ArticlePDF Available

Abstract and Figures

Sensitivity of the health-related data and the focus on compliance and security has traditionally emphasized the need for centralized approach while implementing Electronic Health Records (EHR) systems. These one-institutional architectural designs are leading to fragmented and scattered pieces of valuable data across various data warehouses and silos. Interoperability challenges arise due to the absence of unified data management and exchange mechanisms making the social need for fundamental design changes bigger. The capability of a distributed ledger technology and blockchain to offer immutable, decentralized and cryptographically secured record of transactions throughout a peer-to-peer network can facilitate better collaboration and increased interoperability in the field of health and insurance information exchange processes. The paper examines different approaches and application of blockchain technology and identifies which implementations of components are more suitable and beneficial for the specific eco-system analyzed in the paper. This paper presents alternative way of dealing with information exchange across multiple stakeholders by justifying the use of decentralized approach, distributed access and solution how to comprehensively track and assemble health related data. We propose an architectural design and overview of a specific use case with focus on information exchange processes between health insurance providers and health care organizations, by using blockchain as an underlying technology. The architectural overview and data flows, backed up by sequence diagrams from specific use cases offered in this paper, can serve as a guide to the blockchain technology adoption and initial setup.
Content may be subject to copyright.
Computer Science and Information Systems 00(0):0000–0000
Real Time Availability And Consistency Of1
Health-Related Information Across Multiple2
Stakeholders: A Blockchain Based Approach3
Zlate Dodevski1, Sonja Filiposka2, Anastas Mishev2, and Vladimir Trajkovik2
1iBorn, Skopje, Republic of North Macedonia5
2Faculty of Computer Science and Engineering, Ss. Cyril and Methodious University, Skopje,7
Republic of North Macedonia anastas.mishev@finki.ukim.mk8
Abstract. Sensitivity of the health-related data and the focus on compliance and10
security has traditionally emphasized the need for centralized approach while im-11
plementing Electronic Health Records (EHR) systems. These one-institutional ar-12
chitectural designs are leading to fragmented and scattered pieces of valuable data13
across various data warehouses and silos. Interoperability challenges arise due to the14
absence of unified data management and exchange mechanisms making the social15
need for fundamental design changes bigger.16
The capability of a distributed ledger technology and blockchain to offer immutable,17
decentralized and cryptographically secured record of transactions throughout a18
peer-to-peer network can facilitate better collaboration and increased interoperabil-19
ity in the field of health and insurance information exchange processes. The paper20
examines different approaches and application of blockchain technology and iden-21
tifies which implementations of components are more suitable and beneficial for the22
specific eco-system analyzed in the paper.23
This paper presents alternative way of dealing with information exchange across24
multiple stakeholders by justifying the use of decentralized approach, distributed25
access and solution how to comprehensively track and assemble health related data.26
We propose an architectural design and overview of a specific use case with focus27
on information exchange processes between health insurance providers and health28
care organizations, by using blockchain as an underlying technology.29
The architectural overview and data flows, backed up by sequence diagrams from30
specific use cases offered in this paper, can serve as a guide to the blockchain tech-31
nology adoption and initial setup.32
Keywords: blockchain, health-related data, health information exchange, health in-33
surance, decentralization34
1. Introduction35
The process of improving the efficiency and quality of the health information exchange36
is a hot topic in the last period in the field of health informatics. HIE (Health Information37
Exchange) represents electronic transfer of clinical and / or administrative information38
between different (mostly competitive) healthcare organizations [2]. When talking about39
2 Zlate Dodevski et al.
the actors in this ecosystem, they can be of different size and form, including clinical cen-1
ters, hospitals, laboratories, insurance companies, pharmacies, emergency centers, nurs-2
ing homes, public health centers, etc. The data exchanged can differ and can be part of3
a wide range, from a summary of medical examinations, referrals, to laboratory results,4
and even medical history of specific patient. However, the data that is subject to transfer5
can be structured in different formats and different terminologies can be used, making the6
interfaces and integration layers which are part of the HIE process more complex and with7
high cost. Additionally, the data that is subject to a transfer is scattered across the storages8
of the organizations that are involved in the process, which often leads to inconsistent data9
handling processes and erroneous and incomplete medical history records.10
Technologists and participants in the e-health industry in the recent period are see-11
ing the blockchain technology as innovation in the attempt to improve the data sharing12
processes. They are seeing opportunity of using the blockchain infrastructure to create a13
powerful catalog of health records that references different data sources and connect the14
patients, healthcare providers, laboratories, researchers, health insurance organizations15
and many other participants in the eco-system [24].16
One of the main goals of this research is to emphasize the need for improving the17
HIE process and investigate the benefits that HIE systems will have with adopting the18
blockchain technology.19
Blockchain in its essence is a distributed system that stores records for specific trans-20
actions. It is a distributed ledger of peer-to-peer transactions, which are grouped in blocks21
that are connected between themselves. Well-defined cryptographic techniques are funda-22
mental pieces which enable this technology and their efficiency is proven by the first appli-23
cation of blockchain technology in Bitcoin cryptocurrency system presented by Sathoshi24
Nakamoto [27]. They are the core principles that enable decentralized interactions (pro-25
cesses of storing, exchanging and accessing data) between each participant in the network,26
bypassing the need for intermediaries and regulatory bodies to acquire trust. In this dis-27
tributed system, there is no need for central authority, instead of that we have records of28
transactions which are stored and shared between the involved participants in the network.29
This characteristic is a foundation for offering innovative solutions in different business30
use cases [26]. In the first application of blockchain technology, the Bitcoin cryptocur-31
rency system, every participant must be familiar with every interaction in the network and32
every transaction needs to be verified by all participants to be successful and valid. The33
verification of the interactions and the distributed state of the network are the principles34
that enable the collaboration in system in absence of trust between members, while the35
global log of transactions is immutable. Other approaches that rely on distributed ledger36
technology and blockchain were introduced in the last period, all of them trying to solve37
the challenge of achieving consensus in a decentralized environment. At the same time,38
Blockchain is an emerging technology with unanticipated challenges and the promise of39
unrealized potential in healthcare [29].40
During recent years, blockchain becomes emerging technology offering alternative41
ways of solving challenges in numerous fields, such as the finance, supply chain man-42
agement, law and many more [32]. There is a trend towards patient-driven interoper-43
ability, in which health data exchange is patient-mediated and patient-driven [16]. Many44
research works are focusing on exploiting the possibility of decentralization offered by45
the blockchain as technology in real-life use cases [17].46
Real Time Availability ... A Blockchain Based Approach 3
When it comes to the healthcare and the health-related data, blockchain can help to1
simplify the way how the parties involved in the health care industry exchange the data2
and collaborate between themselves. Many research papers and practical application were3
introduced, with blockchain as foundation technology. All of them are trying to over-4
come the data sharing challenges and the friction caused by highly sensitive data scat-5
tered across different centralized infrastructures [17]. Smart contracts, as an intelligent6
protocol in the blockchain technology, can be exploited to automatically achieve system7
confidentiality, integrity, and authenticity [36]8
The researchers at the MIT Media Lab have introduced MedRec as prototype system9
to exploit the benefits of blockchain in the healthcare. The content-management prototype10
has improved permission mechanism for tracking which organization is able to see which11
medical records and, in that way, simplify the health information exchange. MedRec uti-12
lize the blockchain infrastructure to create an immutable chain of content, supported by13
decentralized network. They also included the concept called smart contract to execute14
business logic on the distributed layer and to program the representation that connects15
patients and providers [12].16
Iryo Network are trying to consolidate the electronic health records and enrich the17
patient experience with unified health record system. They are moving towards standard-18
izing health-data and supporting the AI & Big Data research performed on the collected19
health-related data [28].20
A mobile healthcare system for personal health data collection, sharing and collabora-21
tion between individuals and healthcare providers, as well as insurance companies is pre-22
sented in [21]. The presented system enables user to share data with healthcare providers23
to seek healthcare services, and with insurance companies to get a quote for the insurance24
policy and to be insured.25
These systems reveal the possibility for practical implementation of decentralization26
in the field of electronic health records systems and they are justifying the decision to27
incorporate distributed layer and blockchain technology.28
From technical point of view, the systems are built in different ways exploiting the29
technologies that the creators considered to be beneficial for their use cases.30
Still, there is a practical need for general analysis of the components of the blockchain31
technology and the approach for adopting the technology by the participants in the eco-32
system. In this paper, we try to explain the technical decisions that need to be considered33
when this approach is incorporated, by disseminating the components and analyzing their34
effect. Blockchain solutions must also be adaptive to opportunities and barriers unique to35
different national health and innovation policy, and regulatory systems [22]. It is crucial36
to study how blockchain technology can support and challenge the healthcare domain for37
all interrelated actors (patients, physicians, insurance companies, regulators) and involved38
assets [19].39
The paper proposes an architectural overview of decentralized information exchange40
system. The focus is put on the information exchange between the healthcare providers41
and health insurance organization. We analyze different approaches in order to offer42
health-related data integrity and confidentiality, authentication and permission control43
mechanism, flexible access control of data by different stakeholders and enriched con-44
sent mechanisms. The approach that we present in this paper leads to automatization45
of different processes in health insurance organizations, related to using and accessing46
