170 Software Based on Blockchain Technology for Consolidation the Medical Data about the Patients Examination Andriy Pukas, Vitalii Smal, Vadym Zabchuk Department of Computer Science, Ternopil National Economic University, UKRAINE, Ternopil, 8 Chekhova str., email: apu@tneu.edu.ua, vitalii.smal@gmail.com, vadzab5@gmail.com Abstract: Software architecture based on blockchain Production engineers and healthcare professionals [1, 2] technology for efficient medical records exchanging in worldwide see blockchain technologies [3] as a way to safe mode, data confidentiality protecting, and giving to efficiently exchange medical records in safe mode, protect patients more control over their medical information is the data privacy from hackers, and give patients more control described in this paper. New software system architecture over their information. was proposed to consolidate medical data on patient The development of a blockchain-based system that would screening based on blockchain technology and consolidate patient medical data from different providers decentralization principles, which increased the level of should address such issues as fragmentary and slow access to data access security in heterogeneous medical systems. patient medical data, incompatibility of medical information Keywords: software, data consolidation, blockchain, systems, and improve the quality and quantity of data for patient examination. medical research. I. INTRODUCTION II. TASK STATEMENT Hospital-based medical information systems are becoming The aim of research is to consolidate medical data on increasingly popular worldwide. Paper medical cards are patient surveys from various medical institutions and increase gradually losing their relevance, being replaced by hospital- the level of access security to such data, based on creation a based medical information systems. Generally doctors are prototype of software system built on principles of used them and already know how to use them properly. Such decentralization and blockchain architecture. systems have many advantages. First, the electronic card will Research objectives: never get lost, and the patient will not be able to take it home. - analysis of modern electronic medical systems; Thus, the information is always kept in medical facility. The - design a secure and compatible software system for the second advantage of an e-card is that there is no need to look medical data consolidation; for it to be later handed over to an appropriate specialist by - implementation a prototype of software system based on the receptionist. All data is always available on a doctor's blockchain technology. computer. Another advantage is that it eliminates the need for It is easy to assume that when a doctor examines a patient a permanent patching of additional sheets, advisory opinions, or gives them a new prescription, the patient will agree to add analyses and research results. All such information is a reference or "index" to blockchain - a decentralized recorded into the specified fields of the program, which gives electronic system similar to the bitcoin [4]. But instead of the necessary information at doctor's first request. It also making payments, this block chain will write medical enables several specialists of the clinic to simultaneously get information in a cryptographic database supported by a access to patient's electronic card contents. It makes possible network of computers that is accessible to anyone who works for doctors not only to simultaneously read the patient's card, with it. Each index that the physician will add to the journal but also to fill it. This feature significantly optimizes the will become part of the patient's registry, regardless of which medical staff activities. electronic system the doctor used. Therefore, any other Despite the advantages, they also have drawbacks. They doctor will be able to use it without worrying about the issues are very fragmented and decentralized. Another problem is of incompatibility. that such systems are not unified and different medical institutions use different means of electronic data storage. III. ANALYSIS OF MEDICAL INFORMATION SYSTEMS This significantly complicates the transfer of such data IN UKRAINE between healthcare facilities. Consider a case when a patient Electronic medicine is a development synthesis of medical needs to show their disease history to a doctor of another and information technologies. This trend consists of many medical establishment. To do this, the patient has to make a areas: from the creation of open digital registries of patients disease history request and wait for it to be processed. It can to their remote treatment. take a long time, and in some situations, even a few hours can The following are major factors in the field of electronic significantly affect the person's health or even life. medicine development: ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 171 ∙ introduction of automated informational sectoral systems, regulation of new identities can be encoded in the contract, which, in particular, will enable the transition to electronic ensuring that only certified institutions can add new processing of medical documentation; information to the blockchain. In turn, new information about ∙ development of telemedicine; the patient (for example, about new relationships) is added ∙ improvement of the national health monitoring