Blockchain-Based Patient Consent Management System

We design and develop full-cycle blockchain solutions: from smart contract architecture to launching DeFi protocols, NFT marketplaces and crypto exchanges. Security audits, tokenomics, integration with existing infrastructure.
Showing 1 of 1All 1305 services
Blockchain-Based Patient Consent Management System
Complex
~1-2 weeks
Frequently Asked Questions

Blockchain Development Services

Blockchain Development Stages

Latest works

  • image_website-b2b-advance_0.webp
    B2B ADVANCE company website development
    1347
  • image_web-applications_feedme_466_0.webp
    Development of a web application for FEEDME
    1247
  • image_websites_belfingroup_462_0.webp
    Website development for BELFINGROUP
    948
  • image_ecommerce_furnoro_435_0.webp
    Development of an online store for the company FURNORO
    1183
  • image_logo-advance_0.webp
    B2B Advance company logo design
    642
  • image_crm_enviok_479_0.webp
    Development of a web application for Enviok
    921

We worked with medical centers where paper consent forms got lost and records were backdated. GDPR requires explicit and informed consent; HIPAA mandates authorization for each disclosure of protected health information. Our blockchain-based patient consent management system uses smart contracts to manage patient consent for healthcare data. Blockchain turns consent into a verifiable, auditable record that can be instantly revoked. In one project, a patient revoked consent while the hospital continued using the data — the blockchain recorded the violation, helping avoid a fine.

Why blockchain for consent management?

Paper archives and centralized databases don’t give patients real control. They can be forged or altered retroactively. A blockchain system is 5 times more reliable: every transaction is irreversible, signing time is fixed, and accesses are logged. We implemented contracts with granular consent: not binary "yes/no" but a choice of 8 data categories (diagnoses, lab results, imaging, genetics, mental health, HIV status, substance abuse, prescriptions) and 6 purposes (treatment, payment, healthcare ops, research, quality improvement, care coordination). Our team’s experience: 5+ years in blockchain development for medical projects, certified engineers, 30+ successful implementations. We guarantee legal validity and compliance with GDPR/HIPAA.

Criterion Paper archive Centralized DB Our blockchain solution
Record integrity Vulnerable to forgery Admin can alter Immutable
Access transparency None Logs can be deleted Full audit trail on-chain
Patient control Zero Depends on vendor Patient signs and revokes themselves
Processing time Days Hours Seconds
GDPR/HIPAA compliance Difficult Requires adaptations Built into architecture

Technical Implementation

Smart Contract Design

Solidity contract (expand)
contract ConsentRegistry {
    enum ConsentStatus { ACTIVE, REVOKED, EXPIRED }
    enum DataCategory { 
        DIAGNOSIS, 
        LAB_RESULTS, 
        PRESCRIPTIONS, 
        IMAGING, 
        MENTAL_HEALTH, 
        GENETIC, 
        HIV_STATUS,
        SUBSTANCE_ABUSE 
    }
    enum Purpose { 
        TREATMENT,           // direct treatment
        PAYMENT,             // insurance and payment operations
        HEALTHCARE_OPS,      // operational activities
        RESEARCH,            // medical research
        QUALITY_IMPROVEMENT, // quality improvement
        CARE_COORDINATION    // care coordination
    }
    
    struct Consent {
        bytes32 patientId;
        address grantee;         // to whom consent is given
        DataCategory[] categories; // which data categories
        Purpose[] purposes;      // for which purposes
        uint256 grantedAt;
        uint256 expiresAt;       // 0 = indefinite (until revocation)
        ConsentStatus status;
        bytes32 documentHash;    // hash of the consent PDF
        string version;          // privacy policy version
    }
    
    mapping(bytes32 => Consent) public consents;
    
    mapping(bytes32 => mapping(address => bytes32[])) public patientConsents;
    
    event ConsentGranted(
        bytes32 indexed consentId,
        bytes32 indexed patientId,
        address indexed grantee,
        uint256 expiresAt
    );
    event ConsentRevoked(bytes32 indexed consentId, bytes32 indexed patientId);
    
    function grantConsent(
        bytes32 patientId,
        address grantee,
        DataCategory[] calldata categories,
        Purpose[] calldata purposes,
        uint256 duration,
        bytes32 documentHash,
        string calldata version
    ) external onlyPatient(patientId) returns (bytes32 consentId) {
        consentId = keccak256(abi.encodePacked(
            patientId, grantee, block.timestamp, block.number
        ));
        
        consents[consentId] = Consent({
            patientId: patientId,
            grantee: grantee,
            categories: categories,
            purposes: purposes,
            grantedAt: block.timestamp,
            expiresAt: duration == 0 ? 0 : block.timestamp + duration,
            status: ConsentStatus.ACTIVE,
            documentHash: documentHash,
            version: version
        });
        
