IEEE Access (Jan 2020)

A Consent Model for Blockchain-Based Health Data Sharing Platforms

  • Vikas Jaiman,
  • Visara Urovi

DOI
https://doi.org/10.1109/ACCESS.2020.3014565
Journal volume & issue
Vol. 8
pp. 143734 – 143745

Abstract

Read online

In modern healthcare systems, the ability to share electronic health records is crucial for providing quality care and for enabling a larger spectrum of health services. Health data sharing is dependent on obtaining individual consent which, in turn, is hindered by a lack of resources. To this extent, blockchain-based platforms facilitate data sharing by creating a trusted distributed network of users. These users are enabled to share their data without depending on the time and resources of specific actors (such as the health services). In blockchain-based platforms, data governance mechanisms become very important due to the need to specify and monitor data sharing and data use conditions. In this article, we present a blockchain-based data-sharing consent model for access control over individual health data. We use smart contracts to dynamically represent the individual’s consent over health data and to enable data requesters to search and access those data. The dynamic consent model extends to two ontologies: the Data Use Ontology (DUO) which models the individual consent of users and the Automatable Discovery and Access Matrix (ADA-M), which describes queries from data requesters. We deploy the model on Ethereum blockchain and evaluate different data sharing scenarios. The contribution of this article consists of the creation of an individual consent model for health data sharing platforms. Such a model guarantees that individual consent is respected and that all the participants in the data sharing platform are accountable. The evaluation of our solution indicates that such a data sharing model provides a flexible decision-making approach over data usage by data requesters. Our experimental evaluation shows that the proposed model is efficient and adapts to personalized access control policies in different data-sharing scenarios.

Keywords