DevTeam.Space Product Development Blog

Explore our in-depth product development tutorials and new technology announcements published by our software development experts

All articles

How To Build An Electronic Medical Record Secured By Blockchain?

Healthcare is one of the world’s biggest and most important industries. For years, however, medical records have been a thorn in the side of this multi-billion dollar a year industry. This is because, even today, the current crop of electronic medical records simply isn’t up to the job.

The reason for this is simple – security, or at least a lack of it.

Blockchain has finally presented a viable solution, so naturally entrepreneurs are looking for ways how to use blockchain to create secure medical records.

If you are an entrepreneur looking to create the world’s first truly secure medical record then you are likely wondering how to build electronic medical records secured by blockchain. In this article, I will explain exactly how you can do that.

Contents

The global market for healthcare
What are electronic medical records?
Electronic medical records: Unfulfilled potential
Why blockchain matters?
Creating a system for electronic medical records secured by blockchain
Planning for an app to secure electronic medical records with blockchain?

The global market for healthcare

The following statistics will help you to understand the global healthcare market:

  • It’s a really large market. The global healthcare spending will reach $10.059 trillion in 2022, up from $7.724 trillion in 2017. Read “2019 global health care outlook” for more information.
  • Such high spending isn’t quite translating to value for patients. For e.g., Medicare covered only 17.2% Americans in 2017, and it costs over $20,000 on an average for treating heart attacks in US hospitals. Nearly 4% of Americans declare bankruptcy due to their medical expense, while 4 out of 10 Americans are obese. Administrative cost is high. Read “30 staggering healthcare statistics to know in 2019” to get more insights.

 

What are electronic medical records?

“Electronic Medical Records” (EMRs), also called “Electronic Health Records” (EHRs) are electronic equivalents of paper-based medical records. The following key points are worth noting in this regard:

  • EMRs carry key information about a patent including treatment and medical history.
  • Doctors and other healthcare service providers may collect this information.
  • With EMRs, tracking of patient data over a long period becomes possible. Additionally, multiple healthcare providers can access these records.
  • EMRs can eliminate paper-based tracking of a large amount of patient data. You can read “What is EMR?” to learn more.
  • EMRs contain sensitive “Protected Health Information” (PHI), which healthcare service providers need to protect. Healthcare industry is subject to stringent regulations, e.g., “Health Insurance Portability and Accountability Act” (HIPAA) in the US.

 

Electronic medical records: Unfulfilled potential

Experts saw the promises of EMRs early in the new millennium. Way back in 2005, some of them predicted that EMRs could save over $81 billion annually. Read “Can electronic medical record systems transform health care? Potential health benefits, savings, and costs” to know more about these forecasts.

Actual results were less impressive though, due to the following challenges:

  • System compatibility issues delay the adoption of EMRs.
  • User interfaces and workflows of EMR systems aren’t easy enough to work with.
  • EMR data entry takes time.
  • Healthcare providers store EMRs in their central servers, which are easy targets for hackers. Due to the stringent regulations, data breaches pose serious challenges to healthcare providers, and hackers exploit this. Read more about this in “Hackers don’t want your credit card. They want your medical records”.
  • EMR systems are often highly complex, which further impedes their adoption.

I have explained these challenges earlier in “How can blockchain keep medical records secure?”.

Why blockchain matters?

Understanding how blockchain works will help us in identifying its potential vis-à-vis EMRs. Blockchain works as follows:

  • Public blockchains are open peer-to-peer (P2P) networks where every node, i.e., computer on the network has equal authority.
  • Every node also has the complete record of all transactions, therefore, each node is a complete ledger. This is why blockchain is also called “Distributed Ledger Technology” (DLT).
  • Hackers can’t shut the network down by taking over one node since other nodes will continue to maintain the network.
  • Blockchain uses security mechanisms like digital signature, data encryption, cryptographic hash functions, and consensus algorithms to protect records from tampering. I have explained how blockchain works in “How blockchain will revolutionize remote healthcare?”.
  • Later generations of public blockchains like Ethereum introduced smart contracts. These are pieces of code that execute automatically and transfer cryptographic assets based on predetermined conditions. Open-source smart contracts are tamper-proof, and they ensure transparency. Their execution is irreversible, therefore, they can help in contract management.
  • Big businesses need access control, data privacy, scalability, and faster transactions. Enterprise blockchain frameworks like Hyperledger Fabric are bringing blockchain to them, by addressing these requirements.

