UMBC ebiquity
Distributed Ledger Technologies: Research and Practice (DLT)
Measuring the Compliance Costs of Exchanging Part 2 Healthcare Claims Data Through Blockchain
March 9, 2026
Patient selections for keeping data confidential may differ between healthcare organizations, creating conflicts in confidentiality for how sensitive and demographic data is linked and merged. Validating that patient data exchange between organizations adheres to healthcare regulations, like the Health Insurance Portability and Accountability Act (HIPAA), is challenging and time-consuming and relies upon organizational due diligence to validate data upon receipt, or in the case of breaches, requires forensic examination to determine the scale of the breach.We address the need for timely compliance evaluation of substance abuse and mental health claims data exchanged between organizations by developing a novel approach integrating blockchain technology with semantic reasoners. The foundation of our methodology is an Ethereum blockchain integrated with a knowledge graph built from the clinical terms for sensitive data value sets maintained by the National Institutes of Health Value Set Authority Center for identifying health data protected by United States Title 42 Code of Federal Regulations (CFR) Part 2. When claims data is transferred, it is first validated by reasoning over the CFR Part 2 knowledge graph. Then the exchange is audited using the Ethereum blockchain to seek out sensitive patient data violating the rules. This paper presents our novel methodology in detail, along with the results of sharing sensitive Part 2 data. The time and cost to detect and log out of compliance data transfers are measured and compared to the manual process equivalent. Our methodology can be used by organizations to ensure real-time auditable compliance for a secure and trusted health data exchange.
Article
ACM
ACM
Downloads: 25 downloads