Transparent audit trail in healthcare applications via blockchain
Problem to solve: Traceability of records, instructions and communications between hospital staff (within a scope of hospital, chain or government/country).
Problem description: In healthcare applications, both conventional “offline” hospital operations and via telemedicine apps, the significance of record making and traceability cannot be overestimated as human health and human lives are being dealt with. It is important to have full transparency and accountability for any internal review as to what decision has been made, what has been instructed or communicate, what data has changed hands etc. This may be useful for certification purposes, for internal or external audit, for insurance claim investigation etc.
- A network of Ethereum powered blockchain nodes deployed and managed via Dappros Platform are rolled out in a healthcare institution(s) IT infrastructure (or Dappros Cloud) and (optionally) additional validation nodes are placed with (provided access to) government or private auditors
- All traceable business processes and events along with their checksum hashes get synced onto blockchain using Dappros Platform API. Such processes and events may include records (records/patient entries created, modified or deleted), all events such as access granted, revoked to ePHI (electronic Protected Health Information) data falling under HIPAA compliance requirements, all internal communications under HL7/FHIR or other standards etc
- Blockchain access gateways – we connect Dappros Platform powered gateways for each communication channel that basically convert records, event and communications into traceable cryptographic hashes and sync them into blockchain. Examples of such gateways are our REST JSON API and e-mail gateways.
- Cryptographic hash is a one-sided hash function of each record, event or communication item. It gets synchronized onto private blockchain as described above. It does not contain the message itself and it is impossible to restore message from the cryptographic hash (unless this is a desired functionality in which case we can implement two-way mapping – read more about this in our Decentralized healthcare data storage using IPFS and Ethereum blockchain article). Cryptographic hash once stored on blockchain allows to confirm what event or data operation has taken place and when (exact timestamp).
- Thanks to immutability of blockchain, there is no way to forge, backdate or otherwise tamper with the date or hashed record of the event. This always ensures a transparent audit trail for all such blockchain powered events.