1. Introduction

As healthcare systems worldwide increasingly adopt digital platforms to manage patient data, Electronic Health Records (EHR) have become essential for advancing healthcare delivery and patient care. However, this digitization introduces significant challenges, particularly in ensuring the security and privacy of sensitive healthcare data. Traditional EHR systems are vulnerable to unauthorized access, data tampering, and privacy breaches, which compromise patient confidentiality and trust in healthcare institutions. These concerns are exacerbated by the rapid growth in data volume, diverse data sources, and the need for seamless data sharing across multiple healthcare providers.

Blockchain technology, known for its decentralized and immutable architecture, has emerged as a promising solution to address these security concerns in EHR systems. Blockchain's fundamental principles i.e distributed ledgers, cryptographic security, and consensus mechanisms align closely with the goals of enhancing data integrity, accessibility, and transparency. These features provide a robust foundation for healthcare applications, where data immutability and secure access controls are critical.

This research explores the potential of blockchain technology to transform EHR data management, aiming to enhance data security and patient privacy while enabling interoperability across healthcare systems. By integrating blockchain with OpenEMR, a widely used open-source EHR system, we develop a prototype that leverages smart contracts to automate and regulate data access. The prototype is designed to log all data interactions immutably, creating a secure and auditable record of every transaction. The primary objectives of this research include assessing blockchain's ability to prevent unauthorized access and data tampering in EHR systems, evaluating its practical implementation, and identifying the limitations of blockchain for healthcare applications. By examining these aspects, this research aims to contribute a viable blockchain-based framework for secure healthcare data management, providing insights into the potential for broader adoption in real-world healthcare settings.

A critical issue in EHR systems is the absence of standardized evaluation methods for assessing their security. This deficiency leaves healthcare institutions susceptible to data breaches and erodes patient confidence in the confidentiality and integrity of their medical information. To address these challenges, this paper focuses on four key goals for healthcare data management: confidentiality, data integrity, accessibility, and transparency. Confidentiality ensures that sensitive patient information is protected from unauthorized access, while data integrity guarantees that the information remains accurate and unaltered. Accessibility ensures that authorized stakeholders can retrieve and share data seamlessly, and transparency provides a clear and auditable record of all data transactions.

In the context of blockchain-based EHR systems, transparency refers to the ability of authorized users to trace and verify all interactions with patient data. Every transaction, such as accessing, modifying, or sharing records, is immutably logged on the blockchain, creating a tamper-proof audit trail. This transparency enhances trust among stakeholders, as they can independently verify the authenticity and history of data interactions. For example, if a patient's record is accessed or modified, the blockchain ledger provides a detailed record of who performed the action, when it was done, and what changes were made. This level of accountability is particularly important in healthcare, where regulatory compliance and patient trust are paramount. Transparency complements the other goals by ensuring that while data remains confidential and accessible only to authorized users, all actions taken on the data are visible and verifiable. This balance between privacy and accountability is a key advantage of blockchain technology in healthcare applications.

The remainder of this paper is structured as follows: a literature review of existing EHR security solutions and blockchain applications in healthcare, followed by a detailed discussion of the system design, implementation, and blockchain setup processes. The paper then presents a comprehensive evaluation of the prototype, concluding with an analysis of findings, limitations, and recommendations for future research on blockchain applications in healthcare.

2. Background Study

The literature study aims to provide a thorough review of existing research on the application of blockchain technology in healthcare, with a focus on enhancing data security in Electronic Health Records (EHR). This section summarizes key findings from systematic literature reviews, discusses the current challenges in healthcare data management, highlights the potential benefits of blockchain, and identifies areas for future research.

2.1 Blockchain Technology Overview

Blockchain technology, originally introduced to support Bitcoin, has been identified as a foundational technology for multiple decentralized applications, including those in the healthcare sector (Yaqoob et al., 2021; Engelhardt, 2017). Its characteristics, such as immutability, transparency, and decentralization, offer significant advantages for managing sensitive healthcare data. These are summarised in the following section.