As you can see, blockchain can address the key challenges of EMR systems with its transparency, security, tamper-proof records, and better contract management.

Creating a system for electronic medical records secured by blockchain

I will now take you through the steps to develop an EMR system secured by blockchain. These steps are as follows:

1. Define your project scope

My recommendation is that you target the following two broad scope areas:

  • Secure EMRs with blockchain;
  • Facilitate authorized access by healthcare providers and patients to these secure EMRs.

Within these broader scope areas, you will obviously need to incorporate common EMR system features like user interface (UI), EMR workflow, etc.

2. Formulate a project approach

Considering the need to protect PHIs from prying eyes, yet facilitating seamless access to authorize stakeholders, I recommend the following approach:

  • Use Hyperledger Fabric with its access control and data privacy to secure EMRs.
  • Implement an Ethereum “Decentralized app” (DApp) to facilitate seamless transactions. DApps are open-source web apps with the following characteristics:
    • The front-end can be coded in any language, however, the backend must consist of smart contracts.
    • DApps have their user communities. These apps require cryptographic tokens, run on decentralized blockchains, and store data on that blockchain.
    • User community must reach consensus before a DApps undergoes changes, and no user can control the majority of tokens. I have explained DApps earlier in “How to convert web app Into a Dapp”.

3. Form a project team

Your project team should have the following roles:

  • Business analysts (BAs);
  • UI designers;
  • Web front-end developers;
  • Hyperledger Fabric developers;
  • Ethereum developers with Solidity skills;
  • Testers;
  • A project manager (PM).

4. Study a similar blockchain EMR project

Studying a blockchain EMR project will help in your development effort. Let’s review Medicalchain, which secures EMRs with the help of blockchain. The following quick facts are relevant here:

  • In addition to securing EMRs using blockchain, Medicalchain allows healthcare providers to access EMRs based on permissions.
  • Patients and healthcare providers like doctors, hospitals, laboratories, etc. can view EMRs. They can record their various transactions concerning EMRs on the blockchain.
  • Medicalchain uses two blockchains. One is built on Hyperledger Fabric, and this one secures EMRs.
  • The other is an Ethereum-based network, which allows seamless access to authorized stakeholders. MedicalChain uses their MedTokens (MTNs) to facilitate transactions on this blockchain.

Read more about Medicalchain in “Medicalchain — the future of healthcare.”. You can view their smart contracts and their APIs in the Medicalchain GitHub repository.

5. Sign-up for a Hyperledger Fabric “Blockchain as a Service”

You will use Hyperledger Fabric, or Fabric as it’s commonly called, to secure EMRs. Fabric has many advantages, e.g.:

  • Fabric allows access control since it’s a permissioned blockchain framework.
  • It enables developers to write “chaincodes”, i.e., smart contracts in Fabric parlance.
  • This framework uses pluggable components like consensus algorithms.
  • Fabric uses channels for confidential information.
  • It offers high scalability.
  • It has hardware security features for digital signatures, which is useful for applications that require higher security.
  • I have explained the advantages of Fabric in “Pros and cons of Hyperledger Fabric for blockchain networks”.

Keep in mind that Fabric is an open-source framework for enterprise blockchain, and you still need to build a blockchain network using it. That can be tricky, since you need to manage the hardware infrastructure, networking, etc. The good news is that you can use “Blockchain as a Service” (BaaS) to expedite this.

BaaS providers manage the infrastructure, networking, etc., therefore, you can focus on development. Here, I recommend that you use “IBM Blockchain Platform”, the BaaS offering from IBM. There are several advantages to it, e.g.:

  • It’s a fully managed solution, with guaranteed uptime and 24×365 support.
  • IBM blockchain platform provides you with the required development tools.
  • All Fabric features like channels, pluggable consensus algorithm, etc. are available to you.
  • This platform uses Kubernetes for orchestration, therefore, deploying your app is easy.

Your UI design team can go ahead with the front-end design and develop just as they would do for any web app development project. The blockchain development team will need to work on the two blockchain apps. Let’s start with the app on Fabric.

