Balaiah Miska

Tata Communications Transformation Services Limited, Pune, India.
email: balaiah.miska@tatacommunications.com, balaiahmiska@gmail.com

Abstract:

Successfully handling electronic health records (EHR) is a main challenge in contemporary healthcare, constricted by escalating cyber-attacks, constrained data exchange and patient - centred data management. Conventional centralized systems can be disrupted with data breaches, theft of information, and have single points of failure, which are not scalable for healthcare systems. In this paper, we propose the Dual-Layer Blockchain Architecture (DLBA) that combines a public blockchain (to record transparent access loggings) and private blockchain (to store sensitive metadata), which achieves both security and scalability. We propose a new secure homomorphic encryption hash mapping algorithm (HHMA) to support search and retrieval of the medical records while keeping the sensitive data hidden. Medical records are saved in the InterPlanetary File System(IPFS) so that the storage does not rely on any single key, it is distributed and the records will be unable to be tampered with and the access policy and the watching history are all immutable maintained by the blockchain the layers. The proposed framework ensures patient-controlled data sharing, efficient retrieval, and privacy preservation, making it a viable solution for interoperable and trustworthy medical record management. Experimental validation demonstrates reduced retrieval latency, enhanced query privacy, and improved scalability compared to conventional blockchain-only EHR systems.

Keywords:

Decentralized Healthcare Systems, Dual-Layer Blockchain, Electronic Health Records (EHR), Homomorphic Hash Mapping Algorithm (HHMA), IPFS, Privacy-Preserving Retrieval, Public–Private Blockchain, Secure Homomorphic Indexing,

1. INTRODUCTION

The digitization of healthcare has led to the widespread adoption of Electronic Health Records (EHRs) for improved diagnosis, treatment planning, and patient management. However, the current EHR infrastructure is often centralized, exposing critical vulnerabilities such as data breaches, unauthorized access, and dependence on a single point of trust. Reports indicate a significant rise in healthcare-related cyberattacks, with sensitive medical data fetching high value in illicit markets. Beyond security concerns, the interoperability of EHRs across hospitals, regions, and countries remains a persistent challenge, often leading to delays in care and incomplete medical histories.
Blockchain technology promises decentralized and tamper- resistant record keeping to the challenge. However, single-layer blockchain cannot avoid some bottlenecks, including poor scalability, high access cost and inefficient query. In addition, data exposure in partial or full may be needed if we use the traditional blockchain’s indexing approaches, which compromises the privacy assurance. Such limitations highlight the urgency for a secure, scalable, and privacy-preserving model of medical record storage and access.
In this paper, we propose a Dual-Layer Blockchain Architecture that provides for the transparency of a public blockchain for audit trails, while encapsulating the confidentiality of a private blockchain for sensitive metadata. This mixed-level design not only promotes scalability by shifting massive data storage to IPFS but also allows invariability and provable access records on chain. A new Secure Homomorphic Hash Mapping Algorithm (HHMA), which can provide encrypted search and secure retrieval operation over the network with no sensitive content exposure to protect patient privacy in the query request.

1.1 Contributions of the Paper
Contributions of this work can be concluded as follows:

  • Novel Blockchain Architecture – Design of an hybrid private–public blockchain approach to decentralized EHR management and privacy, between transparency and confidentiality.
  • Secure Homomorphic Indexing – Introducing HHMA (Homomorphic Hash Mapping Algorithm) for search and retrieval without decrypting the data.
  • Integration with IPFS – Leveraging decentralized file storage to achieve tamper-resistant and scalable medical record management while reducing blockchain storage overhead.
  • Patient-Centric Access Control – Implementation of smart contracts for role-based, patient-controlled permissions with immutable logging of all data access events.
  • Performance Evaluation – Comprehensive experimental validation demonstrating reduced query latency, improved privacy guarantees, and higher scalability compared to single-layer blockchain systems.

