Diploma Project Last

MINISTRY OF SCIENCE AND HIGHER EDUCATION OF THE REPUBLIC OF
KAZAKHSTAN
INTERNATIONAL INFORMATION TECHNOLOGY UNIVERSITY
FACULTY OF COMPUTER TECHNOLOGY AND CYBERSECURITY
Altynbek Adil
Islambek Daulet
Bakytbekov Nursultan
Data Management System for Multi-User Medical Platforms Using Blockchain
DIPLOMA PROJECT
Educational program 6B06303 – Network Security
Almaty 2023
MINISTRY OF SCIENCE AND HIGHER EDUCATION OF THE REPUBLIC OF
KAZAKHSTAN
INTERNATIONAL INFORMATION TECHNOLOGY UNIVERSITY
DEPARTMENT OF CYBERSECURITY
Approved
Head of Department,
cand. of tech. sc., assoc. professor
S.T. Amanzholova
«_____» ______________ 2023
DIPLOMA PROJECT
Done by: Altynbek A. _______

«___» ______2023 (signature)
Islambek D. _______
«___» ______2023 (signature)
Bakytbekov N. _______
«___» ______2023 (signature)
Research supervisor: Kabylzhan A. _______

«___» ______2023 (signature)
Reviewer: Kim E.R. _______

«___» ______2023 (signature)
Almaty 2023
2
International Information Technology University
Faculty of Computer Technology and Cybersecurity
Department of Cybersecurity
Diploma Project Assignment
Students
Altynbek A., Islambek D., Bakytbekov N.
Diploma project topic
Approved by IITU order № 84-с dated «06» December 2022
Diploma project submission date «16» June 2023
Diploma project initial date

The main goal of the project is to develop a platform for storing and processing
patient data, ensuring their reliability and safety, and also to show the practical
application of this platform.
To achieve this goal, it is necessary to solve several tasks:
 Analyze in detail all the requirements for the necessary knowledge,
information and any aspects that will affect them.
 Find and add features that will be unique to our solution compared to other
solutions that are already on the market
 Identify the necessary technologies, tools and platforms to create a patient data
management system.
 Develop a system architecture for optimal performance.
 Develop API integration tools that will help to easily integrate the system into
the company's existing medical organizations.
 Test the developed system.
CD containing the digital version of diploma paper and attachments

1 Diploma project documentation.
2 Diploma project presentation.
Source code of the software and explanatory note.
3
Consultations on diploma project (with related project chapters named)
Consultant Name Signature, date

Assignment Assignment
given received
Consultant on Associate professor
Economic A.G. Mukhamediyeva
effectiveness of
the project
English Associate professor
language N.S. Pak
consultant
Compliance monitor Master, Senior lecturer
S.N. Makilenov
Date «__» _________2023
Research supervisor ___________ Kabylzhan A.

(signature)
Assignment received by ___________ Altynbek A.

(signature)
___________ Islambek D.
(signature)
___________ Bakytbekov N.
(signature)
4
Diploma project writing schedule
Altynbek A., Islambek D., Bakytbekov N.
Topic: Data Management System for Multi-user Medical Platforms Using

Blockchain
№ Assignment Submission date

1. Creation of the graduation project writing schedule October 30
2. Collection, study, processing, analyzing, and November –
generalizing data December
3. Drafting and submission to the Research supervisor January –
(Introduction, Chapter 1, Chapter 2, Chapter 3, Chapter February
4, Conclusion)
4. Pre-defence February 8
5. Submission of the Chapter «Economic effectiveness of March – April
the project» to the consultant
6. Revision of the diploma project with due consideration March – April
of the supervisor’s comments
7. Submission of the completed diploma project to the April 1
Research supervisor
8. Submission of the completed diploma project to the May 15 – May 22
English language consultant
9. Submission of the diploma project to the compliance May 23 – May 26
monitor
10. Submission of the diploma project for the plagiarism May 23
check-up
11. Submission to the reviewer for approval May 20 – May 25
12. Diploma project defense June 9
Done by: Altynbek A. _______

(signature)
Islambek D. _______
(signature)
Bakytbekov N. _______
(signature)
Research supervisor: Kabylzhan A. _______
(signature)
Date «30» October 2022
5
АҢДАТПА
Бұл дипломдық жобада медициналық ұйымдардағы емделушілердің

деректерінің бірыңғай тізілімін қамтамасыз ететін платформа құру ұсынылады.
Мұндай платформаның көмегімен медициналық ұйымдар еделушілердің бүкіл
ауру тарихын қарап, талдай алады, сонымен қатар пациенттің кейінгі күтімі,
оның анализдері туралы, сондай-ақ рецепт бойынша берілген дәрі-дәрмектер
мен диагноздардың жазбалары туралы деректерді қосуға болады.
Сонымен қатар, берілген жұмыста блокчейннің жалпы мәселелері,
олардың рөлі мен ерекшеліктері қарастырылады, қолданыстағы бағдарламалық
өнімдерге салыстырмалы шолу беріледі. Бұл бағдарламада блокчейн
технологиясын пайдалану емделушілердің электрондық денсаулық жазбаларын
(EMR) өзекті және жаңартылған күйде сақтай отырып, медициналық
кеңсеңіздің жұмысына көмектеседі. Жалпы мүмкіндіктерге емделушілер
туралы жаңартылған ақпаратқа қолжетімділік, емделушілермен жеңілдетілген
өзара әрекеттесу үшін жазылу нысандарын толтыру, пациенттерге дәрі-дәрмек
тағайындау және диагноз қою мүмкіндігі кіреді.
Бұл дипломдық жоба 68 беттен тұрады, оның ішінде 30 иллюстрация, 20
кесте, 13 атаудан тұратын әдебиеттер тізімі қамтиды.
Кілттік сөздер: БЛОКЧЕЙН ТЕХНОЛОГИЯСЫ, ҚАУІПСІЗДІК,

ҚҰПИЯЛЫЛЫҚ.
6
АННОТАЦИЯ
В данном дипломном проекте предлагается создать платформу, которая

будет предоставлять единый реестр о данных пациентов в медицинских
организациях. С помощью такой платформы работники медицинских
организации могут смотреть и анализировать всю историю болезней пациентов,
также смогут добавлять данные об последующем уходе за пациентом, о его
анализов, также об отпускаемых по рецепту лекарств и записи диагнозов.
Рассмотрены общие проблемы блокчейна, их роль и особенности, дан
сравнительный обзор существующих программных продуктов. Использование
технологии блоекчейн в этой программе помогает выполнять
административные задачи вашего медицинского кабинета, сохраняя при этом
электронные медицинские карты(ЭМК) ваших пациентов в целостным и в
актуальным виде. Общие функции включают в себя возможность получать
актуальную информацию о пациентах, заполнять формы приема для более
упорядоченного взаимодействия с пациентами, назначать пациентам лекарства
и ставить диагнозы.
Данный дипломный проект содержит 68 страницы, включая 30
иллюстраций, 20 таблиц, список литературы из 13 наименования.
Ключевые слова: ТЕХНОЛОГИЯ БЛОКЧЕЙН, БЕЗОПАСНОСТЬ,

КОНФИДЕНЦИАЛЬНОСТЬ.
7
ANNOTATION
In this project, it is proposed to create a platform that will provide a single

register of patient data in medical organizations. With such a platform, medical
workers can view and analyze the entire medical history of patients, they can also add
data on the subsequent care of the patient, about his tests, as well as about
prescription drugs and records of diagnoses.
In this diploma project the general problems of the blockchain, their role and
features are considered, a comparative review of existing software products is given.
The use of blockchain technology in this program helps you to perform the
administrative tasks of your medical office with keeping your patients' electronic
health records (EMRs) intact and up to date. Common features include the ability to
get up-to-date patient information, fill out appointment forms for a more streamlined
interaction with patients, prescribe medications to patients, and make diagnoses.
This diploma project contains 68 pages, including 30 illustrations, 20 tables, a
list of references from 13 titles.
Keywords: BLOCKHAIN TECHNOLOGY, SECURITY,

