MedChain: Accountable and Auditable Data Sharing in Distributed Medical Scenarios
Juan Ramón Troncoso-Pastoriza,
Jean Louis Raisaro,
Linus Gasser,
Bryan Ford,
and Jean-Pierre Hubaux
AMIA Informatics Summit,
March 25—28, 2019.
Abstract:
The current trend towards personalized medicine creates an urgent need to share
data among different hospitals and health institutions, which endangers the
privacy of the data subjects if not done with the appropriate precautions.
Conversely, the frequency of data breaches in the healthcare industry has been
rising since 2010, severely holding back health institutions from
exposing and sharing their data for the fear of being the next target of
cyberattacks. In this landscape, the ability to provide strong auditability,
accountability and traceability of the system events plays a role as important
as data confidentiality for the purpose of enabling secure and
privacy-conscious data sharing, breach detection and fast recovery. National
and international regulations (e.g., HIPAA in the United States and the
GDPR in Europe) impose strong requirements both in terms of
confidentiality, i.e., prevention of undue data leakages and restriction of
data access, and accountability, i.e., recording of all data accesses and
exchanges carried out by any entity with the purpose of identifying misbehaving
individuals. This is especially relevant for medical and genomic data, whose
(un)intended leakage can severely harm individuals’ privacy and institutions’
reputation. Current operational systems for medical data sharing are lacking in
terms of privacy protection and/or transparency guarantees that can address
these challenges, and they provide a weak federated or centralized model of
identity and access control that can endanger the whole network if only one of
the sites is breached.
In this talk, we propose MedChain, a novel system featuring distributed,
flexible and fully decentralized identity management and access control
mechanisms based on distributed ledger technologies, that enable (a) full
traceability, auditability and accountability of all system events through
immutable logs with no single point of failure, particularly dealing with the
access to and usage of medical and genomic data, and (b) fine-grained
configurable and privacy-conscious access control enforced through smart
contracts (protocols to digitally enforce and verify the execution of a set of
agreed actions). We exemplify the use of the system through an application to
distributed feasibility studies, by integrating it in the currently most
widespread cohort explorer tools (i2b2 and SHRINE).
Short paper:
PDF