2.2 Benefits of Blockchain in Healthcare

Blockchain technology offers multifaceted benefits for healthcare data management, enhancing efficiency through seamless data handling and sharing while ensuring robust security, data integrity, and protection against unauthorized access (Yaqoob et al., 2021; Agbo, Mahmoud & Eklund, 2019). Yaqoob et al. (2021) provide a comprehensive overview of blockchain applications in healthcare, emphasizing its potential to improve data privacy, secure medical records, and streamline supply chain management. Their work highlights blockchain's key advantages: immutability, transparency, and decentralized control which align with our research goals. However, while Yaqoob et al. focus on theoretical frameworks, our work extends their findings by developing and testing a practical blockchain-based prototype integrated with OpenEMR. Additionally, we address the gap in interoperability by designing an Interoperability Layer for secure data exchange between blockchain-based EHR systems and external platforms.

Beyond Yaqoob et al., studies by Tandon et al. (2020) and Quaini et al. (2018) explore blockchain's potential in healthcare but often focus on specific use cases like supply chain management or clinical trials. In contrast, our research bridges this gap by proposing a modular, blockchain-based EHR system that unifies data security, privacy, and interoperability into a comprehensive framework.

2.3 Current Limitations

Despite its advantages, blockchain implementation in healthcare faces several limitations. Scalability challenges hinder its ability to manage large volumes of healthcare data, particularly in public blockchain models, which suffer from slow transaction processing (Kumi, 2023; Benchoufi & Ravaud, 2017). Additionally, the high costs of implementation and maintenance pose barriers, especially for smaller healthcare providers (Yaqoob et al., 2021). Regulatory and compliance requirements further complicate adoption, as strict privacy protections must align with blockchain's transparent ledger (Yaqoob et al., 2021; Kuo, Kim & Ohno-Machado, 2017).

Scalability and performance issues also impact blockchain adoption in healthcare. As medical data volumes grow, blockchain networks face increased latency and computational costs (Zhang et al., 2020). Public blockchains struggle with transaction throughput, while private blockchains demand significant infrastructure investments (Kasyapa & Vanmathi, 2024). These limitations hinder real-time data access and interoperability, complicating integration with existing healthcare systems (Ali et ak, 2023).

2.4 Case Studies and Practical Implementations

Blockchain has practical applications in healthcare, such as supporting loT-enabled remote patient monitoring systems by enabling secure, real-time data sharing for timely interventions (Yaqoob et al., 2021; Peterson et al., 2016). It also enhances medical data interoperability, enabling seamless data exchange across healthcare systems, reducing administrative burdens, and improving care continuity (Yaqoob et al., 2021; Kuo, Kim & OhnoMachado, 2017). Additionally, blockchain's immutable ledger aids fraud prevention and legal compliance by providing tamper-resistant transaction records for audits, ensuring accountability (Yaqoob et al., 2021; Engelhardt, 2017).

Ahmad et al. (2021) utilized blockchain for integrity verification and transparency in financial transactions, supply chains, and regulatory compliance. Similarly, Chukwu and Garg (2020) analysed blockchain frameworks and prototypes in healthcare, including EHRs, drug supply chains, and clinical trials, highlighting its transformative potential and adoption challenges. These case studies demonstrate blockchain's viability as a foundational technology for secure, efficient, and decentralized healthcare systems.

2.5 Future Research Directions

To fully harness the potential of blockchain in healthcare, future research is directed towards overcoming these limitations. Improving blockchain architecture to enhance scalability and performance remains a primary area of exploration (Yaqoob et al., 2021; Engelhardt, 2017). Researchers are also investigating ways to integrate blockchain with other emerging technologies, such as the Internet of Things (loT) and Artificial Intelligence (Al), to create more robust and adaptable healthcare solutions. Such integrations could enable real-time monitoring and predictive analysis while maintaining secure and decentralized data management (Yaqoob et al., 2021; Benchoufi & Ravaud, 2017). Finally, advancements in privacy-preserving mechanisms, such as zero-knowledge proofs and homomorphic encryption, are being studied to improve data privacy within blockchain frameworks, ensuring that sensitive information remains secure while leveraging blockchain's decentralized advantages (Yaqoob et al., 2021).