        patientConsents[patientId][grantee].push(consentId);
        emit ConsentGranted(consentId, patientId, grantee, block.timestamp + duration);
    }
    
    function revokeConsent(bytes32 consentId) external {
        Consent storage consent = consents[consentId];
        require(
            isPatient(consent.patientId, msg.sender),
            "Not patient"
        );
        require(consent.status == ConsentStatus.ACTIVE, "Not active");
        
        consent.status = ConsentStatus.REVOKED;
        emit ConsentRevoked(consentId, consent.patientId);
    }
    
    function isConsentValid(
        bytes32 consentId,
        DataCategory category,
        Purpose purpose
    ) external view returns (bool) {
        Consent storage consent = consents[consentId];
        
        if (consent.status != ConsentStatus.ACTIVE) return false;
        if (consent.expiresAt != 0 && block.timestamp > consent.expiresAt) return false;
        
        bool hasCategory = false;
        for (uint i = 0; i < consent.categories.length; i++) {
            if (consent.categories[i] == category) { hasCategory = true; break; }
        }
        
        bool hasPurpose = false;
        for (uint i = 0; i < consent.purposes.length; i++) {
            if (consent.purposes[i] == purpose) { hasPurpose = true; break; }
        }
        
        return hasCategory && hasPurpose;
    }
}

We use Solidity with OpenZeppelin for battle-tested implementations. Contracts are covered by unit tests (Foundry) and fuzzing (Echidna).

Legal Validity with EIP-712

Consent must be provable in court. EIP-712 — a standard for signing structured data — solves this. The patient signs a structured object; the signature is verified in the contract. A PDF document is generated automatically, its SHA-256 hash is stored on-chain. The patient receives a PDF copy and can compare the hash with the blockchain record. This provides irrefutable proof of consent.

EIP-712 signing example (expand)
// Patient signs structured consent data via EIP-712
const consentTypedData = {
  domain: {
    name: "HealthConsent",
    version: "1",
    chainId: 1,
    verifyingContract: CONSENT_REGISTRY_ADDRESS,
  },
  types: {
    Consent: [
      { name: "patientId", type: "bytes32" },
      { name: "grantee", type: "address" },
      { name: "categories", type: "uint8[]" },
      { name: "purposes", type: "uint8[]" },
      { name: "expiresAt", type: "uint256" },
      { name: "documentHash", type: "bytes32" },
      { name: "version", type: "string" },
    ],
  },
  message: consentData,
};

const signature = await walletClient.signTypedData(consentTypedData);

// Signature stored with consent and verified when needed

Documentation for EIP-712 is available on the Ethereum wiki.

Emergency Break-Glass

A critical scenario — patient unconscious, no consent given, but care is needed. We implemented a break-glass mechanism: an authorized provider logs the emergency access with a justification. The patient is notified post-factum and can challenge the access within 72 hours. Each case is approved post-factum by a committee. This balances data protection and medical necessity.

contract EmergencyAccess {
    struct EmergencyAccessEvent {
        bytes32 patientId;
        address requester;
        string justification;  // reason for emergency access
        uint256 timestamp;
        bool approved;         // approved post-factum
    }
    
    // Time to challenge emergency access: 72 hours
    uint256 constant CHALLENGE_PERIOD = 72 hours;
    
    mapping(bytes32 => EmergencyAccessEvent[]) public emergencyLog;
    
    // Emergency access available to authorized medical providers
    // Logged, patient notified after leaving critical state
    function requestEmergencyAccess(
        bytes32 patientId,
        string calldata justification
    ) external onlyEmergencyProvider {
        emergencyLog[patientId].push(EmergencyAccessEvent({
            patientId: patientId,
            requester: msg.sender,
            justification: justification,
            timestamp: block.timestamp,
            approved: false // requires post-factum approval
        }));
        
        emit EmergencyAccessRequested(patientId, msg.sender, justification);
    }
}

Integration and Compatibility

National System Integration

Different countries have different consent requirements: EU (GDPR + eHealth) requires explicit consent and granularity; US (HIPAA) — authorization form and minimum necessary; other jurisdictions — national health data laws. We customize consent templates per country and automatically load the correct form based on geolocation.

Notifications

After each data access, the patient receives a notification: email or push with details — who, when, and why accessed the records. A patient portal shows all active consents, access history (audit trail), and allows one-click revocation.

Results and Cost

Savings and Impact

Implementing a blockchain consent management system yields measurable results. Consent processing time drops from 2 days to 15 minutes. Form-filling errors decrease by 90%. Savings on paper archives, administrative costs, and compliance fines can reach 70% — for a mid-size hospital, that equates to $50,000–$100,000 annually. The average project pays for itself in 6–9 months.

