Computer Systems Science & Engineering

VacChain: A Blockchain-Based EMR System to Manage Child Vaccination Records

Azza Abdullah Alnssayan, Mohammad Mahdi Hassan* and Suliman A. Alsuhibany

Department of Computer Science, Qassim University, Buraydah, 51431, Saudi Arabia
*Corresponding Author: Mohammad Mahdi Hassan. Email: mo.hassan@qu.edu.sa
Received: 10 January 2021; Accepted: 05 April 2021

Abstract: The digitalization of healthcare-related information service systems has become a trend across the world. However, several crucial services are still provided manually due to a lack of trust in digital solutions. One such service is keeping records of children’s vaccination, which still relies on a paper-based file system in most parts of the world. This approach causes serious data integrity problems. Recently, healthcare has become a potential application area of the blockchain, as it can preserve and protect highly sensitive private medical records while sharing these records in a decentralized manner without losing personal ownership. Therefore, we propose a new digital model to track a child’s vaccination records using blockchain. In particular, this proposed application helps improve the vaccination record-keeping process by ensuring the integrity of the preserved data in a more secure way. In an emerging pandemic situation, our approach can be extended to manage the overall vaccination process effectively.

Keywords: Blockchain; vaccination; healthcare; Hyperledger Fabric

1  Introduction

Using blockchain technology to build immutable and decentralized systems has become a new trend in the last decade. Initially, blockchain was developed to support various transactions in the finance and business domain, and then later was introduced into other domains. Bitcoin [1] was the first blockchain cryptography application, and within a decade, it became a popular platform for diverse application domains. Healthcare has high potential for blockchain application [2]. Healthcare data are sensitive and private, and the blockchain record-keeping approach can safely store data. The blockchain in healthcare improves the accuracy of electronic healthcare records (EHRs) [3]. Furthermore, it is tracks recording processes and shares digital assets among medical practitioners [4].

Typically, the blockchain is a chain of blocks that verifies and stores transactions. These transactions could be publicly or privately distributed to all participants on the network to modify the ledger securely. All the transactions are grouped in blocks and stored in a blockchain database. Each block is timestamped and linked by a hash. The hash of a block connected with a hash of the previous block effectively makes the entire blockchain history immutable [5]. This means that no one can change the transaction history in the blockchain [6]. Furthermore, each block contains a hash that can be used to verify the integrity of the containing transactions [5]. Moreover, the blockchain is a peer-to-peer digital ledger that enables reliable transactions without centralized management [7]. In our study, we utilize the immutability feature of the blockchain to ensure the integrity of vaccination records.

In this paper, we focus on the possible use of the blockchain to improve the vaccination record-keeping process. In general, the vaccination process starts within the first months of a child’s birth and continues until the age of six. To track the vaccination process, health providers create a file (mostly paper-based) and record related information of each shot. Usually, the file is owned by the child’s family. Many organizations, like schools and insurers, ask for proof of vaccination before a child enters their respective system to receive any service. This whole process is done manually in many countries (e.g., Saudi Arabia), which creates problems such as inaccuracy due to human error, intentional tampering, and untraceable access to vaccination records. Consequently, the proposed VacChain system aims to use the blockchain Hyperledger Fabric network to improve this process by securely tracking the children’s vaccination process and creating a convenient information-sharing scheme without losing integrity and privacy.

The rest of this paper is organized as follows. Section 2 presents background information on blockchain technology and its use in the healthcare system. Section 3 details the requirements and system design for the VacChain. Section 4 discusses implementation details. Section 5 presents our tests of the system and relevant results, while Section 6 discusses these results. Finally, in Section 8, we conclude the paper and suggest future plans for VacChain.

2  Background

In recent years, the use of blockchain technology in various fields has increased dramatically. Healthcare is one of the most attractive domains for the blockchain because it can be employed to improve the accuracy of EHRs [3], which contain highly sensitive and private healthcare data [8]. This section provides a short overview of blockchain technology. Moreover, it briefly discusses existing blockchain applications in healthcare, related challenges, and emerging opportunities.

2.1 Blockchain Background

Seebacher et al. [6] defined the blockchain as follows: “A blockchain is a distributed database, which is shared among and agreed upon a peer-to-peer network. It consists of a linked sequence of blocks, holding timestamped transactions that are secured by public key cryptography and verified by the network community. Once an element appended to the blockchain, it cannot be altered, turning a blockchain into an immutable record of past activity.”

A blockchain contains a chain of blocks connected linearly [4]; each block contains multiple transactions, a cryptographic hash, and a timestamp. Hashing provides integrity and immutability to blockchain history [5]. A timestamp is added to the block to record when a particular block was created [4]. Timestamps also confirm that the blocks are connected in chronological order. According to Swan [4], the blockchain uses hashing and timestamping for proof of existence.

The blockchain uses a peer-to-peer network structure where each peer can interact through a private and public key. A peer uses their private key to sign a transaction, and they are addressable on the network by their public key. An asymmetric cryptography concept is used to ensure network integrity, authentication, and nonrepudiation [3,9].

