What I mean is, I envision a scenario in which personal data such as patient data is stored separately and independently from other institutions; that patient data is encrypted and then distributed to the IFPS, while the IFPS ID is stored on an immutable blockchain
I'll get flamed and downvoted if I name the open source project I've been grinding on for over a year to address sensitive data access by autonomous agents in a way that is similar... but I've been thinking of similar things - data sovereignty.
I think the solution is is for people to own their data, with cryptographic protections and audit trails. We should have the ability to grant JiT privileges to extremely narrowly scoped pieces, as needed, scrubbed of PII prior to egress. Patients should have to cryptographically sign temporary access, which is revoked immediately after the task... the ux should be as simple as a docusign... I could go on and on...
You’re absolutely right. In my opinion, data like medical records is the most sensitive data in the world. How can you possibly entrust your data to another institution or organization when you don’t know if it could just be taken without your consent? I see a lot of medical records circulating out there being bought and sold, looking like a pile of trash.
Key management and authentication are indeed complex issues, just as I had initially suspected, but after reading some older cryptography texts, I realized that we can use a key-sharing method. In an emergency, we can share the key with family members for authorization purposes or other technical matters.
Doctors must scan or request the patient’s sharing key (RSA) after the patient has given consent and verify that the treating doctor is indeed a licensed professional. This ensures that sensitive data can only be accessed after the patient approves the doctor’s request.
Regarding HIPAA, I haven’t considered it yet, but you can take your EMR with you anytime, anywhere, as it is protected by three keys: one for your IFPS, one for your personal data, and one for your medical data. An attacker would have no choice but to guess the key for each encryption two RSA and one AES. When you go to London for treatment, you only need to use your RSA key—that is, share that key with the doctor and then approve the doctor’s access to your medical history. No administrative procedures are needed; for example, if you’re treated in London, you don’t have to pay anything the hospital asks for just to access your data. That doesn’t sound logical, does it?
When a patient loses their private key, it’s a very serious mistake, but I’ve thought this through carefully, and yes, your key is split into three or more parts using SSS (Shamir’s Secret Sharing) or another key-sharing method one for your mother, one for your father, and one for your sibling with each family member keeping one part. So, if you lose your key, you can recover it using the parts kept by your family members.
Regarding blockchain, this isn’t actually mandatory, but I believe blockchain plays a crucial role in the hashing process. When you receive your IFPS ID, you must save it and record it this feels very slow. In my opinion, using blockchain makes sense if you can incorporate RSA key exchange into your data so that your medical history data is encrypted and distributed via IFPS, and it is this IFPS ID that is sent to the blockchain; the advantage of blockchain is its immutable and unalterable nature.
What I mean is, I envision a scenario in which personal data such as patient data is stored separately and independently from other institutions; that patient data is encrypted and then distributed to the IFPS, while the IFPS ID is stored on an immutable blockchain
I'll get flamed and downvoted if I name the open source project I've been grinding on for over a year to address sensitive data access by autonomous agents in a way that is similar... but I've been thinking of similar things - data sovereignty.
I think the solution is is for people to own their data, with cryptographic protections and audit trails. We should have the ability to grant JiT privileges to extremely narrowly scoped pieces, as needed, scrubbed of PII prior to egress. Patients should have to cryptographically sign temporary access, which is revoked immediately after the task... the ux should be as simple as a docusign... I could go on and on...
But, yeah, you're not alone.
You’re absolutely right. In my opinion, data like medical records is the most sensitive data in the world. How can you possibly entrust your data to another institution or organization when you don’t know if it could just be taken without your consent? I see a lot of medical records circulating out there being bought and sold, looking like a pile of trash.
I looked at this repository and tried running it: https://github.com/Mzhvnn-tch/sehati-apps. Maybe you can see how this workflow operates.
How is authentication, authorization, logging and data retention policy handled?
Key management and authentication are indeed complex issues, just as I had initially suspected, but after reading some older cryptography texts, I realized that we can use a key-sharing method. In an emergency, we can share the key with family members for authorization purposes or other technical matters.
What if a patient loses their encryption key?
How do doctors get access to history?
HIPAA? EMR system integration?
blockchain is toxic, most people do not want to deal with the hassle of lose your keys, lose your money (data here)
Doctors must scan or request the patient’s sharing key (RSA) after the patient has given consent and verify that the treating doctor is indeed a licensed professional. This ensures that sensitive data can only be accessed after the patient approves the doctor’s request.
Regarding HIPAA, I haven’t considered it yet, but you can take your EMR with you anytime, anywhere, as it is protected by three keys: one for your IFPS, one for your personal data, and one for your medical data. An attacker would have no choice but to guess the key for each encryption two RSA and one AES. When you go to London for treatment, you only need to use your RSA key—that is, share that key with the doctor and then approve the doctor’s access to your medical history. No administrative procedures are needed; for example, if you’re treated in London, you don’t have to pay anything the hospital asks for just to access your data. That doesn’t sound logical, does it?
When a patient loses their private key, it’s a very serious mistake, but I’ve thought this through carefully, and yes, your key is split into three or more parts using SSS (Shamir’s Secret Sharing) or another key-sharing method one for your mother, one for your father, and one for your sibling with each family member keeping one part. So, if you lose your key, you can recover it using the parts kept by your family members.
Regarding blockchain, this isn’t actually mandatory, but I believe blockchain plays a crucial role in the hashing process. When you receive your IFPS ID, you must save it and record it this feels very slow. In my opinion, using blockchain makes sense if you can incorporate RSA key exchange into your data so that your medical history data is encrypted and distributed via IFPS, and it is this IFPS ID that is sent to the blockchain; the advantage of blockchain is its immutable and unalterable nature.