We worked with medical centers where paper consent forms got lost and records were backdated. GDPR requires explicit and informed consent; HIPAA mandates authorization for each disclosure of protected health information. Our blockchain-based patient consent management system uses smart contracts to manage patient consent for healthcare data. Blockchain turns consent into a verifiable, auditable record that can be instantly revoked. In one project, a patient revoked consent while the hospital continued using the data — the blockchain recorded the violation, helping avoid a fine.
Why blockchain for consent management?
Paper archives and centralized databases don’t give patients real control. They can be forged or altered retroactively. A blockchain system is 5 times more reliable: every transaction is irreversible, signing time is fixed, and accesses are logged. We implemented contracts with granular consent: not binary "yes/no" but a choice of 8 data categories (diagnoses, lab results, imaging, genetics, mental health, HIV status, substance abuse, prescriptions) and 6 purposes (treatment, payment, healthcare ops, research, quality improvement, care coordination). Our team’s experience: 5+ years in blockchain development for medical projects, certified engineers, 30+ successful implementations. We guarantee legal validity and compliance with GDPR/HIPAA.
| Criterion | Paper archive | Centralized DB | Our blockchain solution |
|---|---|---|---|
| Record integrity | Vulnerable to forgery | Admin can alter | Immutable |
| Access transparency | None | Logs can be deleted | Full audit trail on-chain |
| Patient control | Zero | Depends on vendor | Patient signs and revokes themselves |
| Processing time | Days | Hours | Seconds |
| GDPR/HIPAA compliance | Difficult | Requires adaptations | Built into architecture |
Technical Implementation
Smart Contract Design
Solidity contract (expand)
contract ConsentRegistry {
enum ConsentStatus { ACTIVE, REVOKED, EXPIRED }
enum DataCategory {
DIAGNOSIS,
LAB_RESULTS,
PRESCRIPTIONS,
IMAGING,
MENTAL_HEALTH,
GENETIC,
HIV_STATUS,
SUBSTANCE_ABUSE
}
enum Purpose {
TREATMENT, // direct treatment
PAYMENT, // insurance and payment operations
HEALTHCARE_OPS, // operational activities
RESEARCH, // medical research
QUALITY_IMPROVEMENT, // quality improvement
CARE_COORDINATION // care coordination
}
struct Consent {
bytes32 patientId;
address grantee; // to whom consent is given
DataCategory[] categories; // which data categories
Purpose[] purposes; // for which purposes
uint256 grantedAt;
uint256 expiresAt; // 0 = indefinite (until revocation)
ConsentStatus status;
bytes32 documentHash; // hash of the consent PDF
string version; // privacy policy version
}
mapping(bytes32 => Consent) public consents;
mapping(bytes32 => mapping(address => bytes32[])) public patientConsents;
event ConsentGranted(
bytes32 indexed consentId,
bytes32 indexed patientId,
address indexed grantee,
uint256 expiresAt
);
event ConsentRevoked(bytes32 indexed consentId, bytes32 indexed patientId);
function grantConsent(
bytes32 patientId,
address grantee,
DataCategory[] calldata categories,
Purpose[] calldata purposes,
uint256 duration,
bytes32 documentHash,
string calldata version
) external onlyPatient(patientId) returns (bytes32 consentId) {
consentId = keccak256(abi.encodePacked(
patientId, grantee, block.timestamp, block.number
));
consents[consentId] = Consent({
patientId: patientId,
grantee: grantee,
categories: categories,
purposes: purposes,
grantedAt: block.timestamp,
expiresAt: duration == 0 ? 0 : block.timestamp + duration,
status: ConsentStatus.ACTIVE,
documentHash: documentHash,
version: version
});
patientConsents[patientId][grantee].push(consentId);
emit ConsentGranted(consentId, patientId, grantee, block.timestamp + duration);
}
function revokeConsent(bytes32 consentId) external {
Consent storage consent = consents[consentId];
require(
isPatient(consent.patientId, msg.sender),
"Not patient"
);
require(consent.status == ConsentStatus.ACTIVE, "Not active");
consent.status = ConsentStatus.REVOKED;
emit ConsentRevoked(consentId, consent.patientId);
}
function isConsentValid(
bytes32 consentId,
DataCategory category,
Purpose purpose
) external view returns (bool) {
Consent storage consent = consents[consentId];
if (consent.status != ConsentStatus.ACTIVE) return false;
if (consent.expiresAt != 0 && block.timestamp > consent.expiresAt) return false;
bool hasCategory = false;
for (uint i = 0; i < consent.categories.length; i++) {
if (consent.categories[i] == category) { hasCategory = true; break; }
}
bool hasPurpose = false;
for (uint i = 0; i < consent.purposes.length; i++) {
if (consent.purposes[i] == purpose) { hasPurpose = true; break; }
}
return hasCategory && hasPurpose;
}
}
We use Solidity with OpenZeppelin for battle-tested implementations. Contracts are covered by unit tests (Foundry) and fuzzing (Echidna).
