I will now take you through the steps to develop an EMR system secured by blockchain. These steps are as follows:
1. Define your project scope
My recommendation is that you target the following two broad scope areas:
- Secure EMRs with blockchain;
- Facilitate authorized access by healthcare providers and patients to these secure EMRs.
Within these broader scope areas, you will obviously need to incorporate common EMR system features like user interface (UI), EMR workflow, etc.
2. Formulate a project approach
Considering the need to protect PHIs from prying eyes, yet facilitating seamless access to authorize stakeholders, I recommend the following approach:
- Use Hyperledger Fabric with its access control and data privacy to secure EMRs.
- Implement an Ethereum “Decentralized app” (DApp) to facilitate seamless transactions. DApps are open-source web apps with the following characteristics:
- The front-end can be coded in any language, however, the backend must consist of smart contracts.
- DApps have their user communities. These apps require cryptographic tokens, run on decentralized blockchains, and store data on that blockchain.
- User community must reach consensus before a DApps undergoes changes, and no user can control the majority of tokens. We have covered DApps in “How to convert web app Into a Dapp”.
3. Form a project team
Your project team should have the following roles:
- Business analysts (BAs);
- UI designers;
- Web front-end developers;
- Hyperledger Fabric developers;
- Ethereum developers with Solidity skills;
- A project manager (PM).
4. Study a similar blockchain EMR project
Studying a blockchain EMR project will help with your development efforts. Let’s review Medicalchain, which secures EMRs with the help of blockchain. The following quick facts are relevant here:
- In addition to securing EMRs using blockchain, Medicalchain allows healthcare providers to access EMRs based on permissions.
- Patients and healthcare providers like doctors, hospitals, laboratories, etc. can view EMRs. They can record their various transactions concerning EMRs on the blockchain.
- Medicalchain uses two blockchains. One is built on Hyperledger Fabric, and this one secures EMRs.
- The other is an Ethereum-based network, which allows seamless access to authorized stakeholders. MedicalChain uses their MedTokens (MTNs) to facilitate transactions on this blockchain.
5. Sign-up for a Hyperledger Fabric “Blockchain as a Service”
You will use Hyperledger Fabric, or Fabric as it’s commonly called, to secure EMRs. Fabric has many advantages, e.g.:
- Fabric allows access control since it’s a permissioned blockchain framework.
- It enables developers to write “chaincodes”, i.e., smart contracts in Fabric parlance.
- This framework uses pluggable components like consensus algorithms.
- Fabric uses channels for confidential information.
- It offers high scalability.
- It has hardware security features for digital signatures, which is useful for applications that require higher security.
- I have explained the advantages of Fabric in “Pros and cons of Hyperledger Fabric for blockchain networks”.
Keep in mind that Fabric is an open-source framework for enterprise blockchain, and you still need to build a blockchain network using it. That can be tricky, since you need to manage the hardware infrastructure, networking, etc. The good news is that you can use “Blockchain as a Service” (BaaS) to expedite this.
BaaS providers manage the infrastructure, networking, etc., therefore, you can focus on development. Here, I recommend that you use “IBM Blockchain Platform”, the BaaS offering from IBM. There are several advantages to it, e.g.:
- It’s a fully managed solution, with guaranteed uptime and 24×365 support.
- IBM blockchain platform provides you with the required development tools.
- All Fabric features like channels, pluggable consensus algorithm, etc. are available to you.
- This platform uses Kubernetes for orchestration, therefore, deploying your app is easy.
6. Use the right “Software Development Kit” (SDK)
Fabric and IBM blockchain platform let you develop your app using Node.js, the popular open-source runtime environment. Many developers know it, therefore, I recommend that you use it in this project. Fabric has a Node.js SDK, offering the following advantages:
- There is an API solution to communicate with the Fabric blockchain network.
- The SDK enables user registration, user revocation, monitoring events, chaincode installation, transaction submission, network configuration, channel creation, etc.
- There is excellent documentation for the SDK.
- Programmers can access comprehensive guides to develop Hyperledger Fabric applications.
7. Develop the app to secure EMRs on Fabric
Now that you have studied the Medicalchain project, you can proceed with creating your app to secure EMRs on Fabric. This involves the following steps:
- Deploy IBM blockchain platform following instructions in “Getting started with IBM Blockchain Platform”.
- Use cURL to download Fabric sample code, using this guide.
- You need to install Node.js runtime environment and NPM. Your team can find the required instructions here.
- Fabric provides a rich repository of sample projects, and here’s the instruction to download them.
- Find projects relevant to you. Review the chaincodes for those projects by following the “getting started” guide mentioned above.
- You can now develop the app using the Node.js SDK.