4 Zlate Dodevski et al.
health-related data. With the introduction of smart contracts, many of those processes can1
be regulated and put in place without a human interaction, which can significantly reduce2
the cost, time and friction.3
The paper presents a strategy to address the benefits coming from the distributed layer4
and blockchain technology and shows how this approach will improve the HIE processes,5
with focus of sharing health and insurance data between healthcare and insurance organi-6
The paper is organized in several sections. In section 2 we introduce specific health8
information exchange ecosystem and the challenges that it has, where we are express-9
ing the need for overcoming specific challenges, such as the need for unified medical10
history records system and better cooperation between stakeholders. In the section 3 we11
introduce blockchain as a technology and explain how blockchain can help to overcome12
challenges present in health information exchange ecosystem. In order to analyze dif-13
ferent approaches of distributed ledger and blockchain technology and discuss which14
are more beneficial for our eco-system, in section 4 we present the components of the15
blockchain approach. In the section 5 we focus on the decision to use Hyperledger Fab-16
ric as a specific blockchain platform and in the section 6, we describe the architecture17
of the blockchain-based approach. This paper should be used as a guide for adopting the18
blockchain technology, so in section 7 we present the first steps and initial setup that need19
to be performed by the stakeholders in the eco-system and what they need to perform in20
order the approach to be useful and beneficial for them. Use case analysis of the approach21
is offered in the section 8, and section 9 and 10 are dealing with the challenges of the22
blockchain approach.23
The wider ecosystem based on the interchange of health-related data is spreading into25
multiple sectors that need constant gathering and exchange of data to successfully cope26
with different problems that arise due to uninformed decisions or fraud attempts [15]. The27
stakeholders participating in the system include all parties related to creating, storing, or28
using any health-related data. On the highest level these actors are divided into:29
Service requester and service user, the ultimate beneficiary of the provided ser-31
Personal health information provider, including information from wearable de-33
vices such as fitness trackers.34
Healthcare organizations35
Primary, secondary, tertiary healthcare institutions;36
Auxiliary health institutions such as laboratories;37
Emergency healthcare;38
Medication suppliers39
Health Insurance Organizations41
Social health plan;42
Work related insurance plan;43
Real Time Availability ... A Blockchain Based Approach 5
Life insurance plan;1
Travel insurance plan.2
The process of exchanging health information refers to the secure electronic trans-3
portation of clinical health information in form which is understandable and usable to4
both the sender and the receiver. If we try to structure and categorize the transactions,5
we will ?nd up with two transaction types. The first one is sending information to some6
registry or other system, and the other one is requesting for and receiving data from other7
providers and data holders. The goal of the processes can be also divided into two cate-8
gories, enriching and expanding the patient?s health record and exchanging information9
between well known healthcare related entities with established business collaboration.10
The table offers a short overview of the different transactions and processes that one can11
find in the exchange of health information.12
Goal Outbound trans-
Inbound transac-
Inbound transac-
and con-
The goal of this
process is to locate
scattered patients
records, enrich the
medical record,
aggregate with
existing records
in the institution
and keep them for
longer use.
Providers of health-
care, (primary
care providers)
can broadcast a
summary of exam-
ination to relevant
EHR systems.(if
Retrieving a sum-
mary of a patient’s
current conditions
from another care
Retrieving medica-
tion history of pa-
Retrieving in-
formation from
other EHR systems
or countrywide
Transfer of care
from one primary
to another primary
healthcare provider.
These processes are
initiated by the in-
stitution and they
are intended to ask
for or order some
activity or service
from another insti-
tution. If there is an
already established
EHR system, the
institution can ex-
pand the patient?s
record with the data
of inbound transac-
Sending referrals to
Ordering tests to
the laboratory.
Sending prescrip-
tions to medical
Retrieving reports
from secondary or
tertiary healthcare
Retrieving labora-
tory test results.
Retrieving reports
of used medical
Patient is referred
from a primary care
provider to see a
Table 1. Comparison of blockchain categories.
6 Zlate Dodevski et al.
To be able to use any health service, the individual needs to have the appropriate type1
of health insurance plan. Multiple health insurance plans can be issued for the individual2
by different health insurance providers, covering different spectrum of health services.3
Each health insurance plan is defined using a health insurance policy that defines the terms4
and conditions including the types of health services covered, the cap expenses covered,5
and the right to any damage premiums. These health insurance policies may overlap in6
some areas, in which case the claim should be covered by multiple policies simultane-7
ously. For an example, if the individual was injured during working, the insurance claims8
activated should be social health, work and life insurance. On the other hand, if the health9
issue happened while traveling, the medical expenses should be covered by the travel10
and life insurance plans. The available health insurance plans define the health services11
that can be received from the health service providers. Based on the treatment defined12
by the health service providers, the individual may need additional services offered from13
other medication suppliers, such as pharmacies that work with or without prescriptions14
depending on the medication necessary.15
The actual type of medication that can be acquired is not only dependent on the issued16
therapy, but also on the active health policy, since some drugs may be covered while others17
are not covered by the insurance. On the other hand, the health policies are defined based18
on the overall health history of the individual including all services obtained from the19
health service providers and medication suppliers, but also individual health data recorded20
by personal devices such as diet and fitness trackers, blood sugar level and heart-rate21
Since the ecosystem spans over several different institutions that are relatively sparsely23
interconnected both horizontally and vertically, the exchange of trusted data becomes an24
issue of high importance.25
Normally the individual is tasked with the complete process of information transfer26
from one institution to the other, usually in the form of printed documentation that is is-27
sued by one institution per request and provided in another to obtain the service. This28
process is not only error prone and tedious for execution, it is also subject to several dif-29
ferent fraudulent activities such as false insurance claims, intentional hiding of medical30
records or failure to provide the most appropriate treatment due to incomplete informa-31
A system that can support the transparent, yet trustful and confidential, interchange of33
data between the institutions can help overcome a wide variety of issues.34
To discuss the novelties that the blockchain technology brings into our use case and how36
we can substitute the centralized model and architecture of implementation of Electronic37
Health Records (EHR) and Health Information Exchange (HIE) systems we need to fully38
understand the challenges that those systems have.39
The biggest challenge is the complex nature of the health-related data. The reason40
why this type of data is so special is because they are valuable personal information and41
subject to numerous security regulations and authorization policies. The systems which42
are dealing with health-related data must be aware of the consequences of their abuse and43
that strong access and authorization management mechanism must be applied. Basically,44
Real Time Availability ... A Blockchain Based Approach 7
that justifies the reason why systems that electronically manage health related data, are1
trying to overcome the challenge by putting the data in isolated state on physical stor-2
age that is part of the infrastructure of the organization where many security policies and3
authorization control processes are applied [8]. They are following the centralized ap-4
proach with keeping the data secured on one place behind firewalls and strong security.5
Blockchain relies on strong cryptographic techniques and strong security is embedded by6
default when this implementation approach is used. Blockchain can help in establishing7
authentication, authorization and membership services through a decentralized network,8
improving any process that requires permission-control and security mechanisms.9
Interoperability is arising as another problem, since there are many different imple-10
mentations of EHR systems [23]. The process of making systems which are built and11
implemented differently without unified concept in mind to communicate and collaborate12
with each other is a difficult and complex task. The process demands the need to build13
integration layer and put communication protocols in place. Even then, the challenge of14
portability and secure transfer still exists. Distributed peer-to-peer network is the back-15
bone of the blockchain technology. The EHR systems can have their representative peer16
included in the eco-system and in that way, they can easily connect and collaborate with17
the rest of the participants.18
Bringing decentralization as a concept close to HIE and EHR systems can sound con-19
troversial [9], the appearance of the blockchain as a technology can unlock the true value20
of this concept. Friction that exists when data with great sensitivity as health-related data21
is transferred from one place to another, can be significantly reduced and eliminated when22
decentralization is incorporated in the solution. By putting references to health-related23
data on the blockchain infrastructure, all participants in the network are able to access24
and use them with proper permissions and in secure manner. On the other side, the own-25
ers of the health-related data can track the changes and have control of which entities26
should have access to those references by participating in the consensus that proves the27
validity of the transactions.28
The blockchain technology is enabling the use of distributed ledger. The ledger of29
transactions, in our case the references of health-related data to different data storages,30
is not stored on centralized server, instead each of the participants holds a copy of the31
ledger. By owning a synchronized copy of the ledger, the participants in the eco-system32
are involved in the decision-making processes. Only with their consent, valid transaction33
in terms of updating or using the references of health-related data can be stored on the34
ledger. While the control of the centralized databases and storages are task for their own-35
ers, in a distributed network implemented by using blockchain, all the interactions to the36
ledger are synchronized and approved by the participants in the eco-system, eliminating37
the need for authority that will take care of the integrity and validity.38
Blockchain, along with the decentralization concept, brings technological solutions to39
consolidate the context of transfer and easy access of the data. It can connect widespread40
particles of data, stored in the storage infrastructure of some centralized implementation41
and significantly reduce the cost of intermediation. When it comes to our use case, health42
insurance plans and coverage can be improved and automatized and taken to whole an-43
other level. Blockchain can transform the patient records into rich and expanded health44
history by connecting the different data storages. That rich and easily accessible data45