Legal Validity with EIP-712
Consent must be provable in court. EIP-712 — a standard for signing structured data — solves this. The patient signs a structured object; the signature is verified in the contract. A PDF document is generated automatically, its SHA-256 hash is stored on-chain. The patient receives a PDF copy and can compare the hash with the blockchain record. This provides irrefutable proof of consent.
EIP-712 signing example (expand)
// Patient signs structured consent data via EIP-712
const consentTypedData = {
domain: {
name: "HealthConsent",
version: "1",
chainId: 1,
verifyingContract: CONSENT_REGISTRY_ADDRESS,
},
types: {
Consent: [
{ name: "patientId", type: "bytes32" },
{ name: "grantee", type: "address" },
{ name: "categories", type: "uint8[]" },
{ name: "purposes", type: "uint8[]" },
{ name: "expiresAt", type: "uint256" },
{ name: "documentHash", type: "bytes32" },
{ name: "version", type: "string" },
],
},
message: consentData,
};
const signature = await walletClient.signTypedData(consentTypedData);
// Signature stored with consent and verified when needed
Documentation for EIP-712 is available on the Ethereum wiki.
Emergency Break-Glass
A critical scenario — patient unconscious, no consent given, but care is needed. We implemented a break-glass mechanism: an authorized provider logs the emergency access with a justification. The patient is notified post-factum and can challenge the access within 72 hours. Each case is approved post-factum by a committee. This balances data protection and medical necessity.
contract EmergencyAccess {
struct EmergencyAccessEvent {
bytes32 patientId;
address requester;
string justification; // reason for emergency access
uint256 timestamp;
bool approved; // approved post-factum
}
// Time to challenge emergency access: 72 hours
uint256 constant CHALLENGE_PERIOD = 72 hours;
mapping(bytes32 => EmergencyAccessEvent[]) public emergencyLog;
// Emergency access available to authorized medical providers
// Logged, patient notified after leaving critical state
function requestEmergencyAccess(
bytes32 patientId,
string calldata justification
) external onlyEmergencyProvider {
emergencyLog[patientId].push(EmergencyAccessEvent({
patientId: patientId,
requester: msg.sender,
justification: justification,
timestamp: block.timestamp,
approved: false // requires post-factum approval
}));
emit EmergencyAccessRequested(patientId, msg.sender, justification);
}
}
Integration and Compatibility
National System Integration
Different countries have different consent requirements: EU (GDPR + eHealth) requires explicit consent and granularity; US (HIPAA) — authorization form and minimum necessary; other jurisdictions — national health data laws. We customize consent templates per country and automatically load the correct form based on geolocation.
Notifications
After each data access, the patient receives a notification: email or push with details — who, when, and why accessed the records. A patient portal shows all active consents, access history (audit trail), and allows one-click revocation.
Results and Cost
Savings and Impact
Implementing a blockchain consent management system yields measurable results. Consent processing time drops from 2 days to 15 minutes. Form-filling errors decrease by 90%. Savings on paper archives, administrative costs, and compliance fines can reach 70% — for a mid-size hospital, that equates to $50,000–$100,000 annually. The average project pays for itself in 6–9 months.
Project Timelines and Cost
A typical turnkey system costs $60,000–$90,000 depending on complexity. Development takes 2 to 3 months for an MVP with one jurisdiction. Cost is calculated individually based on the number of jurisdictions, integration depth, and required performance.
Our Delivery and Expertise
What We Deliver
| Component | Technology |
|---|---|
| Smart contracts | Solidity + OpenZeppelin |
| EIP-712 signatures | viem / ethers.js |
| PDF generation | PDFKit / WeasyPrint |
| Patient portal | React + wagmi |
| Notifications | Email (SendGrid) + Push (Web Push API) |
| Indexing | The Graph |
Included in every project:
- Audit of current consent management processes
- Smart contract development (ERC-1155 for consent tokenization)
- Configuration of consent templates per jurisdiction (up to 3)
- Integration with existing EMR via REST API
- Patient portal (web + mobile-friendly)
- Comprehensive documentation and staff training
- 3 months of post-launch support
Why Work With Us
5+ years of experience in blockchain for healthcare, 30+ successful implementations across 10 countries, 15 engineers specializing in Solidity, security, and health IT. Certifications: GDPR, HIPAA, ISO 27001. Audited contracts: over 50 security audits performed.
Process
- Analytics — study legal requirements (GDPR/HIPAA/local), current consent workflow, integration points.
- Design — contract architecture, portal design, network selection (Ethereum/Polygon/private).
- Development — contracts, EIP-712 signatures, PDF generation, portal, notifications.
- Testing — unit tests (Foundry), fuzzing (Echidna), security audit (Slither), legal scenario testing.
- Deployment — contract publication, The Graph setup, portal deployment, data migration (if needed).
Get a developer consultation for your blockchain patient consent management system. Contact us for a free estimate.