6. Use the right “Software Development Kit” (SDK)

Fabric and IBM blockchain platform let you develop your app using Node.js, the popular open-source runtime environment. Many developers know it, therefore, I recommend that you use it in this project. Fabric has a Node.js SDK, offering the following advantages:

  • There is an API solution to communicate with the Fabric blockchain network.
  • The SDK enables user registration, user revocation, monitoring events, chaincode installation, transaction submission, network configuration, channel creation, etc.
  • There is excellent documentation for the SDK.
  • Programmers can access comprehensive tutorials, such as this tutorial for network configuration.

7. Develop the app to secure EMRs on Fabric

Now that you have studied the Medicalchain project, you can proceed with creating the app to secure EMRs on Fabric, using ideas from that project. This involves the following steps:

  • Deploy IBM blockchain platform following instructions in “Getting started with IBM blockchain platform”.
  • Use cURL to download Fabric sample code, using this guide.
  • You need to install Node.js runtime environment and NPM. Your team can find the required instructions here.
  • Fabric provides a rich repository of sample projects, and here’s the instruction to download them.
  • You can find projects that are most relevant to you, and get those chaincodes by following these instructions.
  • You can now develop the app using the Node.js SDK.
  • Adding network API endpoints to the app is the subsequent step.
  • Enroll your app, which generates a client-side certificate. Use that to register your app.

Read “Developing applications with the Fabric SDKs” to get more guidance.

You have just developed the app to secure EMRs on Fabric, and now it’s time to start the Ethereum DApp development.

8. Create an Ethereum account, and buy Ether

You will need Ether, the native cryptocurrency of Ethereum to deploy the DApp. This involves the following steps:

  • Create an Ethereum account: For this, use eth-lightwallet, an easy-to-use Ethereum wallet. Create your public and private keys, and secure the private key.
  • Buy Ether: Buy Ether from Coinbase, a popular crypto exchange.

9. Install Ethereum development tools

The next step is to install the following Ethereum development tools:

  • testrpc: It’s an Ethereum client, and you can install it following these instructions.
  • js: This Ethereum JavaScript API makes it easier to communicate with the Ethereum network. You can find its installation instructions here.
  • Truffle: Truffle helps in organizing smart contracts in folders, testing them, and deploying them. The instructions to install Truffle are here.
  • MetaMask: MetaMask offers browser extensions for Chrome and Firefox, and you can use it to communicate with the Ethereum network without running a full Ethereum node. Install it from its website, create a password, and secure the 12-word private seed.

10. Configure the Ethereum development tools

You need to complete the following configuration actions:

  • Open testrpc and start an instance.
  • Configure the “aconfig.js” so that you can use Webs.js.
  • Modify your “config.js” file with the private and public keys from your eth-lightwallet account. You can get instructions for these configuration actions in “Getting started as an Ethereum web developer”.
  • You will need to test Ethereum smart contracts, by using Ropsten, an Ethereum test network. You need to connect MetaMask to Ropsten. MetaMask points to Ethereum mainnet by default, therefore, you need to point it to Ropsten instead. Read “Ultimate guide to convert a web app to a decentralized app Dapp” for detailed guidance.

11. Code Ethereum smart contracts

Now that you have studied Medicanchain, you can take some ideas from there. Code smart contracts as follows:

  • Use Solidity, the popular Ethereum smart contract development language.
  • Code smart contracts in Remix, an “Integrated Development Environment” (IDE) for smart contract development.

12. Test and deploy smart contracts

Test and deploy smart contracts as follows:

  • Get dummy Ether from MetaMask Ether Faucet.
  • Ensure that the MetaMask connection to Ropsten is still open.
  • From your Remix screen, click the small “+” sign at the top left, to deploy the smart contract to Ropsten. Confirm this action in MetaMask.
  • Test smart contracts.
  • Ensure that the testrpc instance is still active.
  • Navigate to your Truffle directory, and use the “truffle deploy” command to deploy the smart contract. Use the real Ether to pay the “gas price”.

Read “Blockchain software development using the Ethereum network” for more guidance.

13. Create crypto tokens for your DApp

You need to code, test, and deploy more smart contracts for creating a crypto token for the DApp. This involves the following steps:

This completes the Ethereum DApp development. Integrate it with the Fabric app, by using the Fabric app API endpoints.

Planning for an app to secure electronic medical records with blockchain?

As you have seen, securing EMRs with blockchain and facilitating seamless access to authorized stakeholders require both enterprise and public blockchains. Such projects tend to be complex. Blockchain development skills are niche, and you need a really competent project manager to manage such projects. Consider getting help from a development partner. Read our guide “How to find the best software development company?” before you engage one.