3. Prototype Design and Implementation

In this section, we detail the design and architecture of the proposed blockchain-based EHR system using Hyperledger Fabric, with the integration of Open-EMR. The design follows a modular approach, ensuring that each component of the system is responsible for specific functionalities. This modularity enhances the system's scalability, maintainability, and security (Cachin, 2016).

3.1 Overview of the System Design

The proposed system is structured into four primary layers: (i)the User Interface (UI) Layer, (ii) Interoperability Layer, (iii) Smart Contract Layer, and (iv) Blockchain Layer. Each layer plays a distinct role in ensuring the security, functionality, and scalability of the blockchain-based EHR system. The system's modular architecture, shown in Figure 1, highlights these layers and their interactions to ensure scalability, maintainability, and security within the blockchain-based EHR system.

The four key layers are described below:

1. User Interface Layer: Enables seamless interaction for healthcare providers and patients, integrating blockchain functionalities into OpenEMR for managing records, appointments, billing, and consent (McGee and Acharya, 2019).

2. Interoperability Layer: Facilitates secure, standardized data exchange with external platforms through data translation, an API gateway, and synchronization.

3. Smart Contract Layer: Automates access control, consent verification, billing, and data integrity enforcement to enhance security and reduce errors.

4. Blockchain Layer: Maintains a decentralized ledger for immutable data storage, consensus management, and secure smart contract execution, ensuring a tamper-proof foundation.

Complementary security measures include:

* Encryption: Data is encrypted at rest and in transit to prevent unauthorized access.

* Access Control: Role-based access control (RBAC) and multi-factor authentication (MFA) restrict access to authorized users.

* Audit Trails: Immutable logging of transactions on the blockchain ensures transparency and accountability.

* Network Security: TLS encryption and secure API gateways protect data exchanges from interception or tampering.

The system achieves three core goals:

* Confidentiality: Medical records are encrypted using AES-256, and access is restricted via RBAC and MFA. Smart contracts validate access requests, ensuring only authorized users can decrypt and view data.

* Accessibility: Authorized users retrieve records efficiently through the OpenEMR interface, which interacts with the blockchain via the Fabric Gateway API. Smart contracts verify credentials and decrypt data in real-time.

* Transparency: All interactions (e.g., access requests, modifications) are immutably logged on the blockchain, creating a tamper-proof audit trail. This fosters trust and supports regulatory compliance by providing a clear record of data interactions.

3.2 Overview of System Implementation

This section explores integrating Hyperledger Fabric with OpenEMR to enhance EHR data security and integrity. Smart contracts enable secure access control and transparent record-keeping, protecting sensitive patient information. An API facilitates interaction between OpenEMR and the blockchain, managing patient data, payments, and insurance validation, ensuring compliance and security (McGee and Acharya, 2019).

3.2.1 Fabric Gateway API development

The Fabric Gateway API securely integrates OpenEMR with the blockchain, logging transactions and interacting with smart contracts. It manages patient, payment, and insurance data, ensuring immutability, encryption, and transparency. Smart contracts automate access control, validation, and audit logging, enforcing security regulations. Every transaction is securely logged, creating a comprehensive audit trail that enhances trust and accountability. The API enables real-time, verifiable interactions, strengthening data security, interoperability, and transparency in the EHR system.

3.2.2 Blockchain network setup

The blockchain network for secure EHR data management in OpenEMR was implemented using Hyperledger Fabric, an open-source permissioned framework chosen for its modular architecture and customizable configurations. Following Hyperledger Fabric's official guidelines, the network setup included peer organizations, a consensus-based ordering service, and a certificate authority (CA) to enable secure data transactions aligned with healthcare security requirements.