Zheng et al. [10] discussed three different types of blockchains depending on data availability, data management, and user permissions. These types are public, private, and consortium. In a public blockchain, all data are available to all the nodes without a specific identity. Such blockchains are usually applied in the finance domain. Bitcoin, Litecoin, and Ethereum are examples of public blockchains [10,11]. Seebacher et al. [6] define many characteristics of the public blockchain that impact service systems. One of the main features of this technology is trust, and transparency is the key to ensure trust. To provide transparency, a public blockchain makes information publicly available throughout its entire network without losing the integrity and immutability of data. Another main characteristic is decentralization, which allows privacy protection through pseudonymization and creates a reliable and versatile setting [6]. Private blockchains are managed by a third trusted party to control data access permissions of known identified participants (e.g., who owned the transaction, and who can execute smart contracts). Hyperledger Fabric and Ripple are examples of private blockchain networks [10]. This type of blockchain is mostly used in the healthcare domain due to the privacy and sensitivity of healthcare data. In a consortium blockchain, all data are publicly available for a selected group of participants [10].

A transaction in a blockchain is a sequence of operations applied to some states, which is similar to what is observed in traditional databases. The key difference lies in failure and modification mechanisms [12]. Data in a traditional database are stored in tables that are not encrypted by default; moreover, the data can be queried directly. The traditional database requires a multitude of control, which makes it highly centralized. It is also managed by an administrator who can delete or modify data. In contrast, the blockchain data structure is a back-linked list of blocks built with hash pointers. Each block contains a list of transactions and a hash that refers to and secures each block to its previous block. The first block is called a “genesis block”—all blocks return to the genesis block. Blockchain uses a distributed network of decentralized nodes, which means that all nodes on the network store a copy of the blockchain. Moreover, a traditional database is recursive, whereas the blockchain is non-recursive and appended only. Fig. 1 shows a simple blockchain data structure.


Figure 1: Blockchain data structure [13]

2.2 Blockchain in Healthcare

For several years, healthcare has been considered an area with high potential for blockchain application. Potential uses include storing, sharing, and exchanging medical data using various access control strategies [3,14]. For example, Agbo et al. [15] identified some crucial application areas, such as electronic medical records (EMRs), drug/pharmaceutical supply chains, biomedical research and education, remote patient monitoring (RPM), health insurance claims, and health data analytics (HDA). Bell et al. [16] suggested that to increase transparency in the healthcare domain, the blockchain could be used to track medical devices and drugs.

In the following subsections, we discuss some key benefits and challenges that emerged in this domain. We also discuss some contemporary blockchain-based healthcare systems.

2.2.1 Benefits of Blockchain in Healthcare

According to Agbo et al. [15], the blockchain is beneficial for healthcare applications. In particular, it facilitates decentralization, improves data security and privacy, and ensures health data ownership and verifiability. Moreover, the blockchain supports the development of a robust and transparent healthcare system.

Furthermore, Witchey [17] suggested that existing EMR systems lack proper management of the history of healthcare transactions. The blockchain’s Proof of Work (POW) approach can validate such transactions between various entities.

Conceptually, the blockchain is secure by design [18], and can mitigate many traditional security risks due to the distributed ledger’s decentralization nature [14]. Additionally, it supports decentralized consensus and consistency-building mechanisms, which makes applications resilient to malicious attacks.

Additionally, patients have more control over their medical records in blockchain platforms, and thus data sovereignty is a possibility [2]. Since the changes to the blockchain are visible to all members of the patient network, any unauthorized modifications can be detected easily [18]. With the blockchain, cryptographic functions can be used to ensure the pseudonymity of the patient [19].

2.2.2 Challenges of Blockchain in the Healthcare Domain

According to Hölbl et al. [3], better integration of blockchains is an emerging issue in the healthcare domain. Moreover, many advanced features are not used due to a lack of expertise and investment.

Kassab et al. [14] suggested that the blockchain in its current form cannot resolve all the critical challenges that have emerged in electronic healthcare systems (EHS). Scalability, performance, usability, and interoperability are major challenging issues for viable EHR systems. Currently, blockchain-based systems only play a supplementary role in EHS [20].

The size of healthcare data like imaging and treatment plans is large, but the blockchain was designed to handle transitional data, which are trivial in size. Hence, scaling up is a challenging issue [21] that negatively affects performance. Off-chain storage is a solution to this problem: large files are stored in traditional storage, and related hashes are stored in the blockchain [18].

In general, data in a blockchain are immutable. However, in many countries, healthcare-related privacy laws support the permanent deletion of patient records, which challenges the immutability notion of blockchain [18]. The deletion of records for various reasons is a reality. Data redundancy and filtering mechanisms can be used to support some sorts of record editing options [22]. Moreover, the blockchain supports patients’ ownership and autonomy over personal records, which may negatively affect patient care, especially in emergencies [23].

The interoperability of healthcare systems is a priority in many countries [14]. The blockchain needs to address issues like the resolution of discrepancies and confidence measures for the various sources of information [24]. Zhang et al. [25] proposed some metrics to assess the interoperability of blockchain-based healthcare apps. They categorized interoperability into three categories: foundational, structural, and semantic interoperability.

