A

Project Report
On
DECENTRALISED HEALTH RECORD MANAGEMENT
Submitted for partial fulfillment of the requirements for the award of the degree
Of
BACHELOR OF ENGINEERING
In
COMPUTER SCIENCE AND ENGINEERING
By
Ms. Satya Sree Donga (2451-21-733-071)
Ms. Veda Vamsitha Bogem (2451-21-733-080)
Under the guidance of
Mrs. N. Sabitha
Assistant Professor
Department of CSE

MATURI VENKATA SUBBA RAO(MVSR) ENGINEERING COLLEGE

Department of Computer Science and Engineering
(Affiliated to Osmania University & Recognized by AICTE)
Nadergul, Saroor Nagar Mandal, Hyderabad – 501510
Academic Year: 2024-25
 Maturi Venkata Subba Rao Engineering College
(Affiliated to Osmania University, Hyderabad)
Nadergul(V), Hyderabad-501510

Certificate

This is to certify that the project work entitled “Decentralised Health Record Management” is a bonafide
work carried out by Ms. Satya Sree Donga(2451-21-733-071) and Ms.Veda Vamsitha Bogem(2451-21-
733-080)in partial fulfilment of the requirements for the award of degree of Bachelor of Engineering in
Computer Science and Engineering from Maturi Venkata Subba Rao (MVSR) Engineering College,
affiliated to OSMANIA UNIVERSITY, Hyderabad, during the Academic Year 2023-24 under our guidance
and supervision.

The results embodied in this report have not been submitted to any other university or institute for the award
of any degree or diploma to the best of our knowledge and belief.

Internal Guide Head of Department

Mrs. N Sabitha Prof. J Prasanna Kumar
Assistant Professor Professor
Department of CSE Department of CSE
MVSREC. MVSREC.

External Examiner

i
 DECLARATION

This is to certify that the work reported in the present project entitled “ Decentralised Health Record
Management” is a record of bonafide work done by us in the Department of Computer Science and
Engineering, Maturi Venkata Subba Rao (MVSR) Engineering College, Osmania University during the
Academic Year 2024-25. The reports are based on the project work done entirely by us and not copied from
any other source. The results embodied in this project report have not been submitted to any other University
or Institute for the award of any degree or diploma.

Mr. Satya Sree Donga Ms. Veda Vamsitha Bogem

2451-21-733-071 2451-21-733-080

ii
 ACKNOWLEDGEMENTS

We would like to express our sincere gratitude and indebtedness to our project guide Mrs. N Sabitha for
her valuable suggestions and interest throughout the course of this project.

We are also thankful to our principal Dr. Vijaya Gunturu and Mr. J Prasanna Kumar, Professor and
Head, Department of Computer Science and Engineering, Maturi Venkata Subba Rao Engineering College,
Hyderabad for providing excellent infrastructure for completing this project successfully as a part of our
B.E. Degree (CSE). We would like to thank our project coordinator for her constant monitoring, guidance
and support.

We convey our heartfelt thanks to the lab staff for allowing us to use the required equipment whenever
needed. We sincerely acknowledge and thank all those who gave directly or indirectly their support in the
completion of this work.

Mrs. Satya Sree Donga (2451-21-733-071)

Mrs. Veda Vamshitha Bogem (2451-21-733-
080)

iii
VISION
 To impart technical education of the highest standards, producing competent and confident engineers
with an ability to use computer science knowledge to solve societal problems.
MISSION
 To make learning process exciting, stimulating and interesting.
 To impart adequate fundamental knowledge and soft skills to students.
 To expose students to advanced computer technologies in order to excel in engineering practices by
bringing out the creativity in students.
 To develop economically feasible and socially acceptable software.
PEOs:
PEO-1: Achieve recognition through demonstration of technical competence for successful execution of
software projects to meet customer business objectives.
PEO-2: Practice life-long learning by pursuing professional certifications, higher education or research in
the emerging areas of information processing and intelligent systems at a global level.
PEO-3: Contribute to society by understanding the impact of computing using a multidisciplinary and
ethical approach.
PROGRAM OUTCOMES (POs)
At the end of the program the students (Engineering Graduates) will be able to:
1. Engineering knowledge: Apply the knowledge of mathematics, science, engineering fundamentals,
and an engineering specialisation for the solution of complex engineering problems.
2. Problem analysis: Identify, formulate, research literature, and analyse complex engineering
problems reaching substantiated conclusions using first principles of mathematics, natural sciences,
and engineering sciences.
3. Design/development of solutions: Design solutions for complex engineering problems and design
system components or processes that meet the specified needs with appropriate consideration for
public health and safety, and cultural, societal, and environmental considerations.
4. Conduct investigations of complex problems: Use research-based knowledge research methods
including design of experiments, analysis an interpretation of data, and synthesis of the information
to provide valid conclusions.
5. Modern tool usage: Create, select, and apply appropriate techniques, resources, and modern
engineering and IT tools including prediction and modelling to complex engineering activities with
an understanding of the limitations.
6. The engineer and society: Apply reasoning informed by the contextual knowledge to assess
societal, health, safety, legal, and cultural issues and the consequent responsibilities relevant to the
professional engineering practice.

iv
 7. Environment and sustainability: Understand the impact of the professional engineering solutions in
societal and environmental contexts, and demonstrate the knowledge of, and the need for sustainable
development.
8. Ethics: Apply ethical principles and commit to professional ethics and responsibilities and norms of
the engineering practice.
9. Individual and teamwork: Function effectively as an individual, and as a member or leader in
diverse teams, and in multidisciplinary settings.
10. Communication: Communicate effectively on complex engineering activities with the engineering
community and with the society at large, such as being able to comprehend and write effective
reports and design documentation, make effective presentations, and give and receive clear
instructions.
11. Project management and finance: Demonstrate knowledge and understanding of the engineering
and management principles and apply these to one’s work, as a member and leader in a team, to
manage projects and in multidisciplinary environments.
12. Lifelong learning: Recognise the need for and have the preparation and ability to engage in
independent and life-long learning in the broadest context of technological change.
PROGRAM SPECIFIC OUTCOMES (PSOs)
13. (PSO-1) Demonstrate competence to build effective solutions for computational real-world problems
using software and hardware across multi-disciplinary domains.
14. (PSO-2) Adapt to current computing trends for meeting the industrial and societal needs through a
holistic professional development leading to pioneering careers or entrepreneurship.

v
 COURSE OBJECTIVES AND OUTCOMES
Course Code: U21PW881CS
Course Objectives
 To enhance practical and professional skills.
 To familiarize tools and techniques of systematic Literature survey and documentation.
 To expose the students to industry practices and teamwork.
 To encourage students to work with innovative and entrepreneurial ideas.
Course Outcomes
Upon completion of the course, the student will be able to:
1. Demonstrate the ability to synthesize and apply the knowledge and skills acquired in the academic
program to real-world problems.
2. Evaluate different solutions based on economic and technical feasibility.
3. Effectively plan a project and confidently perform all the aspects of project management.
4. Demonstrate effective written and oral communication skills.
5. Present the proposed project using PPT.

vi
 ABSTRACT
MedVault represents a transformative approach to the way Electronic Medical Records (EMRs) are
managed, shared, and stored in the healthcare industry. Traditional EMR systems, despite their widespread
use, face several critical limitations. These systems are often centralized, which makes them highly
susceptible to issues like data breaches, unauthorized access, poor interoperability, and lack of patient
control over their own medical data. MedVault seeks to address all these challenges by leveraging
blockchain technology and), creating a decentralized, secure, and highly efficient platform for storing and
exchanging medical records InterPlanetary File System (IPFS.)
At the heart of MedVault’s design is the use of blockchain, particularly the Ethereum network, which serves
as the backbone of the system. Blockchain provides a decentralized ledger that ensures data immutability.
Once a medical record is stored on the blockchain, it cannot be altered or deleted without detection,
providing an unchangeable and verifiable record of patient data. This feature dramatically enhances data
integrity, eliminating the risk of tampering or unauthorized changes. The blockchain also facilitates
transparency, as all transactions involving medical records are publicly traceable and auditable by authorized
parties. Each action—whether it's an update to a patient's record, a change in access permissions, or a query
request—leaves a digital footprint, providing a complete, verifiable audit trail. This is a game-changer for
regulatory compliance, as it ensures that the record-keeping process adheres to laws such as the Health
Insurance Portability and Accountability Act (HIPAA).
Furthermore, MedVault integrates smart contracts, which automatically execute actions when predefined
conditions are met, ensuring that record-sharing and management processes are secure, transparent, and free
from manual intervention. For example, a smart contract could automatically grant a doctor access to a
patient's record upon receiving the necessary consent from the patient, and it could revoke that access after a
specified time. This automation minimizes the potential for human error and reduces the administrative
burden on healthcare providers, allowing them to focus more on patient care. Smart contracts also make the
system auditable, as each interaction is logged, and the contract’s execution can be reviewed for compliance
and transparency.
The integration of IPFS adds another layer of decentralization and efficiency to the system. IPFS is a peer-
to-peer distributed file storage system that allows large data files, such as medical imaging, lab results, and
detailed patient histories, to be stored and retrieved efficiently without relying on centralized servers. This
eliminates the single point of failure inherent in traditional systems, where a single server or database can be
hacked, compromised, or go offline, potentially leading to the loss of critical data. Instead, with IPFS, data is
broken into chunks, encrypted, and distributed across a global network of nodes, making it both more
resilient and scalable. This allows for fast, secure, and fault-tolerant retrieval of medical records, even in
cases of server failures or cyberattacks. Additionally, because IPFS operates in a decentralized manner, there
is no need for an intermediary or central authority, further enhancing the privacy and security of patient data.
A significant advantage of MedVault is the control it gives patients over their own health data. In traditional
EMR systems, patients often have limited control over who accesses their records and how their data is
vii
shared. MedVault, on the other hand, empowers patients by allowing them to grant or revoke access to their
medical records at any time, providing them with full control over their health information. This is achieved
through the use of cryptographic keys, which patients can use to manage access permissions securely. If a
patient needs to share their medical history with a new doctor or specialist, they can do so by simply
providing them with the necessary credentials, while ensuring that their records remain encrypted and
protected from unauthorized access.
Granular access control is another critical feature of MedVault. Instead of granting blanket access to a
patient’s entire medical history, MedVault allows healthcare providers to access specific pieces of
information that are relevant to their care. For example, a cardiologist may only need access to a patient’s
heart-related data, while a general practitioner may require access to the patient’s full medical history. This
targeted access ensures that data privacy is maintained while also making information available to healthcare
providers when needed for critical decision-making.
MedVault also addresses the issue of interoperability, which has long been a challenge in the healthcare
industry. Many healthcare providers and institutions use different systems that often cannot communicate
with each other effectively, leading to fragmented and incomplete patient records. By utilizing blockchain
and IPFS, MedVault enables seamless and trustless data exchange between different healthcare entities, even
if they use different technologies. This promotes better coordination of care, reduces the risk of errors due to
incomplete or outdated information, and enhances the overall quality of patient care. Moreover, because
MedVault is based on open-source technologies, it has the potential to integrate with a wide range of
existing healthcare systems, facilitating widespread adoption.
In summary, MedVault provides a decentralized, secure, and transparent solution to the challenges faced by
traditional EMR systems. By utilizing blockchain and IPFS, it ensures that patient data is immutable,
auditable, and resilient to tampering or loss, while giving patients greater control over their health
information. The use of smart contracts and granular access control enhances both the efficiency and privacy
of data exchange, making the process of sharing and managing medical records more secure and
streamlined. Ultimately, MedVault represents a patient-centric approach that prioritizes data privacy,
security, and interoperability, paving the way for a future in which healthcare providers and patients can
share information seamlessly, securely, and with greater trust.
MedVault is a decentralized solution designed to address the challenges faced by Electronic Medical
Records (EMR) sharing systems. Leveraging the Ethereum network and IPFS technology, MedVault offers a
secure and efficient platform for storing and exchanging medical records. Traditional EMR systems often
encounter issues such as data breaches, lack of interoperability, and limited patient control over their own
records. MedVault aims to overcome these challenges by employing blockchain technology, ensuring data
immutability, transparency, and enhanced security. By utilizing the Ethereum network, MedVault establishes
a decentralized infrastructure that allows healthcare providers, patients, and other authorized parties to
access and share medical records in a seamless and trustless manner.

