Home - Topics - Papers - Blog - CV - Photos - Funny

MedChain: Accountable and Auditable Data Sharing in Distributed Medical Scenarios

Juan Ramón Troncoso-Pastoriza, Jean Louis Raisaro, Linus Gasser, Bryan Ford, and Jean-Pierre Hubaux

AMIA Informatics Summit,
March 25—28, 2019.


The current trend towards personalized medicine creates an urgent need to share data among different hospitals and health institutions, which endangers the privacy of the data subjects if not done with the appropriate precautions. Conversely, the frequency of data breaches in the healthcare industry has been rising since 2010, severely holding back health institutions from exposing and sharing their data for the fear of being the next target of cyberattacks. In this landscape, the ability to provide strong auditability, accountability and traceability of the system events plays a role as important as data confidentiality for the purpose of enabling secure and privacy-conscious data sharing, breach detection and fast recovery. National and international regulations (e.g., HIPAA in the United States and the GDPR in Europe) impose strong requirements both in terms of confidentiality, i.e., prevention of undue data leakages and restriction of data access, and accountability, i.e., recording of all data accesses and exchanges carried out by any entity with the purpose of identifying misbehaving individuals. This is especially relevant for medical and genomic data, whose (un)intended leakage can severely harm individuals’ privacy and institutions’ reputation. Current operational systems for medical data sharing are lacking in terms of privacy protection and/or transparency guarantees that can address these challenges, and they provide a weak federated or centralized model of identity and access control that can endanger the whole network if only one of the sites is breached.

In this talk, we propose MedChain, a novel system featuring distributed, flexible and fully decentralized identity management and access control mechanisms based on distributed ledger technologies, that enable (a) full traceability, auditability and accountability of all system events through immutable logs with no single point of failure, particularly dealing with the access to and usage of medical and genomic data, and (b) fine-grained configurable and privacy-conscious access control enforced through smart contracts (protocols to digitally enforce and verify the execution of a set of agreed actions). We exemplify the use of the system through an application to distributed feasibility studies, by integrating it in the currently most widespread cohort explorer tools (i2b2 and SHRINE).

Short paper: PDF

Topics: Privacy Cryptography Security Bryan Ford