portfolio can be used as reference for insurance organizations.46
8 Zlate Dodevski et al.
Health insurance organizations can secure accurate claim coverage, they can reduce1
the effort of coordination between the parties involved and they can apply business logic2
and policies to reduce the human resource involvement.3
The theoretical definitions of the blockchain, the discussions and research about the po-5
tential and opportunity of this technology and the applications in the other fields, such as6
financial industry, are increasing the awareness of the benefits and the impact. However,7
to justify the decision to use the blockchain technology we need a general basis of under-8
standing how the infrastructure works underneath. We analyze and cover the fundamental9
principles and components behind the technology in order to discuss the impacts they will10
have on the information exchange processes between healthcare providers and insurance11
organizations. In the following part of the paper, we address the key components of the12
blockchain approach, that will serve as a reference and lead us to better understanding of13
the approach to our use case and eco-system.14
4.1. Consensus as a group decision-making process15
When we are dealing with system that has an absence of central authority, particularly16
noteworthy is to discuss about how the involved entities can agree on validity of infor-17
mation and how they can agree on the decision to put that information in the distributed18
ledger and use them as single source of truth. In our case, with the blockchain based19
approach, it is necessary for the participants which are affected by the process of adding20
new information to evaluate and agree about the correctness of the information before that21
information become incorporated and immutable. In other words, there must be some dy-22
namic way of reaching an agreement between the affected participants. They must make a23
decision based on different parameters, that transaction between two peers in the system is24
in the best interest for all participants. That general agreement and group decision-making25
process is defined as a consensus. The process of achieving consensus is important in the26
blockchain approach and will be subject of discussion in different parts of this paper.27
4.2. Categories of blockchain approach28
With the introduction of blockchain as revolutionary technology and its first real imple-29
mentation in face of Bitcoin cryptocurrency system, many prototypes are trying to exploit30
the possibility to gain trust between participants in the system, without the special need31
for them to know each other. Since the blockchain technology offers a way how to over-32
come drawbacks of centralized approach in health-related systems, mentioned previously,33
we must discuss the level of decentralization that is needed [18]. Following the context of34
this research paper and the use case, before we start analyzing how far should we go with35
the decentralization approach, we need to define the categories and types of blockchain36
networks [6].37
The public blockchain as the name implies is shared among anyone in the world and38
its open for everyone to join. They are proud representative of the idealistic way that39
the blockchain brings as concept and in the literature are generally considered as fully40
Real Time Availability ... A Blockchain Based Approach 9
Consortium blockchains are modification of the public blockchain, and the main dif-1
ference is that pre-selected set of nodes/participants are chosen to be carriers of the2
consensus process instead of having every node to participate in the consensus pro-3
cess as in the case of public blockchains;4
The private blockchain is a blockchain where we can find entity which grants and5
stores permission to be part of the network. As opposite of the public blockchains6
these blockchains are only accessible to individuals who has the rights to use it.7
Main Characteristic Main advantage in our use
Main disadvantage in our
use case
Fully decentralized
Permission-less peer-to-peer
Representative of the true
concept of blockchain
Easy access for any partici-
pant to join the community.
Revealing valuable data to the
There is no built-in compo-
nent for managing permis-
sions to manipulate with as-
sets. They should be imple-
mented by programming.
High and unpredictable trans-
action fees
Presence of issuing authority
that grants and stores rights of
using assets
Permissioned ecosystem suit-
able for enterprise use cases
of blockchain.
Restriction on who can par-
ticipate in the network.
Increased performance than
public scope, due to central-
izing the trust authority
The approach moves away
from the decentralized char-
acteristics that blockchain of-
Pre-selected nodes are carri-
ers of consensus process
Different nodes run by differ-
ent stakeholders can be part
of the decision making and
consensus process.
Offer more decentralized
approach than the private
Complex hybrid approach
with highly trusted entity
in the private and power-
consuming consensus in the
public blockchain.
Table 2. Comparison of blockchain categories.
To explain the decision which of these categories of blockchain are more suitable for8
our use case, we will depict the characteristics in Table 2. To summarize, each of the9
categories brings certain advantages and disadvantages when incorporated in the context10
of our use-case, but this paper intention is to pick only the most suitable one. The deci-11
sion should consider several main challenges that affect the health information exchange12
process [11]:13
10 Zlate Dodevski et al.
The performance of the process;1
authorization and permission-to-use the assets due to the nature of the health infor-2
involvement of different peers (but under the umbrella of specific organization) in the4
process of verification and validation5
the subtle closeness of the system due to the need of tightly controlled environment.6
Having these challenges in mind, one blockchain scope that is most promising for ful-7
filling our experiment is the consortium blockchain category. It has increased performance8
when compared to the public blockchains, and tightly controlled permission environment9
which consists of multiple organizational authorities [37].10
4.3. Channels of communication and collaboration11
Channels components are responsible for defining collaboration in terms of transactions12
with privacy and confidentiality and their purpose is to achieve common ground for ma-13
nipulating with assets provided by the participants in the network. Within the channel14
of collaboration, each of the participants has proven belonging to specific organization,15
rights and privileges to act on specific asset. Participants use the collaboration channel for16
updating the ledger and read or modify the assets in accordance to their rights and per-17
missions. In our specific use case, to simplify the access management and authorization18
control, and additionally to establish separation of concerns, there will be two channels19
defined, one for the insurance assets and the other for health-related assets. The partici-20
pants depending on their intention will be using both channels with different flows. The21
participant will still be part of the same eco-system, but the separation of channels will22
reduce the complexity of the data flow and allow us to build business logic tied only to23
specific channel.24
4.4. Ledger25
The ledger is component of the system, which is responsible for recording all transac-26
tions submitted by the participants in the ecosystem. The ledger consists of immutable27
sequenced blocks and each block contains multiple transactions. The ledger has these two28
characteristics in the system that we are analyzing:29
Each participant maintains a copy of the ledger.30
Each channel has only one ledger, which is used to update some asset produced by31
the participants in the network.32
In our approach, to separate the concepts and the data flow, we have two channels of33
communication and collaboration, one for the insurance assets, the other one for health-34
related assets. Therefore, there will be two ledgers for each channel. The health-related35
ledger will be used for assets provided by the individuals (related to diet and valuable36
information from wearable or other sensor devices), health-care organizations and the37
medical suppliers. The insurance ledger will be used from the insurance organizations,38
but it will contain partial health related data and access by healthcare organizations as39
well. In this way, we can increase the performance of the transactions verification, since40
the ledgers will have as much amount of data as needed to satisfy the endorsement policy41
when achieving consensus.42
Real Time Availability ... A Blockchain Based Approach 11
4.5. Participation of peers1
Before we discuss about how participants can join the network and gain better overview2
of which blockchain category (public, private or consortium) should bring more benefits3
to the use case lets first analyze some of the main actors.4
1. Health insurance organizations with different types of personas (multiple types of5
participants coming from same organization with/without the same permissions to6
use the distributed ledger). Different assets can be produced from the insurance or-7
ganization such as, terms and conditions for specific insurance plan, the coverage8
options and duration of insurance plan, etc. The insurance organization will use the9
channel for accessing health-related ledger to query the health condition assets re-10
lated to potential insurer and define the price of the insurance plans. On the other11
side, the healthcare organizations can collaborate with the insurance organizations12
for justifying or initiating claim coverage for their patients.13
2. Healthcare Organizations with different types of personas (multiple types of partici-14
pants coming from same organization with/without the same permissions to use the15
channel). Different assets can be produced from the healthcare organization such as,16
medical history of the patient, referrals, lab results, scanning results, diagnosis, pre-17
scriptions, etc. The healthcare organization will use the distributed ledger to con-18
solidate all health-related data for the patients from different places and to provide19
seamless interoperability with other healthcare providers.20
3. Individuals can benefit from this eco-system in two ways. First as patients. Blockchain21
based approach can bring enriched medical history and can transform the health22
records owned by the healthcare organization with given consent by the patient. In-23
formation can be gathered from multiple places, validated and used to make better24
diagnosis and analysis. Health records can be easily shared and transferred to third25
parties and guarantee the patient decreased friction in providing details to another26
healthcare organization. Another role that they can take is the health insurer. If they27
have active insurance coverage from a health insurance organization that is part of the28
system, the claim coverage can be taken to another level. The individuals can propose29
claim coverage and refunding based on the health-related data and insurance plan and30
if the parties involved agree on the validity, the process is performed automatically.31
4. Medical Suppliers such as pharmacies can use the system to override the paper pre-32
scriptions (that can be easily altered and subject of a fraud) and communicate directly33
with the healthcare organization about the validity of the prescriptions. They can plan34
better, attack the forgery and fraud processes with goal to significantly reduce the cost35
of medical supplies.36
4.6. Permission management37
In the world of electronic health information, health data is not just private secure piece38
of data, but also personal data related to specific patients medical history. Thats the main39
reason why the health-related data need to be protected against unauthorized access or40
corruption. Participants in the HIE process that generate health data can have confidence41
in the infrastructure of the blockchain system because one of the things it brings as a42
revolutionary technology is the automation of the data integrity. In addition, giving the43