CONFIDENTIALITY
8
CONTENTS
INTRODUCTION 11
1 DESCRIPTION AND ANALYSIS OF THE PROJECT 12
1.1 Introduction to Cybersecurity in Healthcare 12
1.2 Classification of Information Security 15
1.3 Comparison of Existing Solutions 18
1.4 Project Description 22
1.5 Exploration of Potential Future Developments for the Product 24
2 MODELING THE PROCESS OF IMPROVING DATA 26
MANAGEMENT SYSTEM IN MEDICAL ORGANIZATIONS
2.1 Project Scope 26
2.2 Rules and Responsibilities 27
2.3 Project Risks 28
2.4 Success Managements 29
2.5 Project Oriented Organizational Structure 31
2.6 Roles and Responsibilities of Each Person in the Team 32
2.7 Work Breakdown Structure 36
2.8 SWOT Analysis 39
2.9 Competitive Matrix 41
2.10 Maslow's Pyramid 43
3 TECHNICAL IMPLEMENTATION 45
3.1 Technical Overview 45
3.2 Rationale for the Choice of Software 47
3.3 Interface Features (Design, Storage) 49
3.3.1 Sign Up Page 49
3.3.2 Home Page 50
3.3.3 Patient Page 52
3.4 Database Interaction Structure 53
3.4.1 ER Physical Model 53
3.4.2 Logical Design of the DB 54
3.5 Blockchain Structure 57
3.5.1 PatientBlock Class 58
3.5.2 Block Class 58
3.5.3 Blockchain Class 59
3.5.4 Cryptography 59
4 ECONOMIC EFFECTIVENESS OF THE PROJECT 61
4.1 Technical Description 61
4.2 Marketing Analysis 61
4.3 Marketing Action Plan 61
4.4 Calculation of the Economic Efficiency of Software Product 62
Development
4.5 The Price of Progress: The Significance of Equipment Costs in 62
Application Development
9
4.6 Expenses on Payroll (wage fund) 63
4.7 Overhead Costs 64
4.8 Calculation of Efficiency in the Implementation of Software in the 65
Enterprise (for the user)
CONCLUSION 67
REFERENCES 68
10
INTRODUCTION
The topic of the diploma project: A data management system for multi-user
medical platforms using blockchain.
Relevance: Blockchain solutions offer effective approaches to reliable data
management, especially in the field of medicine when storing and processing
confidential patient data.
Scientific novelty: Existing approaches using blockchain in medical
organizations are rare. This product will comply with modern application security
standards, and will also be able to flexibly customize the functionality for the task
and platform set by the company.
The object of research is flexible and complex applications related to
blockchain technology, information storage and secure access to them.
The practical value of the diploma project is the general register of patient data
and the platform for accessing this data will be very versatile and easily scalable due
to blockchain technology.
The main goal of the project is to develop a platform for storing and processing
patient data, ensuring their reliability and safety, and also to show the practical
application of this platform.
To achieve this goal , it is necessary to solve several tasks:
 Analyze in detail all the requirements for the necessary information and any
aspects that will affect them, as well as the structure of mobile devices in the
corporate environment;
 Find and add features that will be unique to our solution compared to other
solutions that are already on the market;
 Determine the necessary technologies, tools, and platforms for creating an
data management system;
 Develop a layout of a mobile application system;
 Implement robust security measures to protect patient data from
unauthorized access, breaches, and data leaks;
 Test the developed system.
Research methods: observation, comparison of existing solutions, study and
analysis of the standard, decomposition, testing.
The structure of the study includes an introduction, theoretical and analytical
part, practical part, justification of economic efficiency, conclusion.
11
1 DESCRIPTION AND ANALYSIS OF THE PROJECT
1.1 Introduction to Cybersecurity in Healthcare
Digitalization in the healthcare sector increases the efficiency of medical

services. Electronic document management in medical institutions facilitates record
keeping, brings the quality of data processing and storage to a new level, increases
the effectiveness of control over the medical services provided, the allocation of
financial resources, etc. But such digitalization also has a downside — the risks of
information security violations increase when information from electronic databases
of hospitals and clinics is used for selfish purposes. In the healthcare sector, these
risks are particularly high.
The activity of cybercriminals against medical institutions is steadily
increasing. By the end of 2022, medicine was among the top three in terms of the
number of various kinds of cyber attacks, yielding to government agencies and
industry, displacing banks and financial companies from the top. There was a
precedent for the death of a patient who could not be helped in time due to the fact
that the infrastructure of a medical institution was hit by extortionate software, as a
result, the diagnostic equipment turned out to be inoperable. Also, many hacker
groups attack medical institutions for the sake of data theft, and this trend is only
getting stronger. Moreover, many types of extortionate software, along with data
encryption, allow them to be stolen, which is often used to blackmail attacked
companies and institutions in order to guarantee either to get a ransom or to sell
sensitive data at the disposal of attackers.
Accordingly, it is important for medical organizations not only to build some
kind of system that formally meets the requirements of regulators, but also to achieve
real security, and proactive, which allows preventing various kinds of security
incidents, including data leaks and disruptions of the smooth operation of all systems.
Kaspersky Lab specialists noted an overall increase in the number of phishing
attacks in Kazakhstan by 12%, if we compare the first quarter of 2022 with the same
period of 2023. At the same time, the number of phishing attacks in the corporate
sector increased by 120%. According to the company's calculations, Kazakhstan
ranks seventh in the world in terms of the number of cyber attacks.
According to the company, in the first quarter of 2023 in Kazakhstan, the
number of organizations faced with ransomware programs mainly decreased
compared to the fourth quarter of 2022 - by 17%, if we consider attacks on business.
The number of attacks on businesses using spyware that can monitor the user's
actions, collect statistics on behavior on the network, intercept personal data and
more, has increased by almost 20% in Kazakhstan, if we compare the first quarter of
2022 with the same period of 2023.
The company's experts also noted a rapid increase in the number of Trojan
banking attacks in the first quarter of 2023 compared to the same period in 2022. In
Kazakhstan, the number of attacked users increased by 92%.
12
Malware and targeted persistent threats are expected to be the main drivers of
cybercrime growth. As Kazakhstan accelerates the pace of digitalization,the
government as well as key industrial organizations may become targets for cyber
espionage campaigns. See Figure 1.1.1 Information Security Incident Statistics.
Figure 1.1.1 - Calculations Based on KZ-CERT
We can also notice a special interest of the state in the training of new
personnel in the current year, see Figure 1.1.2
Figure 1.1.2 - Analytics of Increasing Interest in Information Security

Specialties
The security of the personal data of Kazakhstanis is one of the priority issues
for the Republic of Kazakhstan. Thus, the Ministry of Digital Development,
Innovation, and Aerospace Industry of the Republic of Kazakhstan announced the
acceptance of proposals for a bill to strengthen the protection of personal data.
There were 176 incidents in which the lack of access to Internet resources was
recorded, which is 69.2% more than a year earlier. The number of cyberattacks
related to the theft of personal data of Kazakhstanis, that is, cases of phishing,
remained unchanged: 43 incidents. The number of malware incidents rose from 37 to
38 over the year.
At the same time, according to the interactive map of cyber threats of JSC
Kaspersky Lab, over the last month in Kazakhstan, the number of infections detected
during automatic scanning (On-Access Scan) averaged slightly more than 222
thousand per week. In January 2022, 2,700 cyberattacks were caused by botnets,
13
which infect computers with malware for further use by cybercriminals without the
knowledge of their owners. The number of incidents with botnets increased by 3.2
times over the year. Consequently, the market needs high-quality information
security, in turn, we offer this option.
Каналы утечек, 2022г

