A Universal Health Network

Alberto Malave
Iryo Network
Published in
3 min readMar 16, 2018

--

Building a truly open and global healthcare network requires some out of the box thinking. Since the Iryo Network is being developed from the ground up, one of the challenges we were faced with was developing a way for doctors outside of the network to interact with Iryo patients.

This will be one of the most necessary yet challenging aspects of initially scaling the network. In order to keep the patient in firm control of his medical data at all times, we had to design a universally accessible network that allows permissible access yet remains protected by several layers of security and privacy.

Patient enabled permissions allows the doctor to view the medical history.

Iryo’s platform enables patients to leverage their medical data by allowing them to store their encrypted medical histories within the Iryo mobile app. The encryption presents a barrier for doctors that practice outside of the Iryo Network, however, with patient enabled permissions, doctors will be able to view and re-encrypt regardless of their network.

Proxy re-encryption powered by NuCypher, would enable doctors to generate a set of temporary, private & public keys through the Iryo portal. This would allow a view request that would be sent to the patient via an instantly generated QR code which the patient would then review and either approve or deny the request directly on his device. After approval by the patient, the doctor would be able to view the relevant sections of the patients medical record. After the session runs out (enforced by the issued blockchain access permissions), the re-encryption key gets wiped out, and storage nodes stop serving encrypted data to that specific source.

Patients control the data access and can approve or deny requests.

There are no passwords involved at any point, and doctors will not be able to view data if the request is denied. This presents a revolutionary change in the way that sensitive data is handled and assures total control and ownership by the patient.

Additionally, this type of 3rd party access request is view-only, the new doctor does not have permission to write any new data into the medical file or modify the existing data contained within the file, preventing any sort of tampering.

Doctor’s view of the medical record

--

--