12 Zlate Dodevski et al.
possession of personal data should also define the decision-making power of who can ma-1
nipulate with it. The membership management layer is a component which is responsible2
for defining the members of specific domain, organization and channel of collaboration3
and to communicate with other membership providers in order to clarify the ownership4
of the data. They are also responsible for access privileges, roles and permissions in re-5
gards of the context of the network and the channel of collaboration. Specific rights and6
membership allowance are revoked and handled by specific authorities. In our case:7
1. Health Care Institution Authority8
2. Health Insurance Institution Authority9
Each channel of collaboration is a subject to authorization policy which is using the10
identity of the participant in order to establish the rights and privileges based on the mem-11
bership providers. Each of the providers certificate the participant in order to gain appro-12
priate access to the resources.13
When it comes to the scope of the blockchain and how the participants can access14
the ecosystem, accent was put on the need for controlled permission environment and15
restricted accesses. Each of the organization that can produce assets in some way that16
are necessary for the functioning of the blockchain based approach, should provide entity17
or authority that can issue policies for using the assets (in any form, reading, writing or18
changing). When the peer that is participant in the system, has the security policy and19
permission to manage the assets, it automatically becomes endorser in the process of20
verification of validity of specific transaction and carrier of the consensus process. The21
consensus is important due to the fact that it must be reached in order to initiate update22
of the change. In our use case, one individual can bring assets to the network in form of23
health-related documents or personal health information data streams, only if consensus is24
reached with the other stakeholders, such as healthcare institutions representatives, medi-25
cal suppliers, etc. One healthcare institution can see health-related information owned by26
other healthcare institution, only if it has permission to join the system and to read those27
specific assets.28
4.7. Smart Contracts29
The smart contracts are carriers of the business logic of the solution. They run on the peers30
(nodes) in an isolated environment (docker containers) and manage the assets which are31
hosted on the ledger (world state and blockchain part). Smart Contracts are the executors32
of the rules and the policies initially accepted by all the participants in the ecosystem.33
The power of the blockchain solution is in the fact that each of the participants con-34
tains copy of the smart contracts and they can run them on their own ledger and after that35
compare the result with the results of other peers via the collaboration channel, to achieve36
consensus. The outcome of executing the smart contract on the ledger must be endorsed37
by the key participants (every participant executes it successfully in its local world state,38
signs the proposal and returns it back) in order to be accepted as ledger update. In our39
use case, the smart contracts will be used in many cases, from read-only medical history40
queries to decision if one claim proposal should be refunded or not. The endorsement41
policy which is part of the consensus mechanism is closely related to smart contracts.42
Every smart contract (chain code) works in concert with its endorsement policy which is43
specified at the time smart contract (chain code) is instanted.44
Real Time Availability ... A Blockchain Based Approach 13
The first step in designing the architecture of the decentralized platform is to select the3
blockchain platform which will serve as underlying technology to implement all the com-4
ponents that were discussed previously. The blockchain platform should satisfy the initial5
requirements of our use case, in most complete manner.6
In Table 3, we can see the main characteristics of some of the blockchain platforms7
that are popular now and which effects should they bring if we are using them as platform8
for developing our use case [10], [34], [31], [1].9
Additionally, there is an information about which consensus algorithm is used by each10
of the platform and in Table 4 we can notice short explanation about them and some of the11
crucial features that bring those algorithms to the use cases when they are applied [25],12
[20], [14], [35].13
5.1. Performance and scalability14
As we already mentioned, due to real-time availability of information and health related15
data included in the system, performance is a requirement that we must consider in our16
use case. When it comes to Ethereum with the combination of Proof-Of-Work algorithm17
used for achieving consensus, we stumble upon performance problems due to heavy work18
and power consumption needed to sustain the permissionless and public network. The19
price paid in terms of performance drop for permissionless and public characteristics of20
the potential network is not worth in our use case, since we dont need to apply them. The21
performance of platform intended for private networks such as Hyperledger Fabric, with22
pre-defined set of carriers of consensus process, is on satisfactory level for our use case.23
The disadvantages of consensus algorithm that is used by Hyperledger Fabric are related24
to its semi-trusted environment, due to existence of permission system and the private25
nature of the blockchain. Performance decrease will happen if more than 20 peers are in-26
cluded in the consensus achieving process. [30] But, considering the initial requirements,27
these drawbacks of the platform and consensus algorithms are not playing huge role in28
our experiment.29
5.2. Authorization and permission-to-use the network and assets30
The Hyperledger Fabric is intended for building networks where the assets are owned and31
managed by a group of identifiable and verifiable institutions [26]. In our case, those in-32
stitutions are healthcare and health insurance companies, as well pharmacies and medical33
suppliers. The reason why Hyperledger Fabric is better choice than Ethereum for our use-34
case is the infrastructure of permissioned network that it offers, where all the organization35
and peers are verified before executing transactions. They can operate in specific collab-36
oration channel if, and only if, they have certificate issued by a membership authority.37
On the other-side, in Ethereum and public networks, permissions to participate dont exist,38
everyone can join the network [7]. By using Ethereum source code to implement network,39
Etherium can be used in a controlled setting as well (this is a rather common approach for40
Ethereum based start-ups focusing on B2B).41
14 Zlate Dodevski et al.
Main Charac-
Smart Con-
tract Code
Algorithm Effects of using in our use case
Built by
Ethereum de-
Most mature and
first blockchain
platform that
introduce the
smart contracts
Permission less
Solidity Proof-of-
Mature smart contract programming lan-
guage that offers smooth development with
strong community and broad documentation.
Main disadvantage is the use of brute-force
look-a-like consensus algorithm that is in-
tended more for public blockchains. The per-
formance and scalability will be the main
The public scope of the platform moves
away from our initial idea of closed and con-
trolled private blockchain.
Built by Linux
Consensus is
achieved on
transaction level
Less mature than
Complex permis-
sion module
Go, Java
Stake based
fault toler-
The endorsement and consensus are
achieved on transaction level meaning
that all parties that have permissions and
participate in the collaboration channel are
responsible for the validity and achieving
the trust.
Increased focus on permissions system and
membership service providers
More layers of abstractions in the develop-
ment process and modular architecture can
be easily applied to our use case.
Solves performance scalability and privacy
issues, perfect for health-related systems.
R3 Corda
Permission based
network with
strong control on
Specialized for fi-
nancial industry
Kotlin, Java
level con-
the partici-
Similar and complement to Hyperledger
Fabric but more simplified with possibility
of easy implementations of out-of-the-box
It has many unnecessary features that are not
part of our initial considerations.
Supports both
permissioned and
The consensus algorithm that is introduced
by this platform is not mature and not prop-
erly implemented yet.
When it comes to security Sawtooth has ap-
proach based on roles and permissions
Built by
and came into
the market as
a competitor to
the Etherium
ecosystem. The
platform raised
4 billion dollars
in the initial coin
like C++,
Java and
Python was
The smart contracts can be written in C++,
Java or Python. The platform does not re-
quire learning a new programming language.
The platform solves a lot of issues that the
other platforms experience such as problems
with scalability and transaction fees.
Main disadvantage is the centralized model
of decision-making and achieving consen-
Same as Ethereum, the public scope of the
platform moves away from our initial idea of
closed and controlled private blockchain.
Table 3. Comparison of blockchain platforms
Real Time Availability ... A Blockchain Based Approach 15
Main Characteristic
Effects of
pants in the
Work (PoW)
Fully distributed consensus mechanism
The original consensus algorithm introduced
by Satoshi Nakamoto.
Each of ‘the participants that have the job to
secure the network needs to prove their in-
tent by doing some work (to solve a complex
mathematical problem that requires huge
computational power) in order to mine new
blocks of transaction
Huge computational power required
less Slow None
Stake (PoS)
Opposite in the manner of exploiting compu-
tational power due to alternative approach.
The algorithm is based on coin stakes that
node holds to the network as a proof for cre-
ating new blocks.
Both Fast None
Elapsed Time
The process behind is related to waiting spe-
cific amount of time from each participant in
order to mine new block
The first participant that finish the waiting
process is chosen to be the leader
Both Medium None
Fault Toler-
Few pre-selected nodes that forms the con-
sortium and they are communicating with
each-others to achieve consensus.