system; only with the approval of this patient. Each identification ∙ creation and implementation of new computer technologies string is located at its blockchain address, where it is referred of disease prevention, diagnostics, medical process support; to by the final contract. ∙ creation of publicly available electronic medical resources; A contract on relationship between the patient and the ∙ development of self-diagnostic methods and the provider is concluded between the two nodes of the system, construction of a personal health paradigm by e-medicine where one node stores and manages medical records for methods. another. Although we consider the case of a patient getting Information technology today can make medicine more medical care at the healthcare institution, this concept applies affordable and effective. Many electronic systems exist on to any pairwise interaction with data support. The patient- the Ukrainian market: Helsi, MIS EMSIMED, Doctor Eleks, provider relationship defines the range of data indexes and MEDSTAR, MEDICS, Queue-Free Clinic etc [5]. associated access permissions that identify the records stored All of the above systems are good solutions that are by the care provider. Each index consists of a query string, already implemented and work successfully in health care which, when executed in the supplier database, returns a facilities. However, lack of properly established connection subset of the patient data. The request string/line is embedded between them appears to be their main disadvantage. Each in the hash of this data subset to ensure that the data has not health care facility has its own system, so when a patient is been changed in the source. Additional information shows treated in two or more different medical facilities, that where one can get access to the provider's database in the person's analyses, examinations, and histories of illness are network, for example, the host name and port in the standard scattered across different medical systems. The patient does network topology. Data requests and related information are not have a single safe place, protected from hackers, to store developed by the care provider and modified when new their medical data, consolidated from different sources. records are added. To allow patients to share records with Therefore, having analyzed the Ukrainian medical systems other users, the dictionary implementation (hash table) market, we found the need for a software system that could displays the addresses of users of the list of additional request consolidate medical data from various electronic medical lines. Each line may indicate the portion of the patient's data systems in Ukraine and meet requirements such as reliability, to which the third-party user has access permission. security, and intuitive interface. A prototype created demonstrates this design with SQL data queries. In a simple situation, the supplier refers to the IV. ARCHITECTURE OF SOFTWARE SYSTEM patient's data by a simple SELECT request, based on the A software system for consolidating medical data is based patient's address. Patients can use a tool that allows them to on Ethereum [6], a platform for creating decentralized online check the fields they want to share through the developed blockchain services based on intelligent contracts [7]. graphical interface. The system formulates the corresponding Intelligent contracts are scripts that simplify, verify, ensure SQL queries and downloads them to the patient-provider negotiations, execution of a contract, or check unwanted relationship contract in a particular block. It's worth noting clauses of the agreement. Intelligent contracts, as a rule, also that, using common lines, the system can closely interact have a user interface and often follow the logic of contractual with any database implementation. Consequently, the provisions. Thus, intelligent contracts allow for more prototype can be conveniently integrated with the existing complex blockchain transactions. Ethereum consists of a infrastructure for data storage of the provider. At the same system of nodes (personal computers, clusters, virtual time, patients engage their micro level control of access to machines) in a decentralized network. Smart contracts are not their medical records, thus choosing any part they want to a substitute for contracts in the traditional sense, but act as share. agreements on the implementation of certain actions or code. The final contract is comparable to the bread crumble trail, In this case, these contracts can be used to encode a set of where each participant can find a summary of their indexes to medical data placements. relationship with any other participant. The final contract Lets consider the structure of smart contracts. The encodes the list of links to contracts on relations between proposed system does not store electronic medical cards patients and suppliers, providing for both current and directly on Ethereum, but instead uses a relational set of previous interactions with other nodes of the system. Each smart contracts to encode indexes that can be used to locate relationship also stores the "status" variable indicating when and authenticate to the medical cards storage point. The the relationship was established and whether it was approved system identifies three main types of contracts owned by by the patient. Acceptance, rejection or removal of the patients, suppliers