Skip to main content
SpringerLink
Log in

Challenges and Opportunities of Blockchain for Auditable Processes in the Healthcare Sector

  • Conference paper
  • First Online:
Business Process Management: Blockchain, Robotic Process Automation, and Central and Eastern Europe Forum (BPM 2022)

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 459))

Included in the following conference series:

Abstract

Blockchain technologies (BT) promise to offer exciting research directions for improving various aspects of business processes, in particular in cross-organizational settings where participants do not fully trust each other. However, while blockchain may readily provide transparency and immutability for the processes recorded on a shared ledger, these very characteristics can be problematic in regard to privacy and data protection requirements. In this paper, we address the challenges and opportunities of using BT to secure distributed processes where participants may have an incentive to make false claims or subvert pre-agreed compliance rules in their private processes. Specifically, our analysis is based on a real-world use case, namely how BT can secure (privacy preserving) commitments to processing steps that facilitate federated machine learning (FL) in the healthcare sector. Thereby, an immutable audit trail is created that can be used to detect deviations in retrospect. Hereby, we place a particular focus on the management of patient consent for accessing their data in FL. Our approach draws inspiration from the domain of Self-Sovereign Identity (SSI) where BT is also relied upon to enable the creation and management of decentralized identifiers while focusing on data minimization. The results of our work are not constrained to the particular use case and can be applicable to other emerging research areas of BPM, such as federated process mining.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Referred to by Weber et al. in [26] as a trigger.

  2. 2.

    Cf. Art. 17 GDPR Right to erasure https://gdpr-info.eu/art-17-gdpr/.

  3. 3.

    https://featurecloud.eu/.

  4. 4.

    https://www.microsoft.com/en-us/securityengineering/sdl/threatmodeling.

  5. 5.

    https://www.schneier.com/academic/archives/1999/12/attack_trees.html.

  6. 6.

    https://featurecloud.ai/.

  7. 7.

    https://featurecloud.ai/.

  8. 8.

    The source code will be released on gitlab. The code is still in review as it may fall under a temporary NDA agreement.

References

  1. Akhtar, A., Shafiq, B., Vaidya, J., Afzal, A., Shamail, S., Rana, O.: Blockchain based auditable access control for distributed business processes. In: International Conference on Distributed Computing Systems (ICDCS). pp. 12–22 (2020)

    Google Scholar 

  2. Aumann, Y., Lindell, Y.: Security against covert adversaries: efficient protocols for realistic adversaries. J. Cryptol. 23(2), 281–343 (2010)

    Article  MathSciNet  Google Scholar 

  3. Benchoufi, M., Ravaud, P.: Blockchain technology for improving clinical research quality. Trials 18(1), 1–5 (2017)

    Article  Google Scholar 

  4. Bonyuet, D.: Overview and impact of blockchain on auditing. Int. J. Digit. Account. Res. 20, 31–43 (2020)

    Article  Google Scholar 

  5. Carminati, B., Rondanini, C., Ferrari, E.: Confidential business process execution on blockchain. In: International Conference on Web Services (ICWS), pp. 58–65 (2018)

    Google Scholar 

  6. Christopher, A., et al.: Decentralized public key infrastructure. https://danubetech.com/download/dpki.pdf

  7. Corradini, F., Marcelletti, A., Morichetta, A., Polini, A., Re, B., Tiezzi, F.: Engineering trustable and auditable choreography-based systems using blockchain. Trans. Manag. Inf. Syst. 13(3), 1–53 (2022)

    Article  Google Scholar 

  8. Duchmann, F., Koschmider, A.: Validation of smart contracts using process mining. In: ZEUS. CEUR Workshop Proceedings. vol. 2339, pp. 13–16 (2019)

    Google Scholar 

  9. Evgenia, N., Viktor, P., Marnix, D.: Leveraging the self-sovereign identity (SSI) concept to build trust. Tech. Rep. 10.2824/8646, The European Union Agency for Cybersecurity (ENISA) (2022)

    Google Scholar 

  10. Fdhila, W., Stifter, N., Kostal, K., Saglam, C., Sabadello, M.: Methods for decentralized identities: evaluation and insights. In: González Enríquez, J., Debois, S., Fettke, P., Plebani, P., van de Weerd, I., Weber, I. (eds.) BPM 2021. LNBIP, vol. 428, pp. 119–135. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85867-4_9

    Chapter  Google Scholar 

  11. Fenghong, Z., Aljosha, J., Walid, F., Nicholas, S.: D6.2: “model for defining user rights in federated machine learning". Tech. rep., EU H2020 FeatureCloud (2021)

    Google Scholar 

  12. Garcia-Garcia, J.A., Sánchez-Gómez, N., Lizcano, D., Escalona, M.J., Wojdyński, T.: Using blockchain to improve collaborative business process management: systematic literature review. IEEE Access 8, 142312–142336 (2020)

    Article  Google Scholar 

  13. He, L., Karimireddy, S.P., Jaggi, M.: Secure byzantine-robust machine learning. arXiv preprint arXiv:2006.04747 (2020)

  14. Hobeck, R., Klinkmüller, C., Bandara, H.M.N.D., Weber, I., van der Aalst, W.M.P.: Process mining on blockchain data: a case study of augur. In: Polyvyanyy, A., Wynn, M.T., Van Looy, A., Reichert, M. (eds.) BPM 2021. LNCS, vol. 12875, pp. 306–323. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-85469-0_20

    Chapter  Google Scholar 

  15. Klinkmüller, C., Ponomarev, A., Tran, A.B., Weber, I., Aalst, W.v.d.: Mining blockchain processes: extracting process mining data from blockchain applications. In: International Conference on Business Process Management, pp. 71–86 (2019)