Hoch transaction throughput
Permissioned Fast Decreased
Ripple Con-
sensus Algo-
Byzantine Fault Tolerance based
Each channel has its own federated validator
that sorts the messages in order to achieve
Permissioned Fast None
Table 4. Comparison of some of the most popular consensus algorithms
5.3. Achieving consensus by using Hyperledger Fabric1
Consensus process in Hyperledger technologies, consists of three phases. First phase is2
called endorsement and it is closely related to smart contract component (called chain-3
code). Before the network is built and put in operating state, endorsement policy must be4
configured and defined. With other words, by using this endorsement policy we define5
which peers have rights to execute which transaction. This phase is also called the execu-6
16 Zlate Dodevski et al.
tion phase, because transactions are executed by using the smart contract layer. Depending1
on the endorsement policy, in this phase, transaction proposal is sent to some of the peers2
which are defined as endorsing peers and the channel is waiting for their response. There3
can be a case, as part of the separation of concerns, that peers even though are part of4
the blockchain network are not included in the endorsement process and specific business5
rules (smart contracts) are kept hidden and private from them. In our use case, that can6
happen when two healthcare organizations are exchanging information. In that case, all7
of the insurance organizations that participate in the network will not be included in the8
endorsement process.9
The second phase of the consensus process is called ordering phase, because it in-10
volves the so-called orderer entity. The responsibility of the orderer as part of the con-11
sensus mechanism affects the order of the transactions. Its a keeper of the order and its12
functionality is related to making sure that each of the participant has the same order of13
the list of transactions on its ledger. This phase happens only if all endorsement peers14
signed the transaction.15
The third phase comes right after the ordering of the transactions and its called val-16
idation phase. In this phase, all the peers participate in the process because the process17
involves updating the ledger with new transaction. They validate the results and apply the18
changes in their copy of the ledger.19
Each participant, defined as node in the network, has two layers included in the architec-21
ture. The first one is the blockchain layer, which consists of many components that we22
already discussed, and this layer serves as trust-less network that can provide agreements23
and consensus through endorsement of smart contract outcomes [28]. The second layer is24
the application layer and this layer is responsible for all application logic and data that is25
not needed to be subject to verification of validity. The application layer can interact with26
the blockchain through transactions. Defining the components of both layers is crucial for27
the architectural design [38].28
6.1. Defining the assets, peers, organizations and channels29
The starting point of configuring the blockchain based approach is to define the assets,30
peers, organizations and channels. Hyperledger Fabric technology offers possibility to31
configure these components with different software tools, scripts and configuration files.32
After initializing our network, our experiment should consist of:33
healthcare organization 1 with one peer HCO1;34
healthcare organization 2 with one peer HCO2;35
health insurance organization with one peer HIO36
individual represented by one peer.37
After defining the peers and organizations, we need to configure the channels and their38
endorsement policies (Figure 1). Every participant should communicate with the others39
on channel that is supported by related ledger. Each of the peers are configured to be40
registered to certification authority server, which is responsible for granting them specific41
permission for performing actions in the system.42
Real Time Availability ... A Blockchain Based Approach 17
Fig. 1. Configuration file for organization and peers
6.2. Defining the data flow1
Considering our eco system, major architectural question that needs to be answered here2
is the decision which data should be placed on-chain and what should be kept off-chain.3
That decision will affect performance and flexibility.4
Before we present the transaction and data flow, we need to discuss which data are5
subject to negotiating and verifying by the consensus of the network and should be stored6
on-chain, meaning that they will be stored in each copy of the ledger of the peers, and7
which data should be stored off-chain meaning that it will be referenced by the negotiation8
process. In blockchain approaches, there are two ways how to store the data, the first one is9
to add data into transactions, like Bitcoin. And the second one is to store it as variables into10
contract storage as Ethereum. Both ways, store and update data by submitting transactions11
to the blockchain layer.12
What we plan to do in our use case is to find the most suitable way how to connect data13
stored in traditional relational databases and kept in organizational storage servers to the14
blockchain network. We designed a way how to establish bridge between the blockchain15
layer and the off-chain data, by using references, indexes, meta-data, hashes or critical16
information as on-chain data on the blockchain that will point to the real data needed17
18 Zlate Dodevski et al.
for achieving consensus. As we mentioned, the real data can be placed somewhere in the1
infrastructure of the organizations that participate in the blockchain network, no matter if2
its cloud solution, physical servers or a public storage.3
6.3. Writing the business logic4
As we mentioned before, the smart contracts, or with the terminology of Hyperledger5
Fabric, the chaincode is responsible for executing the business logic in the blockchain6
based architecture [30]. As a step towards defining the approach, we should consider7
developing all the necessary smart contracts that will perform the intended actions in the8
system. For example, how an injury can be covered by a health insurance organization or9
how one health care provider can grant permission for using health related data to another10
health care provider, or how a patient can transfer medical files from one organization to11
another. All these processes should be covered and implemented by using smart contracts.12
6.4. Application and integration layer13
The blockchain based architecture should contain a layer where the data present at the14
off-chain storages can be used as a feed to populate the blockchain network with data.15
Basically, all the assets that can be produced by the participants in the network should16
be indexed, referenced or hashed and stored to the ledger of the channel as immutable17
data. This process should be done as initial phase of seeding the blockchain network. The18
plan in our use case is to build integration layer in form of API calls. That integration19
layer should serve as a bridge between the organizations and individuals on one side and20
the web system of our use case together with the blockchain layer on the other side.21
Individuals can access that integration layer by using distributed application and in that22
way execute transaction on the blockchain, and organizations can build their own API23
layer in order to transfer the needed data. The overall architecture and communication24
can be seen at Figure 2 [39].25
After we discussed about what we want to achieve and analyzed how we want to do that27
and why, the next step is to bring the participants into play and assume their effort to make28
this blockchain based health information exchange mechanism, feasible and beneficial.29
Individuals are the central point of the ecosystem and they are the ultimate beneficia-30
ries from the services, features and functionalities that this decentralized way of health31
information exchange should provide [4]. Using 2 as reference, we can say that the inter-32
action of the individuals with the blockchain solution is the distributed application. The33
distributed application offers the individual different types of services, from accessing34
their health insurance and broad information related to it, to real time access to medi-35
cal history, lab results, prescriptions, reminders, etc. The distributed application act as a36
bridge between the individual and the blockchain layer. The individuals can initiate and37
demand different types of actions, such as claim approval and payment, transfer of data38
from one institution to another, etc. The system can also detect when specific actions are39
needed and can initiate them instead of the individual, asking only for a consent.40
Real Time Availability ... A Blockchain Based Approach 19
Fig. 2. Blockchain based approach
The efforts of the patient in order to keep the prototype alive and beneficial on highest1
level can be:2
Registering an account in the system;3
Feed the network with different types of data. Authorize the prototype to retrieve4
information from external sources, such as sensors of wearable devices, insert diet5
and meal plans, period and types of physical activity, etc.6
To seed the blockchain layer with relevant health related data, the healthcare organiza-7
tion that owns the medical records of that specific individual should also be part of the8
ecosystem. The membership management component of the healthcare organization9
should authenticate the individual and verify that it is the owner of the health related10
data. With consent of the individual, that healthcare organization can synchronize the11
medical records of the individual and feed the blockchain layer with them. From that12
moment, the individual and the healthcare organization will be always present in the13
endorsement process and they will always be part of the decision-making process14
regarding who can control and process the related data stored on the blockchain.15
To seed the blockchain layer with relevant insurance related data, the health insurance16
organization that owns the insurance policy should also be part of the ecosystem. The17
membership management component of the insurance organization should authenti-18
cate the individual and grant him permission to manipulate with its data. With consent19
of the individual, that healthcare organization can synchronize the terms and condi-20
tions, the duration of the insurance and details about the coverage of the individual21
and feed the blockchain layer with them.22
After seeding phase, the other actions are related to initiating some service provided23
by the prototype.24
20 Zlate Dodevski et al.
The organizations that are part of the ecosystem, no matter if they are healthcare or-1
ganizations, health insurance organizations or medical suppliers have two possible ways2
how to bridge the collaboration gap with the blockchain layer and them. The first way3
is to access the blockchain layer via the interface of the distributed application. The in-4
teraction should be similar as the one which the individual is performing. The actions5
that can be performed by using the distributed applications are related to registering, set-6
ting up membership module and access control mechanism for other participants to ask7
for permissions to access, adding peers that are part of that organization and feeding the8
blockchain with relevant data.9
To simplify the interoperability between the organizations and the blockchain based10
solution, the organizations can access the blockchain network directly through the inte-11
gration layer that is part of the architecture. When it comes to healthcare organization,12
the Electronic Health Records (EHR) systems can exploit the API calls that are part of13
the integration layer of the blockchain based solution, to communicate in both directions.14
Either to retrieve health related data that is not present in the medical record of specific15
individual, thus enrich the medical history or to feed the blockchain with data that is rele-16
vant for the provided services of the blockchain based solution. The same can be done for17
the other organizations that have software enterprise solution to store and manage health18
related data.19
In the previous sections we discussed about the components of the blockchain technology21
and how can we exploit them in the field of electronic health records. We were considering22
and evaluating blockchain platforms and consensus algorithms, so we can make the right23
choice to fulfill the requirements of our use case and satisfy the needs of our eco system.24
As discussed in section IV, Hyperledger Fabric as a blockchain platform is a good starting25
point for the practical part of the research. In the next parts, we will analyze two use cases26
by using sequent diagrams and we will see how the data and the information should move27
across different components (represented as lifelines) and how the participants can benefit28
from using this approach. The user scenarios we have chosen to represent the capability29
of the solution we consider in this paper, focus on the exchange of health data to health30
insurance institutions and the use of a health insurance plan. The reason for this emphasis31
comes from the complexity of the workflow, which includes conditions that need to be32
met and the involvement of multiple actors for a particular request to be approved or a33
solution to be proposed by the system itself. We should keep in mind that the solution34
encourages facilitated communication between different entities, if the health insurance35
companies are not part of that entity set, then the solution will have the same architecture,36
but with simplified parts of the system in which the conditional logic for decision making37
is embedded.38
8.1. Sequent diagram for claim coverage proposal coming from peer that39
represents the insurer40
If the components of the solution described above are initialized and set, the system can41
execute different types of transaction and data flows, so lets analyze the process of asking42
Real Time Availability ... A Blockchain Based Approach 21
for refund of claim covered by insurance plan which is issued by specific health insurance1
organization insurance. The transaction and data flow is depicted at Figure 3. The process2
covers proposal for access of health data owned by specific healthcare organization and3
activating endorsement policy, written in the form of a smart contracts to evaluate the4
truth about the health conditions and terms and coverages of the insurance plan.5
Fig. 3. Sequence diagram of claim coverage proposal
Hyperledger Fabric as a technology platform can help in couple of segments for ful-6
filling the requirement, as we already discussed in the previous sections. First of all, its a7
platform for creating permissioned network of participants. That means that each of the8
members that participate in the system, should have been pre-configured as valid peers9
from specific organization and with proven identity. With other words Hyperledger Fab-10
ric is a platform that can offer configuration of peers and organizations and permissions11
that complies with data protection regulations. The healthcare providers, the insurance12
providers, the patients and the other participants should have their own peers as represen-13
tatives in the network which will execute their business logic. If satisfying endorsements14
are given from both parties affected: the healthcare provider owning the health informa-15
tion and health insurance provider owning the insurance plan for the individual, a con-16
sensus is made and assets in the ledger are updated, meaning that the claim is reviewed,17
accepted and refund is approved in a smart and automatic way reducing the need for a18
human interaction.19
When we are talking about endorsement policies, Hyperledger Fabric can offer con-20
figuring how many and what kind of combination of endorsers are required for consider-21
ing one transaction as valid. That is part from the consensus algorithm that is used as a22
backbone for acquiring distributed trust.23
Each of the participant has their own copy of the ledger and own copy of smart con-24
tracts, so the process of endorsement is nothing more than executing smart contracts from25