and other consumers. Namely: relationship is controlled by the patient, giving full control ∙ Registration contract; over all the records in their history that they want to ∙ Patient-provider contract; acknowledge. This function of the system is the key to ∙ Final contract. satisfying its convenience criterion: an index to fragmented The registration contract reflects the accordance of the records is made in a single dedicated location. participants' identifiers (patients, providers) with the It is shown in Fig. 1 the possible connections between Ethereum address (equivalent to the public key). The different contracts and between customers and suppliers. It is ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 172 worth noting that the variable of the status of a particular blockchain, there is a strong need to consider retrieving nodes contract may have different values depending on the permissions that handle these sensitive metadata. One of the solutions is that it permits. Contracts are also used only for indexes: database to require full permission from all the retrievers, and to requests that return records are processed off-line. require medical researchers working at retrieving centers only to provide secure systems. The proposed solution to the problem of confidentiality is to use a system of "delegated contracts", where each provider creates separate Ethereum identifiers for each new relationship between patient providers. This means that instead of a single provider's address, from which the relations with particular patients can be easily obtained, the provider's identifier is distributed throughout the network. However, in order for the relationship to be safely established, the provider should not be able to add a new block containing this new address (since it would be easy to track each of these delegate addresses to the original). Therefore, when creating a new delegate account, the provider performs an arbitrary transaction with another verified provider by giving them details of the new delegate account that they can add as confirmed account information to the blockchain. Security. The decentralized nature of the block-based systems gives the system the advantage of reliability both in authorization data support (stored in each node of the network) and in the repositories themselves (stored both by the patient and the corresponding provider node). With many organizations involved in the system, consensus mechanisms are also present to avoid separate points of failure. Since medical data and a global authorization log are distributed, Fig. 1. Structure of patient-provider contract there is no central goal for attacks or failures, and the network is intervention safe (since the modified node will conflict with Lets consider data processing in the system. A patient other, unchanged nodes, thus making consensus impossible). requests access to certain medical records by sending a This system does not attempt to resolve security problems request to the data provider that is part of the infrastructure at the provider's database level (which must be duly managed outside the network of the system being developed. The data by an IT service administrator), nor does it solve the security provider implements the interface of access to the local of the endpoint (a patient's compromised computer may database of the patient node, which is governed by the rights potentially allow data theft). that are stored in a flowchart. It runs a server that listens to Scalability is a constant concern in the Ethereum requests that are cryptographically signed by the issuer from community and has not yet been resolved. One of the key clients in the network. The cryptographic signature allows the issues is that any event stored at any time in a flowchart will gatekeeper to confirm the identity, and then checks blocking appear in each subsequent block. Although this is also a contracts to check if the requesting address is allowed to feature of Bitcoin blockchain, since Ethereum provides both access the request. If the address is valid, it executes the data storage and more complex operations, the effects of this request in the local database of the node and returns the result growth are a big issue. to the client. To integrate with the existing infrastructure of the It is assumed that many nodes of providers, especially electronic healthcare management system and records, it is those associated with service providers, already store data on necessary to design components of system nodes. Assume networked servers with a high degree of security. The system that many nodes and service providers in particular, are also defines a modular protocol of interoperability that can already trustingly managing databases with patient data interact with any application and user interface. Patient nodes stored on servers with network connections. The proposed also contain a local database, albeit more "light", which system consists of four software components: a server unit functions as a cache of patient data. The patient's node is a library, an Ethereum client, a database gatekeeper and a "light" node that can be executed on a PC or mobile phone. medical records manager. They can be executed on servers, Blockchain technologies introduce a number of being united to create a consistent, distributed system. A confidentiality restrictions, some of which are alleviated by prototype for implementing these components, which are the use of the permitted read access structure and a private integrated with the SQLite database and managed through a flowchart. The key issue is that even without a direct designed web-based user interface, is also offered. It should disclosure of the patient's name, the conclusion about who the be noted that any implementation of the firewall and the user particular patient is, can be made based on the metadata of interface can participate in the system, using the module one Ehereum address with several others. Even with a private interaction protocol, defined through block diagrams. ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 173 Patient nodes in the proposed system contain the same which allows the gatekeeper to confirm its identity. Upon basic components as suppliers. Their implementation can be confirmation of the issuer's signature, the gatekeeper checks done on a local computer or mobile phone. Their local the contracts to determine whether access to the request is database can be one of many light database implementations. allowed on the requesting address. If the address is available, Databases can function simply as a cache of patient medical it executes the request in the local database of the node and data. Missing data can be obtained online at any time, returns the result to the client. following the final agreement of the center. It should be noted that the created components in the same It is proposed to create server part library containing way support the receipt of patient data by third-party: the several utilities to facilitate the operation of the system. The patient chooses the data to be sent and updates the library represents a connection to the blockchain and exports corresponding patient-provider interaction contract with a the API function. Management recording programs and their third-party address and request line. If necessary, the patient's user interfaces, thus, can avoid interference with their direct node may allow a third-party address using a registration work with the blockchain. One such obstacle is checking that contract. Then, the patient node connects an existing patient- each transaction sent is accepted with high trust from the provider contract with a third-party modifying provider. The network. The developed library automatically processes the third party is automatically notified of new permissions and indeterminacy when the transactions are retrieved and can follow the link to find all the information needed. The examines the cases when they are rejected. The backend gatekeeper of the provider's database will allow access to library interacts with the Ethereum client to implement low- such a request, confirming that it was issued by the patient in level formatting and analysis of the Ethereum protocol. a patient-provider shared user contract. By using the blockchain registration contract, the patient's The medical data management system combines all of the identifier first turns into the corresponding Ethereum address software components mentioned above and the user interface. and the corresponding final contract is located. Then the The program provides data from local SQLite databases provider downloads a new patient-provider relationship (intended for interchange with other database software) to flowchart, indicating how they control the data belonging to view and provides updates to users, as well as sharing and the patient's Ethereum address. Then the provider's node receiving data. The created user interface offers an intuitive, creates a request for a link to this data and accordingly clear and informative design. The developed software system updates the patient-provider contract. Finally, the node sends is conveniently accessible through a web interface built using a transaction that connects a new patient-provider contract JavaScript and AngularJS framework. Its compatibility with with a patient's final contract, allowing the patient's nodes to mobile devices is of particular note, since modern users later find it in a specific block. expect easy and high-quality access from anywhere. Ethereum client implements the full functionality required "Retrievers/(miners)" are encouraged to participate in the for joining and participating in the Ethereum network. The network and provide their computational resources to achieve client processes a wide range of tasks, such as: peer-to-peer a credible and gradual chain promotion. A model is proposed network connection, encoding and sending transactions, and that embraces the medical community in the area of network maintaining a verified local copy of the block template. The management - the system developed involves health client has to be changed so that it enables the mapping of researchers and health stakeholders in their network. In turn, identity and addresses. Then the service is implement to find providers and patients give access to aggregated, anonymous the final contract of the node, by means of a register address medical data as a reward for retrieving/(mining). This idea is search of the contract with the recorder. This service is investigated in the developed prototype by introducing a constantly working within the client for monitoring real-time special function in the patient-provider relationship contract. changes to the final contract. In the case of an update, the This requires providers to