According to Ribitzky et al. [26], the blockchain is still overly promoted in the healthcare domain. Although it attracts much attention and investment, there is a lack of incentive to adopt it for practical purposes [27].

2.2.3 Contemporary Blockchain-Based Healthcare Systems

In a recent study, Kassab et al. [27] suggested that the commercialization of blockchain in healthcare is still far from reality. They state that only 33% of primary studies provided an actual implementation of a blockchain-based healthcare system. Twenty-five percent of studies are on managing healthcare records, which makes this the most popular subdomain. Unfortunately, there has been no real industry-level validation study until now. Therefore, in this subsection, we explore some prominent implemented healthcare applications based on blockchain.

Healthcare Data Gateways (HDG) is an app architecture proposed by Yue et al. [28] to provide data ownership of the patient and facilitate flexible data sharing without violating privacy. If necessary, HDG ensures data anonymization by removing identified personal information. Therefore, HDG supports collaboration between multiple HDG apps.

Azaria et al. [29] developed MedRec, which is a decentralized record management system used to handle EMRs. It gives patients and doctors an immutable log to manage healthcare records by using smart contracts.

BlocHIE is a blockchain-based platform used to exchange healthcare information; it was developed by Jiang et al. [30]. They differentiated healthcare data into two categories (EMR and personal healthcare data [PHD]), and proposed two loosely coupled blockchains to handle them separately. They integrated off-chain storage and on-chain verification techniques to reduce load and improve authenticability.

Griggs et al. [31] developed a real-time patient monitoring system using a private blockchain based on the Ethereum protocol. They utilized blockchain-based smart contracts to perform real-time analysis and log transaction metadata for medical sensors attached to the patients. Meanwhile, Liang et al. [32] used a cloud-based blockchain platform to store real-time data from wearable devices; this ensured self-sovereign data ownership and data integrity.

In the present study, we developed an EMR system based on a private blockchain to manage child vaccination records. Thus, we keep vaccination records as simple transactional records, and there is no need for off-chain data management supports, which is problematic in many blockchain-based EMR systems.

3  System Design

We developed a VacChain system to track children’s vaccination records. The objective of this system is to secure children’s vaccination records from tampering and share relevant information conveniently without losing integrity and privacy. In our proposed system, whenever a family visits the hospital with their child for vaccination, related information is added to the child’s vaccination record. This record is implemented through a blockchain mechanism. By using our system, a family can permit different parties to authorize and see the vaccination history of their children for confirmation purposes (e.g., for registration at school).

In this section, we discuss the requirements and system design of VacChain. First, we highlight existing vaccination record-keeping systems and their limitations. We then present user and system requirements collected through interviews with various stakeholders; finally, we present a detailed system design of VacChain.

3.1 Existing Vaccination Record-Keeping Systems

To understand how the existing vaccination system works, we communicated and collaborated with local healthcare providers to learn their needs and identify potential opportunities to introduce and elaborate blockchain services. We also visited several local medical centers and interviewed local pediatricians to understand how they preserve and track vaccination records, and discussed the issues and challenges of the existing paper-based system. Through all this, we identified a need for a digitized vaccination record-keeping system. Transparent ownership and immutability support for digital records in blockchain encouraged us to propose a blockchain-based system for this purpose.

We identified two major problems: (1) losing a vaccination file and (2) corrupting information in the vaccination file. Paper-based files (known as vaccination cards) can be lost or damaged. In the case of losing a vaccination card, a family can obtain a replacement vaccination file only by requesting the exact hospital where their child was born and vaccinated. This is a lengthy process and especially hard for those families who moved to a new area. Regarding the second issue, some families decline to vaccinate their children for some superficial reasons but still want to have a vaccination card to access various government or private facilities. They try to manipulate and manage a vaccination card without taking the vaccines. These malpractices can be hazardous to overall public health.

3.2 Requirements for the Proposed System

After visiting different health centers and interviewing local doctors, we came up with multiple requirements for the proposed vaccination record-keeping system. In this section, we list the user and system requirements with their details. We used the “User Story” format to write the user requirements, which is a popular agile practice [33].

3.2.1 User Requirements

In Tab. 1, we present all the user requirements collected from various stakeholders.


3.2.2 System Requirements

In Tab. 2, we present all the system requirements that we have identified for various stakeholders.


3.2.3 System Architecture

In this section, we present the architecture of VacChain. Fig. 2 shows the major components of VacChain and the interactions between them. The whole system consists of multiple layers, which are described below.


Figure 2: System architecture

Layer 1: The user interface layer is where the participants can interact with the system via Angular [34] to either read information or send new transactions. Health admins create a new vaccination record. The child’s family is the owner of the vaccination record, and any update of vaccination records requires access permission from the family. Hospitals, schools, and insurance can see the history of vaccination records after getting permission from the family. Hospitals can create a new vaccine detail for each visit, which contains the doctor’s notes about the child’s current status and the physician’s signature.