viii
 The use of smart contracts further enhances the integrity and reliability of transactions, enabling
automated and auditable interactions. In addition, MedVault incorporates IPFS (InterPlanetary File System)
technology to efficiently store and distribute medical records. IPFS facilitates the decentralized storage and
retrieval of data, eliminating reliance on a single central server and enabling greater scalability and
resilience. The key features of MedVault include secure patient identification, granular access control, data
privacy, and auditability. Patients have full control over their medical records, granting or revoking access to
healthcare providers as needed. The system ensures data privacy through encryption techniques, while still
allowing authorized parties to trace and audit record access and modifications.
Through the implementation of MedVault, the healthcare industry can benefit from a decentralized and
secure solution for EMR sharing. It has the potential to streamline record management, enhance patient
privacy and control, and foster interoperability among different healthcare entities.

ix
 TABLE OF CONTENTS

PAGE NOS.
Certificate …………………………………………………………………….. i
Declaration ...…………………………………………………………………… ii
Acknowledgment……………………………………………………………..… iii
Vision & Missions,PEOs,Pos and PSOs….…………………………………….. iv
Course Objectives and Outcomes…………………………………………….… vi
Abstract………………………………………………………………….……… vii
Table of Contents…………………………………………………….…………. viii
List of Figures …………………………………………………..…………….. x
List of Tables…………………………………….….………………..………… x

x
 CONTENTS
CHAPTER I
1. INTRODUCTION 01 - 05
1.1 PROBLEM STATEMENT 02
1.2 OBJECTIVE 02
1.3 MOTIVATION 02-03
1.4 SCOPE OF THE PROJECT 03-04
1.5 SOFTWARE REQUIREMENTS 04-05
CHAPTER II
2. LITERATURE SURVEY 06-07
CHAPTER III
3. SYSTEM DESIGN 08-16
3.1 FLOW CHARTS 08
3.2 SYSTEM ARCHITECTURE 08-09
3.3 UML DIAGRAMS 09-13
3.4 PROJECT PLAN 13-16
CHAPTER IV
4. SYSTEM IMPLEMENTATION & METHODOLOGIES 17-26
4.1 SYSTEM IMPLEMENTATION 17
4.2 TECHNOLOGY STACK 17-18
4.3 SYSTEM ARCHITECTURE 18
4.4 USER ROLES AND PERMISSIONS 18-20
4.5 SYSTEM WORKFLOW 20-21
4.6 METHODOLOGIES USED 21-22
4.7 USER INTERFACE 23-26

CHAPTER V
5. TESTING AND RESULTS 27-30
CHAPTER VI
6. CONCLUSION & FUTURE ENHANCEMENTS 31-32
REFERENCES 33-34
APPENDIX 1-6

xi
 LIST OF FIGURES

Figure No. Figure Name Page No.

Fig 3.1 Data flow 8
Fig 3.2 System Diagram 9
Fig 3.3 Use case Diagram 10
Fig 3.4 State Diagram 11
Fig 3.5 Sequence Diagram 13
Fig 4.1 Home screen 23
Fig 4.2 dashboard 24
Fig 4.3 admin dashboard 24
Fig 4.4 hospital dashboard 25
Fig 4.5 doctor dashboard 25
Fig 4.6 patient profile 26
Fig 5.1 Test case I 27
Fig 5.2 Test case II 28
Fig 5.3 Test case III 28
Fig 5.4 Test case IV 29
Fig 5.5.1 Test case V 29
Fig 5.5.2 Test case 30

LIST OF TABLES

Table No. Table Name Page No.

Table 2.1 survey 8
Table 4.1 roles 19
Table 4.2 components 20

xii
 Decentralized Health Record Management
CHAPTER 1
INTRODUCTION
In the context of healthcare, Electronic Health Records (EHRs) have become an essential tool for
maintaining a patient's comprehensive medical history, containing vital clinical and administrative
information necessary for effective healthcare delivery. EHRs aim to streamline various processes within
healthcare systems, such as improving patient care, enhancing communication between healthcare providers,
and making information easily accessible in real-time. These records often include data like diagnoses,
medications, allergies, immunization records, lab results, and more, all of which play a critical role in
ensuring patients receive accurate and timely care. However, despite their advantages, traditional EHR
systems face significant challenges, particularly around the security of data, privacy concerns, and the lack
of interoperability between disparate healthcare systems.
The issue of security remains a top concern, as healthcare organizations are frequent targets of
cyberattacks, and unauthorized access to sensitive patient data can have severe consequences. Traditional
centralized EHR systems often struggle with vulnerabilities, such as potential hacking risks and data
breaches, which compromise patient confidentiality. Moreover, privacy concerns, especially regarding who
has access to a patient’s health information and how it's shared, have created significant apprehensions.
Furthermore, the lack of interoperability between various EHR systems and healthcare providers further
complicates the efficient sharing of medical information. Data often resides in isolated silos, requiring
complex and inefficient processes to transfer records from one provider to another, which can delay care and
lead to errors.
Blockchain technology presents a powerful solution to these challenges. By leveraging its
decentralized distributed ledger, blockchain ensures the integrity of medical records through cryptographic
hashing. This means that once data is entered into the system, it becomes nearly impossible to alter or
tamper with without consensus from multiple network participants, significantly reducing the risk of data
manipulation. Each record in the blockchain is cryptographically linked to the previous one, forming an
immutable chain of data. Additionally, public-key cryptography is utilized to secure the data and ensure
confidentiality. Each user of the system is assigned a unique public and private key pair, which guarantees
that only authorized individuals can access or modify records, while maintaining the privacy of sensitive
patient information.
The integration of blockchain technology into EHR systems provides an effective solution to the
interoperability issues faced by traditional systems. Because blockchain is decentralized, it allows for
seamless and secure sharing of health data between trusted parties, regardless of the systems they are using.
This eliminates the need for costly and inefficient methods, such as manually transferring records or using
proprietary file formats, that often plague traditional systems. Authorized parties can access the relevant data

Dept. of CSE, MVSREC 1

 Decentralized Health Record Management
securely in real-time, improving the continuity of care across different healthcare providers and institutions,
ultimately enhancing the overall efficiency of healthcare delivery.
Blockchain also enables the use of smart contracts, which are self-executing contracts with the terms
of the agreement directly written into lines of code. Smart contracts can be used to automate the
management of patient consent, ensuring that data access is granted only under specific conditions
predefined by the patient. For example, a smart contract can allow a healthcare provider to access a patient’s
medical records only if the patient has explicitly consented to share that information for a particular purpose.
This automation streamlines administrative processes and eliminates the need for manual interventions,
reducing the risk of human error and making the entire process more efficient. Additionally, these smart
contracts are designed to be auditable, ensuring transparency in how data is accessed and shared, which can
help maintain compliance with regulatory requirements such as the General Data Protection Regulation
(GDPR), which mandates strict privacy and data protection measures for personal information.
By integrating blockchain with Electronic Health Records, healthcare systems can significantly bolster
the security and privacy of sensitive patient data, enhancing trust in the system. It allows patients to have
greater control over their health information, as they can manage consent and determine who has access to
their medical records, and for how long. This not only ensures compliance with data protection laws but also
aligns with the growing demand for patient empowerment in managing their health data. Blockchain, with its
decentralized, transparent, and secure nature, is therefore well-positioned to address the key challenges of
traditional EHR systems, such as data security, privacy concerns, interoperability, and the need for efficient
and trustworthy sharing of medical information across healthcare networks. This evolution in EHR
management could transform how healthcare providers and patients interact with medical data, ultimately
improving patient care, reducing errors, and enhancing the overall healthcare experience.

1.2 PROBLEM STATEMENT

The traditional centralized Electronic Health Record (EHR) systems are fraught with several significant
challenges, particularly in the areas of data security, privacy, and accessibility. Centralized systems typically
store all patient data in a single database or server, which makes them highly vulnerable to cyberattacks and
data breaches. If a malicious actor gains access to this central repository, they could potentially compromise
the personal and medical information of a large number of patients. Additionally, centralized systems often
lack transparency, which can make it difficult for patients and healthcare providers to trace how their data is
being used or accessed. This lack of oversight increases the risk of unauthorized access, data manipulation,
or fraud. Furthermore, centralized EHR systems usually require complex and inefficient processes for
sharing data between different healthcare institutions. This can delay the transfer of important medical
information between providers, resulting in incomplete patient histories or errors in treatment.

Dept. of CSE, MVSREC 2

 Decentralized Health Record Management
Blockchain technology offers a robust solution to these challenges by providing a decentralized,
tamper-resistant, and transparent platform for secure data storage and access. Unlike centralized systems,
blockchain stores data across a distributed network of nodes, ensuring that no single entity has control over
the entire system. This decentralization significantly reduces the risk of a single point of failure and
increases the resilience of the system to cyberattacks or data breaches. Blockchain’s inherent tamper-
resistance is achieved through cryptographic techniques such as hashing, which ensures that once data is
recorded, it cannot be altered without the consensus of the network. This feature guarantees the integrity of
patient records, making it nearly impossible to falsify or manipulate the data.
Moreover, blockchain enhances patient privacy and consent management. Through the use of public-
key cryptography, each patient can have a unique cryptographic key pair, allowing them to control access to
their health information. Patients can grant or revoke access to specific healthcare providers based on
predefined conditions, ensuring that their data is only shared with authorized parties. This patient-centric
approach not only empowers individuals to control their health data but also ensures compliance with
privacy regulations such as the General Data Protection Regulation (GDPR). Blockchain’s transparency
further ensures that any interaction with a patient’s data is auditable, allowing both patients and healthcare
providers to trace who accessed the information and for what purpose. This built-in auditability provides an
additional layer of security and accountability, making it easier to detect and address any potential breaches
or misuse of data.
In summary, blockchain offers a more secure, transparent, and efficient alternative to traditional
centralized EHR systems. It mitigates the risks associated with data breaches, improves the transparency of
data access, and simplifies the processes for sharing patient information across healthcare providers. By
leveraging blockchain technology, healthcare systems can ensure better data security, uphold privacy, and
empower patients with greater control over their own health data, leading to improved patient outcomes and
a more efficient healthcare system.
1.2 OBJECTIVE
The objective of blockchain-based health record management is multifaceted, focusing on enhancing the
efficiency, security, and accessibility of patient data while addressing some of the most pressing challenges
in traditional healthcare systems. One of the primary goals is to tackle the long-standing interoperability
issues between different healthcare providers and systems. Blockchain technology, through its decentralized
nature and distributed ledger, ensures that data is not only securely stored but can also be seamlessly
exchanged between various entities. By utilizing standardized protocols, blockchain enables healthcare
organizations that use different systems and technologies to interact with each other in a unified manner.
This eliminates the barriers of siloed patient data, making it easier for healthcare providers to access the
information they need to make informed decisions. With secure data-sharing mechanisms in place,
blockchain ensures that patient data can flow efficiently between hospitals, clinics, laboratories, and

Dept. of CSE, MVSREC 3

 Decentralized Health Record Management
specialists without the complexities of traditional, inefficient methods of data transfer. This kind of
interoperability ultimately leads to improved coordination of care, reducing delays, errors, and duplication of
services.