attach a request to any transaction service signals that the medical data manager issues a user's they send by updating the patient-provider contract. message and, if necessary, synchronizes the local database. For example, this remuneration request can be arranged to Modified Ethereum client constantly monitors its final return the average iron levels in the blood test done by the contract. When a new block is retrieved from a newly- provider to all patients in the previous week. When the block contracted patient-provider, the client makes a signal that containing the record-update operation is retrieved, the results in a user's message. Then the user can confirm or refuse retrieving function automatically adds the block retriever as to communicate with the provider, accordingly updating the the request owner. The retriever can then collect it by simply General Contract. If the message is accepted, then the sending a request for this reward to the provider's database implementation of the prototype automatically issues a request gatekeeper. Since the unit is signed by the provider as part of for new medical data. The client uses the information in a new the transaction, the remuneration request is safe from harmful patient-provider contract to locate the provider on the network changes. This "remuneration request" or retrieving/mining and connect to its server's database gatekeeper. reward allows medical researchers to access data on medical The database gatekeeper implements an off-network access treatment and health care outcomes at the community level. It interface for the local node database, which is managed by is anticipated that future upgrades of the retrieving/mining the rights stored in blockchain. Gatekeeper launches a server model, where retrievers/miners can indicate the benefits for that listens to requests from customers in the network. The demographic groups and the peculiarities of the data which request contains a request line/string, as well as a reference to they seek, in order to provide accurate medicine and targeted the patient-provider contract, which requires permissions to research (while maintaining the confidentiality of patients). run it. Request is cryptographically signed by the issuer, ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic 174 V. SOFTWARE SYSTEM IMPLEMENTATION To implement the server part, the C# programming language and the .NET Framework were used together with connection of Ethereum platform modules. To implement the web client, it is used JavaScript programming language and AngularJS framework. The web site interface is adapted to mobile devices. To begin, the user logs in to the system by sending photos of identification code and the first pages of the passport for verification. After verifying the data, the user creates a password, where the identification number acts as the password (Fig. 2). By logging in with the ID number and password, the user is directed to the home page of the website (Fig. 3). Fig. 2. New patient registration page Here the history of all user's medical records, consolidated from various medical institutions, is presented. Fig. 3. Patient home page When a medical institution wants to make a new record in Medical Data Sharing among Cloud Service Providers via history, notification is sent to the user, who can view the changes. Blockchain” IEEE, 22 July 2017, pp. 14757-14767. [2] Roehrs, A., da Costa, C.A. Author, da Rosa Righi, R. VI. CONCLUSION “OmniPHR: A distributed architecture model to integrate The prototype of a safe compatible system of medical data personal health records”, Journal of Biomedical management based on Blockchain technology, which Informatics, July 2017, pp. 70-81. aggregates patient medical data from different providers, [3]. Zyskind, Guy, and Oz Nathan. “Decentralizing privacy: medical institutions' information systems, is developed. The Using blockchain to protect personal data”, Security and system solves problems such as fragmented and slow access Privacy Workshops (SPW), 2015, IEEE, pp. 180-184. to patient medical data, incompatibility of medical [4] Nakamoto, Satoshi. "Bitcoin: A peer-to-peer electronic information systems and improves the quality and quantity of cash system", 2008. data for medical research. Using intelligent Ethereum [5]. Kachmar V.O., “Medical Information systems – the state contracts to organize a content access system on separate of development in Ukraine”, Ukrainian journal of sites for storage and provision of services, the authentication telemedicine and medical telematics, 2010, Vol.8, №1, log determines access to medical records by providing p.12-17. patients with a comprehensive overview and data exchange. [6]. Wood, Gavin. "Ethereum: A secure decentralised An innovative approach to integration with existing provider generalised transaction ledger", Ethereum Project Yellow systems is demonstrated, identifying the priority of the open Paper, 2014. APIs and the transparency of the network structure. [7]. Croman, Kyle, Christian Decker, Ittay Eyal, Adem Efe Gencer, Ari Juels, Ahmed Kosba, Andrew Miller, Prateek REFERENCES Saxena, Elaine Shi, and Emin Gün. "On scaling [1] Xia, Q.a, Sifah, E.B.b, Asamoah, K.O.b, Gao, J.c, Du, decentralized blockchains", Financial Cryptography and X.d, Guizani, M.e. Article “MeDShare: Trust-Less Data Security. FC 2016, pp. 106-125, 2016. ACIT 2018, June 1-3, 2018, Ceske Budejovice, Czech Republic