Layer 2: The cloud middleware layer is an intermediate layer between layers 1 and 3. It ensures that there is no single point of failure as opposed to a centralized setting in which one dedicated server hosts the middleware infrastructure. REST API [35] connects to Angular to receive the data and then stores them to the blockchain by contacting an appropriate API to interact with a relevant smart contract in layer 3.

Layer 3: Lastly, we have the blockchain network layer, which contains ledger and smart contract services. Data are encoded during transactions, and transactions are bundled into blocks. Each block contains a hash of the previous block to verify and validate the whole data set. Each new block is considered as an update to the state of this network. Transactions can contain computational steps that influence or create a new smart contract. All transactions are generated by the smart contracts, which are subsequently distributed to every peer node in the network [36].

There are two components in the ledger: a world state, and a blockchain [37]. The world state is a database that holds a set of current values of the ledger states. Moreover, it allows the program to directly access the current values of a state instead of calculating them by traversing the entire transaction log. The world state can be changed frequently, as the states are created, updated, and deleted. The second component is a blockchain that is an append-only database. Once added, information cannot be deleted or changed, and thus it is immutable. All the changes that occur in the current world state are recorded in the blockchain.

3.2.4 Processing Models

In this subsection, we present various process models based on the user and system requirements of VacChain. We present sequence diagrams to show important scenarios related to the vaccination process; for instance, Fig. 3 illustrates the processing of a vaccination visit. In VacChain, we have seven participants: health admin, family, hospital, doctor, physician, school, and insurance company. When a baby is born, a new vaccination record (VR) is created by a health admin, who links the VR with the infant’s family ID. Therefore, the family becomes the owner of a VR. For every vaccination visit, the family must give access permission to the hospital to view or update the VR. If a hospital has access permission, it can create a new vaccine detail (VD) and write the details of the visit, such as vaccine name, child name, child age, and the doctors and physicians names who supervise the process. Linking health professionals’ names in the vaccine detail ensures that the respective professionals gain access permission to the VD. In the next step, the family goes to a designated doctor to check the status of the child, and he writes a note about this visit in the VD. The doctor can read all previous notes related to the VD. Finally, the family goes to another designated physician to give the child a specific vaccine, and a signature is added to the VD to confirm this visit. At the end of a visit, the hospital links the current VD to the child’s VR. This process repeats for each visit. Later, when a school or insurance company asks for a child’s vaccination records, they can obtain access permission from the family to allow them to see all vaccine details of the vaccination record.


Figure 3: Child vaccination process

To clarify internal transactions within VacChain, we present an example using a sequence diagram in Fig. 4. This figure depicts how a physician’s signature is stored in the blockchain database. Whenever a physician requests signing on a VD, it is considered as a transaction and submitted to a smart contract. This transaction is recorded in the blockchain as a new block, and the ledger is updated.


Figure 4: Transaction flow of physician’s signature

4  Implementation

The blockchain has many platforms, but the most commonly used ones are Hyperledger Fabric and Ethereum [3]. Both of them support smart contracts, which add much functionality to the blockchain. To develop VacChain, we used the Hyperledger Fabric platform hosted by the Linux Foundation [38], which provides open-source blockchain and related tools. Hyperledger Fabric is a private and permission-based blockchain network where all participants and their roles are known [39]. Moreover, it has a specific smart contract called Chaincode.

We implemented our system with two Hyperledger Fabrics: Hyperledger Fabrics Composer and Hyperledger Fabrics Convector. Initially, we worked on the Hyperledger Composer framework for three months; however, on August 30, 2018, the IBM team announced that they stopped working on any new features for Composer [40]. For this reason, we migrated our application to the Hyperledger Convector framework since Convector and Composer share similar concepts. Furthermore, Convector is more flexible and native, and its community is very active.

In the following sections, we discuss how we implemented our application in both Composer and Convector.

4.1 Implementation on Hyperledger

In Hyperledger, the assets, participants, and transactions are created in the model file. Then, in the access control file, we define the different participants’ permission rules in the business network. Fig. 5 shows the relationships between participants and assets. Each participant has some transactions that can be authorized. Moreover, all participants belong to the participant abstract class, while assets belong to the assets abstract class. The health admin can perform a transaction to create one or more vaccination records. The family owns at least one vaccination record and grant an access permission transaction to the hospital, school, insurance, and others to see the history of the vaccination record. After getting access permission, a hospital can initiate a transaction for creating a new vaccine detail. Lastly, the doctor and physician can access the vaccine detail and update it.


Figure 5: Relationship between participants and assets

Once the model files, access control files, and JavaScript files are defined, we package all these files as one "business network archive" file. This archive file can be deployed or updated on Hyperledger Fabric. We then run the business network archive file on REST API, which provides a useful layer of language-neutral abstraction. The REST API creates and explores business network cards and their authentications. Finally, Angular connects to REST API to run it.

Fig. 6 shows a class diagram to explain our system structure. It is important to note that all system participants are registered by the health admin only. Moreover, the health admin can create one or more vaccination records for a family and see the history of these records that contains all modifications of transactions. A family has separate vaccination records for each of their children. They provide access permission to a hospital to enter the vaccine visit details in a vaccination record.


