CareBlock

CareBlock - a secure, blockchain-backed platform empowering clinics and hospitals to protect and manage their patient data.

Comment

CareBlock

Inspiration

Small community clinics handle the same sensitive data as large hospitals but rarely have the budget or staff for enterprise-grade security. One breach can bankrupt a practice and destroy patient trust. We asked ourselves: “What if a clinic could get tamper-proof, HIPAA-level record security as easily as signing up for Netflix?” That question sparked CareBlock.

What it does

  • End-to-end encryption – Every record is encrypted in the browser with AES-256.
  • Private blockchain ledger – Only a 64-byte hash plus access metadata is written on-chain, creating an immutable audit trail of every view, edit, or share.
  • Low server maintenance – Runs on a blockchain and MongoDB Atlas.

How we built it

Layer Tech Purpose
Smart Contracts Solidity, Hardhat Store record hashes + per-record keys
API/Auth Node.js, Express Issue and sign blockchain txs
Data Store MongoDB Atlas Encrypted patient data and keys
Frontend React Add record, lookup patients, login using Auth0
CI/CD GitHub Actions Tests & reproducible dev chain

Challenges we ran into

  1. Key management – Our first design reused one IPFS key; we pivoted to per-record envelope encryption and a lightweight KMS contract.
  2. Gas vs. data size – Storing blobs on-chain was impossible, so we hashed, stored off-chain, and kept writes under \$0.001.
  3. Cross-OS artifact errors – Hardhat artifacts clashed between macOS and Windows; containerizing the dev chain fixed the 3 a.m. “artifact not found” panic.
  4. Scope creep – We cut FHIR adapters and mobile views to finish a stable MVP within 24 h.

Accomplishments that we're proud of

  • Full demo from registration to secure record sharing in < 5 min.
  • Low write latency on our block chain—fast enough for real-time clinic workflows.
  • Using New Technology Using Auth0 and MongoDB.

What we learned

  • Security is pointless if the UX slows clinicians down—usability drove every tech choice.
  • Healthcare compliance imposes constraints unfamiliar to typical web apps.
  • Private block chains beat public L2 rollups for low-cost, high-throughput B2B scenarios.

What's next for CareBlock

  • Moving fully to a decentralized network to empower users with full control over their data.
  • Integrating all medical units into a single, secure platform to provide a complete, real-time view of a patient’s health.
  • Leveraging AI to monitor, detect, and prevent security threats in real-time, keeping healthcare data safe from evolving cyber threats.
  • Enabling biometric authentication (fingerprint, face recognition) for ultra-secure and seamless login."

CareBlock turns “data breach” headlines into peace of mind—so clinicians focus on care, not cybersecurity.

Share this project:

Updates