    Google Scholar 

  16. Knuplesch, D., Reichert, M., Pryss, R., Fdhila, W., Rinderle-Ma, S.: Ensuring compliance of distributed and collaborative workflows. In: 9th IEEE International Conference on Collaborative Computing: Networking, Applications and Worksharing, pp. 133–142. IEEE (2013)

    Google Scholar 

  17. McMahan, B., Moore, E., Ramage, D., Hampson, S., y Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Artificial Intelligence and Statistics, pp. 1273–1282. PMLR (2017)

    Google Scholar 

  18. Mendling, I., et al.: Blockchains for business process management-challenges and opportunities. ACM Trans. Manag. Inf. Syst. 9(1), 1–16 (2018)

    Article  Google Scholar 

  19. Mugunthan, V., Rahman, R., Kagal, L.: Blockflow: an accountable and privacy-preserving solution for federated learning. arXiv preprint arXiv:2007.03856 (2020)

  20. Mühlberger, R., Bachhofner, S., Di Ciccio, C., García-Bañuelos, L., López-Pintado, O.: Extracting event logs for process mining from data stored on the blockchain. In: Di Francescomarino, C., Dijkman, R., Zdun, U. (eds.) BPM 2019. LNBIP, vol. 362, pp. 690–703. Springer, Cham (2019). https://doi.org/10.1007/978-3-030-37453-2_55

    Chapter  Google Scholar 

  21. Passerat-Palmbach, J., Farnan, T., Miller, R., Gross, M.S., Flannery, H.L., Gleim, B.: A blockchain-orchestrated federated learning architecture for healthcare consortia. arXiv preprint arXiv:1910.12603 (2019)

  22. Ploder, C., Spiess, T., Bernsteiner, R., Dilger, T., Weichelt, R.: A risk analysis on blockchain technology usage for electronic health records. Cloud Comput. Data Sci. 20–35 (2021)

    Google Scholar 

  23. Preukschat, A., Reed, D.: Self-sovereign Identity. Manning Publications (2021)

    Google Scholar 

  24. Schüler, P., Buckley, B.: Re-Engineering Clinical Trials: Best Practices for Streamlining the Development Process. Academic Press (2014)

    Google Scholar 

  25. Snow, P., et al.: Business Processes Secured by Immutable Audit Trails on the Blockchain. Brave New Coin (2014)

    Google Scholar 

  26. Weber, I., Xu, X., Riveret, R., Governatori, G., Ponomarev, A., Mendling, J.: Untrusted business process monitoring and execution using blockchain. In: La Rosa, M., Loos, P., Pastor, O. (eds.) BPM 2016. LNCS, vol. 9850, pp. 329–347. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-45348-4_19

    Chapter  Google Scholar 

  27. Weng, J., Weng, J., Zhang, J., Li, M., Zhang, Y., Luo, W.: Deepchain: auditable and privacy-preserving deep learning with blockchain-based incentive. IEEE Trans. Depend. Secure Comput. 18(5), 2438–2455 (2021)

    Google Scholar 

Download references

Acknowledgments

This research is based upon work partially supported by (1) SBA Research (SBA-K1); SBA Research is a COMET Center within the COMET – Competence Centers for Excellent Technologies Programme and funded by BMK, BMDW, and the federal state of Vienna. The COMET Programme is managed by FFG. (2) the European Union’s Horizon 2020 research and innovation programme under grant agreement No 826078 (FeatureCloud) (3) the FFG ICT of the Future project 874019 dIdentity & dApps. (4) the FFG Industrial PhD project 878835 SmartDLP. (5) the Christian-Doppler-Laboratory for Security and Quality Improvement in the Production System Lifecycle; We would also like to thank Fenghong Zhang for her valuable contributions.

Author information

Authors and Affiliations

  1. Secure Business Austria (SBA-Research), Vienna, Austria

    Walid Fdhila, Nicholas Stifter & Aljosha Judmayer

  2. University of Vienna, Vienna, Austria

    Walid Fdhila, Nicholas Stifter & Aljosha Judmayer

Authors
  1. Walid Fdhila
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicholas Stifter
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Aljosha Judmayer
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Walid Fdhila .

Editor information

Editors and Affiliations

  1. Sapienza University of Rome, Rome, Italy

    Andrea Marrella

  2. University of Tartu, Tartu, Estonia

    Raimundas Matulevičius

  3. University of Warsaw, Warsaw, Poland

    Renata Gabryelczyk

  4. Technische Hochschule Ingolstadt, Ingolstadt, Germany

    Bernhard Axmann

  5. University of Zagreb, Zagreb, Croatia

    Vesna Bosilj Vukšić

  6. Télécom SudParis, Evry, France

    Walid Gaaloul

  7. University of Ljubljana, Ljubljana, Slovenia

    Mojca Indihar Štemberger

  8. Corvinus University of Budapest, Budapest, Hungary

    Andrea Kő

  9. Data61, Eveleigh, NSW, Australia

    Qinghua Lu

Rights and permissions

Reprints and permissions

Copyright information

© 2022 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Fdhila, W., Stifter, N., Judmayer, A. (2022). Challenges and Opportunities of Blockchain for Auditable Processes in the Healthcare Sector. In: Marrella, A., et al. Business Process Management: Blockchain, Robotic Process Automation, and Central and Eastern Europe Forum. BPM 2022. Lecture Notes in Business Information Processing, vol 459. Springer, Cham. https://doi.org/10.1007/978-3-031-16168-1_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-16168-1_5

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-16167-4

  • Online ISBN: 978-3-031-16168-1

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation