Researchers have developed SST-MedChain, a patient-centric framework for secure and scalable electronic medical record sharing on permissioned blockchains. By using non-interactive delegation, one-time access tokens, and policy-bounded re-delegation, the system reduces costly on-chain authorization while preserving traceability and revocation. Published in Blockchain, the study reports higher throughput and lower latency than representative access-control baselines in wide area network experiments.
Electronic medical records are now central to modern healthcare, supporting clinical diagnosis, cross-institutional collaboration, long-term patient management, and medical research. As medical services become increasingly digital and interconnected, hospitals and healthcare providers need to share electronic medical records more frequently across departments and institutions.
However, secure medical data sharing remains a difficult challenge. Electronic medical records contain highly sensitive personal information, and each access request must be carefully authorized, recorded, and, when necessary, revoked. In collaborative medical scenarios, such as remote consultation, temporary assistance, and cross-hospital diagnosis, permissions may also need to be transferred from one medical professional to another under strict policy constraints.
Blockchain technology provides a promising foundation for this problem because it can offer tamper-evident records, traceable authorization states, and accountable data-sharing logs. Yet existing blockchain-based access control mechanisms often place heavy authorization logic directly on-chain. Traditional models such as Attribute-Based Access Control can support fine-grained policies, but repeated on-chain policy matching may introduce significant computational overhead, especially under bursty, fine-grained, and temporary medical authorization workloads.
To address this issue, Henglong Zhu, Xiaofei Xing, and Guojun Wang from Guangzhou University developed SST-MedChain, a secure and scalable tokenized framework for electronic medical record sharing on permissioned blockchains.
The key idea of SST-MedChain is to transform electronic medical record authorization into a tokenized authorization state machine. Instead of repeatedly evaluating complex access-control policies during every data request, the system uses one-time access tokens to represent authorized access rights. When a doctor uses a valid token, the smart contract performs a lightweight lookup and atomically changes the token state from unused to used. This design prevents token replay and double spending while reducing the computational burden of on-chain authorization.
SST-MedChain is designed as a patient-centric framework. Patients act as data owners and can create offline delegation requests. The system uses an Elliptic Curve Diffie–Hellman-derived verification token protected by a hash commitment, allowing the patient’s delegation intent to be bound to an on-chain record without requiring synchronous patient–doctor interaction during request creation. This non-interactive delegation mechanism is especially useful in medical environments where patients may not always be online or able to respond immediately.
The framework also separates the control plane from the data plane. Electronic medical records remain encrypted and stored off-chain, while the permissioned blockchain records authorization states, token consumption, delegation information, and audit logs. In this way, the blockchain is mainly responsible for trustworthy authorization and traceability, rather than storing or processing the full medical record content.
Another important feature of SST-MedChain is its support for policy-bounded cascading re-delegation. In real medical workflows, an attending physician may need to delegate part of an access right to a specialist or assistant during consultation. SST-MedChain introduces a Nested Freezing mechanism to ensure that delegated rights are conserved and cannot be expanded beyond the original policy. When permissions are transferred, unused tokens are first frozen and then reactivated for the next delegatee under a stricter policy. This process preserves the traceable lineage of authorization.
To support efficient revocation, the framework further introduces a Source Circuit Breaker mechanism. This allows the original data owner to revoke unconsumed permissions along a delegation chain, helping patients retain control over their electronic medical records even after access rights have been transferred through multiple medical staff members.
The researchers implemented SST-MedChain on FISCO BCOS, a permissioned blockchain platform, and evaluated it in a wide area network setting. Compared with an Attribute-Based Access Control baseline, SST-MedChain improved throughput by 38% and reduced on-chain confirmation latency by 86% at 300 queries per second. Under high-concurrency testing, it also achieved 16.5% higher throughput than MedShare at 1000 queries per second while maintaining comparatively stable confirmation latency.
The study further examined contract-level security properties, including stale-request replay, double spending of consumed tokens, forged re-delegation, policy-disallowed re-delegation, and policy-expansion attempts. These tests support the framework’s design goals of misuse resistance, accountability, and traceable permission management within a permissioned consortium environment.
While practical deployment still requires careful governance, key management, and metadata protection, SST-MedChain provides a promising technical path for secure, scalable, and accountable electronic medical record sharing. By combining tokenized authorization, non-interactive delegation, and constrained re-delegation, the framework offers a lightweight alternative to repeated on-chain policy evaluation in high-frequency medical collaboration scenarios.
This paper “SST-MedChain: secure and scalable tokenized EMR sharing on a permissioned blockchain” was published in Blockchain.
Zhu H, Xing X, Wang G. SST-MedChain: secure and scalable tokenized EMR sharing on a permissioned blockchain. Blockchain 2026(1):0004, https://doi.org/10.55092/blockchain20260004.
Blockchain
Experimental study
Not applicable
SST-MedChain: secure and scalable tokenized EMR sharing on a permissioned blockchain
22-Jun-2026