Figure 6: VacChain class diagram

For each vaccination appointment, the hospital searches for the child record to which they have permission access; then the hospital can create a new vaccine detail for that record. Moreover, when a hospital has permission access, any designated doctor or physician in the hospital can read all vaccine details of that child’s records. After providing vaccination service, the doctor writes his notes on the vaccine detail, and the physician writes further notes and signs on that vaccine detail. If the family grants permission, then these records can be viewed by a specific school, insurance company, or other institute. Meanwhile, the health admin and the hospital can see the history of all modified transactions.

In VacChain, we used model view controller patterns. After creating models and a controller, we ran the necessary command to install and execute codes, and then generated the rest of the APIs. A new vaccine-app file was created in the package folder. In the API layer (vaccine-app), a number of files were created to support interaction between front-end and Chaincode layers. In the controller, we added some authentication functions. To design our application web pages, we used HTML, CSS, and JavaScript languages. Finally, we uploaded our application to Amazon Web Server (AWS).

4.2 Application UI

Here, we explore our Child Vaccines website. This website contains seven main pages for each type of participant, and a login page. The login page is the first page visited to enter the system; here, the system authenticates the username and password of a participant and sets the environment based on her role. The following subsections explain these pages in detail.

4.2.1 Health Admin Page

The health admin page contains three forms under three different tabs. These forms are “Participant,” “Record,” and “History”. These forms can be filled in by the health admin only. The "Participant” tab is for creating a new participant. In this tab, the health admin fills in the required information of the participant, which are participant type, username, full name, and ID number. If the participant is a doctor or a physician, there is an additional field for their hospital name.

The second form, “Record” is for creating a new vaccination record by entering the child’s family username and the child information, such as their name, gender, birth date, and family’s file number.

Lastly, the “History” tab is where the health admin can see the history of all modifications in a specific record. After searching by the family username, this specific record is selected so that the admin can view all vaccination records for each child of that family. For example, we searched for the “Ali” family to display the family’s children’s records. Ahmad is a child of the Ali family; by clicking on Ahmad, the admin can see all of Ahmad’s vaccination records and related details, such as vaccine names and his age when he received a given vaccine.

4.2.2 Hospital Page

The hospital page has two main tabs: one for creating a new detail, and the other for displaying the history of a specific record. For each vaccine visit, the family gives permission for the hospital to access the child’s vaccination record. After obtaining access permission, the hospital can access the child’s record by searching for the family’s username. All children’s records of this family will be shown with the child’s name. Clicking on the child’s name will open a form to collect the required information for each visit. The following information needs to be provided: vaccine name, doctor name, physician name, and some information about the child (such as weight, height, and body temperature). Now a new vaccine detail is created and added to the child’s record. Moreover, the hospital displays hospital forms for viewing all modifications in a specific record of the child’s vaccine details.

4.2.3 Doctor Page

After creating a child’s vaccine detail, the doctor will have permission to access the child’s record. That is, he can now search by the child’s family username to find the record of the child and see all vaccine details. Then, the doctor adds his notes about whether the child can take a vaccine, depending on the child’s status.

4.2.4 Physician Page

The family goes to a physician after the doctor decides the child’s status. Like the doctor, the physician can also access the child’s record by searching the family’s username, and can see all vaccine details of that particular child. The physician reads all of the child’s information and the doctor’s notes, gives the child the recommended vaccine, and then signs on the vaccine detail. In the case where vaccines are not available, the physician will write them in the remaining vaccine field; during the child’s next visit, the physician will read this last vaccine detail and know which vaccines have not yet been given.

4.2.5 Family Page

Our application allows the child’s family to see all their children’s records and vaccine details. The family page consists of two tabs: one for viewing their children’s records and their vaccine details, and the other for giving access permission to other providers. Moreover, selecting one of the vaccine details will show a dialog box that contains all the information related to a particular record, such as the physician signature. In the permissions tab, the family can give access to selected vaccination records to other providers such as hospitals, schools, and insurance companies.

4.2.6 School and Insurance Pages

Schools and insurance companies have similar privileges. The school (or insurance company) can find the child’s record by searching by the family’s username after getting permission to access the child’s record from the family. The school and insurance company can check vaccine details for the specific child and see all detailed vaccine information in a dialog box (Fig. 7).


Figure 7: Detailed vaccination information shared with school or insurance company

5  Testing and Results

To ensure the quality of the vaccination record system, we proceed with some validation and verification processes. In this section, we discuss the testing process and present relevant results.

5.1 Performance Testing

In general, performance testing is a practice performed to determine how a system performs under a particular workload in terms of responsiveness and stability. In particular, load testing is a simple form of performance testing used to understand the behavior of the system at a specific expected load. We used load testing to measure our system’s server and render response time via DevTools [41].