In addition to addressing interoperability, blockchain-based health record management aims to automate and
enforce privacy policies and data access controls, ensuring that patient health records remain secure and
accessible only to authorized individuals. Blockchain's robust security features, such as cryptographic
encryption and smart contracts, allow for fine-grained access controls, where data interactions are only
permitted based on pre-established rules and conditions. This means that patients can have complete control
over who accesses their medical information, and healthcare providers can be certain that they are only
interacting with the data they are authorized to view. By automating these access controls, blockchain
eliminates the need for manual intervention or complex administrative processes that are prone to human
error. Additionally, blockchain ensures that any access to patient records is auditable, providing a transparent
and verifiable trail of who accessed the information, when, and for what purpose. This enhances the overall
privacy and security of patient data, ensuring compliance with regulations such as HIPAA and GDPR, and
mitigating the risks associated with unauthorized access, data breaches, and potential misuse of sensitive
health information. In essence, blockchain-based health record management not only enhances
interoperability but also fortifies patient privacy, empowers individuals with control over their data, and
creates a more secure and efficient healthcare environment.

1.3 MOTIVATION

Our motivation stems from the need to revolutionize healthcare by addressing the complex challenges of
decentralized health record management, leveraging the power 0f blockchain technology and the Inter
Planetary File System (IPFS). Imagine a healthcare ecosystem where patient data is securely stored, easily
accessible, and fully controlled by patients themselves, ensuring that their health history is transparent,
immutable, and seamlessly shared among authorized entities.

This vision serves as the driving force behind our pursuit of a decentralized health record management
system. In today's world, healthcare data is often siloed and fragmented across various systems, leading to
inefficiencies, errors, and even loss of critical patient information. This fragmentation can result in delayed
diagnoses, unnecessary treatments, and compromised patient safety. Our motivation is to address these
issues head-on by creating a unified, blockchain-based solution that guarantees data integrity, privacy, and
access control while empowering patients to own and manage their health records.

Blockchain technology offers a unique solution to these challenges. Its decentralized, transparent, and
immutable nature ensures that patient data is not only secure but also easily accessible, fostering greater
collaboration and trust among healthcare providers. By integrating IPFS, a distributed file system, we aim to
enhance data storage capabilities. IPFS allows patient records to be stored in a decentralized manner,

Dept. of CSE, MVSREC 4

 Decentralized Health Record Management
enabling efficient, secure access to large datasets without relying on a central server. This system can scale,
making it easy to store and retrieve large volumes of medical data, such as imaging files, diagnostic results,
and health histories, all while maintaining patient privacy and confidentiality.

In essence, our motivation lies in the desire to enhance healthcare outcomes by eliminating data
fragmentation, improving patient safety, and ensuring that patients have complete ownership and control of
their health information. By leveraging cutting-edge technologies like blockchain and IPFS, we aim to create
a seamless, efficient, and secure environment for decentralized health record management. This will
transform how healthcare data is stored, accessed, and shared, ultimately improving patient care and
fostering a more connected, innovative healthcare ecosystem.
1.4 SCOPE OF THE PROJECT
In addressing the challenges present in the current healthcare data management systems, the proposed
web application aims to offer innovative solutions that will benefit both patients and healthcare
professionals. One of the primary problems in the current healthcare landscape is the lack of effective data
sharing and integration between different hospitals and healthcare institutes. Typically, patient records are
siloed within each institution, making it difficult for healthcare providers to access comprehensive medical
histories when needed. This fragmentation of medical data often leads to inefficiencies, such as repeated
tests, delayed diagnoses, and incomplete treatment plans. Our web application will tackle this issue by
creating a centralized platform where patient data from various healthcare providers can be securely
aggregated and made accessible in one place. This system will allow healthcare professionals to quickly find
all the relevant information they need, regardless of which institution it originates from, enabling a more
coordinated and holistic approach to patient care.
The second challenge that our web application will address is the difficulty patients face in maintaining and
accessing their medical history. Many patients struggle to keep track of their health records, particularly
when they have complex or long-term medical conditions. This can result in a lack of awareness of their own
medical history, which is crucial for ongoing treatment and preventive care. Our solution will allow patients
to store all their medical records in a single digital file that can be easily accessed and updated. With a
comprehensive view of their health history, patients will be better equipped to manage their healthcare
needs, ensuring that both they and their healthcare providers have access to critical information when
making decisions.
The third aspect of the project is aimed at improving the accuracy of diagnoses made by specialists. Often,
specialists rely on a limited view of a patient's medical background, which can lead to misdiagnosis or
missed conditions. Our application will provide specialists with access to a patient’s entire medical history,
enabling them to make more informed and accurate diagnoses. By having detailed records, including past
illnesses, treatments, and test results, specialists can compare a patient’s current condition to similar cases,
which can significantly enhance diagnostic accuracy. The more information a specialist has about a patient's

Dept. of CSE, MVSREC 5

 Decentralized Health Record Management
previous health conditions, the better equipped they are to identify potential issues early on, leading to more
effective treatment plans and improved patient outcomes.
Furthermore, the project's long-term contribution to healthcare is profound. By making patients' medical
histories easily accessible, it helps save lives by enabling the early detection of diseases that are often
predictable through past medical data. Diseases such as hepatitis B and C, cancer, diabetes, and herpes virus
are among those that can be identified early through regular monitoring of blood tests and a patient's medical
background. With the application, patients can track their health over time, providing valuable insights into
their susceptibility to certain conditions. Additionally, the application will allow patients to share their
medical history with family members, ensuring that healthcare information is available for early detection or
preventive care. The inclusion of family medical history also plays a critical role, as many diseases have
genetic components that can be better managed with family health data in hand.
The application will also standardize the format of medical records across healthcare institutions, creating a
consistent and easily readable format that can be used by all healthcare providers. This standardization will
make it easier for doctors and medical staff to record and interpret patient data, regardless of where it
originates. It will also streamline the process of updating patient records after each visit or procedure,
ensuring that all relevant information is captured accurately and efficiently. By offering a unified, user-
friendly format for medical records, the system will save time for both doctors and patients, reducing the
administrative burden often associated with manual record-keeping.
Ultimately, the project’s impact will extend beyond individual patient care. By improving the accuracy of
diagnoses, increasing access to comprehensive medical histories, and enhancing data sharing between
healthcare providers, the web application will contribute to a more efficient, collaborative, and patient-
centered healthcare system. With its focus on security, ease of use, and accessibility, the platform will
empower patients to take control of their health data while enabling doctors to provide better-informed care.
This integration of technology in healthcare has the potential to revolutionize the way we manage medical
information, leading to better outcomes for patients and more efficient practices for healthcare providers.
After talking about these problems, we will try to solve them through a web application to serve patients and
doctors.
 First: we will solve the main challenges existing in the current way hospitals manage
their data and the lack of sharing with other institutes as they can easily find all the
information from different institutes organized in one place.
 Second: patients can have all their medical information as it is difficult for them to keep
up with their medical history, either be it complicated or long.
 Third: specialist’s diagnosis will be more accurate as it will depend on the
patient’s condition in similar situations that he will get it from the patient’s
medical history.

Dept. of CSE, MVSREC 6

 Decentralized Health Record Management
The project contributes to save people’s lives through their knowledge of their health and
knowledge of their diseases that can be detected early from their medical history such as hepatitis B,
C, cancer, diabetes, and herpes virus which are the most diseases that can be predictable from the
patient’s medical history like it’s updatable test blood and his past diseases or from their family
medical history as they can share their information with other patients like their family. Each person
will have a medical file containing its own medical history.

Provides medical history will help doctors to diagnose the disease as by knowing the patients’
old diseases will increase the percentage of accurate diagnose in a lot of diseases as we mentioned
before and save doctors and patient’s time.Our project will provide a single format for all patient’s
medical record so it will be more readable and easier to record it from different institutes.

1.5 SOFTWARE REQUIREMENTS

We have used a combination of technology and tools that help build a decentralized medical
record system:

1.5.1 Front-End:

 HTML, CSS, JavaScript

 React.js
 Bootstrap

1.5.2 Back-End:

 Web3.js (library that allows to interact with a Ethereum node, smart contract, and
your app)
 Solidity (Programming language for implementing smart contracts on blockchain
network)
1.5.3 Blockchain:
 Ethereum network
 Truffle (Farmwork for Dapp that provide EVM (Ethereum Virtual Machine) so
we can deploy and test)
 Ganache (It is local Ethereum blockchain. It provided us with number of accounts
allowed us to test and deploy the application and dividing them among application
different end users.)
 MetaMask (Browser extension that is gateway to blockchain apps by make
account to manage Ethereum smart contract)

Dept. of CSE, MVSREC 7

 Decentralized Health Record Management
 IPFS (It is a protocol and peer-to-peer network for data storage and sharing in a
distributed file system.)

1.5.4 Workspace
 Visual Studio Code & GitHub

CHAPTER 2
LITERATURE SURVEY
Traditional EHR systems face security, privacy, and interoperability challenges. Blockchain ensures
tamper-proof record-keeping, while IPFS provides efficient off-chain storage. This combination enhances
data integrity and accessibility across healthcare institutions.

Table 2.1

S.N Year of Author(s) Technique Summary Limitation

o Publication

1 2018 Qi Xia, Emmanuel Blockchain-Based Introduced a secure High computational

Boateng Sifah, Abla EHR System framework using cost due to
Smahi, Sandro blockchain to store blockchain
Amofa, and patient data with role- transaction
Xiaosong Zhang. based access control. processing.

2 2020 Hassan Mansur Medical Data Proposed a hybrid Scalability

Hussien, Sharifah Sharing with IPFS approach using IPFS challenges with
Md Yasin, Nur Izura and Blockchain for efficient data large-scale
Udzir, and Mohd
storage and blockchain healthcare
Izuan Hafez
for access control. systems..
Ninggal.

3 2021 Liu, J., Wang, Y., Permissioned Implemented a Limited flexibility

and Wu, J. Blockchain for Hyperledger Fabric- for cross-platform
EHR based system that integration.
ensures only

Dept. of CSE, MVSREC 8

 Decentralized Health Record Management
authorized access to
patient records.

4 2022 Sharma, S., Singh, Smart Contracts Designed Ethereum- High gas fees due
S., and Kumar, P. for EHR Access based smart contracts to Ethereum's
Control to regulate EHR transaction costs.
sharing between
hospitals and patients.

The reviewed studies collectively underscore the transformative potential of blockchain and IPFS in
reshaping healthcare record management by addressing critical challenges faced by traditional systems. One
of the most significant advantages of blockchain technology is its immutability, which guarantees that once a
record is entered into the system, it cannot be altered or tampered with. This feature provides a high level of
integrity to medical records, reducing the risk of fraud, data manipulation, and unauthorized alterations,
which are major concerns in conventional healthcare systems. The use of cryptographic techniques, such as
public-key encryption, further enhances data security by ensuring that only authorized individuals can access
or modify patient records. This not only safeguards sensitive medical data but also aligns with strict privacy
regulations, such as HIPAA and GDPR, which demand robust protection of patient information.

Moreover, blockchain's decentralized nature offers significant benefits in terms of data sharing and
interoperability. Unlike traditional centralized systems, where data is siloed within individual healthcare
institutions, blockchain enables seamless, secure sharing of patient records across multiple healthcare
providers. This decentralized approach removes barriers to data exchange, allowing healthcare professionals
to access comprehensive patient histories, regardless of where the records are stored. This can improve
decision-making, reduce medical errors, and promote better-coordinated care, particularly for patients who
move between different healthcare settings or have complex, ongoing health conditions. The ability to
securely share data between healthcare institutions could drastically improve the overall efficiency of
healthcare delivery and lead to better patient outcomes.

While blockchain offers a promising solution for secure and transparent data management, it also faces some
scalability challenges. One limitation is the issue of data storage. Blockchain's decentralized ledger is not
well-suited for storing large volumes of data, such as medical imaging or detailed patient records. This is
where IPFS (InterPlanetary File System) comes in, as it provides an efficient decentralized storage solution.
IPFS allows for the distributed storage and retrieval of large files, making it an ideal complement to
blockchain. It ensures that the bulk of medical data, such as images and extensive patient histories, can be

Dept. of CSE, MVSREC 9

 Decentralized Health Record Management
stored in a way that is scalable, resilient, and fast to access. However, despite these advancements, large-
scale implementation of blockchain and IPFS still faces challenges in terms of performance and
optimization. The need to handle millions of records across a decentralized network requires significant
advancements in scalability solutions to ensure that these systems can process and retrieve data efficiently
without delays or bottlenecks.