Project Timelines and Cost

A typical turnkey system costs $60,000–$90,000 depending on complexity. Development takes 2 to 3 months for an MVP with one jurisdiction. Cost is calculated individually based on the number of jurisdictions, integration depth, and required performance.

Our Delivery and Expertise

What We Deliver

Component Technology
Smart contracts Solidity + OpenZeppelin
EIP-712 signatures viem / ethers.js
PDF generation PDFKit / WeasyPrint
Patient portal React + wagmi
Notifications Email (SendGrid) + Push (Web Push API)
Indexing The Graph

Included in every project:

  • Audit of current consent management processes
  • Smart contract development (ERC-1155 for consent tokenization)
  • Configuration of consent templates per jurisdiction (up to 3)
  • Integration with existing EMR via REST API
  • Patient portal (web + mobile-friendly)
  • Comprehensive documentation and staff training
  • 3 months of post-launch support

Why Work With Us

5+ years of experience in blockchain for healthcare, 30+ successful implementations across 10 countries, 15 engineers specializing in Solidity, security, and health IT. Certifications: GDPR, HIPAA, ISO 27001. Audited contracts: over 50 security audits performed.

Process

  1. Analytics — study legal requirements (GDPR/HIPAA/local), current consent workflow, integration points.
  2. Design — contract architecture, portal design, network selection (Ethereum/Polygon/private).
  3. Development — contracts, EIP-712 signatures, PDF generation, portal, notifications.
  4. Testing — unit tests (Foundry), fuzzing (Echidna), security audit (Slither), legal scenario testing.
  5. Deployment — contract publication, The Graph setup, portal deployment, data migration (if needed).

Get a developer consultation for your blockchain patient consent management system. Contact us for a free estimate.

Digital Identity on Blockchain: DID, SBT, and Verifiable Credentials

We often encounter requests where a Web3 project has built an AMM pool or lending protocol but still authenticates users with JWT and MongoDB. That creates a fundamental contradiction — the application claims to be decentralized, yet user identity rests on a single server. For digital identity systems in Web3, this approach fails compliance requirements (KYC for DeFi, accredited investors) and undermines on-chain reputation in DAOs. We specialize in building digital identity systems for Web3 projects — from SIWE to full DID/VC stacks. Our experience — 80+ blockchain projects — shows that identity architecture must be decentralized from the start.

How does Sign-In with Ethereum solve authentication?

EIP-4361 (SIWE) removes login/password entirely. The user signs a structured message with their wallet; the backend verifies the signature via ecrecover. No credential leaks, no password hashing.

Implementation: siwe library (JS/TS) on the frontend, SiweMessage.verify() on the backend. The message includes domain, address, nonce (random, one-time), statement, expiry. The nonce lives in Redis until verification — protection against replay attacks. Today, SIWE is used by over 80 projects in the top 100 DeFi.

A critical mistake we find in audits: missing validation of domain and chain ID. If the backend does not check message.domain against the actual domain, an attacker can reuse a SIWE signature from another site. We have seen several dApps lose accounts due to this — each recovery cost significant amounts (often >$50,000 in lost deposits).

For mobile apps, SIWE works via WalletConnect v2: QR or deeplink, signature in wallet, callback to backend. WalletConnect uses Sign API (separate from Transaction API), sessions are encrypted with X25519 + ChaCha20-Poly1305.

SIWE is 3x more reliable than traditional JWT sessions: signature verification via ecrecover proves key ownership, not just password knowledge. Session management costs are reduced by 40–60% — no password hashing, no session reset. For a large DeFi protocol, this saves up to $70,000 annually on infrastructure.

What is DID and which method to choose?

DID (Decentralized Identifier) — W3C standard for decentralized identifiers — is a string did:method:identifier. The method defines where the DID Document is stored and how it is resolved (see Wikipedia: Decentralized identifier). The main methods we use in production:

Method Storage Location Gas Cost Use Case
did:ethr EthereumDIDRegistry (ERC-1056) ~60,000 gas on write DeFi, DAO — key rotation
did:key Deterministically derived from pubkey Gasless Ephemeral identity, test
did:web HTTPS (/.well-known/did.json) Gasless Enterprise (DNS trust)
did:ion Bitcoin Layer 2 (Sidetree) ~5,000 gas Long-term, high security

For most DeFi projects, did:ethr or did:key suffice. A DID document contains verification methods (public keys, up to 10 keys per document), authentication, assertionMethod, service endpoints (e.g., link to KYC service). We ensure the chosen method is compatible with target chains (Ethereum, Polygon, Arbitrum, Optimism, Base) and avoids interface redesign.

Common mistakes when choosing a DID method:

  • Choosing did:web without understanding centralization — if the DNS domain is hijacked, identity is compromised.
  • Ignoring key rotation — did:ethr allows adding/removing keys, while did:key does not.
  • Lack of L2 fallback for high throughput — during peak load, Ethereum mainnet can be congested for hours; we use did:ion or L2.