16%
3%
6%
50%
6%
19%
Сеть(браузер, Cloud) Электронная почта ПК, сервер

Съемные носители Кража/потеря оборудования Бумажные документы
Figure 1.1.3 - Statistics of Information Security Incidents by Type
The allocated money for cybersecurity is another important part of security. It

is likely that the market will change as quickly as many Kazakh and foreign
specialists suggest at the end of last year: the worldwide costs of cybercrime may
approach $6 trillion and 7 trillion rubles. More than half of domestic organizations
have already started plans to boost their information security budgets, and 42% plan
to expand their cybersecurity departments.
The latest report by IBM and Ponemon Institute reveals that the average total
cost of a data breach reached an all-time high of USD 4.35 million in 2022 which is
an increase of 2.6% from last year and a 12.7% increase from USD 3.86 million in
2020.
14
Figure 1.1.4 - Average Cost of Data Breaches Worldwide in Million USD
Healthcare breach costs have been the most expensive for the last 12 years,
increasing by 41.6% since 2020. Healthcare breach costs hit a new record high with
the average breach costs increasing by nearly USD 1 million to reach USD 10.10
million. Financial organizations had the second highest costs with an average of USD
5.97 million followed by pharmaceuticals at USD 5.01 million, technology at USD
4.97 million, and energy at USD 4.72 million. See figure 1.1.4.
1.2 Classification of Information Security
Information security is the protection of information and related infrastructure

from accidental or intentional impacts accompanied by damage to the owners or users
of information.
Within the framework of modern scientific and technological progress and the
development of IT, information storage most often occurs through the use of
electronic media. Their use significantly simplifies the process of storing,
transmitting and receiving information, and also contributes to a more coordinated
management and tracking of production and other processes.
Information security is exposed not only to intentional, not random attacks. At
the same time, each attack is of an individual nature, is carried out with a variety of
tools and, therefore, protection occurs based on the situation.
15
Figure 1.2.1 – Classifications of Information Security
Based on the diagram shown above (Figure 1.2.1), some common

classifications of information security can be identified:
Confidentiality: Ensures that information is accessible only to authorized
individuals and protected against unauthorized access. Measures such as encryption,
access controls, and secure communication protocols are implemented to maintain
confidentiality.
Integrity: Focuses on protecting the accuracy and integrity of information. It
ensures that data remains unaltered and reliable throughout its lifecycle. Techniques
like checksums, digital signatures, and data validation mechanisms are employed to
ensure data integrity.
Availability: Refers to the accessibility and usability of information when
needed. It involves safeguarding against disruptions, system failures, and denial-of-
service attacks. Measures like redundancy, backup systems, and disaster recovery
plans are implemented to ensure continuous availability of information.
Authentication: Verifies the identity of users or entities accessing information
systems. It ensures that users are who they claim to be and prevents unauthorized
access. Authentication mechanisms include passwords, biometrics, tokens, and two-
factor authentication (2FA).
Authorization: Determines the privileges and permissions granted to
authenticated users. It ensures that users have appropriate access rights based on their
roles and responsibilities. Authorization controls specify what actions users can
perform on the system or specific resources.
Non-repudiation: Prevents individuals from denying their actions or
transactions. It ensures that actions, such as sending a message or conducting a
16
transaction, can be verified and attributed to the responsible party. Digital signatures
and audit trails are examples of non-repudiation measures.
Physical security: Protects the physical assets, facilities, and equipment that
house information systems and data. It includes measures like access controls, video
surveillance, locks, alarms, and secure storage.
Network security: Focuses on securing the network infrastructure and
communication channels. It involves measures such as firewalls, intrusion
detection/prevention systems (IDS/IPS), virtual private networks (VPNs), and
network segmentation to protect against unauthorized access and malicious activities.
Application security: Addresses security vulnerabilities and threats specific to
software applications. It involves secure coding practices, input validation, user
authentication, access controls, and regular software updates to mitigate risks.
Incident response: Establishes processes and procedures to respond effectively
to security incidents and breaches. It includes incident detection, analysis,
containment, eradication, and recovery. Incident response plans outline the steps to
be taken during a security incident.
These are some general classifications of information security, and various
frameworks, such as the CIA triad (Confidentiality, Integrity, Availability), are often
used to guide the implementation of security controls. It's important to note that the
specific classifications and terminology used may vary depending on the context and
industry.
For the security of user data, we used blockchain technology. Blockchain
technology is a decentralized and distributed digital ledger that securely records and
verifies transactions across multiple computers or nodes. It was first introduced as the
underlying technology for cryptocurrencies like Bitcoin, but its applications have
expanded far beyond digital currencies.
Blockchain is one of the types of a broader class of data storage and
synchronization technologies in which all records are collected in blocks and linked
together by cryptography. In addition to the records themselves and the block
identifier, the hash sums of the current and previous blocks are included in the block.
Hash functions in the blockchain, combined with its distributed architecture, ensure
the immutability and irreversibility of the entire block chain.
Traditional mechanisms for the exchange of medical information are outdated,
they do not cope with their tasks in the modern healthcare infrastructure. In most
cases, the patient must independently bring all his past medical records to a new
hospital or take medical tests again.
In addition to the obvious inconvenience, the absence of a patient's medical
history can lead to improper treatment. Another problem is the lack of comprehensive
information about the patient and his medical history.
Blockchain is at the center of many modern developments in the field of
healthcare. This technology offers new approaches to data storage and management
models in healthcare. This is due to the ability of the blockchain to protect
information, as well as to organize the rapid exchange of medical data and services.
17
Blockchain technologies are capable of revolutionizing medical research.
Technology can speed up research, open access to data, and strengthen control over
the results. It is very important to understand that confidentiality and quick access to
data are a key factor in the construction of technological solutions in any area of our
lives.
Blockchain makes it easier for patients to grant permission to use their data for
clinical research.
In addition to information about the patient's consent, the blockchain allows
you to store various types of data from different sources: about patient care, about
clinical trials conducted, about biomarkers, about the supply chain of pharmaceutical
products, and others. The analysis of these disparate data makes it possible to
increase the effectiveness of clinical and biomedical research.
Blockchain is able to eliminate data falsification and the exclusion of
undesirable results of clinical trials. The immutability property of the blockchain
confirms the integrity of the data collected for clinical trials.
Advantages of Blockchain for Medical Research:
 Improved data exchange. Thanks to the peer-to-peer architecture of the
blockchain, each research institution can maintain full control over its computing
resources and collaborate with other institutions for data exchange and joint analysis;
 Timestamps. The data generated by the patient has timestamps. This makes
medical research more effective;
 Verifiable data. Blockchain solves the issue of data origin. This allows you
to increase the accuracy of medical research;
 High level of data availability. Blockchain can ensure the constant
availability of real-time data. Researchers will be able to quickly detect changes in
environmental conditions that affect the health of the population. For example, this
will allow earlier detection and containment of epidemics;
 Guarantee of confidentiality. The guarantee of security and privacy can
attract millions of people, healthcare providers and researchers to share large amounts
of data about diet, lifestyle, genetics, health and the environment.
The use of blockchain in medicine is not limited to the processes and methods
that exist today. The rapid development of artificial intelligence technologies and the
Internet of Things will soon require a data storage infrastructure that meets the
increased requirements of security and information control. Blockchain can become
part of such an infrastructure, supporting new approaches to the analysis of medical
data.
1.3 Comparison of Existing Solutions
Blockchain solutions offer effective approaches to reliable data management,

especially in the field of medicine when storing and processing confidential patient
data. Many institutional and industrial institutions have already realized the
importance of technology for the health sector, as well as formulated the main ideas,
18
concepts and main use cases, but concrete implementations and embodiments are
relatively rare. This mini-review examines current research on specific blockchain
implementations in healthcare.
In countries of the CIS, there are not many solutions in this sector, so the table
below (Table 1.2.2) lists the solutions that are currently available.
Table 1.2.2 – Comparison table

Name Year of Location Advantages Disadvantages
foundation
Patientory 2015 Atlanta, Patientory works with Limited availability in

United States smart contracts that certain regions;
provide a continuous Not yet widely adopted by
cycle of medical care and healthcare providers;
patient care;
Encrypted messaging
feature for patients and
healthcare providers;
Offers virtual
consultations with
healthcare providers;
MedRec 2018 London, UK Data sharing: MedRec Limited adoption: MedRec

allows healthcare is still in the early stages of
providers to securely development and is not
share patient data, which widely used by healthcare
can improve care providers;
coordination and reduce Cost: The implementation
the risk of medical errors; of MedRec can be
Smart contracts: The expensive, which could
platform uses smart make it difficult for smaller
contracts to automate healthcare providers to
payment processing, adopt the platform;
which can reduce
administrative costs and
improve payment
accuracy;
Healthere 2017 Pittsburgh, Structured interface; Token system: The use of

um Pennsylvania Patient engagement: tokens to incentivize
Healthereum allows patient engagement could
patients to securely be seen as a potential
communicate with barrier to adoption, as some
healthcare providers, patients may be hesitant to
which can improve care participate in a system that
coordination and patient uses cryptocurrency.
satisfaction; Complexity: The platform
can be complex and
difficult to navigate, which
could make it challenging
19
for some healthcare
providers to adopt the
platform.
Overview of Products:
 Patientory: Patientory is a blockchain solution for safe, cloud-based