3.2.3 Network configuration

The Hyperledger Fabric network includes two peer organizations, each with a peer node endorsing transactions and maintaining a ledger copy, ensuring decentralized control and interoperability. A single-node Raft ordering service manages transaction sequencing, simplifying setup but limiting fault tolerance for large-scale use. Root Certificate Authorities (CAs) issue security certificates, reducing complexity but potentially posing scalability challenges for certificate management across multiple entities.

3.2.4 Network setup process

The Hyperledger Fabric network was configured and deployed systematically using official documentation. Essential tools like Docker, Docker Compose, and Node.js were installed for containerized deployment and chaincode management. The network was initialized with Hyperledger's test scripts, launching peer nodes and the ordering service via the network.sh up command. A dedicated channel (openemrchannel) was created for secure, isolated data exchange, with each node joining to enable controlled access and interoperability.

3.2.5 Chaincode deployment and smart contract implementation

Chaincode, Hyperledger Fabric's smart contract equivalent, was deployed to automate and secure healthcare data management. Following official documentation, the chaincode was packaged, installed on each peer, and approved by both organizations. Once committed, peers could invoke and validate transactions. Testing confirmed its functionality in securely managing patient records, payments, and insurance data, ensuring reliable data addition, modification, and retrieval in the blockchain-based EHR system.

3.2.6 Smart contract design

The chaincode's smart contracts support essential healthcare data management functions. They enforce strict access control, verifying user identities before data access or modification. Additionally, they automate billing and payment processes, securely recording financial transactions on the blockchain. Insurance data is also managed, enabling authorized providers and insurers to interact with an immutable, shared data record.

3.3 Limitations and Challenges in the Blockchain Configuration

While the default Hyperledger Fabric configuration enables a rapid and simplified setup, several limitations may impact scalability, security, and performance in larger healthcare implementations:

* Single-node Raft Ordering Service: A single Raft node simplifies management but lacks fault tolerance. Failure of this node disrupts the ordering service, halting transaction processing.

* Absence of TLS Certificate Authority: Without a dedicated TLS CA, certificate management becomes challenging in larger networks. Root CAs suffice for smaller setups but may not scale securely across multiple organizations.

* Limited Peer Nodes and Channels: The current configuration supports only two peer organizations and a single channel. Real-world healthcare networks, involving multiple hospitals, insurers, and regulators, require additional peers and channels for effective access control and data sharing.

While this simplified setup provides a functional prototype for integrating blockchain with OpenEMR, future implementations may need enhanced configurations, such as multi-node Raft consensus, dedicated TLS CAs, and additional peer nodes, to improve scalability and fault tolerance.

4. Prototype Experimentation

The blockchain integration within the OpenEMR system was rigorously evaluated to determine its effectiveness in securing, managing, and sharing Patient, Payment, and Insurance data. Each component was tested for adherence to fundamental blockchain security principles, including confidentiality, availability, and integrity, as demonstrated in practical tests. This section provides a detailed overview of these evaluations, illustrating the enhanced security and interoperability achieved through blockchain.

4.1 Ledger Initialization and Data Storage

The Hyperledger Fabric ledger was initialized to create a secure and immutable foundation for the EHR system, capturing all transactions involving patient, payment, and insurance information. Once initialized, the ledger is prepared to record and protect these assets by logging transactions immutably, preventing unauthorized alterations, and maintaining a transparent audit trail.

4.2 Patient Data Management and Security

To evaluate patient data security, blockchain restricted access to authorized users within the EHR system's channel, ensuring confidentiality. Unauthorized access was simulated by altering the peer address, which was denied, confirming the system's confidentiality measures (see Figure 2).

Authorized peers within the channel can retrieve patient data, as demonstrated in Figure 3. This availability feature enables authenticated users to access and share patient information securely, which is essential in collaborative healthcare settings.