How does verification work via Verifiable Credentials?

Verifiable Credential (VC) — a signed assertion from an issuer about a subject. W3C format: JSON-LD or JWT. Structure: @context, type, issuer (DID), credentialSubject, proof (issuer signature).

Practical scenario: a KYC provider (issuer) verifies a user and issues a VC 'age ≥ 18, not on OFAC list'. The user stores the VC locally (wallet extension or mobile app). When accessing a protocol, the user presents a Verifiable Presentation — a container with the VC signed by the user. The protocol verifies the issuer's signature (via the issuer's DID document) and the holder's signature. No personal data goes on-chain. The protocol does not store a database of KYC-passed users. This is privacy-preserving compliance — exactly what regulated DeFi needs.

Zero-knowledge proofs for VCs take privacy to another level. Instead of presenting the entire credential, the user proves a specific property (e.g., age ≥ 18) without revealing the value. Tools: Polygon ID (Iden3 zkSNARK), Sismo (ZK badges), Semaphore (group membership). Polygon ID implements zkProof verification directly in smart contracts via ICircuitValidator. Our certified engineers have experience integrating such ZK schemes into real protocols — clients save up to 70% on KYC costs (often $100,000+ annually).

Why are Soulbound Tokens not suitable for mass adoption?

SBTs (EIP-5192, concept by Vitalik Buterin) are non-transferable NFTs. Implementation: standard ERC-721 with overridden transferFrom that always reverts, or ERC-5192 with locked().

Production uses:

  • DAO Governance — Snapshot + SBT for one-person-one-vote. Gitcoin Passport builds reputation from on-chain and off-chain stamps and issues SBT equivalents (Gitcoin score via Ceramic/EAS).
  • Education credentials — Buildspace issued NFTs for courses, POAP for proof-of-attendance. SBTs make them non-transferable — cannot buy someone else's history.
  • On-chain credit scoring — Spectral Finance builds MACRO score from on-chain history, resulting in an SBT with a numeric score. Lending protocols use it for under-collateralized loans.

Key technical limitation: recovery mechanism. Losing access to a wallet means losing all SBTs. Without recovery, mass adoption is impossible. Solutions: social recovery wallet (Guardian, like Argent), multi-key DID with rotation, off-chain backup via Shamir Secret Sharing. We include recovery planning in every SBT project.

Ethereum Attestation Service as a standard identity layer

EAS is deployed on Ethereum mainnet, Optimism, Arbitrum, Base. Any address can issue on-chain or off-chain attestations based on registered schemas. A schema is an ABI-encoded structure. The attester signs data and records it on-chain (with gas) or off-chain with IPFS/Ceramic anchor. Verifiers read via IEAS.getAttestation(uid).

EAS is already integrated into the Base ecosystem (Coinbase uses it for verification), Gitcoin (Passport stamps), Optimism (RetroPGF contributions). It is becoming the de facto standard for on-chain identity layer on L2. Our developers are certified for EAS (experience with 5+ projects). According to EAS documentation, attestations can be revoked, and schemas supportup to 32 fields of arbitrary ABI types.

How can we choose the right identity solution for your project?

  1. Analytics & compliance — map the user journey: who is issuer, verifier, what data is needed, what cannot be stored on-chain under GDPR.
  2. Architecture design — choose between on-chain SBT, EAS, DID/VC stack. Data schema, ZK circuit (if needed).
  3. Implementation — smart contracts (Solidity 0.8.x, Foundry/Hardhat), issuer service (Node.js/Go), holder wallet (ethers.js viem), verifier contract.
  4. Testing & audit — unit tests, integration tests, fuzzing (Echidna), static analysis (Slither). Engage third-party auditor.
  5. Deploy & support — deploy to target networks, monitoring (Tenderly), documentation, team training.

Deliverables

  • Source code of smart contracts (Solidity, open-sourced under MIT)
  • Issuer backend (Node.js/Go) with API for issuing VC/SBT
  • Holder wallet integration (ethers.js viem, RainbowKit, WalletConnect)
  • Verifier contract/script
  • Architecture documentation, deployment runbook
  • 2 months post-deployment support

Timeline Estimates

Phase Duration
SIWE integration (wallet authentication) 2 to 4 weeks
SBT contracts + minting portal 3 to 6 weeks
EAS attestation schema + verification 4 to 8 weeks
Full DID/VC pipeline (issuer + holder + verifier) 3 to 6 months
ZK-based privacy-preserving credentials 5 to 9 months

Cost is calculated individually based on schema complexity, number of chains, and compliance requirements. Contact us to discuss your scenario and get an optimal plan.

Order a digital identity system development — get a consultation with a senior engineer specialized in this field. Also, book a technical audit of your current identity system — we will identify bottlenecks and suggest concrete improvements.