management of electronic healthcare records (EHRs) and other sensitive healthcare
data. The platform aims to empower everyone, from individual patients to healthcare
organizations, by giving them complete control of their data in real time (See figure
1.2.3). As the project is built on trust and consent – all the information is kept private
and secure. Languages supported include PHP, Java, C#, JavaScript, Kotlin,
VB.NET, Python, Objective-C, Swift, C/C++, Go, and SQL (PL/SQL, T-SQL,
MySQL).
Figure 1.2.3 – Interface of Patientory App
 MedRec: MedRec is a medical records platform that uses blockchain to

securely store patient data. Components:
20
o Database Manager - API written in GoLang that provides access to an
underlying database. R/W access is governed by permissions stored on the
blockchain;
o Ethereum Client - A pointer to the go-ethereum codebase;
o SmartContracts - The Solidity contracts and their tests that are used by other
MedRec components;
o UserClient - A front-facing node app that can be used by any party to
interact with the MedRec system;
o This project is being developed under the GPLv2 LICENSE.
Figures 1.2.4 and 1.2.5 for explore the interface and architecture of the
MedRec program.
Figure 1.2.4 – Interface of MedRec Web Site
Figure 1.2.5 – System Architecture of MedRec
 Healthereum: Healthereum is a blockchain healthcare company created to

improve healthcare by enforcing patient accountability.
21
Figure 1.2.6 – Interface of Healthereum
1.4 Project Description
Figure 1.4.1 – System Architecture of the Project
This is a structure of our project based on the blockchain protected with an

unauthorized access to the concept of management of electric medical cards (EHR).
Marking electric honey information in the cloud of the concept of preservation
constantly suggests the danger of informative security. Criminals have every chance
to eliminate or falsify the EHR of patients, granting privileges to insurance
companies or hiding medical errors (for example, an incorrect conclusion or a late
diagnosis). It is necessary to protect the EHR management concept from an
unauthorized access, that according to the essence, we made a decision to solve
similar tasks. Blockchain is an emerging methodology, a technique that can be
adapted for the purpose of researching the information management concept
protected from unauthorized admission. But the formation of a new concept based on
22
the blockchain , replacing the existing concept, is not cheap. In the architecture we
propose, we introduce an integration system in the degree of a layer, called
blockchain handshaker, among the existing cloud EHR management concept and the
available blockchain network in order to study the concept of managing medical
records protected from unauthorized admission.
The healthcare blockchain is considered as a divided registry for the purpose of
preserving medical records, for the purpose of general use, exchange or other
purposes among the involved facets. In the concepts of electric healthcare,
information has every chance be earned from different keys, similar as well as
hospitals, clinics and pathology. In the blockchain-based EHR management concept,
all information belonging to patients, without exception, is stored in a calculated
registry offered by the blockchain network. The course of saving a set of combined
information is as famous as the transaction. Any transaction is regarded together with
the support of the category of accomplices, popular as well as miners, before saving
in calculated registry. Blockchain networks are ready to reject unauthorized
transactions, which are trying to change the information in the calculated registry. As
a result, no unauthorized entity is in any way able to change information in the
blockchain network. The basic theory of the blockchain and smart contract, expand
the abilities that do not inspire confidence in any way among the various accomplices
of the EHR management concept. A smart contract contains a computer program that
includes a set of contracts and basics. Without exception, all members are obliged to
be guided by a set of contracts and fundamentals. Thus, in order to store information
in the blockchain, an authorized third party is not necessary in any way.
We focus on 2 tasks related together with the introduction of blockchain into
the EHR cloud system. Firstly, the introduction of blockchain is obliged to eliminate
control over the information storage from the edge of the main body to the
government. In other words, the information must be extremely decentralized. As a
result, falsification of information in the blockchain network becomes difficult. For
this reason, it is important to choose the optimal blockchain network for the purpose
of EHR management concepts. Secondly, the blockchain methodology has a different
platform, starting from classical concepts. In a similar way, creating a blockchain-
based concept requires development from scratch.
The work assumes a blockchain-based concept of exchanging medical
information, which, at the necessary level, solves the problems of access control,
coupled together with secret information stored in the cloud. The concept is based on
a valid blockchain, which gives access only to convened and, thus, verified users. In
addition, in order to guarantee the acquisition of information, verification and
preparation of protected information according to medical information, the creators
use smart contracts and access control system in their own other work. Someone
effectively monitors the actions of information and revokes access to infringing
objects when a pathology of permissions is detected in the access to information.
Smart-contracts in order to preserve metadata about the owner of the journal,
permissions and unity of information. The functions of the transfer of the contract
capital are carried out by political figures who guarantee the forcible change of
23
information only in the relationship of legitimate transactions. Marketing
announcements of meters and mobile devices are added to the healthcare blockchain
in order to create an omnipresent public bond (PSN) in exchange for storing medical
records in blocks. The PSN section is able to walk other sections of the bond and
acquire access to information about staying well-being through addresses stored in
the blockchain. This activity has this advantage, that is, the reduction of costs in
storing information in devices, the presence of which did not take into account the
security of addresses. In our system, smart contract is a set of instructions that
validates data of one or more attributes value based on predefined conditions related
to patient health condition. There can be single or multiple smart contracts in our
system. A smart contact is created by a system administrator who decides which
attributes of a patient health records need to be verified.
We proposed a novel approach of tamper proof electronic medical record
management using public blockchain technology. The existing approaches try to
provide solutions based on blockchains from scratch, which can be infeasible and
expensive as such procedures need changes to the existing systems. We avoid such
complexities by introducing independence between business logic and blockchain
technologies.
1.5 Exploration of Potential Future Developments for the Product
For the future, there are some ideas for a wider size of users and for
competition with other products in the IT field. For example, integration with
emerging technologies, so blockchain can be integrated with other emerging
technologies to enhance healthcare systems. For example, combining blockchain with
artificial intelligence (AI) can enable advanced analytics and decision-making
capabilities based on large-scale healthcare data. Integration with Internet of Things
(IoT) devices can provide real-time data feeds for monitoring patients, managing
inventory, and ensuring supply chain integrity.
Also we will develop patient-centric data management, future blockchain-
based systems may empower patients to have greater control over their medical data.
Patients can manage consent mechanisms, selectively share their data with healthcare
providers, and receive rewards or incentives for participating in data sharing
initiatives. This approach shifts the ownership and control of health data from
centralized authorities to individual patients, fostering patient empowerment and data
privacy.
Health Data Exchange and Interoperability: Blockchain can facilitate secure
and efficient health data exchange between different healthcare providers, healthcare
systems, and even across borders. Blockchain-based solutions can enable
standardized data formats, secure data sharing mechanisms, and enforce data privacy
regulations. This can lead to improved care coordination, reduced duplication of tests,
and better patient outcomes.
24
Decentralized Clinical Data Repositories: Blockchain can support the creation
of decentralized clinical data repositories where medical data is stored securely, while
patients control access and permissions. This decentralized approach reduces the
reliance on centralized authorities and enables more efficient and secure sharing of
medical information among healthcare providers. It can also facilitate research
collaborations while maintaining data privacy.
Smart Contracts for Healthcare Payments: Blockchain-based smart contracts
can streamline and automate healthcare payment processes. They can enable
automatic execution of payment agreements between healthcare providers, insurers,
and patients, reducing administrative overheads and ensuring timely payments. Smart
contracts can also enforce pre-defined conditions, such as insurance coverage and
claim settlements, reducing fraud and errors in billing and reimbursements.
Enhanced Data Privacy and Security: Future developments in blockchain
technology may focus on advanced encryption techniques, zero-knowledge proofs,
and privacy-preserving algorithms. These innovations can further enhance the
privacy and security of healthcare data stored on the blockchain. Privacy-focused
blockchains and privacy-oriented consensus mechanisms can be explored to address
specific healthcare use cases.
25
2 MODELING THE PROCESS OF IMPROVING DATA MANAGEMENT
SYSTEM IN MEDICAL ORGANIZATIONS
2.1 Project Scope
1. Research conditions and planning:

