HealthDID: An efficient and authorizable multi-party privacy-preserving EMR sharing system based on DID

Electronic medical record (EMR) sharing is widely acknowledged as a crucial approach for enhancing healthcare quality. However, existing EMR sharing systems face some privacy issues when implementing authorization and supervision, leading to the widespread formation of medical data islands. To address these issues, we constructed HealthDID, an efficient and authorizable system for multi-party privacy-preserving EMR sharing. Specifically, we first proposed a global identity management method based on Decentralized Identifier (DID) to address the issues of identity unification and authentication in cross-institutional EMR sharing. Then, we proposed a novel authorization method that enabled verification of the authorization proofs without revealing the patients' identities. Moreover, we proposed a supervised signature method to meet the diverse privacy requirements of doctors while allowing the supervisor to recover the true identities of those suspected. Finally, we utilized Private Set Intersection with Payload (PSI-Payload) technology to support large-scale batch retrieval of EMR. Formal security proofs prove that HealthDID can achieve specified security goals. Theoretical analysis and experimental results show that our system is more efficient than other related works, with lower running time and reasonable communication costs.