Implementation of a Biometric-Based Blockchain System for Preserving Privacy, Security, and Access Control in Healthcare Records

The use of Electronic Health Record (EHR) systems has emerged with the continuous advancement of the Internet of Things (IoT) and smart devices. This is driven by the various advantages for both patients and healthcare providers, including timely and distant alerts, continuous control, and reduced cost, to name a few. However, while providing these advantages, various challenges involving heterogeneity, scalability, and network complexity are still open. Patient security, data privacy, and trust are also among the main challenges that need more research effort. To this end, this paper presents an implementation of a biometric-based blockchain EHR system (BBEHR), a prototype that uniquely identifies patients, enables them to control access to their EHRs, and ensures recoverable access to their EHRs. This approach overcomes the dependency on the private/public key approach used by most blockchain technologies to identify patients, which becomes more crucial in situations where a loss of the private key permanently hinders the ability to access patients’ EHRs. Our solution covers component selection, high-level implementation, and integration of subsystems, was well as the coding of a prototype to validate the mitigation of the risk of permanent loss of access to EHRs by using patients’ fingerprints. A performance analysis of BBEHR showed our system’s robustness and effectiveness in identifying patients and ensuring access control for their EHRs by using blockchain smart contracts with no additional overhead.