Measuring the Compliance Costs of Exchanging Part 2 Healthcare Claims Data Through Blockchain
| dc.contributor.author | Mandlem, Satyasai | |
| dc.contributor.author | Clavin, James | |
| dc.contributor.author | Joshi, Karuna | |
| dc.date.accessioned | 2026-03-26T14:26:06Z | |
| dc.date.issued | 2026-02 | |
| dc.description.abstract | Patient selections for keeping data confidential may differ between healthcare organizations, creating conflicts in confidentiality for how sensitive and demographic data is linked and merged. Validating that patient data exchange between organizations adheres to healthcare regulations, like the Health Insurance Portability and Accountability Act (HIPAA), is challenging and time-consuming and relies upon organizational due diligence to validate data upon receipt, or in the case of breaches, requires forensic examination to determine the scale of the breach. We address the need for timely compliance evaluation of substance abuse and mental health claims data exchanged between organizations by developing a novel approach integrating blockchain technology with semantic reasoners. The foundation of our methodology is an Ethereum blockchain integrated with a knowledge graph built from the clinical terms for sensitive data value sets maintained by the National Institutes of Health Value Set Authority Center for identifying health data protected by United States Title 42 Code of Federal Regulations (CFR) Part 2. When claims data is transferred, it is first validated by reasoning over the CFR Part 2 knowledge graph. Then the exchange is audited using the Ethereum blockchain to seek out sensitive patient data violating the rules. This paper presents our novel methodology in detail along with the results of sharing sensitive Part 2 data. The time and cost to detect and log out of compliance data transfers are measured and compared to the manual process equivalent. Our methodology can be used by organizations to ensure real-time auditable compliance for a secure and trusted health data exchange. CCS Concepts: • Applied computing → Health care information systems; • Computer systems organization → Peer-to-peer architectures; • Security and privacy → Information accountability and usage control; Economics of security and privacy. | |
| dc.description.sponsorship | This research was partially supported by NSF award 1747724 | |
| dc.description.uri | https://ebiquity.umbc.edu/_file_directory_/papers/1489.pdf | |
| dc.format.extent | 19 pages | |
| dc.genre | journal articles | |
| dc.genre | preprints | |
| dc.identifier | doi:10.13016/m27jjg-fiev | |
| dc.identifier.uri | http://hdl.handle.net/11603/42179 | |
| dc.language.iso | en | |
| dc.relation.isAvailableAt | The University of Maryland, Baltimore County (UMBC) | |
| dc.relation.ispartof | UMBC Student Collection | |
| dc.relation.ispartof | UMBC Faculty Collection | |
| dc.relation.ispartof | UMBC Computer Science and Electrical Engineering Department | |
| dc.relation.ispartof | UMBC Information Systems Department | |
| dc.relation.ispartof | A. All Hilltop Institute (UMBC) Works | |
| dc.rights | This item is likely protected under Title 17 of the U.S. Copyright Law. Unless on a Creative Commons license, for uses protected by Copyright Law, contact the copyright holder or the author. | |
| dc.subject | UMBC Knowledge, Analytics, Cognitive and Cloud Computing (KnACC) lab | |
| dc.subject | UMBC Ebiquity Researh Group | |
| dc.subject | UMBC Cybersecurity Institute | |
| dc.title | Measuring the Compliance Costs of Exchanging Part 2 Healthcare Claims Data Through Blockchain | |
| dc.type | Text | |
| dcterms.creator | https://orcid.org/0000-0001-5745-0158 | |
| dcterms.creator | https://orcid.org/0000-0002-6354-1686 |
Files
Original bundle
1 - 1 of 1