Additionally, modifications to patient data are executed only upon endorsement by peers. This peer approval ensures that data changes are universally reflected across the ledger, verifying data integrity. The outputs shown in Figures 3, 5, 8, 10, and 11 are in JSON (JavaScript Object Notation) format, a lightweight data-interchange format widely used for structuring and transmitting data. JSON is particularly suitable for this context because it is human-readable and easy to parse, making it ideal for representing structured data such as patient records, payment details, and insurance information.

In addition, JSON supports nested structures, allowing complex data relationships to be represented clearly. For example, in Figure 3, the patient record includes nested fields such as address and contact details. Another advantage of using JSON is that it is language-independent, ensuring compatibility with diverse systems and platforms, including OpenEMR and the Hyperledger Fabric blockchain.

4.3 Payment Data Workflow and Verification

Payment transactions were tested to assess data confidentiality, availability, and integrity within the blockchain system. Payment data is first entered through the OpenEMR interface (see Figure 4).

A sample query command was executed to retrieve all payment records from the ledger, as shown in Figure 5. This terminal command verifies that the recorded payment data can be retrieved securely, validating data availability and integrity within the network.

4.3.1 Data structure

The structure of payment data in the blockchain follows this schema: This structure provides detailed information on each payment, ensuring clarity, auditability, and the ability to reconcile payment data with patient records. Each field serves a specific purpose, such as linking the payment to a user, identifying the transaction type, and tracking the payment status. Similar guidelines apply to other blockchain objects, which maintain structured formats to ensure efficient management and oversight of various medical records within the healthcare system.

4.4 Insurance Data Entry, Update, and Verification

The management of insurance data within the blockchain demonstrates the system's capacity for recording, updating, and verifying sensitive healthcare data:

4.4.1 Insurance data entry

Insurance information is initially entered through the OpenEMR interface, as shown in Figure 7. This data, once entered, is securely stored on the ledger.

4.4.2 Retrieval of insurance data

A query command was executed to retrieve the newly entered insurance information from the ledger, as illustrated in Figure 8. This retrieval confirms that the insurance data has been recorded correctly and is accessible to authorized users within the channel.

4.4.3 Insurance data update

Insurance information can be modified directly from the OpenEMR interface. Figure 9 illustrates an update made to an existing insurance entry within OpenEMR, which is subsequently reflected on the blockchain ledger.

4.4.4 Verification of insurance update on ledger

Following the update, a query was run on the ledger to confirm that the insurance data modification was recorded successfully. Figure 10 shows the updated information as retrieved from the ledger, ensuring that the modification process preserves data integrity and reflects real-time changes across the network.

4.5 Security Metrics

To evaluate the security of the proposed system, we conducted rigorous tests and measured key performance metrics outlined below:

* Access Control Success Rate: The system successfully blocked 100% of unauthorized access attempts during testing, as demonstrated in Figure 2.

* Encryption/Decryption Speed: The AES-256 encryption and decryption processes averaged 0.5 milliseconds per record, ensuring minimal latency for authorized users.

* Transaction Throughput: The system processed an average of 150 transactions per second (TPS), which is sufficient for most healthcare applications but may require optimization for larger-scale deployments.

* Audit Trail Accuracy: All transactions were accurately logged on the blockchain, with a 0% error rate in the audit trail.

4.6 Encryption of Multiple Records

For sharing of multiple records among different medical personnel, we implemented a multi-key encryption mechanism where each record is encrypted with a unique symmetric key, which is then encrypted using the public keys of authorized users. For example, if a patients record needs to be shared with three doctors, the symmetric key is encrypted three times using each doctor's public key. This ensures that only authorized users can decrypt the symmetric key and access the record. The process is summarized in Table 1.

We tested the multi-key encryption mechanism by simulating scenarios where a record is shared with multiple users in different locations. The results are summarized in Table 2.

These results demonstrate that the multi-key encryption mechanism effectively ensures secure data sharing among authorized medical personnel while preventing unauthorized access.