 Setting multifunctional and non-functional system conditions.
 Architecture planning, including connected and server parts.
 Formation of a diagram of parts, sequence diagrams and other visualizations.
2. Creating a backend:
 Implementation of server-side augmentation in Java along with the use of
Spring frameworks.
 Creation of an API in order to gain access to subscriber and server
applications.
 Merging activity with PostgreSQL justification via JDBC to save and
remove medical evidence.
3. Creating a subscriber share:
 Formation of a mobile add-on around Android along with the use of Android
Studio and Java style.
 Implementation of user interaction with communication along with the
server and information management.
 Combination with search-net for the purpose of the application requested
along with the security of the request.
4. Autumn unification:
 Study of a selected observation platform and instruments for the purpose of
researching smart contracts.
 Implementation of smart contracts with the provision of safe storage and
exchange of medical data.
5. Checking and setting:
 Implementation of a system of multifunctional and integration testing.
 Detection and elimination of errors and vulnerabilities.
 Improving system performance.
6. Documentation and composition of the thesis:
 Formation of industrial documentation outlining architecture and sensors.
 Recording of conditions, applied technologies and research methods.
 Running research, testing and deployment of observations.
 Results of the study and analysis of the performance of observations.
Multifunctional conditions:
 Registration and identification of users
 Medical information management
 Interchange of notifications
 Medical history
26
 Selecting and filtering information
 Notifications
Specifications:
 Subscriber add-on for Android
 Server-side addition in Java along with the use of frameworks
 PostgreSQL Knowledge Base with JDBC
 Application of blockchain platform
 Creating an API for the purpose of exchanging information
 Providing concept and information security
 Verification of the functionality and properties of the concept.
2.2 Roles and Responsibilities
Table 2.2 – Roles and Responsibilities

Software Developer (Backend):
Adil
Creating a backend in Java (along with using Spring):
Formation l API.
Implementation of business logic and algorithms.
Providing security and authentication of users.
Communication along with the database (PostgreSQL):
Formation of the scheme of information.
Making requests and improving performance.
Checking and setting:
Modular and integration check.
Adjustment and change of errors.
Software Developer (Frontend):

Daulet
Creating a subscriber add-on for Android:
Formation of the user interface.
Communication along with the server component through the API.
Improving customer performance.
Checking and setting:
Checking the interface in various devices.
Adjustment and change of errors.
Software Developer (Databases): Nursultan

Planning and building the foundation of information in PostgreSQL:
Establishing the texture of the data base.
Formation of tables and unity constraints.
27
Activities along with the basic information:
Create queries and improve performance.
Management of additional copies and updates.
Monitoring and improving the performance of the information framework.
Thus, already after the absolute execution of all problems and distribution, the
team of creators began to form an indicative information management with multiple
presentation of honey. platforms along with manifestation. Any member has direct
duties efforts to holistically address a wide range of management issues that
adversely preserve and interchange medical considerations among doctors and
patients in conjunction with the application of technology. These signs are
discovered, users gain access to a particular medical disease, and doctors have every
chance to manage and update information with a noticeable spread of medical
support.
2.3 Project Risks
Table 2.3 – Project Risks

1.Non-compliance with Blockchain technology keeps It is possible to apply
confidentiality information in the public domain, various methods of
and despite the fact that encoding and anonymizing
information has every chance of information. In addition, it
being encrypted, there is a threat is possible to use access
that secret data can be easily control equipment, which
accessed by third parties. make it possible to
establish who exactly is
able to view and prepare
information for printing.
2.Slow information Blockchain technology can be In order to avoid errors in

processing rate slow in processing of information the software, it is possible
due to the need to prove any to apply high-quality
transaction in the bonds of the verification and
blockchain. This may be an issue verification of the program
if the medical platform is used to code. In addition, it is
store and transmit a significant possible to apply
amount of medical information. reasonable contracts, which
make it possible to
automate movements and
reduce the risk of errors
3.Software bugs As with every piece of software, In order to improve the

bugs and vulnerabilities in speed of processing
blockchain technology are likely information, it is possible
to be. In a medical platform based to use equipment for
on the blockchain, this can cause synchronous processing of
miscalculations in the storage and information and
28
transmission of information, optimization of the basis of
which can affect the reliability of information. It is also
diagnoses and cures. possible to use information
caching and information
compression hardware to
reduce the amount of
information that needs to
be broadcast.
4.Threat of cyber attacks Saving medical information in In order to provide security

blockchain technology can cause for the medical platform, it
an increase in the number of cyber is possible to use a variety
attacks in the concept of of security equipment, such
blockchain, which can cause as multifactorial
information theft or leakage of identification, protection
secret data. from DDoS attacks and
protection from harmful
projects. In addition, it is
possible to apply log
prediction and review
equipment in order to
identify possible security
vulnerabilities.
Creation of a data management system for multi-user medical platforms along

with the use of blockchain suggests a state-of-the-art conclusion that can significantly
improve the quality of providing medical support. But, just as every plan is linked
together with the latest technology, someone is linked along with risks that should be
taken into account and reduced.
In order to effectively implement the plan, collaboration and communication
among different developers, such as those behind the backend, frontend, and
databases, should be guaranteed. It is important to take into account the conditions of
confidentiality and security, and in addition to guarantee a significant efficiency and
security of the concept.
Together with taking into account the risks and the exact alignment for
research and administration, the plan is able to bring significant advantages to the
goal of the medical field and improve the quality of providing medical support.
2.4 Success Measurements
The introduction of blockchain technology processes into medical platforms is

able to have a number of favorable characteristics. Defined with them contain:
Table 2.4 – Success Measurements
29
Security of information Blockchain guarantees a high degree of
security, since all transactions and
information without exception are
stored in a chain of constructions and
are confirmed by a network of partners.
This can help protect medical clearance
from unauthorized access and
interference.
Clarity Blockchain forms a colorless sphere in

which all transactions and changes in
information without exception have
every chance of being tracked and
verified. This is particularly useful in
the context of physician platforms,
where it is important to have clear and
reliable information regarding patients,
disease events, medications and
prospectors. letter.
Better Information Governance Blockchain makes it possible to

manage information more efficiently
and clearly. The platform, together
with the blockchain, is able to use
"smart contracts" that automate
movements and ensure the reliability
and security of information.
Improving the interaction among the Blockchain is able to facilitate the most
partners of the concept effective interaction among the
different partners of the medical
platform, such as patients, doctors,
insurance companies and
pharmaceutical companies. This is
capable of facilitating data exchange
movements, improving coordination
and increasing the quality of service
due to sick people.
The effective implementation of a data management system for multi-user

medical platforms, together with the use of blockchain, can be measured according to
many criteria.
30
Above all, providing data security is considered a significant sign of success.
Blockchain technology provides a high degree of security, which can help secure
medical information from unauthorized access and interference.
In addition, it is important to focus interest in the clarity of the data.
Blockchain guarantees clarity, allowing you to trace and control all transactions and
changes in data without exception. This is especially appropriate for the purpose of
medical platforms, where it is important to have specific and solid information
regarding patients, diseases, medications and monitoring.
Improved data management is also considered a significant sign of success.
Blockchain makes it possible to manage data more successfully and more clearly.
The use of "smart contracts" automates the movement and guarantees the safety and
security of data.
And, ultimately, improving the interaction among the different partners of the
medical platform is considered a significant aspect of success. Blockchain facilitates
the most efficient interaction among patients, doctors, insurance companies and
pharmaceutical companies. This can help to simplify the exchange of information,
improve coordination and increase the quality of patient service.
In full, effective implementation of the concept of information management for
the purpose of multi-user medical platforms, together with the use of blockchain, can
cause increased security, data clarity, management performance and improved
interaction among platform partners. This contributes to the improvement of the
quality of providing medical support and is able to give significant advantages for the
purpose of absolutely all partners in the medical field.
2.5 Project Oriented Organizational Structure
In our plans, we have preferred a Project Oriented Organizational Structure. It

is considered to be one of the types of coordination buildings, which is based on the
execution of plans. It is the one that differs from the classical functional or divisional
structures, in which place employees are formed according to departments or
multifunctional areas.
31
Daulet
Adil
(Front-end)
(Back-End) Project Manager
( Adil)
Nursultan
(Database)
Figure 2.5 – Project-Oriented Scheme of Our Team
In a project-oriented structure, the enterprise is grouped around plans. Any plan

has its own indication, which is formed by experts from various multifunctional
fields. These instructions are formed for the purpose of fulfilling certain plans and are
dismissed according to the end of the plan. A plan manager is usually appointed for
the purpose of coordinating the activities of specifying and completing the
established more fully.
2.6 Roles and Responsibilities of Each Person in the Team
In a project-oriented organizational structure to explore the concept of

