TY - JOUR
T1 - Designing a Private and Secure Personal Health Records Access Management System
T2 - A Solution Based on IOTA Distributed Ledger Technology
AU - Akbulut, Serkan
AU - Semantha, Farida Habib
AU - Azam, Sami
AU - Pilares, Iris Cathrina Abacan
AU - Jonkman, Mirjam
AU - Yeo, Kheng Cher
AU - Shanmugam, Bharanidharan
N1 - Funding Information:
The authors acknowledge the support of the Faculty of Science and Engineering and Energy Resources Institute, Charles Darwin University.
Publisher Copyright:
© 2023 by the authors.
PY - 2023/6
Y1 - 2023/6
N2 - The privacy and security of patients’ health records have been an ongoing issue, and researchers are in a race against technology to design a system that can help stop the compromising of patient data. Many researchers have proposed solutions; however, most solutions have not incorporated potential parameters that can ensure private and secure personal health records management, which is the focus of this study. To design and develop a solution, this research thoroughly investigated existing solutions and identified potential key contexts. These include IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocols, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control, which are analysed and integrated to secure patient medical records, and Internet of Things (IoT) medical devices, to develop a patient-based access management system that gives patients full control of their health records. This research developed four prototype applications to demonstrate the proposed solution: the web appointment application, the patient application, the doctor application, and the remote medical IoT device application. The results indicate that the proposed framework can improve healthcare services by providing immutable, secure, scalable, trusted, self-managed, and traceable patient health records while giving patients full control of their own medical records.
AB - The privacy and security of patients’ health records have been an ongoing issue, and researchers are in a race against technology to design a system that can help stop the compromising of patient data. Many researchers have proposed solutions; however, most solutions have not incorporated potential parameters that can ensure private and secure personal health records management, which is the focus of this study. To design and develop a solution, this research thoroughly investigated existing solutions and identified potential key contexts. These include IOTA Tangle, Distributed Ledger Technology (DLT), IPFS protocols, Application Programming Interface (API), Proxy Re-encryption (PRE), and access control, which are analysed and integrated to secure patient medical records, and Internet of Things (IoT) medical devices, to develop a patient-based access management system that gives patients full control of their health records. This research developed four prototype applications to demonstrate the proposed solution: the web appointment application, the patient application, the doctor application, and the remote medical IoT device application. The results indicate that the proposed framework can improve healthcare services by providing immutable, secure, scalable, trusted, self-managed, and traceable patient health records while giving patients full control of their own medical records.
KW - access management
KW - encryption
KW - healthcare
KW - IoT medical device
KW - IOTA
KW - IPFS
KW - medical record
KW - patient health record
KW - privacy
KW - security
UR - http://www.scopus.com/inward/record.url?scp=85161488748&partnerID=8YFLogxK
U2 - 10.3390/s23115174
DO - 10.3390/s23115174
M3 - Article
AN - SCOPUS:85161488748
SN - 1424-8220
VL - 23
SP - 1
EP - 35
JO - Sensors
JF - Sensors
IS - 11
M1 - 5174
ER -