Self-sovereign management scheme of personal health record with personal data store and decentralized identifier
Conventional personal health record (PHR) management systems are centralized, making them vulnerable to privacy breaches and single points of failure. Despite progress in standardizing healthcare data with the FHIR format, hospitals often lack efficient platforms for transferring PHRs, leading to re...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Elsevier
2025-01-01
|
| Series: | Computational and Structural Biotechnology Journal |
| Subjects: | |
| Online Access: | http://www.sciencedirect.com/science/article/pii/S2001037024004082 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1841560533316141056 |
|---|---|
| author | Tong Min Kim Taehoon Ko Byoung Woo Hwang Hyung Goo Paek Wan Yeon Lee |
| author_facet | Tong Min Kim Taehoon Ko Byoung Woo Hwang Hyung Goo Paek Wan Yeon Lee |
| author_sort | Tong Min Kim |
| collection | DOAJ |
| description | Conventional personal health record (PHR) management systems are centralized, making them vulnerable to privacy breaches and single points of failure. Despite progress in standardizing healthcare data with the FHIR format, hospitals often lack efficient platforms for transferring PHRs, leading to redundant tests and delayed treatments. To address these challenges, we propose a decentralized PHR management system leveraging Personal Data Stores (PDS) and Decentralized Identifiers (DIDs) in line with the Web 3.0 model. Our system features secure interoperability and personal identification masking. Interoperability is achieved through DID digital certificates for verifying PDS addresses and a dynamic access key (AK) system to minimize credential exposure. Data de-identification, including anonymization and encryption, ensures privacy and prevents unauthorized access. We developed a prototype using the Solid open-source library and Hyperledger Aries protocol. Testing showed efficient performance, with DID validations and AK generation under one second, and data operations for 500 MB-sized PHRs completing in two seconds. De-identification processes were both effective and timely. The system demonstrated the ability to manage PHRs securely, empower users with control over their healthcare data, facilitate seamless and secure data transfer between patients and medical entities, and prevent exposure of sensitive information. This approach advances decentralized PHR management, supporting improved healthcare outcomes and patient experiences in the digital era. |
| format | Article |
| id | doaj-art-0d2cf623e5d745bebad12f5e1ee1d321 |
| institution | Kabale University |
| issn | 2001-0370 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | Elsevier |
| record_format | Article |
| series | Computational and Structural Biotechnology Journal |
| spelling | doaj-art-0d2cf623e5d745bebad12f5e1ee1d3212025-01-04T04:56:14ZengElsevierComputational and Structural Biotechnology Journal2001-03702025-01-01281628Self-sovereign management scheme of personal health record with personal data store and decentralized identifierTong Min Kim0Taehoon Ko1Byoung Woo Hwang2Hyung Goo Paek3Wan Yeon Lee4Department of Medical Informatics, College of Medicine, The Catholic University of Korea, Seoul, Republic of KoreaDepartment of Medical Informatics, College of Medicine, The Catholic University of Korea, Seoul, Republic of Korea; Department of Medical Sciences, College of Medicine, The Catholic University of Korea, Seoul, Republic of Korea; CMC Institute for Basic Medical Science, The Catholic Medical Center of the Catholic University of Korea, 222 Banpo-daero, Seocho-gu, Seoul, Republic of Korea; Correspondence to: Catholic University of Korea Seoul Saint Mary’s Hospital, 222, Banpo-daero, Seocho-gu, Seoul 06591, Republic of Korea.Intellicode Cooperation, Republic of KoreaIntellicode Cooperation, Republic of KoreaIntellicode Cooperation, Republic of Korea; Department. of Computer Science, Dongduk Women’s University, Republic of KoreaConventional personal health record (PHR) management systems are centralized, making them vulnerable to privacy breaches and single points of failure. Despite progress in standardizing healthcare data with the FHIR format, hospitals often lack efficient platforms for transferring PHRs, leading to redundant tests and delayed treatments. To address these challenges, we propose a decentralized PHR management system leveraging Personal Data Stores (PDS) and Decentralized Identifiers (DIDs) in line with the Web 3.0 model. Our system features secure interoperability and personal identification masking. Interoperability is achieved through DID digital certificates for verifying PDS addresses and a dynamic access key (AK) system to minimize credential exposure. Data de-identification, including anonymization and encryption, ensures privacy and prevents unauthorized access. We developed a prototype using the Solid open-source library and Hyperledger Aries protocol. Testing showed efficient performance, with DID validations and AK generation under one second, and data operations for 500 MB-sized PHRs completing in two seconds. De-identification processes were both effective and timely. The system demonstrated the ability to manage PHRs securely, empower users with control over their healthcare data, facilitate seamless and secure data transfer between patients and medical entities, and prevent exposure of sensitive information. This approach advances decentralized PHR management, supporting improved healthcare outcomes and patient experiences in the digital era.http://www.sciencedirect.com/science/article/pii/S2001037024004082Personal data storeDecentralized identifierPersonal health recordSecurityPrivacy |
| spellingShingle | Tong Min Kim Taehoon Ko Byoung Woo Hwang Hyung Goo Paek Wan Yeon Lee Self-sovereign management scheme of personal health record with personal data store and decentralized identifier Computational and Structural Biotechnology Journal Personal data store Decentralized identifier Personal health record Security Privacy |
| title | Self-sovereign management scheme of personal health record with personal data store and decentralized identifier |
| title_full | Self-sovereign management scheme of personal health record with personal data store and decentralized identifier |
| title_fullStr | Self-sovereign management scheme of personal health record with personal data store and decentralized identifier |
| title_full_unstemmed | Self-sovereign management scheme of personal health record with personal data store and decentralized identifier |
| title_short | Self-sovereign management scheme of personal health record with personal data store and decentralized identifier |
| title_sort | self sovereign management scheme of personal health record with personal data store and decentralized identifier |
| topic | Personal data store Decentralized identifier Personal health record Security Privacy |
| url | http://www.sciencedirect.com/science/article/pii/S2001037024004082 |
| work_keys_str_mv | AT tongminkim selfsovereignmanagementschemeofpersonalhealthrecordwithpersonaldatastoreanddecentralizedidentifier AT taehoonko selfsovereignmanagementschemeofpersonalhealthrecordwithpersonaldatastoreanddecentralizedidentifier AT byoungwoohwang selfsovereignmanagementschemeofpersonalhealthrecordwithpersonaldatastoreanddecentralizedidentifier AT hyunggoopaek selfsovereignmanagementschemeofpersonalhealthrecordwithpersonaldatastoreanddecentralizedidentifier AT wanyeonlee selfsovereignmanagementschemeofpersonalhealthrecordwithpersonaldatastoreanddecentralizedidentifier |