22 Zlate Dodevski et al.
all parties involved in the process on their ledger and sending the outcome results to the1
channel in order to verify the truth and achieve consensus.2
8.2. Health Information Exchange between healthcare providers3
In this scenario, shown at Figure 4, an individual that has health information owned by4
specific healthcare organization asks for health information exchange with other health-5
care organization. In other words, this sequence diagram explains the process of adding6
read permission to healthcare organization which is not an owner of the health informa-7
tion related to the individual. When the individual initiates health information exchange,8
the channel checks the ownership of the health information and checks which healthcare9
organization should have permission to read them. Endorsement is given from both par-10
ties and the verified proposal is executed as a ledger and membership provider update.11
From technology aspect, this flow is very similar to the previous one.12
Fig. 4. Sequence diagram of adding read permission to another healthcare provider
Hyperledger Fabric offers configuration of peers and organizations and a channel13
where they can communicate with each other. The consensus algorithm that includes en-14
dorsement policy is helping the process to validate that one peer can have read permissions15
on some specific data in the blockchain.16
Real Time Availability ... A Blockchain Based Approach 23
9. GDPR1
Main topic of this technical paper is the process of exchanging health-related data. When2
we are discussing about systems where personal data are being processed, then we must3
consider the compliance with the General Data Protection Regulation (GDPR) [5]. GDPR4
comes into play when there is some kind of processing of personal data. Every information5
that can identify, directly or indirectly, a data subject which is identifiable natural person,6
is considered to be personal data. The personal data that can be in form of an identification7
number, location data, name of the data subject, etc. The processing of personal data is8
defined as operation or set of operations, that can be automated or not, such as storing,9
structuring, organization, adaptation or alteration, retrieval of data, etc.10
There are two very important terms that needs to be mentioned and discussed, the11
role of the data controller and the role of the data processor in the GDPR. The controller12
of the data is some entity which states the purpose and the means of the processing of13
personal data and that statement is determined by legal legislation or laws defined by the14
legal authority in the country. When there is some entity which process the personal data15
on behalf of the controller, then that entity is considered to be the data processor.16
In the blockchain based approach of defining a system for exchanging health related17
data, there is no hierarchy, instead every participant is equally responsible for process-18
ing of data. In the blockchain system, each of the participant is data controller and it is19
obligated to comply with the GDP regulation.20
One of the main principles that will come into effect with the GDPR is the demanded21
transparency for the processing, storing and exchanging personal information. With other22
words, the individual (data subject), can demand the controller of the data, information23
about all kind of details regarding their personal data. As we are already aware, there is24
an absence of central authority, so that is certainly a challenge that the blockchain based25
systems will face to become GDPR compliant. However, the structure of Blockchain tech-26
nology brings unique possibilities to overcome these challenges and bring transparence27
and extended logs regarding the access to the distributed data. The transparency and trac-28
ing can be achieved by using the characteristics of the blockchain network.29
The blockchain network can be used to log every access of the data by the partic-30
ipants in the network. That logging mechanism can serve as an immutable record of31
health-related data exchanges between parties and the data subject can always control32
and monitor where their personal information is used, and by whom.33
The combination between GDPR and blockchain systems can be a subject to a lot34
of discussion and probably they do not fit together, keeping in mind the fact that per-35
sonal information is scattered across peer-to-peer network as a part of blockchain solution.36
Blockchain is a distributed database with strong encryption and security mechanisms, but37
still individuals dont know where data is stored (distributed environment) and they dont38
know who manage their data. On the other side, in many ways the blockchain can be used39
as an ally and a partner when it comes to overcoming some of the challenges of GDPR40
What blockchain can offer when GDPR comes into play is ways how to solve trans-42
parency in data portability, traceability of data usage and many other details related to43
the use of personal data, improved consent mechanism and management, etc. However,44
there are many challenges that appear because of the characteristic of the blockchain.45
24 Zlate Dodevski et al.
Right to be forgotten is one of them. The Table 5 shows details about some of the GDPR1
obligations that affect the blockchain systems and how can be solved.2
One of the most promising thing that can be done in blockchain systems regarding the3
GDPR compliance is removing the personal identifiable information from the stored data.4
That can be easily done by encrypting the indicators that identify the data subject and5
in that way the controller shall not be obliged to maintain, acquire or process additional6
information [13].7
GDPR obli-
gations Main characteristics Blockchain based systems How can be solved
Right to be
The data subject has
the right to obtain
from the controller
the erasure of per-
sonal data concerning
Key characteristic of
blockchain is immutabil-
ity of stored data. It is the
reason why this obligation is
a challenge in the blockchain
based systems.
Smart contract containing all
the data subjects which trig-
gered the right to be forgot-
ten should forbid processing of
data related to forgotten sub-
Instead of erasing the data, en-
crypting the personal data and
erase the key used.
and data
The controller shall
take appropriate mea-
sures to provide in-
formation about any
form of transfer and
communication relat-
ing to processing to
the data subject.
One of the key characteris-
tics of blockchain is absence
of central authority which
makes difficulty to track de-
tails about the controller, pro-
pose and the details of the
data processing.
Implementing logging mecha-
nism that will utilize the im-
mutability and transparency of
the blockchain network. When
the personal data is used by
specific controller or proces-
sor, the access is logged to-
gether with all sorts of details.
That log can serve as a place
for satisfying the needs for in-
formation regarding the data
Consent man-
Also called lawful-
ness of processing.
The data processing
is considered to be
lawful if the data sub-
ject has given consent
for the processing.
In the permissioned
blockchain networks, such
as those implemented by
Hyperledger Fabric platform
organizational authorities
exist that grant permissions
and right to access.
Smart contract can be trigged
to forbid the use of data pro-
cessing that is not lawful.
Certification authorities in the
permissioned blockchain net-
works can solve this problem
as a condition peer to join the
Table 5. Some of GDPR obligations seen through eyes of blockchain solution
Real Time Availability ... A Blockchain Based Approach 25
10. Performance1
The experiment that we are going to perform, as a result of this research paper, will be2
implemented by using the Hyperledger Fabric platform. The reason for choosing this plat-3
form is already discussed in the previous sections, so it is noteworthy to discuss the per-4
formance part since its important for the final prototype. Hyperledger Fabric is a complex5
distributed system, so determining the performance will be difficult task, since many pa-6
rameters can come into play. The performance can vary depending on the type of the dis-7
tributed application, transaction size, implementation of the ordering service, the network,8
hardware on which the participant run, number of participants in the system, number of9
participants that are part of the consensus process, number of channels of collaboration10
etc [33].11
Though there are tools that can measure the performance of the blockchain solution,12
such as Hyperledger Caliper and some measures that are present in the technical docu-13
mentations such as 3500 transactions per second with latency less than one second, in this14
section we are going to focus more on the parameters which affect the performance [30].15
When it comes to the performance, since Hyperledger Fabric offers permissioned16
business blockchain solution, the speed of executing the transactions and validating them17
through all the participants in the process of achieving consensus can be drastically better18
than the other implementations of blockchain technology [3]. As we already described,19
Fabric is using the paradigm execute-order-validate in the transaction flow, where the en-20
dorsers are separated from the ordering service giving the possibility transactions to be21
executed in parallel. Just for comparison, in many other blockchain platforms, such as22
Ethereum, the nodes must execute transaction sequentially and, in such way, decreasing23
the performance. Another gain from the platform is the separation of concerns by splitting24
the blockchain on separate channels of collaboration. Each channel has its own ledger and25
its own chaincode, giving a huge performance increase, since only specific nodes should26
involve in executing some business rule.27
The constraints that affects the performance can be different and on the highest level28
can be separated in:29
Block size measurement for how many transactions can be grouped in a batch which30
is sent to the peers to form the new block in the blockchain. To maximize the through-31
put, the blockchain platforms offer possibility to configure the size of the blocks.32
Block size should be optimized in order the prototype to have the best transaction33
per second trend. Some experiments with predefined hardware and network parame-34
ters, assumes that 2 MB of block size can bring to 3000 transactions per second and35
latency less than one second [30].36
Number of endorsers the endorsers are the peers which are defined in the endorse-37
ment policy as the special ones which are responsible for the process of achieving38
consensus. They are responsible for executing process, so logically the performance39
should drop if the number of endorsers increase.40
Transaction size we already mention couple of time the importance to include as less41
amount of data in the transaction as possible, because they affect the performance42
directly. Additionally, transaction in Fabric are larger because they carry identity and43
