kefhir-blockchain is a module for ensuring data integrity of FHIR server. This module is a blockchain application that use Ethereum software layer - Solidity.
So first of all we use native layers and native API of Blockchain frameworks without any overriding. So we can say that our solution store valuable data in a secure, support tamperproof and data storage in distributed environment.
In kefhir-blockchain, information about every message stored as separate blockchain transaction.
- We store only one transaction per block to guarantee processing speed during receiving data.
- In blockchain transaction we store the identifier of message and hash calculated on the message content. Hash stored in FHIR database also.
- The whole content of message used for hash calculation.
- On the first step we bring content to canonical form. Canonical form means that the same object should always be stringified to the exact same string. We used (https://www.npmjs.com/package/canonical-json) library for that.
- On the second step message content is encrypted with Keccak 256 hash generator. It is a cryptographic algorithm used in latest SHA-3 (Secure Hash Algorithm 3) https://en.wikipedia.org/wiki/SHA-3. this hash is not resersable.
- After that we store a map (key:value) in blockchain transaction, where key is message identifier and value is calculated secure hash.
Using this information we can check consistency of our messages and we can also check does any message missing in DB or not in Blockchain.
- In case when we don’t store any sensitive information inside of the blockchain transaction then our blockchain solution is fully GPDR compliant.
- GPDR also prescribe “right to forgot personal data”, but typically it is not applied to Government projects. But it is easy to implement if needed.