MedVault

Inspiration

Women often experience improper medical treatment, whether that is the denial of their symptoms, denial of pain medication, misdiagnosis, or a lack of timely and appropriate care—particularly in areas related to reproductive health, mental health, and chronic pain conditions. When doctors continuously disregard symptoms and deny treatment, it is often in the best interest of women to switch doctors and find a professional who will take them seriously. However, switching healthcare professionals is incredibly difficult, partly due to the challenges involved in transferring healthcare records. Healthcare records are stored and owned by centralized healthcare systems and their vendors, leaving patients reliant on those systems to access their own personal records. A decentralized system for medical record storage and sharing gives patients full control and ownership of their medical data while ensuring privacy, security, and accessibility. This also allows patients the autonomy and freedom to decide which healthcare professionals they want to be treated by and which files are relevant to be shared.

What it does

Our decentralized medical record system empowers patients by giving them full ownership and control of their medical data. By combining local encryption, decentralized storage (via Arweave), and blockchain-based access control (via Ethereum and smart contracts), it ensures privacy, security, and immutability. Patients can upload their records, which are then encrypted. Using Arweave, we store the encrypted file on-chain. As the owner of their files, patients can grant and revoke access to healthcare admins as they see fit. Healthcare admins can also upload a patient's file; however, they are never allowed to own the file and must transfer ownership to the patient. On the healthcare admin side, they can view only the files they are permitted to access by the patients. This results in a system where patients can safely upload, manage, and share their records, while maintaining full transparency and control over who can access their personal medical information.

How we built it

As a two person team, we divided the work into the backend and the frontend, with one person developing the smart contract in Solidity and deploying it and the other person creating the user interface website.

Challenges we ran into

This was our first time using frameworks like Next.js, Auth0, and creating a full-stack smart contract, so we encountered a bit of a learning curve. Initializing technologies like Auth0 and Arweave took longer than expected. Additionally, there is no documentation for Next.js and Arweave, so that also took up a lot of time.

Accomplishments that we're proud of

We’re really proud of our product ideation, working in a time-sensitive environment, and learning new frameworks and technologies. Even in this environment we were able to prioritize user privacy and keep in mind key cybersecurity principles. Also we’re proud to have built a product that addresses real-world problems, empowering individuals with better control over their health data.

What we learned

We learned about the different components that go into a decentralized application and all the points where data must be secured. At the beginning, we didn’t know what to expect from the user-interface, but now we understand how to initialize Next.js components and integrate them.

What's next for MedVault

We hope to fully develop the file uploading component, leveraging Arweave or shifting to IPFS. Also we want to implement stronger encryption for all potential points of breach, and would like to discuss with patients and healthcare professionals, with a women centric focus, to see how we can make our platform more functional. We are also very interested in implementing decentralized identifiers (DIDs) to verify patients and healthcare professionals to add another layer of privacy.