certification data.44
26 Zlate Dodevski et al.
11. Conclusion1
In this paper, we present a use case analysis in which stakeholders related to health-2
care and insurance can distribute health related data in a secure, multi-institutional and3
multinational way. We analyzed the components of blockchain based architecture that4
are crucial in prototyping such mechanism for transferring information. After thorough5
analysis, examination and comparison of the current trends and platforms, we are pre-6
senting a combination of approaches related to blockchain technology, that are suitable7
and we can incorporate it in the overall architecture. The combination consists of de-8
velopment platform that will create private network which is satisfying the needs of our9
scope, execute-order-validate endorsement policy for enforcing the business rules of the10
use case, consensus algorithm that offers satisfying performance and scalability to the11
architecture and membership mechanism that will control the access to the network.12
The architecture of the approach depicts and explains how a distributed layer technol-13
ogy can fit into existing Electronic Health Records (EHR) systems or Insurance Content14
Management systems, bridging the gap between the different implementations and re-15
duce the friction of data distribution and obtaining the best value and performance in such16
The paper shows a clear roadmap of the actions and steps that one participant in the18
system, no matter if its individual, healthcare provider or insurance company, need to19
perform to become part of such decentralized health information exchange system. Addi-20
tionally, it explains the initial setup and efforts that one health care or insurance institution21
should perform to adopt this alternative approach of health information exchange and the22
benefits that they will gain from it.23
1. Ethereum vs Hyperledger. Blockchain Training Alliance (2018),25
ethereum-vs- hyperledger27
2. What is HIE? — (2018), https://www.healthit.28
gov/topic/health-it- and-health- information-exchange- basics/29
3. Androulaki, E., Barger, A., Bortnikov, V., Cachin, C., Christidis, K., De Caro, A., Enyeart,31
D., Ferris, C., Laventman, G., Manevich, Y., et al.: Hyperledger fabric: a distributed operating32
system for permissioned blockchains. In: Proceedings of the Thirteenth EuroSys Conference.33
p. 30. ACM (2018)34
4. Bell, L., Buchanan, W.J., Cameron, J., Lo, O.: Applications of blockchain within healthcare.35
Blockchain in Healthcare Today (2018)36
5. Boban, M.: Digital single market and eu data protection reform with regard to the processing of37
personal data as the challenge of the modern world. Economic and social development: book38
of proceedings p. 191 (2016)39
6. Buterin, V.: On public and private blockchains. Ethereum blog 7 (2015)40
7. Cachin, C.: Architecture of the hyperledger blockchain fabric. In: Workshop on Distributed41
Cryptocurrencies and Consensus Ledgers. vol. 310 (2016)42
8. Cardon, D.: Healthcare Databases: Purpose, Strengths, Weaknesses. Health CatalystURL43
2014/08/Healthcare-Databases- Purpose-Strengths- Weaknesses.pdf45
Real Time Availability ... A Blockchain Based Approach 27
9. da Conceic¸˜
ao, A.F., da Silva, F.S.C., Rocha, V., Locoro, A., Barguil, J.M.: Eletronic health1
records using blockchain technology. arXiv preprint arXiv:1804.10078 (2018)2
10. Diedrich, H.: Ethereum: Blockchains, digital assets, smart contracts, decentralized autonomous3
organizations. Wildfire Publishing Sydney (2016)4
11. Dixon, B.: Health Information Exchange: Navigating and Managing a Network of Health In-5
formation Systems. Academic Press (2016)6
12. Ekblaw, A., Azaria, A., Halamka, J.D., Lippman, A.: A case study for blockchain in health-7
care:medrec prototype for electronic health records and medical research data. In: Proceedings8
of IEEE open & big data conference. vol. 13, p. 13 (2016)9
13. Fabiano, N.: Internet of things and blockchain: Legal issues and privacy. the challenge for a10
privacy standard. In: Internet of Things (iThings) and IEEE Green Computing and Commu-11
nications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE12
Smart Data (SmartData), 2017 IEEE International Conference on. pp. 727–734. IEEE (2017)13
14. Gervais, A.: On the Security, Performance and Privacy of Proof of Work Blockchains. Ph.D.14
thesis, ETH Zurich (2016)15
15. Goldschmidt, P.G.: Hit and mis: implications of health information technology and medical16
information systems. Communications of the ACM 48(10), 68–74 (2005)17
16. Gordon, W.J., Catalini, C.: Blockchain technology for healthcare: facilitating the transition to18
patient-driven interoperability. Computational and structural biotechnology journal 16, 224–19
230 (2018)20
17. Greenspan, G.: Four genuine blockchain use cases — MultiChain. Multichain.com21
[Online]. Available (2018),
four-genuine- blockchain-use- cases/23
18. Guegan, D.: Public blockchain versus private blockhain (2017)24
19. Kassab, M.H., DeFranco, J., Malas, T., Laplante, P., Neto, V.V.G., et al.: Exploring research in25
blockchain for healthcare and a roadmap for the future. IEEE Transactions on Emerging Topics26
in Computing (2019)27
20. Krawisz, D.: The proof-of-work concept. Satoshi Nakamoto Institute¡ http://nakamotoinstitute.28
org/mempool/the-proof-of-work-concept/# selection-17.15-17.19 (2013)29
21. Liang, X., Zhao, J., Shetty, S., Liu, J., Li, D.: Integrating blockchain for data sharing and collab-30
oration in mobile healthcare applications. In: 2017 IEEE 28th annual international symposium31
on personal, indoor, and mobile radio communications (PIMRC). pp. 1–5. IEEE (2017)32
22. Mackey, T., Bekki, H., Matsuzaki, T., Mizushima, H.: Examining the potential of blockchain33
technology to meet the needs of 21st-century japanese health care: viewpoint on use cases and34
policy. Journal of medical Internet research 22(1), e13649 (2020)35
23. McDonald, C.J.: The barriers to electronic medical record systems and how to overcome them.36
Journal of the American Medical Informatics Association 4(3), 213–221 (1997)37
24. Mettler, M.: Blockchain technology in healthcare: The revolution starts here. In: 2016 IEEE38
18th International Conference on e-Health Networking. Applications and Services (Healthcom39
25. Mingxiao, D., Xiaofeng, M., Zhe, Z., Xiangwei, W., Qijun, C.: A review on consensus al-41
gorithm of blockchain. In: Systems, Man, and Cybernetics (SMC), 2017 IEEE International42
Conference on. pp. 2567–2572. IEEE (2017)43
26. Mougayar, W.: The business blockchain: promise, practice, and application of the next Internet44
technology. John Wiley & Sons (2016)45
27. Nakamoto, S.: Bitcoin: A peer-to-peer electronic cash system (2009)46
28. Network, I.: IRYO. Global participatory healthcare ecosystem. URL (2017), https://47
29. Ribitzky, R., St Clair, J., Houlding, D.I., McFarlane, C.T., Ahier, B., Gould, M., Flannery,49
H.L., Pupo, E., Clauson, K.A.: Pragmatic, interdisciplinary perspectives on blockchain and50
distributed ledger technology: paving the future for healthcare. Blockchain in Healthcare Today51
1, 1–15 (2018)52
28 Zlate Dodevski et al.
30. Scherer, M.: Performance and scalability of blockchain networks and smart contracts (2017)1
31. Schueffel, P.: Alternative distributed ledger technologies blockchain vs. tangle vs. hashgraph-a2
high-level overview and comparison (2017)3
32. Swan, M.: Blockchain: Blueprint for a new economy. ” O’Reilly Media, Inc.” (2015)4
33. Thakkar, P., Nathan, S., Vishwanathan, B.: Performance benchmarking and optimizing hyper-5
ledger fabric blockchain platform. arXiv preprint arXiv:1805.11390 (2018)6
34. Valenta, M., Sandner, P.: Comparison of ethereum, hyperledger fabric and corda. Tech. rep.,7
FSBC Working Paper (2017)8
35. Vukolic, M.: The quest for scalable blockchain fabric: Proof-of-work vs. bft replication. In:9
International Workshop on Open Problems in Network Security. pp. 112–125. Springer (2015)10
36. Wang, R., Liu, H., Wang, H., Yang, Q., Wu, D.: Distributed security architecture based on11
blockchain for connected health: Architecture, challenges, and approaches. IEEE Wireless12
Communications 26(6), 30–36 (2019)13
37. Xu, X., Weber, I., Staples, M., Zhu, L., Bosch, J., Bass, L., Pautasso, C., Rimba, P.: A taxonomy14
of blockchain-based systems for architecture design. In: Software Architecture (ICSA), 201715
IEEE International Conference on. pp. 243–252. IEEE (2017)16
38. Zheng, Z., Xie, S., Dai, H.N., Wang, H.: Blockchain challenges and opportunities: A survey.17
Work Pap.–2016 (2016)18
39. Zheng, Z., Xie, S., Dai, H., Chen, X., Wang, H.: An overview of blockchain technology: Ar-19
chitecture, consensus, and future trends. In: Big Data (BigData Congress), 2017 IEEE Interna-20
tional Congress on. pp. 557–564. IEEE (2017)21
... This is very significant for institutions with a large number of students. For example, the critical functionality of the Hyperledger Fabric implies offering the configuration of the number and type of the combination of the endorsers needed for considering one transaction as valid [56]. Via this functionality, i.e., via the part of the consensus algorithm, the teacher and the student have their copy of the ledger and the uploaded intelligent contracts, so that the approval procedure is the execution of smart contracts and sending the outcome results further in the network to check the integrity and reach a consensus. ...