Another key benefit of blockchain-based healthcare systems is the increased control it gives to patients over
their medical data. Traditional healthcare systems often place the responsibility of managing and securing
patient data in the hands of healthcare institutions, leaving patients with limited visibility or control. In a
blockchain-based system, patients are granted greater autonomy through features such as smart contracts,
which enable them to set permissions for who can access their medical data and under what conditions. For
example, a patient can allow a healthcare provider to view their records for a specific treatment, and once the
treatment is completed, the access can be revoked. This system provides a transparent and auditable trail of
who accessed the data and when, ensuring that patient consent is always respected. As a result, patients not
only have more control over their healthcare information but also experience enhanced privacy and security,
knowing that their data is stored in a secure, tamper-resistant system.

In summary, the integration of blockchain and IPFS in healthcare record management offers significant
benefits in terms of data security, privacy, interoperability, and patient control. By providing a decentralized,
immutable, and transparent platform for managing medical records, these technologies hold the potential to
revolutionize the healthcare industry, improving both the quality of care and the efficiency of healthcare
delivery. However, to fully realize this potential, ongoing efforts are needed to address scalability issues,
ensuring that these systems can handle the large volumes of data required for large-scale implementation.
Despite these challenges, the promise of a more secure, efficient, and patient-centric healthcare system
through blockchain and IPFS remains a compelling vision for the future.

The reviewed studies collectively highlight the potential of blockchain and IPFS in revolutionizing
healthcare record management. Blockchain's immutability ensures that records cannot be tampered with,
while cryptographic techniques secure data access, enhancing security and privacy. Additionally,
decentralized systems enable seamless sharing of records across different healthcare institutions, improving
interoperability. While IPFS addresses blockchain storage limitations, large-scale implementation still
requires optimization to efficiently handle millions of records, posing scalability challenges. Furthermore,
patients gain greater control over their medical data, allowing them to securely share information with
healthcare providers through smart contracts, thus enhancing accessibility and data security in decentralized
health record management.

Dept. of CSE, MVSREC 10

 Decentralized Health Record Management

CHAPTER 3
SYSTEM DESIGN
3.1 FLOWCHART
The depicted flowchart outlines the functioning of the Electronic Health Record Management System. It
visually represents the processes of encryption, key generation, and access control

Fig 3.1 Data flow

3.2 SYSTEM ARCHITECTURE

The architecture of the system adheres to multiple high-level patterns and principles. It primarily
emphasizes the external components of the system that are visible to users and their interactions with one
another. Figure 1 illustrates the overall architecture of the system. In this architecture, it consists of three
modules (Layers).

Dept. of CSE, MVSREC 11

 Decentralized Health Record Management
The first module is the User Management Layer, which provides a user interface for patients and
doctors to interact with the Electronic Health Record system. Through this module, users can input and
retrieve data that will be stored in decentralized storage

Fig 3.2 System Architecture

The second module is the EHR Storage Layer, which serves as the backbone of the project. In this
module, data is stored in blockchains maintained by hospitals, with databases that are distributed across the
network. Popular tools that have been used in this module include Next.js, Ganache, Truffle, and MetaMask.
APIs are used to facilitate communication between the User Management Layer and the EHR Storage Layer,
with incoming requests triggering data storage procedures in the latter.

The third module is the EHR Generation and View Layer, which provides a comprehensive and
efficient means of managing patient health information in electronic format. Healthcare providers can access
patient data from multiple sources through this module, which includes tools for searching, filtering, and
visualizing trends and patterns in the data.

Dept. of CSE, MVSREC 12

 Decentralized Health Record Management

3.3 UML Diagrams

Use case diagram:

Fig 3.3 Use Case Diagram

The use-case diagram is shown in Figure 3.3. This application’s use-case has three key entities: an
Admin, a patient, and a doctor. various user roles interact to facilitate secure and efficient healthcare
management
State diagram:

The UML state diagram for the MedRecChain system illustrates the various states and transitions
involved in its operation. The system begins in the Start state, where users initiate the login process. Upon
entering the Login state, the system verifies the user's Ethereum account. If authentication succeeds, the user
transitions to their respective dashboards: Admin Dashboard, Hospital Dashboard, Doctor Dashboard, or
Patient Dashboard, based on their role. If authentication fails, the system moves to the Login Error state.

Dept. of CSE, MVSREC 13

 Decentralized Health Record Management

Fig 3.4 State Diagram

Sequence diagram:

The Sequential Diagram below offers a visual representation illustrating the interactions and
communication flow among various entities, including the Patient, Doctor, Web Server, Smart Contract, and
IPFS. The following sequential diagram provides insights into the communication process and the steps
involved in how patient upload their medical records, subsequently accessed by doctors via blockchain
Technology

Dept. of CSE, MVSREC 14

 Decentralized Health Record Management

Dept. of CSE, MVSREC 15

 Decentralized Health Record Management

Fig 3.5 Sequence Diagram

3.4 PROJECT PLAN

Our 8-week project is dedicated to the development of Decentralized Health Record Management, a
cutting-edge system designed to significantly enhance the privacy, security, and accessibility of patient data
through the use of blockchain technology. This project aims to tackle the major challenges faced by
traditional centralized health record systems, including data breaches, lack of interoperability, and limited
patient control over their own medical information. By leveraging the power of blockchain, we seek to
create a system that ensures data immutability, secure access, and streamlined sharing between authorized
healthcare providers, all while empowering patients to take control of their health data in a transparent and
user-friendly environment.
The first key objective of the project is to unify various health record formats into a standardized
system. Currently, patient data exists in numerous forms, including text-based clinical notes, diagnostic
images, laboratory results, and prescriptions, which are often stored in incompatible formats across different
healthcare institutions. Our system will work to standardize these diverse data types into a single, cohesive
format, making it easier for healthcare providers to access and interpret a patient’s full medical history,
regardless of where the data originates. This will enhance the continuity of care, reduce redundancy, and
minimize the risk of medical errors that arise from incomplete or fragmented records.
A central component of the project will be the configuration and implementation of a decentralized
ledger using blockchain technology. Blockchain’s distributed and immutable nature will allow for the secure

Dept. of CSE, MVSREC 16

 Decentralized Health Record Management
storage and sharing of medical records. Each transaction or update made to the patient’s record will be
encrypted and added to the blockchain, ensuring that the record cannot be altered or tampered with without
consensus from the network. This will provide a robust safeguard against unauthorized access, data
manipulation, and cyberattacks, all of which are pressing concerns in the healthcare industry. By using
blockchain’s consensus mechanism, the system will ensure data integrity and trustworthiness, with a
transparent audit trail that enables healthcare providers and patients to track who has accessed or modified
their records.
In addition to blockchain, the system will incorporate mechanisms for securely organizing datasets.
We will employ encryption techniques and access control protocols to ensure that only authorized
individuals—such as healthcare providers or the patients themselves—can access sensitive medical
information. The project will also focus on integrating secure data storage solutions to handle large-scale
medical datasets, including medical images and other complex data types, ensuring that all records are easily
retrievable and securely stored across a decentralized network. The use of technologies such as IPFS
(InterPlanetary File System) will complement blockchain by providing efficient and scalable storage
solutions for large files, making it easier to store and retrieve medical data while maintaining
decentralization.
Furthermore, a key aspect of the project is the development of a user-friendly interface that will make
it easy for both patients and healthcare providers to interact with the system. The interface will be designed
with simplicity in mind, offering intuitive navigation and easy access to medical records. Patients will have
the ability to grant and revoke access to their health data, track the usage of their records, and manage
privacy settings with ease. Healthcare providers will benefit from quick and secure access to comprehensive
patient histories, improving their ability to make informed decisions and deliver better patient care. The
interface will also facilitate secure communication between patients and healthcare providers, enabling them
to collaborate more efficiently and share important information as needed.
The decentralized nature of the system ensures that patients have complete control over their medical
records. They will no longer need to rely on third-party institutions to manage and store their health data, as
the blockchain-based system offers them ownership and transparency over their medical histories. Patients
will also be able to share their health records with trusted healthcare providers seamlessly and securely,
enabling better care coordination and reducing administrative burden.
Throughout the course of the project, we will also focus on conducting thorough testing to ensure that
the system is scalable, efficient, and capable of handling the large volume of data required for real-world
healthcare applications. This will involve evaluating the system's performance under various scenarios,
identifying potential bottlenecks, and optimizing the platform to handle millions of records securely and
efficiently.

Dept. of CSE, MVSREC 17

 Decentralized Health Record Management
In summary, the Decentralized Health Record Management project will create a secure, tamper-proof,
and efficient system for managing medical records. By leveraging blockchain technology, the project will
empower patients with control over their health data while enabling healthcare providers to access
comprehensive and accurate patient information. The project’s goal is to improve the efficiency of
healthcare delivery, enhance patient privacy, and foster better collaboration between healthcare providers—
all while creating a transparent, user-friendly, and secure system for managing health records in a
decentralized manner.
Week 1: Project Initiation and Environment Setup
Objective: Establish the project foundation and prepare the development environment.

Tasks:

• Conduct a project kickoff meeting to align the team on objectives, roles, and responsibilities.
• Create a new BlockChain environment and install necessary dependencies.
• Configure the development environment for GPU usage to ensure optimal performance.
• Set up version control with Git and establish a repository for the project.

Week 2: Blockchain and IPFS Setup

Objective: Set up the blockchain network and IPFS for decentralized storage.

Tasks:

 Initialize a private blockchain network or connect to a testnet (e.g., Ethereum

Rinkeby, Polygon).

 Set up IPFS for decentralized file storage and configure local or cloud-based

IPFS nodes.
 Develop and test scripts for uploading, retrieving, and pinning files on IPFS.

 Establish a connection between the blockchain and IPFS for storing file hashes

securely.

 Perform initial tests to ensure blockchain transactions and IPFS integration work seamlessly.

Dept. of CSE, MVSREC 18

 Decentralized Health Record Management
Week 3: Smart Contract Development

Objective: Develop and deploy smart contracts for health record management

Tasks:

• Define smart contract functionalities, including record creation, access control, and permission
management.
• Develop smart contracts using Solidity or another blockchain programming language.
• Test smart contracts on a local blockchain environment using tools like Ganache.

• Deploy the contracts to the testnet and verify their functionality.

• Document the contract APIs and integrate them with the backend.

Week 4: Frontend Development

Objective: Create a user-friendly interface for interacting with the system.

Tasks:

• Design the frontend using frameworks Reactjs.

• Develop components for user authentication, health record upload, and record access.
• Implement a dashboard for users to view and manage their health records.
• Integrate the frontend with backend APIs to enable real-time interactions.
• Test the interface for usability and responsiveness across devices.

Week 5: Backend Development and Integration

Objective: Build the backend to interact with the blockchain and IPFS.

Tasks:

• Set up the backend framework (e.g., Node.js, Flask, or Django).

• Implement APIs for creating, updating, and retrieving health records via the blockchain.

• Integrate backend logic to interact with IPFS for storing and retrieving files.

• Implement encryption mechanisms for sensitive data before uploading to IPFS.

• Test the backend thoroughly to ensure seamless integration with blockchain and IPFS.

Dept. of CSE, MVSREC 19

 Decentralized Health Record Management
Week 6: Security and Optimization

Objective: Enhance system security and optimize performance.

Tasks:

• Implement access control mechanisms to ensure only authorized users can access specific records.

• Enhance transaction security using private keys and wallets (e.g., MetaMask).

• Optimize IPFS file retrieval for faster access.

• Test for vulnerabilities, such as reentrancy attacks and data leakage.

