Patient-Centric Fine-Grained Access Control for Electronic Medical Record Sharing With Security via Dual-Blockchain

Electronic medical record (EMR) sharing allows doctors to access patients' historical EMRs from different hospitals, improving the quality of healthcare services. The cloud-based centralized EMR sharing improves sharing efficiency but has the risk of privacy leakage. Blockchain technology has the potential to address this issue through its decentralized, traceable, and immutable nature. In this study, we propose a privacy-preserving EMR sharing architecture based on dual-blockchain system and design an identity-based tripartite authentication key agreement (TAKA) scheme. Our proposal gives patients fine-grained control over their EMR access. The dual blockchain establishes trust between patients and healthcare institutions, stores EMR digests immutably, and supervises doctors whose identities expire. The TAKA protocol generates a unique session key for each EMR, preventing doctors from accessing irrelevant EMRs. Moreover, our proposal ensures the secure and efficient EMR sharing of comatose patients. Our security analysis confirms that the protocol meets the specified objectives. Furthermore, the performance analysis demonstrates that our protocol has high computational efficiency and low communication overhead.