Harmonizing sensitive data exchange and double-spending prevention through blockchain and digital wallets : The case of e-prescription management

Title data

Schlatt, Vincent ; Sedlmeir, Johannes ; Traue, Janina ; Völter, Fabiane:
Harmonizing sensitive data exchange and double-spending prevention through blockchain and digital wallets : The case of e-prescription management.
In: ACM Distributed Ledger Technologies : Research and Practice. (2022) .
ISSN 2769-6472
DOI: https://doi.org/10.1145/3571509

Project information

Abstract in another language

The digital transformation of the medical sector requires solutions that are convenient and efficient for all stakeholders while protecting patients’ sensitive data. One example that has already attracted design-oriented research are medical prescriptions. However, current implementations of electronic prescription management systems typically create centralized data silos, leaving user data vulnerable to cybersecurity incidents and impeding interoperability. Research has also proposed decentralized solutions based on blockchain technology, but privacy-related challenges have often been ignored. We conduct design science research to develop and implement a system for the exchange of electronic prescriptions that builds on two blockchains and a digital wallet app. Our solution combines the bilateral, verifiable, and privacy-focused exchange of information between doctors, patients, and pharmacies through verifiable credentials with a token-based, anonymized double-spending check. Our qualitative and quantitative evaluations as well as a security analysis suggest that this architecture can improve existing approaches to electronic prescription management by offering patients control over their data by design, a high level of security, sufficient performance and scalability, and interoperability with emerging digital identity management solutions for users, businesses, and institutions. We also derive principles on how to design decentralized, privacy-oriented information systems that require both the exchange of sensitive information and double-usage protection.