In MHMD, Data Controllers and Data Consumers are connected through a private blockchain network, which is responsible for keeping the tracking of the data life cycle and orchestrating the secure data sharing process.
What kind of blockchain is adopted in MHMD?
The Consortium adopted Hyperledger Fabric, which offers a permissioned blockchain ensuring high transaction rates, low network latency and low energy demands while providing a flexible, modular and secure architecture with a pluggable consensus mechanism. In Hyperledger Fabric, a predefined list of entities is not only known, but their identities and roles are registered and verified.
The MHMD smart contract includes a number of functions for data access, privacy preservation, consent enforcement and regulatory compliance.
What is the blockchain used for?
MHMD leverages the blockchain technology to appropriately manage the whole data-sharing pipeline:
- as an orchestration layer in charge for managing and authorising data exchange and access (a sort of “streetlight” for data), regulating data access on the basis of user-defined permission/consent settings through a dedicated smart contract.
- as a novel way of collecting and operationalising the patient’s consent, automating its enforcement and guaranteeing its respect at each step of data mobilisation and usage.
- to provide full traceability and auditability of data access and exchange, also facilitating GDPR compliance, particularly in regard to the right to erasure/correction, through an automated notification system.
- for automating data pre-processing (data “sanitisation”) or triggering and orchestrating specific computation processes such as secure multi-party computation (SMPC), allowing researchers to “ask questions” to the MHMD network, receiving directly the results of a computation, rather than the data.
How does the MHMD blockchain achieve compliance with the GDPR?
- Each member of the MHMD network is a blockchain node that interacts with Data Controller/Data Consumer’s servers through a blockchain driver that triggers transactions and listen to the blockchain events.
- Private data is always stored in the Data Controller’s facility and never on the blockchain.
- Each action on a data item (injected or requested) is recorded into the blockchain by using a hash value of the data item: this value is mapped by using an off-chain mapping database inside the Data Controller’s facility, that link the hash value to the data item.
- Each data item is indexed and then referenced in the blockchain by storing the hash value of the indexed data item: in this way, the blockchain maintains the record of the available data and its associated history without the need to record the private data.
- For matching studies and data items, a bitmap model is used: the bitmap is stored in the mapping database off-chain. This allows removing the link between the data item used in a study and the value stored in the blockchain by modifying the bitmap directly in the mapping database. With this method, we reach the right to be forgotten enforced by the GDPR.
To know more:
- Koscina, M., Manset, D., Negri, C., & Perez, O. (2019, October). Enabling trust in healthcare data exchange with a federated blockchain-based architecture. In IEEE/WIC/ACM International Conference on Web Intelligence-Companion Volume (pp. 231-237). ACM.
- Bayle, A., Koscina, M., Manset, D., & Perez-Kempner, O. (2018, December). When Blockchain Meets the Right to Be Forgotten: Technology versus Law in the Healthcare Industry. In 2018 IEEE/WIC/ACM International Conference on Web Intelligence (WI) (pp. 788-792). IEEE.