Technical Design and Development of A Self-Sovereign Identity Management Platform for Patient-Centric Health Care Using Blockchain Technology.

Abstract

Objective: Clinical data in the United States are highly fragmented, stored in numerous different databases, and are defined by service providers or clinical specialties rather than by individuals or their families. As a result, linking or aggregating a complete record for a patient is a major technological, legal, and operational challenge. One of the factors that has made clinical data integration so difficult to achieve is the lack of a universal ID for everyone. This leads to other related problems of having to prove identity at each interaction with the health system and repeatedly providing basic information on demographics, insurance, payment, and medical conditions. Traditional solutions that require complex governance, expensive technology, and risks to privacy and security of the data have failed adequately to solve this interoperability problem. We describe the technical design decisions of a patient-centric decentralized health identity management system using the blockchain technology, called MediLinker, to address some of these challenges.

Design: Our multidisciplinary research group developed and implemented an identity wallet, which uses the blockchain technology to manage verifiable credentials issued by healthcare clinics, banks, and insurance companies. To manage patient's self-sovereign identity, we leveraged the Hyperledger Indy blockchain framework to store patient's decentralized identifiers (DIDs) and the schemas or format for each credential type. In contrast, the credentials containing patient data are stored 'off-ledger' in each person's wallet and accessible via a computer or smartphone. We used Hyperledger Aries as a middleware layer (API: Application Programming Interface) to connect Hyperledger Indy with the front-end, which was developed using a JavaScript framework, ReactJS (Web Application) and React Native (iOS Application).

Results: MediLinker allows users to store their personal data on digital wallets, which they control. It uses a decentralized trusted identity using Hyperledger Indy and Hyperledger Aries. Patients use MediLinker to register and share their information securely and in a trusted system with healthcare and other service providers. Each MediLinker wallet can have six credential types: health ID with patient demographics, insurance, medication list including COVID-19 vaccination status, credit card, medical power of attorney (MPOA) for guardians of pediatric or geriatric patients, and research consent. The system allows for in-person and remote granting and revoking of such permissions for care, research, or other purposes without repeatedly requiring physical identity documents or enrollment information.

Conclusion: We successfully developed and tested a blockchain-based technical architecture, described in this article, as an identity management system that may be operationalized and scaled for future implementation to improve patient experience and control over their personal information.