information management for the purpose of a multi-user medical platform, together
with the application of blockchain in the foundation of Java, Android Studio and
PostgreSQL, the front-end creator is able to carry out the following values and direct
responsibilities:
Adil:
1. Creating a user interface (UI):
 Formation of user interfaces for a mobile add-on in the Android platform
along with the use of Android Studio.
 Creation of screens and parts of the interface for the purpose of interaction
along with the information and functionality of the concept.
 Calculation of design guidelines and plan conditions in order to form a
subconsciously clear and good user skill.
2. Communication with backend developers:
 Working together with backend developers to exchange information and
perform actions on information along with the use of APIs.
32
 Counting conditions and specifications backend concept presence to
research frontend functionality.
 Providing consistency and strength of information transfer between the
subscriber and server elements of the add-on.
3. UI performance and empathy improvements:
 Improving the loading and display of information in the user interface in
order to provide a fast and responsive add-on operation.
 Using efficient algorithms and methods for caching information in order to
improve the performance of the presence of labor along with a huge amount of
information.
 Checking and improving the interface for different devices and screen
resolutions.
 Writing and implementing test scenarios to control functionality and user
experience.
 Adjustment and change of errors in front-end code and user interface.
 Communication with testers and other accomplices of the instruction in
order to provide the properties of the developed product.
5. Collaboration and communication:
 Assistance in meetings, discussions and exchange of skills together with
other developers and accomplices of the instruction.
 Adjustment of conditions and approval of conclusions together with
designers, backend developers and other involved facets of the plan.
6. Help and development:
 Help and development of the existing front-end program code and interface,
including changes in errors and the introduction of improvements.
 Galvanotropism in the opposite relationship of users and the introduction of
the required changes to the socket.
 Providing comparability of front-end parts along with the latest versions of
operator concepts and devices.
7. Study and formation:
 Study of the latest technologies, frameworks and devices, which have every
chance to improve the course of research and the results of front-end activities.
 Use of modern methods and best practices in the field of user interface
research.
 Assistance in high-class formation, visits to conferences, directions and
trainings in order to update skills and knowledge.
8. Performing stereotypes and actions:
 Fulfillment of coding, architecture and design stereotypes
 Performing Exploration Actions
Daulet:
1. Creating a backend architecture:
 Planning and architecture of the backend system, including data base, API
33
 Selection of optimal technologies, frameworks and devices for the purpose
of research and integration of backend parts.
2. Creating a database:
 Formation and improvement of the texture of the basis of information in
order to preserve and manage medical information.
 Creation of tables, views, persisted operations, and indexes to provide
successful access to information.
3. Create an API:
 Formation and logging of API for the purpose of exchanging information
between the client and server parts of the system.
 Providing security and authentication is the presence of rotation to the API.
 Writing and implementing studies to control the functionality, performance
and security of the backend concept.
 Adjustment and change of errors in the program code and data basis.
5. Performance improvements:
 Research and improve the performance of the backend concept, including
information basis requirements, handling large information sizes, and overload
separation.
 Communication with front-end developers, and other accomplices of
guidance in order to discuss conditions, agree on interfaces and exchange data.
7. Help and development:
 Assistance and development of the backend concept, including changes in
errors, addition of the latest list of features and improvements.
 Overseeing and managing server infrastructure, including scaling and
resource optimization.
8. Security and protection of information:
 Implementation of elements of security and protection of information,
including coding, access control and authentication equipment.
 Compliance with standards and regulations in the field of protection of
medical information, such as HIPAA.
9. Documents and logging:
 Formation of industrial documentation, including representation of the
architecture, API and research activities.
 Logging program code, including note, function representation and
application.
 Implementation of standards and actions:
 Fulfillment of research, architecture and coding stereotypes
 Perform research activities, including the concept of version control,
problem management, and review.
10. Study and self-study:
34
 The study of the latest technologies, instruments and research methodologies
with the aim of continuous formation of skills and knowledge.
 Exchange of skills and knowledge together with employees, assistance in
educational events and conferences.
Nursultan:
1. Database structure planning:
 Examination of conditions and establishing the texture of the database,
including tables, relationships, properties, and indexes.
 Selection of suitable data types in order to save medical information.
2. Creating a data base:
 Formation of tables, views, indexes and stored operations based on
information.
 Improving the performance of queries and indexes to provide successful
access to information.
3. Predicting Details:
 Plan networks and their attributes based on the information defined by
medical information and platform conditions.
 Establishing relationships among tables and the formation of data integrity
laws.
4. Import and export information:
 Creation of data import and export elements, including communication with
external systems and information formats.
5. Information security:
 Creation of data protection elements, including coding, access control and
authentication equipment.
 Implementation of stereotypes and regulations in the field of protection of
medical information
6. Surveillance and service:
 Observation and management of the basis of information, including
additional copying, restoration and scale selection.
 Communication with the developers of the backend, frontend in order to
discuss conditions, agree on interfaces and exchange data.
8. Documents and logging:
 Formation of industrial documentation that outlines the texture of the basis
of information, schemas, indices and principles of unity
9. Basic Information Check:
 Plan and implement research into the knowledge base to monitor
functionality, consistency, and performance.
10. Development and maintenance:
 Creation and introduction of changes in the texture of the basis of
information in accordance with the conditions for the formation of the concept.
35
 Preventing errors, improving queries, and aiding the performance of the
information framework.
11. Study and self-study:
 Research the latest technologies, methods and layouts for the study of the
courtyard of information in order to increase skills and knowledge.
 Facilitation in high-class societies, conferences and exchange of skills
together with employees.
12. Performing stereotypes and actions:
 Fulfillment of the stereotypes of the study of the courtyard of the
information, architecture and coding defined by the company.
 Performing research activities, including version management, problem
management, and throttling with other developers.
2. Collaboration with other developers:
 Sharing skills, knowledge and best practices with collaborators to enhance
research quality.
2.7 Work Breakdown Structure
WBS of the plan (also popular as well as Work Breakdown Structure or ISR,
hierarchical structure of work) - this distribution of the plan into certain results,
which must be won in order to complete the project more fully.
As well as the principle, the plan itself is indicated in the upper degree, then (in
the initial degree) - the main results.
Destined Manager Degree:
 Drawing up a plan and coordinating the overall progress of the study of the
concept.
 Formation of goals and questions of the plan.
 Sharing resources and managing the plan's budget.
 Enterprising communication and partnership among different rules.
Concept Architect Degree:
 Creation of a unified system architecture.
 Establishment of the key parts of the concept and their connection.
 Plan for the background of the details and the texture of the details.
 Establishment of key technologies and instruments in order to implement the
concept.
Backend developer:
 Creating a server side of the concept in Java along with the use of
frameworks and libraries.
 Providing security and data protection.
 Checking and configuring server share concept.
Frontend creator:
 Creating a mobile add-on user interface using Android Studio.
36
 Implementation of the functionality of the interface, communication along
with the server component.
 Improving the performance and reactivity of the user interface.
 Checking and configuring the client part of the system.
Information Foundation Developer:
 Planning and improving the texture of the data base along with the use of
PostgreSQL.
 Creating a schema of details, tables, views, and stored operations.
 Providing security of information and unity of the basis of information.
 Improving the performance of queries and indexes.
Degree of self-testing:
 Any creator is obliged to promptly take part in testing their own program
code.
 Adjustment and change of the errors found during the study.
Checking the program code along with others Level discussions and skill
exchange:
 Systematic meetings and discussions along with the installation of the
creators.
 Interchange of skill and knowledge among developers.
 Consideration of best practices and research methods.
 Implementation of code review in order to increase the properties of the
program code.
Degree of functionality:
 Creation and implementation of multifunctional conditions of the concept.
 Providing absolute functionality of the concept, appropriate to the conditions
of the client.
 Checking and configuring system functionality.
The degree of the opposite relationship:
 Acquisition of the opposite relationship with the users and the client of the
system.
 Research and calculation of the opposite relationship in order to improve the
concept.
 Introduction of changes in the concept in the basis of the opposite
relationship.
Degree of documentation:
 Recording conditions, architecture and functionality of the concept.
 Formation of industrial documentation and manuals for the purpose of the
user.
 Documentation assistance in a valid stay.
Degree of assistance:
 Creation of elements of help and service concept.
 Galvanotropism in the requirements and difficulties of users.
37
 Providing the correct activity of the concept and its assistance in working
stay.
Degree of risk management:
 Recognizing and investigating the likely risks associated with the
exploration and operation of the concept.
 Creation and implementation of strategies according to risk management.
 Observation and control of risks during the whole course of the study.
Degree of role in the plan:
 Intensive assistance in absolutely all stages of the plan, including drafting
the plan, research, verification and introduction.
 Providing constant information about the work done and the progress of the
plan.
 Fulfillment of terms and properties of performance of works.
Degree of self-learning:
 Continuous research into the latest technologies, instruments and research
methods.
 Assistance in trainings, conferences and online courses in order to increase
qualifications.
 Intensive self-education and study of modern layouts in the field of
researching the concepts of information management and blockchain.
Degree of communication:
 Effective communication with other project partners.
 Interchange of data and thoughts along with the research setting.
 Information regarding the progress of activities and systematic development
regarding the status of the project.
Degree of problem management:
 Making a plan and undertaking personal matters.
 Guiding the timing and values of questions.
 Solving incidents and questions arising in the process of research.
Property Degree:
 Providing a significant feature of the study and operation of the concept.
 Using of best practices and research stereotypes.
 Checking and adjusting the program code in order to provide inaccessibility
of errors and malfunctions.
Degree of integration:
 Communication with other developers and experts in order to provide
comparability and integration of different parts of the concept.
 Checking and controlling the activity of built-in modules and parts.
User teaching degree:
 Organization and implementation of teaching users concept.
 Formation of guidelines and guidelines according to the application of the
concept.
38
 Helping users and solutions to their problems.
Maintenance Degree:
 Helping and servicing a concept after its introduction.
 Systematic development and patching of the concept in order to provide
security and correct possible errors.
 Research and improvement performance concept.
2.8 SWOT analysis
SWOT analysis (study of major and minor margins, capabilities and hazards) is
considered a strategic planning tool that can help evaluate a company or project's
current deal, uncover its internal and external conditions, and establish strategic
impacts. According to the medical platform, along with the application of blockchain,
SWOT analysis can be necessary in order to establish its competitiveness and
superiority.
Table 2.8- SWOT analysis

