HealthCare-CMS

Landing Page
Login Modal for doctor and patient
Creation of Consent
Connection between patient and doctor
Notification System for Acceptance and request of connection
Requesting consent from a connected patient
Profile Page
A display of all EHR records (consented + given by him) of doctor
Immutable Log List of all of users actions
Metamask system for connection of wallet
Display / Updation of consents on the patients end

Our Project

We have created a blockchain-based healthcare management system.

But unlike the other Consent Management System, using blockchain we try to make it private for the users in such a way that the user and user alone has control over who can view their records.

Inspiration

The inspiration for this comes from the deep-rooted problem of privacy in healthcare. In the current situation sharing a health record from one hospital to another required a hard arduous process of form filling one after the other wherein you are completely reliant on the hospital's legitimacy to complete it as well. But with our solution, you have control over your records, and your records stay private to anyone else.

What it does

Consent management is a system wherein you allow consumers and patients to determine what health information they are willing to permit their various care providers to access. Our solution tried to help mitigate this process faster and more securely by using blockchains and integrating directly with Hospital Centric repositories

How we built it

So to understand how we built this we just need to understand 3 main components of our project:

Frontend - This is the client where both the patient or doctor can login , view the Healtth Records linked with them(as in their own or consented records), connect with hospitals or with patients, Give/Request Consent, Revoke Given consent and even view an immutable log of all of their actions taken for any inconsistency.
Smart Contract: This is the main lifeline of our entire consent system. We have a Consent Management Factory that stores 2 types of files (ConnectionFile & ConsentFile). Herein each of these files store consents associated with a specific user. We also define modifier based access for each of our functions which allows only specific users to make any change to these Files.
Backend: We also have a backend setup for our project. But why backend with web3 ? Since we want to connect to other central hospital repository databases to access the records and each hospital might have a service of their own, we try to mitigate this problem by having a backend which in turn makes calls to both the Frontend and blockchain for any information that it needs. A point to note here is that none of the functions that are called on the backend encroach on any of the users privacy and are based on absolutely just used for verification purposes / adding new ppl to the system. This can even be verified by the publicily deployed smart contract.

Challenges we ran into

So there were a lot of challenges in building this sort of an application.

We have to consider from a security perspective at all times. Since we cant assure the security of any of the hospital databases, we have to make sure that we arent storing any information about the Health records, along with that we also have to make sure to not store anything that might be not publicily available to the open public since it might be a cause for a security breach.
Since or main lifeline of the project is smart contracts , we had to make sure that all of the function availiable in our Contract have very specific modifier based access so that we have a secure platform.
One of the other major pain points was only using the backend as a verification point in the blockchain (like a verifier on many of the major blockchain), and writing functions in such a manner that backend can just verify and not have access to any of the records.

Accomplishments that we're proud of

We are very proud of our Smart Contract design and how modular it is and easy it is to change anything in our smart contract for future use while maintaining the same level of security. Apart from that our backend design, is pretty modular in connecting with the different hospital Service/Repositories (though we actually haven't connected with any actual hospital as of now). One thing that we do want to improve right now is our frontend design since its kinda on the low end here.

What we learned

Through this project we were able to learn how we can utilize smart contracts in a more efficient manner by splitting contracts into multiple modular classes. We learnt how to use events to have control over a secure chain of transactions. We realized how we can have blockchain as an intermediary between the frontend and a backend (i.e. by utilizing the backend for its original usage along with as a verifier of the access).

What's next for Untitled

Next we want to actually improve our frontend as told before and have a more robust way of connecting to different hospital services by providing the hospitals a client version of our backend to run on their systems. We also want to imrpove some bugs here and there for bug refreshes and make our Smart contract as well as our backend more optimized for performance. Though a long shot dream we might even want to make it a more public application later in the years 😅.