• Refine smart contracts and backend logic for performance improvements.

Week 7: System Integration and Testing

Objective: Integrate all components and conduct thorough testing of the system.

Tasks:

• Integrate the frontend, backend, blockchain, and IPFS components into a cohesive system.
• Perform end-to-end testing to ensure all components work seamlessly.
• Identify and resolve any integration issues or bugs.
• Conduct user acceptance testing with healthcare professionals or a small user group to gather
feedback
• Refine the system based on feedback to ensure reliability and usability.

Week 8: Deployment and Project Closure

Objective: Deploy the system and conclude the project.

Tasks:

• Prepare the deployment environment and configure server settings for hosting the application.
• Deploy the system to a cloud platform (e.g., AWS, Azure) or decentralized hosting services (e.g.,
Fleek, Filecoin).
• Provide comprehensive documentation, including a user manual, developer guide, and system
architecture.
• Conduct a final project review meeting to discuss achievements, challenges, and future
enhancements.

Dept. of CSE, MVSREC 20

 Decentralized Health Record Management

CHAPTER 4
SYSTEM IMPLEMENTATION & METHODOLOGIES
4.1 SYSTEM IMPLEMENTATION
With the increasing digitization of healthcare systems worldwide, Electronic Health Records (EHRs)
have become not only a repository of patient history but also a rich source of data for clinical decision-
making, population health monitoring, and medical research. EHRs consist of a wide array of data types,
including structured elements such as laboratory test results, medication prescriptions, ICD diagnosis codes,
and procedure records, as well as unstructured components like physicians' free-text notes, radiology and
pathology reports, discharge summaries, and referral letters. Furthermore, the integration of real-time patient
monitoring systems and medical imaging adds to the complexity and richness of the data. Managing and
making sense of this heterogeneous, high-dimensional, and frequently updated data at scale poses a
significant challenge for clinicians, hospital administrators, and researchers alike. Consequently, the ability
to automatically identify and extract relevant medical events based on user-specific or task-specific queries
has become critical for improving both individual patient care and system-wide healthcare efficiency.
In response to this need, several core EHR-related tasks have emerged. Clinical event extraction is a
foundational capability that involves automatically identifying, classifying, and organizing clinically
significant events—such as the onset of symptoms, the administration of treatments, or the confirmation of
diagnoses—from large volumes of unstructured text. This task often leverages natural language processing
(NLP) techniques to interpret complex medical language, resolve ambiguous terms, and structure events in a
way that supports automated querying and reasoning. For instance, a physician might use such a system to
identify all cases within a patient population who developed renal failure following the administration of a
specific medication, thus enabling faster identification of treatment risks or drug side effects.
Anomaly detection, on the other hand, focuses on identifying unusual or potentially harmful patterns
in patient data that deviate from expected norms. This can include sudden changes in vital signs (e.g., blood
pressure spikes), unexpected lab value fluctuations, missed medication doses, or the co-prescription of
contraindicated drugs. These anomalies might signal clinical deterioration, medication errors, or early
warnings of disease progression, allowing healthcare providers to intervene proactively. Sophisticated

Dept. of CSE, MVSREC 21

 Decentralized Health Record Management
machine learning and time-series analysis methods are often used in this context to model normal
physiological behavior and flag deviations in real time.
Finally, medical summarization aims to reduce the cognitive load on clinicians by synthesizing
lengthy and complex patient records into concise, readable, and informative summaries. These summaries
can be generic—providing an overview of a patient’s entire medical history—or task-specific, tailored to
particular clinical workflows, such as pre-operative evaluations, chronic disease management, or emergency
care. Summarization systems rely on a mix of rule-based approaches, NLP, and machine learning to select,
condense, and organize information, ensuring that key clinical facts (e.g., allergies, past surgeries, recent
diagnoses, and medication history) are preserved and presented in a coherent format. Effective
summarization not only saves time but also reduces the risk of oversight, especially in high-pressure
environments like emergency rooms or intensive care units.
In summary, the integration of clinical event extraction, anomaly detection, and medical
summarization into EHR systems transforms raw and disparate medical data into actionable clinical
intelligence. These technologies empower healthcare professionals to make faster, more informed decisions,
support precision medicine efforts, enhance patient safety, and enable scalable analysis for research and
public health surveillance. As artificial intelligence and data science continue to evolve, these EHR-based
tools are expected to become even more sophisticated, eventually supporting fully integrated, context-aware
clinical decision support systems.
This growing need has led to several EHR-related tasks, including clinical event extraction, anomaly
detection, and medical summarization. Specifically:
 Clinical event extraction involves identifying consecutive medical events (e.g., symptoms, diagnoses,
treatments) from unstructured EHR data based on natural language queries (e.g., "Find instances of
diabetic complications").
 Anomaly detection aims to pinpoint critical abnormalities in patient records (e.g., sudden spikes in
vital signs, medication interactions).
 Medical summarization extracts and organizes key patient history elements into concise, structured
summaries, either general or tailored to specific clinical needs.

4.2 TECHNOLOGY STACK

Blockchain Layer: Ethereum (Smart Contracts using Solidity)

The heart of the system is built on Ethereum, a well-established and secure blockchain network. Ethereum
provides a decentralized environment for storing data and executing smart contracts, which are self-
executing contracts with the terms of the agreement directly written into code. Using Solidity, Ethereum’s
smart contract programming language, we will define and deploy contracts that govern how medical records

Dept. of CSE, MVSREC 22

 Decentralized Health Record Management
are shared, updated, and accessed within the system. These smart contracts will play a pivotal role in
automating the flow of data, ensuring that only authorized parties can view or modify a patient's medical
records. The decentralized nature of Ethereum ensures that records are immutable, and once added to the
blockchain, they cannot be altered or tampered with without network consensus.

Storage Layer: IPFS (InterPlanetary File System)

While blockchain offers secure, transparent, and immutable data management, storing large medical files
like images, lab results, or extensive clinical notes directly on the blockchain can be inefficient and costly.
To address this issue, IPFS will be used for storing and retrieving large files. IPFS is a decentralized file
storage system that enables the distribution of data across a peer-to-peer network. It ensures that medical
records are stored securely and can be easily retrieved from multiple locations. When a medical record (e.g.,
an MRI scan or a doctor's note) is added, it will be stored on IPFS, and a unique content identifier (CID) will
be generated. This CID will be saved on the Ethereum blockchain, linking the file to the patient’s record and
ensuring data integrity, accessibility, and security.

Access Control: Smart Contracts and Cryptographic Techniques (Public-Private Key Encryption)

To ensure that only authorized individuals can access a patient’s medical data, we will utilize smart contracts
and cryptographic techniques such as public-private key encryption. Smart contracts will define the rules for
data access, granting permission only to authorized parties such as doctors, specialists, or patients
themselves. Through public-private key encryption, each user (patients, doctors, and healthcare providers)
will have a unique pair of cryptographic keys. The public key will serve as the user’s address, while the
private key will provide access to encrypted data. When a user attempts to access a record, the system will
verify their identity through the use of cryptographic techniques, ensuring that only those with the proper
credentials can view or update the medical data.

Frontend: React.js, Next.js, or Vue.js for UI

The user interface of the Decentralized Health Record Management system will be designed to be intuitive,
responsive, and easy to use. We will use modern frontend frameworks like React.js, Next.js, or Vue.js to
build a seamless, fast, and interactive UI. These frameworks will help us create dynamic and responsive
components for managing patient records, viewing medical history, granting access permissions, and more.
With React.js and Next.js, the application will benefit from features such as server-side rendering (SSR) for
faster load times and enhanced SEO. Vue.js, known for its simplicity and ease of integration, will also be a
potential choice, depending on the specific needs of the frontend. The frontend will ensure that both
healthcare professionals and patients can interact with the system intuitively, whether it's accessing records,
sharing data, or controlling access.

Backend: Node.js/Express.js for API Interactions

Dept. of CSE, MVSREC 23

 Decentralized Health Record Management
The backend of the system will handle all the business logic and API interactions between the frontend and
blockchain. Using Node.js along with the Express.js framework, we will develop a RESTful API to manage
interactions between the user interface and the blockchain. The backend will interact with the Ethereum
blockchain, sending and receiving transactions related to the management of medical records. It will also
interface with IPFS for file storage and retrieval. The API will facilitate secure communication between the
frontend and backend, ensuring that data is transmitted efficiently and safely. Additionally, the backend will
manage user authentication, session handling, and interactions with the decentralized storage system.

Development & Testing: Ganache (Local Blockchain), Truffle/Hardhat (for Development & Testing)

During the development phase, we will use Ganache, a personal Ethereum blockchain for quick
development and testing. Ganache allows us to simulate blockchain transactions and test the smart contracts
in a controlled environment before deploying them to the live Ethereum network. It provides us with tools to
simulate various network conditions and test contract functionality. Truffle and Hardhat will be used as
development frameworks to write, test, and deploy Ethereum smart contracts. Both tools simplify the
process of compiling, deploying, and testing smart contracts on Ethereum, and they offer robust testing
frameworks that ensure the correctness and security of the contracts before going live. These tools are
essential for ensuring that the smart contracts function as intended and are secure from potential
vulnerabilities.

Wallet & Authentication: MetaMask/Web3.js for User Authentication and Transactions

For the system to interact with the Ethereum blockchain, we will use MetaMask, a popular cryptocurrency
wallet and browser extension, to facilitate user authentication and interaction with smart contracts.
MetaMask enables users to store their Ethereum private keys securely and allows them to sign transactions
on the blockchain. We will integrate Web3.js, a JavaScript library that enables communication between the
frontend and Ethereum, to allow users to interact with the blockchain directly from the web application.
With MetaMask and Web3.js, users will be able to sign transactions, manage access permissions, and
approve data sharing securely within the decentralized system.

Integration and Security

The entire system will be built with a strong focus on security, ensuring that patient data is protected at all
stages. Smart contracts will be rigorously tested to prevent exploits, and cryptographic techniques will
ensure that sensitive information is securely encrypted and accessible only to authorized individuals.
Additionally, since the system operates in a decentralized environment, there will be no central point of
failure, reducing the risk of data breaches and ensuring higher uptime and reliability.

Conclusion

Dept. of CSE, MVSREC 24

 Decentralized Health Record Management
In conclusion, the system architecture combines blockchain’s security, decentralization, and transparency
with cutting-edge web development technologies to deliver a seamless and secure decentralized health
record management platform. By utilizing Ethereum for smart contracts, IPFS for storage, and modern
frontend and backend frameworks, we will create a user-centric platform that enhances patient data privacy,
improves healthcare interoperability, and empowers patients with control over their medical records. This
approach not only modernizes the way health records are managed but also ensures that the system is
scalable, secure, and easy to use for both healthcare providers and patients alike.

4.3 SYSTEM ARCHITECTURE

The decentralized health record management system utilizes a three-layered architecture to provide a
secure, efficient, and user-friendly solution for managing medical records. Each layer serves a distinct
function, contributing to the overall integrity, privacy, and accessibility of patient data. The layers consist of
the Blockchain Layer, the IPFS Storage Layer, and the Application Layer. Below is an expanded
explanation of each layer and its respective components:

4.3.1 Blockchain Layer

The Blockchain Layer is the foundational component of the system, providing a decentralized and secure
infrastructure for managing health records. This layer utilizes the Ethereum blockchain to store critical
metadata, implement permission management, and ensure transparency and immutability of the data.

 Metadata Storage (IPFS Hashes, User Roles, Access Control): The blockchain stores essential
metadata such as the IPFS hash (a unique identifier pointing to the actual medical records stored on
IPFS), user roles (defining the type of user and their privileges), and access control information. The
IPFS hash allows the system to link the decentralized file storage (IPFS) with the Ethereum
blockchain, ensuring the immutability of both the metadata and associated records.

