/2022] [Revised: 07/21/2022] [Accepted: 07/23/2022] [Indexed: 01/14/2023] Open
Abstract
Concern about food safety has become a hot topic, and numerous researchers have come up with various effective solutions. To ensure the safety of food and avoid financial loss, it is important to improve the safety of food information in addition to the quality of food. Additionally, protecting the privacy and security of food can increase food harvests from a technological perspective, reduce industrial pollution, mitigate environmental impacts, and obtain healthier and safer food. Therefore, food traceability is one of the most effective methods available. Collecting and analyzing key information on food traceability, as well as related technology needs, can improve the efficiency of the traceability chain and provide important insights for managers. Technology solutions, such as the Internet of Things (IoT), Artificial Intelligence (AI), Privacy Preservation (PP), and Blockchain (BC), are proposed for food monitoring, traceability, and analysis of collected data, as well as intelligent decision-making, to support the selection of the best solution. However, research on the integration of these technologies is still lacking, especially in the integration of PP with food traceability. To this end, the study provides a systematic review of the use of PP technology in food traceability and identifies the security needs at each stage of food traceability in terms of data flow and technology. Then, the work related to food safety traceability is fully discussed, particularly with regard to the benefits of PP integration. Finally, current developments in the limitations of food traceability are discussed, and some possible suggestions for the adoption of integrated technologies are made.
Collapse
Affiliation(s)
- Moyixi Lei
- College of Information Science and Technology, Zhongkai University of Agriculture and Engineering, Guangzhou 510225, China; (M.L.); (L.X.); (T.L.)
- National Engineering Research Center for Information Technology in Agriculture, Beijing 100097, China
| | - Longqin Xu
- College of Information Science and Technology, Zhongkai University of Agriculture and Engineering, Guangzhou 510225, China; (M.L.); (L.X.); (T.L.)
| | - Tonglai Liu
- College of Information Science and Technology, Zhongkai University of Agriculture and Engineering, Guangzhou 510225, China; (M.L.); (L.X.); (T.L.)
| | - Shuangyin Liu
- College of Information Science and Technology, Zhongkai University of Agriculture and Engineering, Guangzhou 510225, China; (M.L.); (L.X.); (T.L.)
| | - Chuanheng Sun
- National Engineering Research Center for Information Technology in Agriculture, Beijing 100097, China
| |
Collapse
|