To test render response time, we recorded the runtime performance of the register function. The result of this test shows frames per second (FPS), a CPU chart, and time rendering [42]. According to Fig. 8, the FPS of the register function is high (i.e., the green bar is higher), and the CPU was not maxed out during the recording (i.e., the CPU chart is not full of color). Furthermore, Fig. 9 illustrates an empirical test used to measure the server response time for multiple system functions, such as login and get-participant functions. For this, we measured response time based on the average performance of ten functions. The average response time was 2.5 seconds, which is good since the response time should not exceed 5–10 seconds [43].


Figure 8: Testing results of registration process


Figure 9: Response time testing

5.2 Overall Testing Results

According to our various testing, the system works efficiently, as shown during the performance testing (with a good response time). We tested all the user and system requirements thoroughly, and we obtained an acceptable result.

6  Discussion

VacChain can help families keep their children’s vaccination records in a secure and convenient way. Based on the testing result, the system seems accessible and credible. Moreover, a family can share vaccination information with multiple providers (e.g., schools and insurance). Furthermore, the proposed system supports the privacy and confidentiality of vaccination data by implementing specific authorization mechanisms. In VacChain, a family is aware of their children’s vaccination records, unlike in other health information systems where the families are not participants. Furthermore, VacChain relies on many participating entities to avoid a single point of failure. The vaccination record information is stored locally at variant provider servers, and each node in the network stores copies of authorization data.

We worked in two different fabrics, Hyperledger Composer and Hyperledger Convector, which made our development effort more challenging. In Hyperledger Composer, a business network model was defined by three components: assets, participants, and transactions [44]. Conversely, in Convector, there are two fundamental concepts: models and controllers [45]. Moreover, Composer used its custom-designed language to define smart contracts while Convector used JavaScript language. This makes Composer easier and quicker, but the Chaincode in Convector is more flexible and expressive for defining rules such as validations and restricting data. Our experience suggests that Convector is better than Composer due to its flexibility since it runs natively in Hyperledger Fabric. However, as a new fabric, multiple bugs must be fixed.

7  Conclusions and Future Work

Blockchain technology has been adopted in many areas to improve system quality and functionality. Immutability is one of the major characteristics of blockchain that can protect highly sensitive private data and ensure integrity. Healthcare is one of the potential domains for blockchain-based applications due to its support for data privacy and ownership. Many healthcare services still depend on paper-based systems; one of these services is preserving children’s vaccination records in a paper file. Such files are unsecured because they can be easily lost or damaged. Losing a child’s vaccine file creates many problems for the child, as the file is required for receiving essential services such as registration at school, getting insurance, and medical care. Therefore, in this paper, we presented the VacChain system to improve the traditional vaccination process by preserving and tracking related information in a more secure and integrated way. The developed system was tested, and the results showed that it works efficiently and effectively. Furthermore, our system preserves vaccination information securely from malicious attackers by having decentralized blockchain ledgers. However, Hyperledger Convector is a new, quickly developing framework, and therefore many defects make it challenging to implement sophisticated features.

In the future, we are planning to enhance the usability and performance of VacChain through additional features. An emerging pandemic situation, like COVID19 [46], suggests vaccination across all ages would play a crucial role in stopping the spread of contagious diseases and improving overall public health. Thus, we plan to expand our approach to collect adult vaccination records for the general population.

Acknowledgement: The authors gratefully acknowledge Qassim University, represented by the Deanship of Scientific Research, on the material support for this research under the number (5455-coc-2019-2-2-I) during the academic year 1441 AH/2020 AD. The authors would also like to thank Muntasir Mamun Joarder of Ipswich City Council, Australia, for his technical suggestions on blockchain technology.

Funding Statement: This study was funded by the Deanship of Scientific Research, Qassim University (5455-coc-2019-2-2-I).

Conflict of Interest: The authors declare that they have no conflicts of interest to report regarding the present study.


 1.  S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008. [Online]. Available: https://bitcoin.org/bitcoin.pdf. [Google Scholar]

 2.  M. Mettler, “Blockchain technology in healthcare: The revolution starts here,” in 2016 IEEE 18th Int. Conf. on e-Health Networking, Applications and Services (HealthcomMunich, Germany, pp. 1–3, 2016. [Google Scholar]

 3.  M. Hölbl, M. Kompara, A. Kamišalić and L. Nemec Zlatolas, “A systematic review of the use of blockchain in healthcare,” Symmetry, vol. 10, no. 10, pp. 470, 2018. [Google Scholar]

 4.  M. Swan, Blockchain: Blueprint for a new economy. Sebastopol, CA, USA: O’Reilly Media Inc., 2015 [Online]. Available: https://www.oreilly.com/library/view/blockchain/9781491920480/. [Google Scholar]

 5.  K. Peterson, R. Deeduvanu, P. Kanjamala and K. Boles, “A blockchain-based approach to health information exchange networks,” in Proc. of NIST Workshop Blockchain Healthcare, Gaithersburg, MD, USA, pp. 1–10, 2016. [Google Scholar]

 6.  S. Seebacher and R. Schüritz, “Blockchain technology as an enabler of service systems: A structured literature review,” in Int. Conf. on Exploring Services Science, Rome, Italy, pp. 12–23, 2017. [Google Scholar]

