Engineering and Technology
| Open Access |
DOI: A Proposed Hybrid Blockchain-DID-ZKP Approach to Secure, Auditable, and Private Healthcare Interoperability
Sahil Fruitwala , Software Engineer, USA Purva Desai , Data Analyst, USAAbstract
Traditionally, health records are kept in siloed data storages of different health organizations. Today, all patients’ EHRs (Electronic Health Records) are used and shared with different institutes and research facilities without their consent. To protect and overcome pitfalls of generic systems, we introduce a new hybrid system called Hybrid Patient Data Vault (HPDV). This hybrid system can help patients securely share their health information in a manner that could allow them to share only what is necessary or in need-to-know basis. We detail the system’s components, workflows, and emergency protocols, emphasizing patient-centric design. Through a STRIDE-based threat model and simulations of key metrics like transaction latency and ZKP generation time, we demonstrate HPDV’s security and feasibility. Our evaluation shows it outperforms monolithic approaches in auditability and privacy, with ZKP proofs generated in under 7 seconds on standard devices. This work demonstrates a practical modern approach for secure, patient-controlled health data exchange.
Keywords
Index Terms—Patient-Controlled Data Sharing, Blockchain, Decentralized Identifiers (DIDs), Verifiable Credentials (VCs), Zero-Knowledge Proofs (ZKPs), FHIR, Healthcare Interoperabil- ity, Privacy-Preserving Architecture
References
S. Alder, “Healthcare data breach statistics,” The HIPAA Journal, accessed: Jul. 20, 2025. [Online]. Available: https://www.hipaajournal.com/ healthcare-data-breach-statistics/
“Cost of a data breach 2024 — ibm,” accessed: Jul. 20, 2025. [Online]. Available: https://www.ibm.com/reports/data-breach
K. Li, A. R. Sai, and V. Urovi, “Do you need a blockchain in healthcare data sharing? a tertiary review,” Explor Digit Health Technol., vol. 2, no. 3, p. Art. no. 3, Jun. 2024.
F. H. et al., “Blockchain and digital health records: Improving privacy and patient control.”
“Overview - fhir v5.0.0,” accessed: July 23, 2025. [Online]. Available: https://www.hl7.org/fhir/overview.html
G. Han, Y. Ma, Z. Zhang, and Y. Wang, “A hybrid blockchain-based solution for secure sharing of electronic medical record data,” PeerJ Computer Science, vol. 11, p. e2653, Jan. 2025.
“Decentralized identifiers (dids) v1.0,” accessed: July 23, 2025. [Online]. Available: https://www.w3.org/TR/did-1.0/
“Verifiable credentials data model v2.0,” accessed: July 23, 2025. [Online]. Available: https://www.w3.org/TR/vc-data-model/
“Zero knowledge proofs: An illustrated primer,” a Few Thoughts on Cryptographic Engineering. Accessed: July 20, 2025. [Online]. Available: https://blog.cryptographyengineering.com/2014/11/27/zero-knowledge-proofs-illustrated-primer/
M. Alruwaill, S. Mohanty, and E. Kougianos, “hchain: Blockchain based large scale ehr data sharing with enhanced security and privacy,” may 19, 2025, arXiv: arXiv:2505.12610
Article Statistics
Copyright License
Copyright (c) 2025 Purva Desai, Sahil Fruitwala
This work is licensed under a Creative Commons Attribution 4.0 International License.
Authors retain the copyright of their manuscripts, and all Open Access articles are disseminated under the terms of the Creative Commons Attribution License 4.0 (CC-BY), which licenses unrestricted use, distribution, and reproduction in any medium, provided that the original work is appropriately cited. The use of general descriptive names, trade names, trademarks, and so forth in this publication, even if not specifically identified, does not imply that these names are not protected by the relevant laws and regulations.