 Smart Contracts for Permission Management: Smart contracts on the Ethereum network govern
access to patient records, ensuring that only authorized users—such as healthcare providers, patients,
or other designated entities—can view or update the records. These smart contracts automate the
enforcement of data-sharing permissions, making sure that patient consent is respected at all times.
For example, a patient can grant access to their medical history for a specific treatment or
consultation and revoke access once the session ends.

 Logging Transactions (Record Uploads, Access Grants, Modifications): The blockchain records
all transactions related to the medical records, including record uploads, access grants, and
modifications. This creates a transparent, auditable trail, enabling both patients and healthcare
providers to track the history of the records, including who accessed the data, when it was accessed,

Dept. of CSE, MVSREC 25

 Decentralized Health Record Management
and any modifications made. This immutable log helps to build trust in the system and ensures
accountability.

4.3.2 IPFS Storage Layer

The IPFS Storage Layer addresses the need for scalable, decentralized storage of large medical records,
such as diagnostic images, test results, and long medical histories, which are not suitable for storage directly
on the blockchain due to space and cost constraints.

 Encrypting and Storing Health Records Off-Chain: Medical records are encrypted and stored off-
chain in the InterPlanetary File System (IPFS), a decentralized and distributed file storage network.
IPFS provides a cost-effective and scalable way to store large files securely, ensuring that they are
distributed across a network of nodes rather than relying on a centralized server. The encryption
ensures that sensitive data remains protected and accessible only by authorized parties, even though it
is stored on a public decentralized network.

 Content Identifier (CID) Storage On-Chain: For each health record uploaded to IPFS, a unique
Content Identifier (CID) is generated. The CID is a hash of the content, serving as a reference to the
actual file stored on IPFS. The CID is then stored on the Ethereum blockchain, linking the health
record to the immutable ledger. Storing the CID on-chain ensures that the record can be verified and
retrieved securely, and that the link between the medical data and the blockchain remains tamper-
proof.

 Decentralized and Tamper-Proof Storage: IPFS ensures that records are stored in a decentralized
manner, meaning that no single point of failure exists, which reduces the risk of data loss or
downtime. The content is distributed across the network, and its integrity is ensured through
cryptographic hashes. This decentralized storage ensures that medical records are both highly
available and tamper-resistant, providing a secure foundation for the entire system.

4.3.3 Application Layer

The Application Layer is the interface through which users interact with the system. This layer provides a
user-friendly experience for patients, doctors, and hospitals while integrating with the underlying blockchain
and IPFS layers. The application layer ensures that users can easily access, manage, and share health records
while maintaining control over their personal information.

 User-Friendly Interface for Patients, Doctors, and Hospitals: The system will feature a
responsive and intuitive user interface designed for multiple user roles, including patients, doctors,
and hospital administrators. Each user will have access to specific features based on their role and
level of authorization. For example, patients will be able to view their medical history, grant or
revoke access to healthcare providers, and track their records. Doctors and hospitals will be able to

Dept. of CSE, MVSREC 26

 Decentralized Health Record Management
access detailed patient records, request permission to view or update data, and collaborate with other
healthcare professionals to provide optimal care.

 Web3 Integration for Authentication and Blockchain Interaction: The Web3 integration allows
the application to interact directly with the Ethereum blockchain. Web3.js, a JavaScript library,
enables the frontend to connect to the blockchain, manage user authentication, and perform
transactions such as granting access, uploading records, or viewing medical data. Through MetaMask
or other Ethereum wallets, users will authenticate themselves and sign transactions securely, ensuring
that only authorized individuals can interact with the system.

 Role-Based Dashboards for Managing Records: The application will feature role-based
dashboards that provide tailored experiences for each type of user. For instance:

o Patients: The dashboard will allow patients to view their health records, grant or revoke
access to healthcare providers, and track who has accessed their information. Patients will
also have the ability to update their profile information and manage privacy settings.

o Doctors: The doctor’s dashboard will allow them to access the patient’s medical history, add
new records, and request permission to view specific data. They will also be able to monitor
changes to records, including any updates made by other providers.

o Hospitals/Healthcare Institutions: Hospital administrators will have access to aggregated

data, reports, and analytics to manage patient records efficiently. They will be able to oversee
data access and permissions, ensuring compliance with privacy regulations.

Conclusion

This three-layered architecture ensures that the Decentralized Health Record Management system is
scalable, secure, and efficient, with each layer playing a critical role in the overall functioning of the system.
The Blockchain Layer provides security, transparency, and tamper-proof metadata storage, while the IPFS
Storage Layer addresses the challenge of storing large, sensitive medical records in a decentralized and cost-
effective manner. Finally, the Application Layer serves as the user interface, providing an intuitive and
seamless experience for patients, doctors, and healthcare providers, while integrating seamlessly with the
underlying blockchain and storage systems. Together, these layers work to create a decentralized, secure,
and user-friendly system for managing health records in a way that enhances patient privacy, improves
healthcare interoperability, and empowers patients to have greater control over their health data.

4.4 USER ROLES AND PERMISSIONS

Dept. of CSE, MVSREC 27

 Decentralized Health Record Management
Role Description Key Permissions Table 4.1
roles
Administrator Manages system Create/manage user
(IT/Admin) settings, security, and accounts Assign roles &
4.4.1 Role- access control. permissions Monitor based
system logs & security
Access Cannot access medical Control
records
Role-
Doctor Provides medical care View patient records
Based and requires access to Update/add clinical Access
Control patient records for notes Prescribe (RBAC) is
diagnosis and treatment. medications Request lab
a security tests Cannot delete model that
restricts records EHR
access Patient The owner of the health View personal health based on
record who can view and records Grant/revoke
predefined share their medical data. access to providers user roles.
It ensures Schedule appointments that only
Update personal details
authorized (limited fields) personnel
can access, modify, or
Hospital Oversees medical data Manage doctor accounts
share sensitive
management and Assign patient-doctor
patient ensures regulatory relationships Monitor data,
compliance. hospital-wide record
aligning with
access Cannot modify
HIPAA, patient records GDPR,
and other healthcare
regulations.

RBAC minimizes security risks by assigning permissions based on job responsibilities, preventing
unauthorized access while ensuring that healthcare providers have the information they need.

Key Components of RBAC

Component Description

Roles Defined job functions (e.g., Doctor, Nurse, Admin) that

determine access permissions.

Permissions Specific rights assigned to roles, such as "Read patient

records" or "Update prescriptions."

Users Individuals assigned to specific roles based on their job in the

healthcare facility.

AccessControl Rules that dictate how and when users can access EHR data.

Dept. of CSE, MVSREC 28

 Decentralized Health Record Management
Policies

Table 4.2 components

4.5 SYSTEM WORKFLOW

Step 1: User Registration & Authentication

In the first step, users (patients, doctors, or hospitals) must securely register and authenticate their identity
within the system. The system integrates with Ethereum wallets such as MetaMask or WalletConnect,
enabling users to interact with the platform in a decentralized manner. These wallets serve as the user's
access point to the blockchain, and by connecting their wallet, users authenticate themselves through their
Ethereum address, a unique and secure identifier in the blockchain network.
Rather than relying on centralized databases to store user credentials (which are prone to breaches), the
system leverages a Decentralized Identity (DID) model. The user's identity and authentication credentials are
linked directly to their blockchain address, making it tamper-proof and decentralized. This approach not only
enhances security but also ensures that users have full control over their personal data and are not dependent
on a third-party for validation. Additionally, this method eliminates the risk of centralized data theft since
sensitive information never resides in a single server but is distributed across the decentralized Ethereum
network.
Step 2: Uploading a Medical Record
Once a patient is authenticated, they can begin uploading their medical records. The first step in uploading a
record is to ensure its confidentiality. This is achieved by AES encryption (Advanced Encryption Standard),
which encrypts the record before it is shared or stored. This encryption ensures that even if an unauthorized
party gains access to the storage network, the data will remain unreadable without the decryption key.
After encryption, the medical record is then uploaded to IPFS (InterPlanetary File System). IPFS is a
distributed and decentralized storage network that allows large files, such as medical records, to be stored
securely across a wide range of nodes. Each record uploaded to IPFS generates a unique Content Identifier
(CID), a cryptographic hash that acts as a reference to the file. The CID provides a unique, tamper-proof link
to the stored file on IPFS, ensuring that the record can be retrieved exactly as it was originally uploaded,
maintaining data integrity. This CID is then recorded on the blockchain through a smart contract, linking the
encrypted medical record to the decentralized ledger. Storing the CID on the blockchain ensures that the
record is immutable, transparent, and auditable, guaranteeing that no one can alter or delete the data without
proper authorization.
Step 3: Granting Access to a Doctor
One of the key features of the decentralized health record system is patient control over who can access their
medical records. When a patient wishes to share their records with a healthcare provider, they must

Dept. of CSE, MVSREC 29

 Decentralized Health Record Management
explicitly grant permission through the blockchain's smart contract. This is done by adding the Ethereum
address of the doctor or hospital to the whitelist stored on the smart contract.
Once the healthcare provider's Ethereum address is added, they are granted the ability to retrieve the CID
from the blockchain, which provides the reference to the patient's medical record stored on IPFS. This
process ensures that only authorized individuals—in this case, the doctor or hospital—are able to access the
patient's medical data. The use of blockchain and smart contracts enables a highly secure and transparent
system, as every access request is logged and can be audited by both the patient and healthcare providers.
Additionally, this system avoids the need for third-party intermediaries, reducing the risk of unauthorized
data access and ensuring privacy.
Step 4: Accessing a Medical Record
When a doctor needs to access a patient's medical record, the process begins by sending a request for
permission via the smart contract. This request checks whether the doctor's Ethereum address is on the
patient's whitelist. If the doctor is authorized, the blockchain grants access by providing the CID, which acts
as the link to the encrypted medical record on IPFS.
With the CID, the doctor can fetch the encrypted file from IPFS, but they cannot view the content directly
without the decryption key. To maintain security, the decryption key is shared only between the patient and
the doctor. This key exchange can be handled securely through a private messaging system or other secure
channels. Once the doctor has the key, they can decrypt the record and view the patient's sensitive medical
information. This process ensures that only those authorized by the patient can access and view their records,
reinforcing the principle of patient privacy and control.
Step 5: Updating or Revoking Access
One of the most important aspects of this system is that patients retain full control over their medical records
at all times. If a patient decides to update or revoke access to their records, they can do so through the smart
contract. This flexibility allows patients to modify the access permissions in real-time, ensuring that only
those currently authorized can view or modify their data.
When a patient revokes access, the smart contract removes the doctor's Ethereum address from the whitelist,
effectively preventing the doctor or hospital from retrieving the CID from the blockchain. As a result, the
healthcare provider can no longer access the medical record, even if they previously had permission. This
dynamic access control system provides robust privacy protections for patients, allowing them to manage
their data with full transparency and control.
Additionally, if a patient's medical condition changes or they wish to share new information, they can easily
update the records on IPFS, generate a new CID, and modify the smart contract accordingly to grant or
revoke access. This dynamic and real-time updating of access permissions allows patients to make informed
decisions about who can view their sensitive health information and when.

Dept. of CSE, MVSREC 30

 Decentralized Health Record Management
Conclusion
This approach creates a secure, transparent, and user-controlled ecosystem for managing and sharing
medical records. By integrating blockchain for identity management, smart contracts for access control, and
IPFS for decentralized storage, the system offers enhanced privacy, security, and interoperability. The
patient-centric nature of the system ensures that individuals maintain control over their health data and can
share it efficiently with authorized healthcare providers, thereby improving the quality of care, reducing
errors, and fostering trust in the healthcare system. Furthermore, the system’s flexibility allows for real-time
updates and dynamic access control, adapting to the evolving needs of both patients and healthcare
providers.