- Adding network API endpoints to the app is the next step.
- Enroll your app, which generates a client-side certificate. Use that to register your app.
Read “Creating Applications”, a guide provided by the IBM Blockchain Platform for more information.
You have just developed the app to secure EMRs on Fabric, and now it’s time to start the Ethereum DApp development.
8. Create an Ethereum account, and buy Ether
You will need Ether, the native cryptocurrency of Ethereum to deploy the DApp. This involves the following steps:
- Use MetaMask, a crypto wallet. It’s available as a browser extension and mobile app. Download MetaMask. You can create a new account by following the instructions on the MetaMask website.
- Buy Ether: Buy Ether from Coinbase, a popular crypto exchange.
9. Install Ethereum development tools
The next step is to install the following Ethereum development tools:
Ganache: This is a blockchain client. Ganache is part of the Truffle suite of tools. Ethereum blockchain developers use Ganache to execute commands and run tests. Programmers can refer to the extensive Ganache documentation for guidance.
Truffle suite: The Truffle suite is a popular set of tools for Ethereum blockchain development. Ethereum developers use the development environment and testing framework offered by Truffle. They use this to deploy Ethereum smart contracts. A key advantage of the Truffle suite is the comprehensive Truffle documentation that can be accessed via its website. Simply create a password, and secure the 12-word private seed.
10. Configure the Ethereum development tools
You need to complete the following configuration actions:
- Open Ganache and start an instance.
- Configure the “aconfig.js” so that you can use Webs.js.
- Modify your “config.js” file with the private and public keys from your eth-lightwallet account. You can get instructions for these configuration actions in “Getting started as an Ethereum web developer”. Let’s refer to this as the “reference article 1”.
- You will need to test Ethereum smart contracts, by using Ropsten, an Ethereum test network. You need to connect MetaMask to Ropsten. MetaMask points to Ethereum mainnet by default, therefore, you need to point it to Ropsten instead. Read “Ultimate guide to convert a web app to a decentralized app Dapp” for detailed guidance. We will refer to this in the future as the “reference article 2”.
11. Code Ethereum smart contracts
Now that you have studied Medicalchain, you, no doubt, have refined and added to your great ideas. Code your smart contracts as follows:
- Use Solidity, the popular Ethereum smart contract development language.
- Code smart contracts in Remix, an “Integrated Development Environment” (IDE) for smart contract development.
12. Test and deploy smart contracts
Test and deploy smart contracts as follows:
- Get dummy Ether from MetaMask Ether Faucet.
- Ensure that the MetaMask connection to Ropsten is still open.
- Navigate the menu options on the Remix IDE. Deploy your smart contract to Ropsten. Confirm this action in MetaMask. Check out the “reference article 2” for guidance.
- Test smart contracts.
- Ensure that the testrpc instance is still active.
- Navigate to your Truffle directory, and use the “truffle deploy” command to deploy the smart contract. Use the real Ether to pay the “gas price”.
Read “Blockchain software development using the Ethereum network” for more guidance.
Hire expert developers for your next project
1,200 top developers
us since 2016
13. Create crypto tokens for your DApp
You need to code, test, and deploy more smart contracts for creating a crypto token for the DApp. This involves the following steps:
- Use the ERC20 token standard. Most wallets are compatible with this, and most DApps use this standard. Read “ERC20 token standard” to learn more about it.
- Use the Ethereum DeFi development guide to create your crypto token.
- Test and deploy these smart contracts.
14. Connect the smart contracts to the front-end of your DApp
Do the following to connect your smart contracts to the front-end of the DApp:
- Open the front-end project in an IDE.
- Create an empty file named “web3.min.js” within this project. This file will help you to connect the smart contracts with the front-end by using Web3.js.
- Copy the “Web3 min code” from the Web3.js ChainSafe repository on GitHub.
- Paste the code in the “web3.min.js” file and save it.
- Import the file into your main project.
Check the “reference article 2” for more guidance with this.
15. Initialize the smart contracts
Initialize the smart contracts. You need to do the following for this:
15a. Obtain the contract ABI (Application Binary Interface)
ABI (Application Binary Interface) is a data encoding scheme. It’s used in Ethereum to communicate with smart contracts. Take the next steps to obtain the ABIs:
- Go to the “compile” tab of the Remix IDE. View the ABI section. Copy the ABI information in a text file.
- Note that ABI information is in the JSON format, and it has spaces. You need to remove these spaces. Use JSON minify to remove the spaces. Copy the output data.
- Paste this data in the “const contractABI” variable in your code.
You can read the “reference article 2” if you need further guidance with this.
15b. Find the contract address
Go to the “Run” tab of the Remix IDE. View the contract address. Enter that in the variable named the “const contractAddress” in the code.
