Secure Medical Record Access and Viewing System
Introduction
This white paper introduces a state-of-the-art system designed to securely manage medical record access and viewing. The system allows healthcare providers and patients to upload, store, and view medical records with the highest levels of data confidentiality and privacy. Through advanced encryption techniques and stringent access controls, the system ensures that sensitive medical information remains secure.
Encryption and Security Measures
To uphold the highest standards of data security, the system incorporates the following encryption and security measures:
-
Elliptic-curve Diffie–Hellman (ECDH): ECDH is utilized for secure key exchange between the uploader and the patient, enabling the establishment of a shared secret key.
-
Advanced Encryption Standard 256 (AES-256): AES-256, a widely accepted and robust encryption algorithm, is employed to encrypt internal JSON data. The shared secret key generated via ECDH is used for both encryption and decryption operations.
-
Secure Hash Algorithm 256 (SHA-256): SHA-256 is used to hash the patient's password and initialization vector (IV), ensuring the integrity and authenticity of stored passwords.
Uploader Side: Record Creation and Upload
-
The uploader (e.g., a healthcare provider) creates a medical record in JSON format and encrypts it using AES-256 with the shared secret key obtained through ECDH.
-
The encrypted JSON file is uploaded to the system, and the record's URL is stored as
www.blockstack/4cxzxcxz.json
. Therecord.patientPassword
field is set tonull
, indicating that no patient-specific password is required to access the record.
Uploader Side: Record Viewing
-
To view records uploaded by the uploader, the system fetches all records associated with the uploader's email.
-
The system sends fetch requests to retrieve the encrypted internal JSON data from the record's URL.
-
The encrypted data is decrypted using AES-256 and the shared secret key obtained through ECDH.
-
The decrypted internal JSON data is dynamically converted into HTML for presentation.
Patient Side: Record Viewing
If record.patientPassword
is null
:
-
To view records associated with a patient, the system fetches all records associated with the patient's email.
-
The system retrieves the encrypted internal JSON data from the record's URL using fetch requests.
-
The encrypted data is decrypted using AES-256 and the shared secret key obtained through ECDH.
-
The decrypted internal JSON data is dynamically converted into HTML for presentation.
If record.patientPassword
is not null
:
-
To view records associated with a patient, the system fetches all records associated with the patient's email.
-
The system retrieves the encrypted internal JSON data from the record's URL using fetch requests.
-
The system decrypts
record.rawPatientPassword
using the patient's private key to obtain the patient's passwordpatientPass
for display purpose. -
The encrypted internal JSON data is decrypted using AES-256 and the shared secret key obtained through ECDH.
-
The decrypted internal JSON data is dynamically converted into HTML for presentation.
Patient Side: Password Set/Change
If record.patientPassword
is null
or not null
(existing password change scenario):
-
The patient chooses a new password
patientPass
. -
The system stores the encrypted version of the patient's password using the patient's public key, ensuring only the patient can decrypt it using their private key.
-
The system stores the encrypted shared key
Uploader/Patient Shared Key
using the patient's passwordpatientPass
for additional encryption. -
The system stores the hash of the patient's password
patientPass
with initialization vector (record.iv
) asrecord.patientPasswordHash
to verify the password during login.
Steps for Viewing Data without Login
-
A user navigates to a specific URL (e.g.,
localhost:3000/prescriptions/63de525c48a14ad794d77506
). -
The user enters the password
pass
associated with the record. -
The system sends a fetch request with
record._id = 63de525c48a14ad794d77506
. -
The system compares the hashed entered password
pass
withrecord.patientPasswordHash
for authentication. -
If the password comparison is successful, the system returns the record's URL and the encrypted
record.internalPassword
. -
The system sends a fetch request to the record's URL and retrieves the encrypted internal JSON data.
-
The system decrypts
record.internalPassword
using the entered passwordpass
to obtain the shared keyUploader/Patient Shared Key
. -
The encrypted internal JSON data is decrypted using AES-256 and the shared key to retrieve the original internal JSON data.
-
The internal JSON data is dynamically converted into HTML for the user to view.
Conclusion
The Secure Medical Record Access and Viewing System offers a robust solution for the secure handling of medical records, ensuring both data confidentiality and privacy. By leveraging advanced encryption techniques such as ECDH, AES-256, and SHA-256, the system guarantees the safe transmission and storage of sensitive medical information. This system enhances healthcare data security, facilitating efficient and confidential sharing of medical records between providers and patients.