4.6 METHODOLOGIES USED

4.6.1 Blockchain-Based Access Control

The system utilizes Ethereum smart contracts to manage and enforce access control in a decentralized
manner. These smart contracts are responsible for verifying whether a user, such as a doctor or hospital, has
been granted the necessary permissions to access a patient’s medical records. This is achieved through the
use of modifier functions in Solidity, which check access rights before executing any critical functions, such
as retrieving or updating medical data. By enforcing these checks at the contract level, the system ensures
that unauthorized access attempts are automatically blocked. Furthermore, patients maintain full control over
their data and can dynamically grant or revoke access to specific users at any time. This not only enhances
the overall security of the system but also empowers patients with granular control over who can view or
manage their medical information.

4.6.2 IPFS-Based Storage

To handle the storage of large medical files in a secure and scalable way, the system integrates the
InterPlanetary File System (IPFS). IPFS is a decentralized file storage protocol that distributes files across a
peer-to-peer network, reducing dependence on centralized servers and minimizing risks related to data
tampering or single points of failure. Before being uploaded to IPFS, each medical record is encrypted for
confidentiality. Upon storage, IPFS returns a unique Content Identifier (CID), which acts as a fingerprint for
that specific file. This CID is then stored on the Ethereum blockchain via a smart contract, enabling the
verification of data authenticity and retrieval without actually storing large files on-chain. This architecture
significantly reduces the cost and scalability issues associated with blockchain storage while preserving the
integrity and availability of medical data.

4.6.3 Encryption & Security

To safeguard patient data, the system employs a dual-layered security mechanism that combines symmetric
and asymmetric encryption. All medical records are encrypted using the Advanced Encryption Standard

Dept. of CSE, MVSREC 31

 Decentralized Health Record Management
(AES), a widely trusted encryption algorithm known for its speed and security. AES ensures that even if the
data is intercepted during storage or transmission, it remains unreadable without the correct key.
Additionally, to control access to the decryption keys, the system uses Elliptic Curve Cryptography (ECC), a
public-key encryption technique that allows the secure exchange of keys between patients and doctors. Each
authorized user receives a unique encrypted version of the AES key, ensuring that only intended recipients
can decrypt the files. To enhance accountability and traceability, every access request and transaction is
logged on-chain through smart contract events. This creates a verifiable and auditable history of actions,
allowing patients and administrators to monitor who accessed the records and when.

4.6.4 Decentralized Identity (DID)

The system supports decentralized identity management through Ethereum-based solutions such as Self-
Sovereign Identity (SSI). Instead of relying on centralized identity providers, each user possesses a
Decentralized Identifier (DID), which is cryptographically tied to their Ethereum address. These DIDs serve
as verifiable digital identities, allowing users to authenticate and prove ownership of their data without
exposing personal information. Patients, doctors, and hospitals use these DIDs to interact with the system
securely, enhancing privacy and reducing the risks associated with identity theft. Because DIDs are
controlled directly by users and not by a central authority, they cannot be altered or revoked by third parties.
This ensures greater autonomy and privacy for all participants in the health data ecosystem.

4.6.5 Smart Contract Development

The backbone of the system’s logic and operations is built through smart contracts written in Solidity,
Ethereum’s native programming language. These contracts define the rules for data access, record storage,
permission management, and transaction logging. Key features include the implementation of Access
Control Lists (ACLs), which help in mapping user roles and their associated permissions, and the use of
modifier functions that validate transaction requirements before allowing execution. For example, a modifier
might check if the sender is an authorized doctor before granting access to a patient’s record. The
development and testing of these contracts are facilitated by blockchain frameworks like Truffle and
Hardhat, which offer robust environments for compiling, deploying, and debugging smart contracts. These
tools also allow the use of simulated networks such as Ganache, which developers use to test contract logic
locally before deploying it to a live blockchain environment.

4.6.6 Web3 Integration

To ensure smooth communication between the decentralized backend and the user interface, the system
integrates JavaScript libraries such as Web3.js or Ethers.js. These libraries enable frontend applications to
interact directly with the Ethereum blockchain, allowing users to send and receive data from smart contracts
without relying on centralized intermediaries. When a patient or doctor logs in via a browser, they connect
their Ethereum wallet—typically through MetaMask—which acts as both an authenticator and transaction

Dept. of CSE, MVSREC 32

 Decentralized Health Record Management
signer. This eliminates the need for conventional username-password logins and instead uses cryptographic
keys to verify identity and approve actions. The use of Web3 also supports real-time interactions, such as
updating access permissions, uploading new records, and retrieving stored data. By combining Web3
integration with decentralized storage and blockchain-based logic, the system delivers a secure, transparent,
and user-centric experience for managing electronic health records.

4.7 USER INTERFACE

Fig 4.1 Home screen

A user-friendly and role-based UI is crucial for an EHR system to ensure that patients, doctors, and
administrators can efficiently access and manage medical records while maintaining security and
compliance.The dashboard provides rolebased interface for managing electronic health records.

Super Admins oversee system access, Hospitals manage doctors, Doctors request and update patient
records, and Patients control their data, granting or revoking access. This secure, blockchain-based system
ensures transparency, privacy, and efficient healthcare data management.

Dept. of CSE, MVSREC 33

 Decentralized Health Record Management

Fig 4.2 Dashboard

The admin dashboard in provides an overview of the system, displaying the number of registered
hospitals, doctors, and patients. It includes data visualizations for medical record distribution, enabling
administrators to monitor user activity and system performance efficiently while ensuring secure access
control and regulatory compliance.

Fig 4.3 admin dashboard

The hospital dashboard provides an overview of registered hospitals, doctors, and patients. It displays
hospital details, including address, phone number, and public key.

Dept. of CSE, MVSREC 34

 Decentralized Health Record Management

Fig 4.4 hospital dashboard

The doctor dashboard allows doctors to access and manage patient records securely. It provides an
overview of assigned patients and medical data. Doctors can update clinical notes, prescribe medications,
and request access to records

Fig 4.5 doctor dashboard

The patient dashboard allows users to manage their medical records and control access permissions.
Patients can view their health data, grant or revoke access to doctors, and monitor record requests.

Dept. of CSE, MVSREC 35

 Decentralized Health Record Management

Fig 4.6 patient profile

CHAPTER 5

TESTING AND RESULTS

5.1 TEST CASES

5.1.1 Test Case I

Test Case: The objective of this test case is to verify that users can successfully connect their MetaMask
wallet for authentication. The user clicks the "Connect Wallet" button, selects MetaMask, and approves
the connection request. The system should verify the wallet address and authenticate the user based on
their role.

Expected Result: The user should successfully connect their MetaMask wallet and be redirected to the
appropriate dashboard. If the connection fails or the wallet is not recognized, the system should display an
error message and deny access

Dept. of CSE, MVSREC 36

 Decentralized Health Record Management

Fig 5.1 Test case I

5.1.2 Test Case II

Test Case: This test case verifies that an administrator can successfully add a new hospital to the system.
The admin logs in, navigates to the hospital management section, enters the required hospital details, and
clicks the "Add" button to submit the information.

Expected Result: The hospital should be successfully added to the system.

Fig 5.2 Test case II

5.1.3 Test Case III

Test Case: Verify that users can only access dashboards assigned to their role based on their MetaMask
login.

Expected Result: If the logged-in MetaMask account is assigned as an admin, attempting to access hospital,
doctor, or patient dashboards should trigger an error message stating "Not your role." Only the assigned
role's dashboard should be accessible.

Dept. of CSE, MVSREC 37

 Decentralized Health Record Management

Fig 5.3 Test case III

5.1.4 Test Case IV

Test Case: This test case ensures that a doctor, after logging in via MetaMask, can upload a patient’s
medical record. The system should verify that the doctor has the necessary permissions and associate the
uploaded record with the correct patient.

Expected Result: The system should allow the doctor to upload the record only for assigned patients. Upon
successful upload, the record should be stored in IPFS, and the corresponding hash should be saved on the
blockchain.

Fig 5.4 Test Case IV

5.1.5 Test Case V

Test Case: Verify that a doctor can send a request to a patient for access to their medical records

Dept. of CSE, MVSREC 38

 Decentralized Health Record Management
Expected Result: The patient should receive the access request notification. The system should not allow a
doctor to request access for an unassigned patient. If approved, the doctor gains access,otherwise, access
remains restricted.

Fig 5.5.1 Test case V

CHAPTER 6

CONCLUSION AND FUTURE ENHANCEMENTS

6.1 FUTURE ENHANCEMENTS

There are several promising directions for future work that can significantly enhance the
capabilities, scalability, and user-friendliness of MedVault, the decentralized solution for Electronic
Medical Records (EMR) sharing. These enhancements would not only improve the current system
architecture but also make the platform more adaptable, secure, and widely adoptable across the
healthcare sector. Below is an in-depth exploration of potential areas for future development.

1. Interoperability with other blockchain platforms

While MedVault currently operates on the Ethereum network, expanding its interoperability
with other blockchain platforms such as Hyperledger Fabric, Corda, or Polkadot can greatly
increase its flexibility and usefulness. Each of these platforms has different strengths, and

Dept. of CSE, MVSREC 39

 Decentralized Health Record Management
enabling seamless data exchange across them would promote broader adoption across
healthcare institutions with varying infrastructures. Cross-chain communication protocols or
the implementation of standardized data formats, such as HL7 FHIR (Fast Healthcare
Interoperability Resources), could enable healthcare systems using different blockchain
solutions to collaborate and exchange records securely and efficiently.

2. Integration with emerging technologies

Incorporating advanced technologies like artificial intelligence (AI) and machine learning
(ML) can significantly elevate the functionality of MedVault. AI models can analyze the
medical records stored on the platform to identify trends, predict diseases, and provide
personalized health insights. Machine learning could be used to support clinical decision-
making by matching patient symptoms and medical history with treatment outcomes from
similar cases. Natural language processing could also be used to extract structured data from
unstructured physician notes, improving the completeness and usability of electronic records.
These integrations could help turn MedVault into a powerful analytical tool for both
preventive care and real-time diagnostics.

3. Enhancing privacy and data protection

Although blockchain provides an immutable and transparent data layer, patient health data
requires even stricter privacy measures. Future developments could incorporate advanced
privacy-preserving techniques such as zero-knowledge proofs, which allow verification of
data without revealing the underlying information. Differential privacy could be used to
provide statistical insights while masking individual patient identities. Additionally,
homomorphic encryption could allow computations to be performed on encrypted data,
enabling secure data processing without compromising privacy. These techniques would help
MedVault meet stringent regulatory standards like HIPAA and GDPR while maintaining the
benefits of a decentralized system.

4. Scalability and performance optimization

As MedVault usage grows, optimizing performance to handle increasing volumes of users
and data will be essential. Ethereum's base layer can become congested and expensive, so
incorporating layer-2 solutions such as Optimistic Rollups or ZK-Rollups can significantly
improve scalability by reducing transaction fees and increasing throughput. Other methods
such as sharding or utilizing sidechains can help distribute the processing load. Additionally,
off-chain storage improvements and metadata indexing could enable faster search and
retrieval of medical records from IPFS. These upgrades would ensure that the platform
remains efficient and reliable, even at scale.

Dept. of CSE, MVSREC 40

 Decentralized Health Record Management
5. User experience and interface design
A key factor in the widespread adoption of MedVault is its ease of use for all stakeholders,
including patients, doctors, and hospital administrators. Future work should focus on refining
the platform's interface to ensure it is intuitive and accessible. This may involve
implementing responsive design for compatibility with mobile devices, multilingual support
to accommodate diverse users, and accessibility features for users with disabilities. Gathering
regular user feedback, conducting usability testing, and applying modern design principles
can help shape a more user-friendly platform. Interactive dashboards that visualize patient
histories, diagnostic trends, and treatment progress can further aid healthcare providers in
making informed decisions efficiently.

In summary, the future development of MedVault lies in expanding interoperability, embracing

intelligent technologies, strengthening privacy protections, improving performance, and creating an
intuitive user experience. These enhancements will transform MedVault from a decentralized record-
sharing system into a comprehensive, intelligent, and patient-centered health data management
solution, aligning with the evolving needs of the modern healthcare landscape.

