Heimdall: Blockchain-Based Consent Management Framework

Abstract

The healthcare sector has undergone drastic changes with the adoption of information technology. One of the main changes in healthcare is the creation of the Electronic Health Record (EHR), which records all the patient’s medical data in a digital medium. However, with creating the General Data Protection Regulation (GDPR), the data owner must grant consent for third parties to collect, process, and store user data. In this context, the present work proposes Heimdall, a blockchain-based consent management framework that meets the requirements set by GDPR. We used a queuing system to assist in receiving requests, an object storage system to store patient data, and a memory database to record the transaction status. In our tests, Heimdall managed consents satisfactorily, where we were able to achieve a consistent amount of reading and writing transactions before saturating our test environment.