 7.  H. Watanabe, S. Fujimura, A. Nakadaira, Y. Miyazaki, A. Akutsu et al., “Blockchain contract: A complete consensus using blockchain,” in 2015 IEEE 4th Global Conf. on Consumer Electronics (GCCEOsaka, Japan, pp. 577–578, 2015. [Google Scholar]

 8.  A. Dubovitskaya, Z. Xu, S. Ryu, M. Schumacher and F. Wang, “How blockchain could empower eHealth: An application for radiation oncology,” in Data Management and Analytics for Medicine and Healthcare. Manhattan, NY, USA: Springer International Publishing, pp. 3–6, 2017. [Google Scholar]

 9.  K. Christidis and M. Devetsikiotis, “Blockchains and smart contracts for the internet of things,” IEEE Access, vol. 4, pp. 2292–2303, 2016. [Google Scholar]

10. Z. Zheng, S. Xie, H. Dai, X. Chen and H. Wang, “An overview of blockchain technology: Architecture, consensus, and future trends,” in 2017 IEEE Int. Congress on Big Data (BigData Congress). Honolulu, HI, USA, pp. 557–564, 2017. [Google Scholar]

11. E. Androulaki, A. Barger, V. Bortnikov, C. Cachin, K. Christidis et al., “Hyperledger Fabric: A distributed operating system for permissioned blockchains,” in Proc. of the Thirteenth EuroSys Conf., Porto, Portugal, pp. 1–15, 2018. [Google Scholar]

12. T. T. A. Dinh, R. Liu, M. Zhang, G. Chen, B. C. Ooi et al., “Untangling blockchain: A data processing view of blockchain systems,” IEEE Transactions on Knowledge and Data Engineering, vol. 30, no. 7, pp. 1366–1385, 2018. [Google Scholar]

13. G. Ayoade, V. Karande, L. Khan and K. Hamlen, “Decentralized IoT data management using blockchain and trusted execution environment,” in 2018 IEEE Int. Conf. on Information Reuse and Integration (IRISalt Lake City, Utah, pp. 15–22, 2018. [Google Scholar]

14. M. Kassab, J. Defranco, T. Malas, V. V. Graciano Neto and G. Destefanis, “Blockchain: A panacea for electronic health records?,” in 2019 IEEE/ACM 1st Int. Workshop on Software Engineering for Healthcare (SEH). Montreal, QC, Canada, pp. 21–24, 2019. [Google Scholar]

15. C. C. Agbo, Q. H. Mahmoud and J. M. Eklund, “Blockchain technology in healthcare: A systematic review,” Healthcare, vol. 7, no. 2, pp. p.–56, 2019. [Google Scholar]

16. L. Bell, W. J. Buchanan, J. Cameron and O. Lo, “Applications of blockchain within healthcare,” Blockchain in Healthcare Today, vol. 1, pp. 1–7, 2018. [Google Scholar]

17. N. J. Witchey, Healthcare transaction validation via blockchain, systems and methods. Culver City, CA, USA, 2015, U. S. Patents No. 10,340,038. [Google Scholar]

18. C. Esposito, A. De Santis, G. Tortora, H. Chang and K. K. R. Choo, “Blockchain: A panacea for healthcare cloud-based data security and privacy?,” IEEE Cloud Computing, vol. 5, no. 1, pp. 31–37, 2018. [Google Scholar]

19. A. Al Omar, M. S. Rahman, A. Basu and S. Kiyomoto, “MediBchain: A blockchain based privacy preserving platform for healthcare data,” in Int. Conf. on security, privacy, and anonymity in computation, communication and storage (SpaCCGuangzhou, China, pp. 534–543, 2017. [Google Scholar]

20. C. Pirtle and J. Ehrenfeld, “Blockchain for healthcare: The next generation of medical records?,” Journal of Medical Systems, vol. 42, no. 9, pp. 172, 2018. [Google Scholar]

21. W. J. Gordon and C. Catalini, “Blockchain technology for healthcare: Facilitating the transition to patient-driven interoperability,” Computational and Structural Biotechnology Journal, vol. 16, no. 2016, pp. 224–230, 2018. [Google Scholar]

22. И. Ванков, How hyperledger reinforce truth and trust, 2017 [Online]. Available: https://www.youtube.com/watch?v=0MwvRycVRX8. [Google Scholar]

23. T. Mcghin, K. K. R. Choo, C. Z. Liu and D. He, “Blockchain in healthcare applications: Research challenges and opportunities,” Journal of Network and Computer Applications, vol. 135, no. 1, pp. 62–75, 2019. [Google Scholar]

24. M. A. Engelhardt, “Hitching healthcare to the chain: An introduction to blockchain technology in the healthcare sector,” Technology Innovation Management Review, vol. 7, no. 10, pp. 22–34, 2017. [Google Scholar]

