Bearer Health Record
The concept of BHR tries to imitate the physical access control that none-digital health records had, but with the efficiencies brought by the digital version of the record .
Necessary properties:
1.) Open standards
Making interoperability achievable in practice. An example is the OpenEHR standard.
2.) Open source app to store local copy of health record.
You have the ability to check app doesn’t have a kill switch, doesn’t lie about syncing, and doesn’t delete or rewrite anything the user did not authorise. The prerequisite is also the ability to export data.
3.) Local copy of your medical data.
Some patients might not care, but those who do matters here. Default (opt-out) patient phone storage. Only encrypted cloud/server backups are allowed.
4.) Real-time data writes
Doctor (or device in the future) that produces the data needs to write that in your record in real time. If there are delays and permissions need to be granted between the production of data and writing to your health records; two divergent copies might be in the production, and you can’t control the second one.
5.) Control enforcement through permissions and encryption
• Zero-knowledge: once you have the data, you can encrypt it with your key and back it up to the network/server.
• Giving doctor the ability to read the data means giving him either the private key or even better sharing just re-encryption key (public key cryptography).
• your access revocations should at least mean that the revocated parties can’t read the newer data.
6.) No ID and third-party controlled accounts
Things you really own won’t ask you for the government issued identification or ask you to sign in to your account which might be subject to deletion at the service discretion.
https://medium.com/iryo-network/the-case-for-bearer-health-records-d692414ad924