4.7 Asset Management and Error Handling

The ledger manages assets such as Patient, Payment, and Insurance records, each identified by a docType attribute. This unified approach enables different asset types to coexist, supporting comprehensive auditing and streamlined queries across asset types. Robust error-handling mechanisms prevent actions on non-existent records, such as modifying or deleting invalid entries, ensuring data integrity and operational continuity (see Figure 11).

Tests confirm the blockchain's ability to securely manage healthcare data across asset types, with strict verification and endorsement protocols for access, modifications, and deletions. This setup reinforces data confidentiality, availability, and integrity while providing a scalable framework for handling sensitive EHR data in diverse healthcare applications.

The prototype was rigorously tested to evaluate its performance in ensuring confidentiality, accessibility, and transparency. For confidentiality, we simulated unauthorized access attempts by altering peer addresses, which were successfully blocked by the system's access control mechanisms. For accessibility, we demonstrated that authorized users could retrieve patient data efficiently, as shown in Figure 3. For transparency, we verified that all transactions, including data modifications and access requests, were immutably logged on the blockchain, as illustrated in Figures 8 and 10. These tests confirm that the proposed system effectively balances security, accessibility, and transparency in healthcare data management.

5. Evaluation and Discussion

The integration of blockchain with OpenEMR has significantly enhanced the security, integrity, and accessibility of Electronic Health Records (EHR). Access control mechanisms restrict data access to authenticated users, preventing unauthorized modifications while enabling secure sharing. Blockchain's decentralized nature ensures consistent data retrieval, though latency issues highlight the need for indexing or caching improvements. The system also improves transparency by immutably logging all data transactions (e.g., access requests, modifications), creating an auditable trail that fosters trust and supports regulatory compliance. However, scalability remains a challenge for larger healthcare systems, necessitating future improvements in granular access controls, data management, and traceability.

While the current blockchain configuration serves as a proof-of-concept, several limitations must be addressed for large-scale adoption. Enhancing the ordering service with multi-node Raft or Kafka consensus would improve fault tolerance, while a dedicated TLS CA could strengthen identity management. Scalability improvements, such as additional peer nodes and channels, would enhance access control and interoperability.

Security tests confirm the system's effectiveness in mitigating threats like unauthorized access and data tampering. Multi-key encryption ensures secure data sharing among medical personnel, though scalability and performance (e.g., 150 TPS) require optimization for larger networks. Future enhancements include chaincode optimization, advanced indexing, and efficient queries to boost performance. Strict access controls, encryption, and detailed audit trails will ensure data privacy and compliance, while real-time access alerts can prevent unauthorized access. Future research should focus on these areas to improve resilience, scalability, and security in healthcare blockchain systems.

6. Conclusion and Future Work

This research demonstrates blockchain's potential to address critical challenges in healthcare data management. By integrating Hyperledger Fabric with OpenEMR, the proposed solution enhances data security, interoperability, and transparency, mitigating risks like unauthorized access and data tampering. The prototype ensures data confidentiality, integrity, and availability, enabling secure sharing among authorized stakeholders. Rigorous testing confirmed its effectiveness, though scalability and latency issues remain. These findings highlight the feasibility of blockchain-based EHR systems while underscoring the need for further refinement for real-world applications.

Future research should focus on scalability and performance improvements, such as hybrid blockchain architectures, sharding, and off-chain storage. Replacing the single-node Raft ordering service with a multi-node consensus model would enhance fault tolerance, while advanced cryptographic techniques (e.g., zeroknowledge proofs, homomorphic encryption) could improve privacy and compliance. Optimizing chaincode performance and implementing indexing mechanisms are also crucial to reduce latency and enhance data retrieval. Further efforts should integrate blockchain with loT and Al for real-time monitoring and predictive analytics. Real-world testing is essential to evaluate scalability, usability, and performance. Developing standardized, cost-effective frameworks for smaller healthcare providers will promote broader adoption. Addressing these areas can unlock blockchain's full potential to revolutionize healthcare data management, ensuring secure, efficient, and interoperable systems.