Blockchain-enabled EHR access auditing: Enhancing healthcare data security.

In the realm of modern healthcare, Electronic Health Records serve as invaluable assets, yet they also pose significant security challenges. The absence of access auditing mechanisms, which includes the audit trails, results in accountability gaps and magnifies security vulnerabilities. This situation effectively paves the way for unauthorized data alterations to occur without detection or consequences. Inadequate compliance auditing procedures, particularly in verifying and validating access control policies, expose healthcare organizations to risks such as data breaches, and unauthorized data usage. These vulnerabilities result from unchecked unauthorized access activities. Additionally, the absence of audit logs complicates investigations, weakens proactive security measures, and raises concerns to put healthcare institutions at risk. This study addresses the pressing need for robust auditing systems designed to scrutinize access to data, encompassing who accesses it, when, and for what purpose. Our research delves into the complex field of auditing, which includes establishing an immutable audit trail to enhance data security through blockchain technology. We also integrate Purpose-Based Access Control () alongside smart contracts to strengthen compliance auditing by validating access legitimacy and reducing unauthorized entries. Our contributions encompass the creation of audit trail of access, compliance auditing via policy verification, the generation of audit logs, and the derivation of data-driven insights, fortifying access security.