15c. Update the different functions of the app to use the corresponding smart contracts
The front-end of your DApp enables users to access different functions. Now, you need to connect those functions with the corresponding smart contracts. Connect them by taking the following steps:
- Create contract instances for your smart contracts.
- Update them with the corresponding “const contractABI” and “const contractAddress” variables.
- Modify the file to reflect the contract instance with the corresponding function.
- You need to repeat this process for all the functions in your app.
Consult the “reference article 2” for more guidance.
Key considerations while using blockchain technology to secure medical data
Keep the following considerations in mind when developing a blockchain-based solution to secure medical information like EMR:
1. You need to keep abreast with the relevant research and developments
Plenty of research and development takes place on how to use blockchain for securing healthcare data. Securing personal health records is emerging as one of the key blockchain use cases along with supply chain assurance, cross-border payments, etc.
Check out the following examples:
- A team of researchers consisting of Jin Sun, Lili Ren, Shangping Wang, and Xiaomin Yao described a blockchain-based framework for sharing EMRs. The DOI Foundation published this open-access and peer-reviewed research paper for all to read.
- IEEE has published a research paper on a blockchain-based EMR for healthcare systems. A team of researchers contributed to this research.
- Another research paper published on IEEE describes MedRec. It’s a blockchain-based system to manage access to personal health data. The researchers have explained how this system can provide big data to researchers. They described how patients and providers will be involved in this data-sharing process. Furthermore, they described how patients will have the choice to release metadata when providing datasets.
- Springer has published an open-access research paper describing the use of Hyperledger Fabric to ensure data security when it comes to patients’ records.
- There’s also another Springer publication that describes how blockchain can secure healthcare records in healthcare systems.
- A research paper by a group of researchers explains how blockchain and IoT (Internet of Things) can improve patient care and public health information technology systems.
2. Think about the best blockchain solution to secure patient privacy
We can clearly see the value blockchain brings to the healthcare sector, e.g.:
- Blockchain can bypass third parties thanks to decentralization.
- Prominent blockchain networks like Bitcoin and Ethereum require users to digitally sign their transactions, which offers robust user authentication.
- Blockchain makes data management easier.
- Healthcare professionals and patients can have confidence in personal data stored on blockchain due to immutability.
- The distributed data storage mechanism of blockchain makes it easier to share data.
- The transaction validation process involves consensus algorithms like POW (Proof of Work). These algorithms keep hackers at bay. All transaction records have timestamps, and they are transparent. Manipulating such an open and decentralized network would be prohibitively expensive.
However, questions exist whether public blockchain networks like Bitcoin and Ethereum can fully comply with privacy requirements of key regulations like GDPR. Ironically, the strengths of blockchain might make compliance with GDPR hard! Consider the following:
- GDPR mandates the confidentiality of sensitive information. However, Bitcoin and Ethereum are open to everyone.
- You need to be able to delete data from the system to comply with the “right to erasure” mandated by GDPR. However, you can’t delete data on a blockchain.
- GDPR mandates a “right to rectification”, which requires modification of data. Blockchain doesn’t allow that.
You need to choose the right kind of blockchain. Analyze thoroughly how to meet key privacy requirements.
3. Plan to address the complexities of a blockchain project
Blockchain projects can be complex due to the following reasons:
- You need to work hard to ensure interoperability between different blockchain networks.
- Blockchain application development can be hard. A growing ecosystem of development tools will make it easier in the future, however, this will take a while.
- You might find it hard to hire skilled and experienced blockchain developers.
- Public blockchain networks like Bitcoin and Ethereum face scalability issues.
Plan the project well. Start the hiring process early. Proactively look for scalability solutions like sidechain, off-chain transactions, etc.
Planning for an app to secure electronic medical records with blockchain?
As we have shown, securing EMRs with blockchain and facilitating seamless access to authorized stakeholders requires both enterprise and public blockchains. Such projects tend to be complex. Blockchain development skills are niche, and you need a really competent project manager with blockchain experience to manage such projects.
Consider getting help from a development partner. Read our guide “How to find the best software development company?” before you engage one.
If you find yourself without the expertise in your organization that you need to create your application then why not briefly descibe your project specifications to us at DevTeam.Space. A dedicated account manager will get in touch to answer any questions you might have and to show you how we can help.
Frequently Asked Questions
Blockchain data is secured by cryptography. All the data on a blockchain requires a unique keycode to access it.
A solution that is likely to change the game when it comes to EMRs is blockchain. It will allow decentralized storage of medical records so that they can be accessed anywhere and at any time. Records will be encrypted and won’t be under the control of any one authority.
EMR is the abbreviation for electronic medical records.