25. P. Zhang, M. A. Walker, J. White, D. C. Schmidt and G. Lenz, “Metrics for assessing blockchain-based healthcare decentralized apps,” in 2017 IEEE 19th Int. Conf. on e-Health Networking, Applications and Services (HealthcomDalian, China, pp. 1–4, 2017. [Google Scholar]

26. R. Ribitzky, J. St. Clair, D. I. Houlding, C. T. Mcfarlane, B. Ahier et al., “Pragmatic, interdisciplinary perspectives on blockchain and distributed ledger technology: Paving the future for healthcare,” Blockchain in Healthcare Today, vol. 1, pp. 1–15, 2018. [Google Scholar]

27. M. H. Kassab, J. Defranco, T. Malas, P. Laplante, G. Destefanis et al., “Exploring research in blockchain for healthcare and a roadmap for the future,” IEEE Transactions on Emerging Topics in Computing, vol. 1, no 1, pp. 1–16, 2019. [Google Scholar]

28. X. Yue, H. Wang, D. Jin, M. Li and W. Jiang, “Healthcare data gateways: Found healthcare intelligence on blockchain with novel privacy risk control,” Journal of Medical Systems, vol. 40, no. 10, pp. 218, 2016. [Google Scholar]

29. A. Azaria, A. Ekblaw, T. Vieira and A. Lippman, “MedRec: Using blockchain for medical data access and permission management,” in 2016 2nd Int. Conf. on Open and Big Data (OBDVienna, Austria, pp. 25–30, 2016. [Google Scholar]

30. S. Jiang, J. Cao, H. Wu, Y. Yang, M. Ma et al., “BlocHIE: A blockchain-based platform for healthcare information exchange,” in 2018 IEEE Int. Conf. on Smart Computing (SMARTCOMPTaormina, Italy, pp. 49–56, 2018. [Google Scholar]

31. K. N. Griggs, O. Ossipova, C. P. Kohlios, A. N. Baccarini, E. A. Howson et al., “Healthcare blockchain system using smart contracts for secure automated remote patient monitoring,” Journal of Medical Systems, vol. 42, no. 7, pp. 130, 2018. [Google Scholar]

32. X. Liang, J. Zhao, S. Shetty, J. Liu and D. Li, “Integrating blockchain for data sharing and collaboration in mobile healthcare applications,” in 2017 IEEE 28th Annual Int. Sym. on Personal, Indoor, and Mobile Radio Communications (PIMRCMontreal, QC, Canada, pp. 1–5, 2017. [Google Scholar]

33. G. Lucassen, F. Dalpiaz, J. M. E. M. Van Der Werf and S. Brinkkemper, “Improving agile requirements: The quality user story framework and tool,” Requirements Engineering, vol. 21, no. 3, pp. 383–403, 2016. [Google Scholar]

34. Angular, Introduction to the Angular Docs, n.d. [Online]. Available: https://angular.io/docs. [Google Scholar]

35. Z. Liew, Understanding and using REST APIs, Smashing Magazine, 2018. [Online]. Available: https://www.smashingmagazine.com/2018/01/understanding-using-rest-api/. [Google Scholar]

36. Hyperledger Fabric, Blockchain network, 2019. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-1.4/network/network.html. [Google Scholar]

37. Hyperledger Fabric, The Ledger, 2019. [Online]. Available: https://hyperledger-fabric.readthedocs.io/en/release-1.4/ledger/ledger.html#the-ledger. [Google Scholar]

38. A. Kovach and G. Ronai, MyMEDIS: A new medical data storage and access system, 2018. [Online]. Available: https://mymedis.in/documents/MEDIS-White-Paper.pdf. [Google Scholar]

39. S. Maheshwari, Blockchain basics: Hyperledger Fabric. IBM Developer, 2018 [Online]. Available: https://developer.ibm.com/articles/blockchain-basics-hyperledger-fabric/. [Google Scholar]

40. S. Stone, Composer TSC update, 2018. [Online]. Available: https://lists.hyperledger.org/g/composer/message/125. [Google Scholar]

41. K. Basques, Analyze runtime performance. Google Developer, 2017. [Online]. Available: https://developer.chrome.com/docs/devtools/evaluate-performance/#get-started. [Google Scholar]

42. K. Basques, Performance features reference. Chrome DevTools, 2017. [Online]. Available: https://developers.google.com/web/tools/chrome-devtools/evaluate-performance/reference. [Google Scholar]

43. L. Alger, Basic concepts of performance testing, 2018. [Online]. Available: https://www.softwaretestingnews.co.uk/basic-concepts-of-performance-testing/. [Google Scholar]

44. Hyperledger Composer, Welcome to Hyperledger Composer, 2019. [Online]. Available: https://hyperledger.github.io/composer/v0.19/introduction/introduction. [Google Scholar]

45. WorldSibu, Convector framework, 2019. [Online]. Available: https://worldsibu.github.io/convector/. [Google Scholar]

46. N. Lurie, M. Saville, R. Hatchett and J. Halton, “Developing Covid-19 vaccines at pandemic speed,” New England Journal of Medicine, vol. 382, no. 21, pp. 1969–1973, 2020. [Google Scholar]

images This work is licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.