6.2 CONCLUSION

In conclusion, MedVault represents a transformative step forward in the field of Electronic

Medical Records (EMR) management by adopting a decentralized architecture built on the Ethereum
blockchain and supported by IPFS for secure, distributed storage. This dual-layered framework
addresses many of the inherent limitations of traditional centralized EMR systems, such as data
breaches, unauthorized access, limited interoperability, and the lack of patient control over personal
health information. By ensuring data immutability through blockchain and enabling tamper-resistant,
decentralized storage via IPFS, MedVault offers a robust, scalable, and future-ready platform for
health record management.

The use of blockchain technology not only enhances data integrity and auditability but also
enables smart contracts to automate access control and enforce consent policies. This ensures that
medical records are shared only with authorized entities, in accordance with the patient's preferences
and privacy requirements. Patients gain full ownership and oversight of their medical data, including
the ability to grant, monitor, or revoke access to specific healthcare providers. At the same time,
healthcare institutions benefit from seamless record retrieval and accurate, up-to-date information
that enhances clinical decision-making and reduces redundancies in care.

Dept. of CSE, MVSREC 41

 Decentralized Health Record Management
Looking forward, MedVault’s development can be further enhanced by exploring cross-
platform interoperability with other blockchain networks like Hyperledger, Corda, or Polkadot, to
support broader ecosystem integration and smoother data exchange between institutions using
different technologies. Integrating artificial intelligence and machine learning can also bring new
dimensions to the system, allowing predictive analytics and intelligent decision support based on
patient history. Privacy-preserving technologies such as zero-knowledge proofs and homomorphic
encryption can be implemented to provide even stronger data protection without compromising the
usability or performance of the system.

Scalability remains another key area of focus, especially as the platform expands to
accommodate larger datasets and a growing user base. Layer-2 solutions, sidechains, and advanced
storage techniques can be explored to maintain system performance while controlling costs.
Additionally, continuous improvements in user experience—through intuitive design, responsive
dashboards, mobile support, and accessibility features—will be critical in driving adoption among
both patients and medical professionals.

In essence, MedVault is not just a technological innovation but a paradigm shift in how
medical data is managed, shared, and protected. It paves the way for a more secure, transparent, and
patient-centered healthcare environment. As it evolves, MedVault holds the potential to become a
global standard for decentralized health information systems, contributing significantly to the
modernization and improvement of healthcare delivery across different regions and healthcare
models.

In conclusion, MedVault represents a decentralized solution for Electronic Medical Records

(EMR) sharing systems, utilizing the Ethereum network and IPFS technology. By leveraging the
transparency, security, and immutability of blockchain and the distributed storage capabilities of
IPFS, MedVault offers a promising approach to address the challenges associated with centralized
EMR systems.

The combination of the Ethereum network and IPFS technology empowers patients, healthcare
providers, and relevant parties to securely store, access, and share electronic medical records. It
promotes data integrity, privacy, and control, while facilitating efficient interoperability and
collaboration among healthcare systems.

Looking ahead, future work can focus on areas such as interoperability with other blockchain
platforms, integration with emerging technologies, enhancing privacy and data protection, addressing
scalability and performance challenges, and refining the user experience and interface design.

Dept. of CSE, MVSREC 42

 Decentralized Health Record Management
Overall, MedVault decentralized solution has the potential to revolutionize the management and
sharing of electronic medical records, improving efficiency, security, and accessibility in the healthcare
industry. As advancements are made and new opportunities arise, MedVault can continue to evolve and
contribute to the advancement of healthcare systems worldwide.

REFERENCES
[1] Sharma, Ashutosh, Sarishma, Ravi Tomar, Naveen Chilamkurti, and Byung-Gyu Kim. "Blockchain
based smart contracts for internet of medical things in e-healthcare." Electronics 9, no. 10 (2020): 1609.

[2] Watkinson-Powell, Anna, and A. Lee. "Benefits of an electronic medical records system in rural
Nepal." Journal of the Nepal Medical Association 52, no. 188 (2012).

[3] Yang, Huihui, and Bian Yang. "A blockchain-based approach to the secure sharing of healthcare
data." In Proceedings of the norwegian information security conference, pp. 100-111. Oslo, Norway: Nisk J,
2017.

[4] Azaria, Asaph, Ariel Ekblaw, Thiago Vieira, and Andrew Lippman. "Medrec: Using blockchain for
medical data access and permission management." In 2016 2nd international conference on open and big
data (OBD), pp. 25-30. IEEE, 2016.

[5] Gharat, Anurag, Pratik Aher, Punit Chaudhari, and Bhavana Alte. "A framework for secure storage
and sharing of electronic health records using blockchain technology." In ITM Web of Conferences, vol. 40,
p. 03037. EDP Sciences, 2021.

Dept. of CSE, MVSREC 43

 Decentralized Health Record Management
[6] Sheth, Alpen, and Hemang Subramanian. "Blockchain and contract theory: modeling smart contracts
using insurance markets." Managerial Finance 46, no. 6 (2019): 803-814.

[7] Nishi, Farjana Khanam, Mahizebin Shams-E-Mofiz, Mohammad Monirujjaman Khan, Abdulmajeed
Alsufyani, Sami Bourouis, Punit Gupta, and Dinesh Kumar Saini. "Electronic healthcare data record security
using blockchain and smart contract." Journal of Sensors 2022 (2022): 1-22.

[8] Linn, Laure A., and Martha B. Koo. "Blockchain for health data and its potential use in health it and
health care related research." In ONC/NIST Use of Blockchain for Healthcare and Research Workshop.
Gaithersburg, Maryland, United States: ONC/NIST, pp. 1-10. 2016.

[9] Akhter Md Hasib, Kazi Tamzid, Ixion Chowdhury, Saadman Sakib, Mohammad Monirujjaman
Khan, Nawal Alsufyani, Abdulmajeed Alsufyani, and Sami Bourouis. "Electronic health record monitoring
system and data security using blockchain technology." Security and Communication Networks 2022
(2022): 1-15.

[10] Yue, Xiao, Huiju Wang, Dawei Jin, Mingqiang Li, and Wei Jiang. "Healthcare data gateways: found
healthcare intelligence on blockchain with novel privacy risk control." Journal of medical systems 40
(2016): 1-8.

[11] Albeyatti, A. "Medicalchain whitepaper 2.1." (2018).

[12] Chaudhuri, A. B. Flowchart and algorithm basics: The art of programming. Mercury Learning and
Information, 2020.

[13] Jiang, Shan, Jiannong Cao, Hanqing Wu, Yanni Yang, Mingyu Ma, and Jianfei He. "Blochie: a
blockchain-based platform for healthcare information exchange." In 2018 ieee international conference on
smart computing (smartcomp), pp. 49-56. IEEE, 2018.

[14] Buterin, Vitalik. "A next-generation smart contract and decentralized application platform." white
paper 3, no. 37 (2014): 2-1.

Dept. of CSE, MVSREC 44

 Decentralized Health Record Management

APPENDIX

import ReactDOM from "react-dom/client";

import "bootstrap/dist/css/bootstrap.css";

import "../src/assets/css/style.css";

import { createBrowserRouter, RouterProvider } from "react-router-dom";

import "react-bootstrap-icons";

import Home from "./pages/Home.jsx";

import Admin from "./pages/Admin";

import About from "./pages/About";

import Dashboard from "./pages/Dashboard";

import ContactUs from "./pages/ContactUs";

import ErrorPage from "./pages/ErrorPage";

Dept. of CSE, MVSREC 45

 Decentralized Health Record Management
import PatientRecords from "./pages/PatientRecords";

import PatientProfile from "./pages/PatientProfile";

import AddHospital from "./pages/AddHospital";

import AddDoctor from "./pages/AddDoctor";

import HospitalProfile from "./pages/HospitalProfile";

import AddPatient from "./pages/AddPatient";

import DoctorProfile from "./pages/DoctorProfile";

import PatientPermission from "./pages/PatientPermission";

import DoctorRequest from "./pages/DoctorRequest";

import AddRecord from "./pages/AddRecord";

import PatientRecordsForDoctor from "./pages/PatientRecordsForDoctor";

import RegisteredHospitals from "./pages/RegisteredHospitals";

import RegisteredPatients from "./pages/RegisteredPatients";

import RegisteredDoctors from "./pages/RegisteredDoctors";

import PreviewRecordForPatient from "./pages/PreviewRecordForPatient";

import PreviewRecordForDoctor from "./pages/PreviewRecordForDoctor";

import ShowAllDocrorsForHospital from "./pages/ShowAllDocrorsForHospital";

import ShowAllPatientForHospital from "./pages/ShowAllPatientForHospital";

import AllRequestes from "./pages/AllRequestes";

const router = createBrowserRouter([

path: "/",

element: <Home />,

errorElement: <ErrorPage />,

},

path: "/home",

Dept. of CSE, MVSREC 46

 Decentralized Health Record Management
element: <Home />,

errorElement: <ErrorPage />,

},

path: "/admin",

element: <Admin />,

errorElement: <ErrorPage />,

},

path: "/registeredHospitals",

element: <RegisteredHospitals />,

errorElement: <ErrorPage />,

},

path: "/registeredDoctors",

element: <RegisteredDoctors />,

errorElement: <ErrorPage />,

},

path: "/registeredPatients",

element: <RegisteredPatients />,

errorElement: <ErrorPage />,

},

Dept. of CSE, MVSREC 47

 Decentralized Health Record Management
path: "/patientPermission",

element: <PatientPermission />,

errorElement: <ErrorPage />,

},

path: "/patientRecords",

element: <PatientRecords />,

errorElement: <ErrorPage />,

},

path: "/previewRecordForDoctor",

element: <PreviewRecordForDoctor />,

errorElement: <ErrorPage />,

},

path: "/previewRecordForPatient",

element: <PreviewRecordForPatient />,

errorElement: <ErrorPage />,

},

path: "/patientProfile",

element: <PatientProfile />,

errorElement: <ErrorPage />,

},

Dept. of CSE, MVSREC 48

 Decentralized Health Record Management
path: "/about",

element: <About />,

errorElement: <ErrorPage />,

},

path: "/dashboard",

element: <Dashboard />,

errorElement: <ErrorPage />,

},

path: "/contact",

element: <ContactUs />,

errorElement: <ErrorPage />,

},

path: "/addHospital",

element: <AddHospital />,

errorElement: <ErrorPage />,

},

path: "/addDoctor",

element: <AddDoctor />,

errorElement: <ErrorPage />,

},

path: "/addPatient",

element: <AddPatient />,

Dept. of CSE, MVSREC 49

 Decentralized Health Record Management
errorElement: <ErrorPage />,

},

path: "/addRecord",

element: <AddRecord />,

errorElement: <ErrorPage />,

},

path: "/doctorProfile",

element: <DoctorProfile />,

errorElement: <ErrorPage />,

},

path: "/PatientRecordsForDoctor",

element: <PatientRecordsForDoctor />,

errorElement: <ErrorPage />,

},

path: "/doctorRequest",

element: <DoctorRequest />,

errorElement: <ErrorPage />,

},

path: "/hospitalProfile",

element: <HospitalProfile />,

errorElement: <ErrorPage />,

Dept. of CSE, MVSREC 50

 Decentralized Health Record Management
},

path: "/showAllDocrorsForHospital",

element: <ShowAllDocrorsForHospital />,

errorElement: <ErrorPage />,

},

path: "/showAllPatientForHospital",

element: <ShowAllPatientForHospital />,

errorElement: <ErrorPage />,

},

path: "/allRequestes",

element: <AllRequestes />,

errorElement: <ErrorPage />,

},

]);

const root = ReactDOM.createRoot(document.getElementById("root"));

root.render(

<React.StrictMode>

<RouterProvider router={router} />

</React.StrictMode>

);

Dept. of CSE, MVSREC 51

 Decentralized Health Record Management

Dept. of CSE, MVSREC 52