Full-text available
Following COVID-19, new accreditation standards include digitization, entrepreneurship, social inclusion and the circular economy. Blockchain can help to simplify difficult accreditation processes that ensure worldwide teaching, learning, practice and business communication excellence. The paper proposes a Collaborative Learning and Student Work Evaluation (CLSWE) model based on blockchain technologies (BCTs) encompassing selected concepts from the scientific research peer-review process. BCTs are used to develop a safe platform for storing and exchanging data about students’ projects and evaluations. The CLSWE model offers the possibility of improving cooperation between higher-education institutions and companies that seek the “employable skills” of proactive students. Before implementing the CLSWE model, a questionnaire was conducted to survey lecturers about their attitudes related to the potential application of BCTs. The results of the surveys are encouraging and reveal a desire and willingness to introduce BCTs in education. A project scheme with the main functionalities of the model and a description of the roles of the prominent participants was designed. A platform with a database created in the MySQL language for the testing model was built. This research also contributes to higher education literature in terms of the sustainability of the education process and collaborative learning with BCTs.
... Next, the work [25] provides a deep discussion on the main components of blockchain required for developing e-Health targeted distributed architectures. The studied roadmap outlines how DLT can fit into existing Electronic Health Records (EHR) systems or Insurance Content Management (ICM) systems. ...
Full-text available
Distributed Ledger Technology (DLT) is making the first steps toward becoming a solution for the growing number of various decentralized systems worldwide. Unlike pure Blockchain, DLT finds many uses across different industries, including eHealth, finance, supply chain monitoring, and the Internet of Things (IoT). One of the vital DLT features is the ability to provide an immutable and commonly verifiable ledger for larger-scale and highly complex systems. Today’s centralized systems can no longer guarantee the required level of availability and reliability due to the growing number of the involved nodes, complicated heterogeneous architectures, and task load, while the publicly available distributed systems are still in their infancy. This paper aims to provide an exhaustive topical review of the state-of-the-art of Distributed Ledger Technology applicability in various sectors. It outlines the importance of the practical integration of technology-related challenges, as well as potential solutions.
Full-text available
The decoupling of the data plane and the control plane in the Software-Defined Network (SDN) can increase the flexibility of network management and operation. And it can reduce the network limitations caused by the hardware. However, the centralized scheme in SDN also can introduce some other security issues such as the single point of failure, the data consistency in multiple- controller environment and the spoofing attack initiated by a malicious device in the data plane. To solve these problems, a security framework for SDN based on Blockchain (BCSDN) is proposed in this paper. BCSDN adopts a physically distributed and logically centralized multi-controller architecture. LLDP protocol is periodically used to obtain the link state information of the network, and a Merkle tree is establised according to the collected link information and the signature is generate based on KSI for each link that submitted by a switch by the main controller selected by using the PoW mechanism. Such, the dynamic change of network topology is recorded on Blockchian and the consistency of the topology information among multiple controllers can be guaranteed. The main controller issues the signature to the corresponding switch and a controller checks the legitimate of a switch by verifying the signature when it requests the flow rule table from the controller later. The signature verification ensures the authenticated communication between a controller and a switch. Finally, the simulation of the new scheme is implemented in Mininet platform that is a network emulation platform and experiments are done to verify our novel solution in our simulation tool. And we also informally analysis the security attributes that provided by our BCSDN.
Full-text available
Blockchain has numerous benefits such as decentralisation, persistency, anonymity and auditability. There is a wide spectrum of blockchain applications ranging from cryptocurrency, financial services, risk management, internet of things (IoT) to public and social services. Although a number of studies focus on using the blockchain technology in various application aspects, there is no comprehensive survey on the blockchain technology in both technological and application perspectives. To fill this gap, we conduct a comprehensive survey on the blockchain technology. In particular, this paper gives the blockchain taxonomy, introduces typical blockchain consensus algorithms, reviews blockchain applications and discusses technical challenges as well as recent advances in tackling the challenges. Moreover, this paper also points out the future directions in the blockchain technology.
Full-text available
Interoperability in healthcare has traditionally been focused around data exchange between business entities, for example, different hospital systems. However, there has been a recent push towards patient-driven interoperability, in which health data exchange is patient-mediated and patient-driven. Patient-centered interoperability, however, brings with it new challenges and requirements around security and privacy, technology, incentives, and governance that must be addressed for this type of data sharing to succeed at scale. In this paper, we look at how blockchain technology might facilitate this transition through five mechanisms: (1) digital access rules, (2) data aggregation, (3) data liquidity, (4) patient identity, and (5) data immutability. We then look at barriers to blockchain-enabled patient-driven interoperability, specifically clinical data transaction volume, privacy and security, patient engagement, and incentives. We conclude by noting that while patient-driving interoperability is an exciting trend in healthcare, given these challenges, it remains to be seen whether blockchain can facilitate the transition from institution-centric to patient-centric data sharing.
Conference Paper
Full-text available
Blockchain is an emerging technology for decentralised and transactional data sharing across a large network of untrusted participants. It enables new forms of distributed software architectures, where agreement on shared states can be established without trusting a central integration point. A major difficulty for architects designing applications based on blockchain is that the technology has many configurations and variants. Since blockchains are at an early stage, there is little product data or reliable technology evaluation available to compare different blockchains. In this paper, we propose how to classify and compare blockchains and blockchain-based systems to assist with the design and assessment of their impact on software architectures. Our taxonomy captures major architectural characteristics of blockchains and the impact of their principal design decisions. This taxonomy is intended to help with important architectural considerations about the performance and quality attributes of blockchain-based systems.
Conference Paper
Full-text available
Proof of Work (PoW) powered blockchains currently account for more than 90% of the total market capitalization of existing digital cryptocurrencies. Although the security provisions of Bitcoin have been thoroughly analysed, the security guarantees of variant (forked) PoW blockchains (which were instantiated with different parameters) have not received much attention in the literature. This opens the question whether existing security analysis of Bitcoin's PoW applies to other implementations which have been instantiated with different consensus and/or network parameters. In this paper, we introduce a novel quantitative framework to analyse the security and performance implications of various consensus and network parameters of PoW blockchains. Based on our framework, we devise optimal adversarial strategies for double-spending and selfish mining while taking into account real world constraints such as network propagation, different block sizes, block generation intervals, information propagation mechanism, and the impact of eclipse attacks. Our framework therefore allows us to capture existing PoW-based deployments as well as PoW blockchain variants that are instantiated with different parameters, and to objectively compare the tradeoffs between their performance and security provisions.
The ubiquitous nature of a connected health system imposes challenges with regard to the design of system architecture, security, and privacy. Different from traditional centralized systems, a distributed blockchain-based security protection architecture is proposed. In particular, smart contracts, as an intelligent protocol in the blockchain technology, are exploited to automatically achieve system confidentiality, integrity, and authenticity. Research challenges related to security and privacy issues in our proposed architecture are then analyzed, followed by potential solutions. Finally, security performance simulations and analyses are conducted to validate and evaluate the effectiveness of the proposed security architecture.
The implications of accelerating the adoption and widespread use of health information technology (HIT) through the 15-year period from the present to 2020 are discussed. Expectations of benefits from HIT are so high they may become an obstacle to accelerating its widespread adoption, especially if early attempts falter or produce disappointing results. Widespread adoption of HIT may cost as much as $1.5 trillion in the next 15 years. While use of HIT may transform the health care system, it may be necessary to restructure the system to liberate sufficient resources to be able to invest in HIT and to align incentives to realize its claimed benefits. The adoption of HIT should be promoted in the best possible way by restructuring the delivery system, reengineering care processes, and recreating the culture in which health care occurs, while simultaneously mitigating its potential risks.
Four genuine blockchain use cases -MultiChain. Multichain
  • G Greenspan
Greenspan, G.: Four genuine blockchain use cases -MultiChain. 21 [Online].