Increasing amounts of health data are recorded in health registries, with the strategic initiatives of data sharing and fusion across different registries in Norway. This forms an excellent opportunity for world-class medical research as few countries have such a high-quality infrastructure. However, it also constitutes a very high privacy risk should a security breach occur.
Publicized incidents of leaked medical records pose a significant challenge for the digital trust in eHealth were storing, accessing, and exchanging sensitive patient-related data must comply with several regulations, while remaining accessible to authorized health practitioners. Governmental legislation regarding data privacy, such as the EU's GDPR, present an additional source of concern for healthcare registries which are now faced with severe legal and financial consequences in case data confidentiality is breached.
Our principal approach is to facilitate solutions for health registries by using Smart Contracts and the emerging Blockchain Paradigm. From the data safety, authenticity, and nonrepudiation standpoint, blockchain is a perfect fit for sharing medical records since it provides an easily accessible, immutable, and transparent history of all contract-related data, adequate for building applications with trust and accountability. Use of smart contracts brings several additional advantages for sharing medical data by healthcare registries: consent management, fine-grain privacy control, transparency, and reduced bureaucracy and expenses.