2. RELATED WORKS

The model propose a decentralized system for managing patient health records using blockchain technology. The study focuses on using Ethereum smart contracts to control access permissions and ensure that only authorized doctors, patients, or administrators can view or modify health records [1]. The authors argue that while blockchain offers strong immutability and transparency, integrating it with large medical files poses storage challenges, which they address using IPFS (InterPlanetary File System) for off-chain data storage [2].
The system stores patient metadata and access control rules on-chain, and the encrypted files in IPFS and the (hash) references are included in the blockchain [3]. The system was piloted on a simulated healthcare network across multiple hospitals and clinics and results indicate secure access management and strong patient control in the sharing of sensitive health information. The authors [4] conclude that whilst the secure blockchain-based EHR system may provide enhanced data integrity and privacy relative to centralized health systems, it is likely to encounter scalability, gas costs, and user adoption issues, especially with non-technical medical staff. Even so, the paper presents a solid basis for further study of decentralized health-care networks [5].
The model developed a decentralized EHR system that utilizes blockchain along with attribute-based encryption [6]. They enable that only legitimate users possessing appropriate attribute keys can read the patient records that are stored on a distributed file system. The authors test performance of the system at diversified network loads and prove that the data security and fine-grained access control were achievable to the data. Nonetheless, they admit to Key-management complexity and heavy computational requirements under scaling for large hospitals networks [7].
The experiment results demonstrate that the system is feasible to support fine-grained attribute based EHR access control under high confidentiality [8]. The system was validated through performance testing with various loads, and the system had been proved to provide data security and integrity [9]. Nevertheless, issues on key management complexity and high computational cost were highlighted as limiting factors toward the deployment of the system in larger hospital complexes. The clinical and theoretical feasibility was shown in the studies [10][11].
A Blockchain-Based Platform for Healthcare Information Exchange proposed a system that leverages smart contracts for permission control and involves on-chain verification and off-chain storage for low-cost operations [12]. They claim higher throughput than Ethereum and Bitcoin systems but concede that more real-world testing under high-traffic or crisis-stricken conditions is necessary. The paper [13] provides a substantial contribution to the scalable design of blockchain-assisted health data sharing networks.
Tests revealed that Blochie’s dual Chain architecture managed to offer a higher system throughput, which is better than other single chain Blockchain solutions such as Ethereum, Bitcoin etc. [14]. This platform successfully executed exchange of electronic medical record and personal health data with close control of permission. The authors, however, advised further field testing in the stress of real-world situations, such as during health care crises or when the system is used at maximum capacity. The results confirmed scalability potential of Blockchain.
Patient information is saved off-chain by the system with the blockchain being employed for managing the access control list and data consistency. The authors evaluated the prototype in partnership with hospitals and indicate enhancements in trust and auditability in data sharing [15]. However, the paper raises some unresolved considerations, particularly in terms of the scalability of the system, the performance in heavy loaded conditions and the system integration with current clinical methodologies.
The proof-of-concept based on Hyperledger Fabric enabled the secure exchange of oncology patient records among hospitals, enhancing data integrity and audibility. Engagement with providers validated increased trust of the workflows for sharing data. However, their results demonstrated system bottlenecks under high system loading and scalability/integration with real clinical environments were of concern. Its success also underscored blockchain’s worth for sensitive data sharing.
Attention is placed on controlling privacy risk, and Blockchain is employed to record patient consent information with private health data remaining off-chain. The authors simulated their design, which demonstrated that blockchain technology can be used as a technology for the exchange of healthcare data using the method proposed, while providing better privacy with less operational cost. But realization of real-time sharing of the data and scaling up the system to the national or international level are outstanding issues, the paper says.
The proposed framework achieved secure patient data sharing through blockchain while minimizing privacy risks by keeping sensitive data off-chain. Simulation tests showed reduced operational costs and stronger privacy controls. However, the results indicated challenges with achieving real-time data exchange, especially at national or international scale. The study highlighted the need for better system integration and performance tuning.