Compliance with HIPAA and GDPR in blockchain-based electronic health record

Abstract A massive amount of clinical data is generated daily. Advancement in ICT technologies has enabled the healthcare providers to store them digitally and referred to as Electronic Health Record (EHR). These records are shared with various stakeholders, like doctors, nursing staff, and healthcare providers. These health records are also accessible to government agencies, pharmacies, laboratories, insurance agencies with consent or some time without consent. These personal health details recorded in EHR systems are sensitive information and can cause financial, social, and health issues if leaked. Blockchain technology has emerged as an immutable and reliable ledger that can maintain anonymity and immutability in EHR systems. There are many regional and international regulations to guide the safety and privacy of sensitive health records. Prominent among these regulations are the Health Insurance Portability and Accountability Act (HIPAA) and the General Data Protection Regulation (GDPR). This paper analyses Blockchain-based EHR system compliance with HIPAA and GDPR and further areas of improvement.