Strength 1. Data security
2. Transparency and credibility
3. Improved access and interchange of data
4. Improved service coordination
5. Increasing business opportunities
Weaknesses 1. Difficulty of introduction and integration
2. Industrial limits
3. High research and service costs
Opportunities 1. Improved data security and integrity
2. Improved access to medical information
3. Increasing scope of partnerships among medical
institutions
4. Improved observation and management of well-being
of patients
Threats 1. Industrial challenges
2. Resisting change
Strengths
Data security: Blockchain guarantees a significant level of security and
immutability of medical information, preventing its falsification or prohibited access.
Transparency and credibility: Blockchain creates transparency in the medical
platform by allowing any contributor to the concept to control and prove the mix.
This helps to increase the trust of patients and other involved regions.
Improved access and interchange of data: Due to the dispersed nature of the
blockchain, patients, doctors, insurance firms, and other members of healthcare have
39
every chance of sharing medical data in the absence of arbitrators, which perfects the
accessibility and effectiveness of the service.
Improved service coordination: blockchain can help improve coordination
among different healthcare providers, such as doctors, laboratories and pharmacies.
This is able to reduce the waiting period, eliminate duplication of operations and
improve the uniform continuity of treatment.
Increasing business opportunities: Blockchain can help increase the business
opportunities of the medical platform by attracting the latest partners and traders,
improving competitiveness, and shaping the latest healthcare financing mods.
Weaknesses
Difficulty of introduction and integration: The introduction of blockchain into a
medical platform can be difficult and require significant efforts to integrate existing
concepts and activities. This is capable of requiring time and resources.
Industrial limits: Blockchain methodology is without exception still in its
infancy, and industrial limits are likely, such as narrow scalability, high data retention
costs, and high consumption.
High research and service costs: The introduction and maintenance of a
blockchain platform can be costly. This includes research, software development,
staff training, and network security.
Opportunities:
Improved data security and integrity;
Improving the actions of the automation line;
Improved access to medical information;
Advanced monitoring and supply management;
Improving studies and medical checks;
Formation of the latest modifications of health care financing;
Increasing the scope of partnerships among medical institutions;
Improvement of the concept of identification of patients;
Improving coordination and continuity of treatment;
Improved transparency and mutual trust for sick and interested regions;
Improved observation and management of the well-being of patients;
Improved platform for the purpose of educating and exchanging medical
knowledge.
Threats
Industrial challenges: Industrial challenges, such as blockchain scalability, high
transaction processing costs, and speed limits, are likely to have a negative impact on
platform efficiency and effectiveness.
Resisting change: The introduction of new technological processes, including
blockchain, is capable of provoking opposition from the edge of healthcare
contributors like doctors, patients and insurance companies, which can complicate the
introduction and widespread use of the platform.
40
2.9 Competitive matrix
A competitive matrix (or a table of competitive peers) is considered a review

tool used to compare competitive products, services or platforms. In the context of
the medical platform along with the blockchain, the competitive table can help
visualize and compare various medical platforms using blockchain technology and
discover their strengths and weaknesses.
It is possible to take into account the presence of the formation of a competitive
matrix for the purpose of the medical platform along with the blockchain:
1. Functionality: Install the key features and capabilities of any medical
platform along with the blockchain. This is capable of containing similar functions,
as well as managing the medical situation of the patient, the exchange of medical
data, prescription services, smart contracts, and others.
2. Security Level: Assess the security level of any platform, including coding
activities, access control, and transaction verification. With the blockchain, there are
opportunities to provide information security and control due to privacy.
3. Scalability: Study to what extent any site is scalable along with the
blockchain. This is important in order to process a significant amount of information
and provide a successful operation of the concept of the presence of an increase in the
number of users.
4. Integration: Analyze the ability of any platform to integrate with other
medical concepts and information exchange standards, such as HL7 or FHIR. An
excellent association is able to simplify the interchange of data and common work
together with other healthcare partners.
5. General user skill: Rate the usability and general user skill of any platform.
This is capable of containing publicity, a subconsciously accessible socket and the
presence of personalization of functions for the purpose of different users.
6. Cost: Analyze the cost of using any platform, including initial capital
investment, operating costs, and pricing modifications. Compare the benefits and
costs of any platform.
See an example of a competitive matrix with the goal of a medical platform
along with the blockchain, as well as a number of examples of rivals in this field:
Table 2.9.1- Competitive matrix

MedRec: MedRec is a blockchain- Medicalchain: Medicalchain is a
based healthcare platform created by blockchain platform that tries to
the MIT Media Lab. It is she who is provide patients with control over their
specialized for the purpose of own medical information and
managing medical information of guarantee reliable data exchange with
patients, exchanging data between medical specialists. It is she who also
doctors and patients, and in addition, gives a chance to perform online
providing safe preservation and access consultations and manage electric
to medical events. recipes.
41
Coral Health: Coral Health is a BurstIQ: BurstIQ is a blockchain-based
blockchain-based platform that allows medical platform that allows patients to
patients to have complete control over control and monetize their own medical
their own medical information and information. It is she who also
share their differences with different guarantees a reliable interchange of
healthcare partners. It is she who also data among medical institutions and
guarantees the clarity and security of partners in the healthcare ecosystem.
the presence of data exchange among
doctors, patients and insurance
companies.
Solve.Care: Solve.Care is a platform

that uses blockchain to improve the
coordination and availability of
medical support. It is she who gives
numerical orders to patients, medical
professionals, insurance companies
and other healthcare partners, making
healthcare management movements
easier and reducing costs.
Table 2.9.2- Competitive matrix

Competitive Functionality Security Scalability Integration General Cost
Level User Skill
MedRec High High High Good Comfortable Average
Medicalchain High Very high Average Very good Intuitive High
Coral Health High High High Good Comfortable Average
Burst IQ High Average Average Good Comfortable High
Solve.Care High High High Very good Intuitive High
Creation of a competitive matrix for the purpose of a medical platform using

blockchain can be right tool to compare different platforms and reveal their positive
aspects and shortcomings.
Analysis of functionality, degree of security, scalability, integration, user skill
and price makes it possible to determine which platform more correctly meets
conditions and goals of the plan.
In the presented case of a competitive matrix, a number of well-known
blockchain-based medical platforms were revised, such as MedRec, Medicalchain,
Coral Health, BurstIQ and Solve.Care. Each of these platforms contains its own
characteristics and advantages.
By comparing platforms according to different characteristics, it is possible to
establish which one is more suitable for them in order to implement a medical
platform along with the use of blockchain. For example, a high degree of security,
42
extensive functionality and a subconsciously accessible socket have every chance of
being significant conditions for the presence of a platform selection.
In a complete, competitive table, it can help to mark the strong and small edges
of the different medical platforms at the heart of the blockchain and make an
informed decision regarding the selection of the most optimal platform for the
purpose of the plan.
2.10 Maslow's pyramid
Maslow's pyramid (also popular as Maslow's hierarchy of needs) is a concept

explored by North American psychologist Abraham Maslow. This concept shows the
hierarchical texture of a person's needs, starting with the basic physical needs and
ending with the supreme needs of self-realization and self-actualization.
The medical platform along with the blockchain is an informative concept that
uses blockchain technology to provide security, unity and transparency of medical
information. Such a platform can be used to preserve and exchange medical
information of patients, manage medical prescriptions, provide patient confidentiality
and increase the productivity of medical care.
If the combination of the Maslow pyramid and the medical platform along with
the blockchain is considered, it is possible to assume that such a platform is able to
help meet the different needs of patients in various degrees of Maslow's hierarchy.
1. Physical necessities: The medical platform, together with the blockchain, is
able to help patients meet basic physical needs by providing access to medical
suggestions, data regarding a healthy lifestyle, proper nutrition and physiological
activity. Due to the blockchain, medical information, including the results of
examinations and required prescriptions, has every chance of being securely stored
and shared among patients and medical experts.
2. Need for security: Blockchain in the medical platform is able to guarantee
the security of medical information of patients. Blockchain technology guarantees the
transparency and integrity of information, as well as protection from unauthorized
access and data imitation. Patients have every chance to be convinced of the safety of
their own medical records and the confidentiality of individual information.
3. Public needs: The medical platform, together with the blockchain, is able to
store the public needs of patients, providing a chance to communicate and share data
with other patients, medical experts and communities. Patients have every chance to
acquire help, exchange skills and discover data regarding diseases and cures through
online forums, chats and online diaries in the platform.
4. Needs for respect and recognition: The healthcare marketplace, together with
blockchain, is able to promote the reverence and recognition of patients by giving
them control over their own medical information and decisions. Patients have every
chance to regulate who to provide access to their own information and which data
regarding their own state of health to reveal. This can help patients feel they are
significant, respected, and intense partners in their own healing.
43
5. Need for self-realization and self-actualization: The medical platform,
together with the blockchain, is able to help patients reach the highest levels of the
Maslow pyramid, combined with self-realization and self-actualization. The platform
is able to provide data on the potentials for growth and formation, save educational
projects and online courses regarding health status, self-development and fuller
recruitment. In addition, due to the blockchain, patients have every chance to gain
admission to innovative studies and technologies in medicine, which can help them
realize their own abilities and try to self-actualize.
Table 2.10- Maslow's pyramid

Physical necessities The site provides data regarding a
healthy lifestyle, physiological activity
and correct feeding, as well as access
to medical offers and medical
preparations.
Need for security The site provides data regarding a
healthy lifestyle, physiological activity
and correct feeding, as well as access
to medical offers and medical
preparations.
Public needs The site keeps patients interacting with
other patients and medical experts
through online forums and chats.
Needs for Respect and Recognition The site keeps patients interacting with
other patients and medical experts
Need for self-realization and self- The site keeps patients interacting with
actualization other patients and medical experts
In a similar way, the medical playground, together with the blockchain, is able
to store all levels of Maslow's hierarchy of needs without exception, starting with
physical needs and ending with self-realization and self-actualization. This enables
patients to acquire multifaceted care and support in their medical needs, contributing
to the achievement of rational well-being and well-being.
44
3 TECHNICAL IMPLEMENTATION
3.1 Technical Overview
The primary objective of the project is to establish a platform that facilitates

secure and efficient management of medical records and associated data for patients,
doctors, hospitals, and insurers. The system will empower doctors with expedited
access to patient records, enabling them to deliver prompt and effective treatment.
Additionally, patients will gain enhanced control over their medical history and
treatment choices. Insurers will benefit from accurate patient data, enabling them to
provide more effective coverage and informed treatment recommendations.
Figure 3.1.1 - Application Properties
The project involves an in-depth analysis of the current medical data

management systems, identification of the challenges faced in the industry and how
block-chain technology can provide a solution. The project outcome will be a
scalable, secure and efficient data management system that will revolutionize the way
medical records are stored and shared across healthcare providers. The system will
contribute to the enhancement of the quality of care delivered to patients while
ensuring that their privacy and data security are protected.
45
Figure 3.1.2 - Technical Overview
Figure 3.1.3 - Project Tree Overview
46
Java serves as a primary programming language for Android app development,
and Android Studio fully supports Java as the main language for writing Android
applications. Developers utilize Java to define the app's behavior, handle user
interactions, implement business logic, and interact with the Android platform and
APIs. By writing a Java code, developers create classes, methods, and functions that
define the application's functionality. Java enables them to manage events, process
data, perform computations, and communicate with external services.
3.2 Rationale for the Choice of Software
Java. Java is an established programming language that boasts a large

community and a diverse range of libraries and tools. It is highly compatible across
different platforms and renowned for its robust support for multithreading and
concurrent programming.
Multithreading - Java supports multithreading. This means that a Java
application code can run in parallel on different threads to improve performance and
use the CPU resource more efficiently.
Portability - Java's portability comes from its cross-platform nature. Thanks to
the JVM, Java applications can be easily ported from one platform to another.
Compilation and interpretation in Java - Most programming languages are
designed in such a way that they are either compiled or interpreted. However, Java
combines the power of both approaches.
First, the source code of a Java application is compiled into bytecode, and then
this bytecode is interpreted (executed) line by line by the JVM.
Android Studio. Using the Android Studio development environment to
develop Android applications using the Java programming language is a preferred
choice for coverage:
Integrated Development Environment (IDE): Android Studio provides a
complete IDE for developing Android applications. It has the necessary range of tools
and features, such as a code editor with autocompletion and syntax checking, a visual
user interface editor, tools for managing application features, debugging and profiling
tools, as well as a comprehensive system for building and deploying applications.
Support for specific Android features:
 Android Studio provides integration with all additional tools and APIs for
developing Android applications. It revealed access to the features of the Android
platform, such as interacting with gestures, managing permissions, working with
SQLite databases, accessing device sensors, etc.
 Emulator and testing: Android Studio includes an Android emulator that
allows running and testing applications on different Android versions and devices. It
is a process of developing and debugging applications without a need for a physical
device.
 Community and Support: Android Studio and Java for Android have a large
community that requires access to resources, forums, and documentation to resolve
47
issues and get support. If you have questions or problems with development, you can
often turn to the community for help.
 Combining the Android Studio development environment and the Java
programming language provides a powerful toolkit for creating and deploying
effective Android applications.
Spring boot. Spring Boot is a widely adopted Java framework designed to
simplify the creation and deployment of production-grade, standalone applications
based on the Spring framework. It offers a comprehensive suite of tools for building
web and enterprise applications, including integrated support for popular
technologies like Spring Data, Spring Security, and Spring MVC.
Advantages of Spring Boot:
 Simplified Usage: Spring Boot simplifies the usage and configuration
process. It provides numerous preconfigured choices and automated setups to
minimize the amount of code needed and simplify customization of your application.
 Automated Configuration: Spring Boot introduces an automated
configuration mechanism that identifies the presence of libraries and configures them
without explicit configuration requirements. This significantly reduces the need for
manual configuration and integration of application components.
 Built-in Application Server: Spring Boot incorporates a built-in application
server, such as Tomcat or Jetty, enabling effortless execution of an application
without the necessity of setting up and deploying a separate server.
PostgreSQL. A strong and reliable open source object-relational database is
PostgreSQL. It offers a broad range of features and skills that make it an appealing
option for many projects and applications.
A PostgreSQL database has the following important characteristics and
advantages:
 High data dependability and integrity are made possible by PostgreSQL's
strong transaction system, support for ACID (Atomicity, Consistency, Isolation, and
Durability), and data integrity techniques. Due to this, PostgreSQL is a fantastic
option for applications where data security and dependability are crucial.
 Scalability and performance: PostgreSQL can handle massive volumes of
data and handle sophisticated queries with ease. It provides parallel processing
capabilities, efficient query execution techniques, and indexes to quicken data
retrieval. PostgreSQL can effectively grow and handle heavily loaded applications
with the help of these capabilities.
 Extensibility: PostgreSQL provides a large selection of plugins and
extensions that let you expand the database's capabilities to meet the demands of your
project. This provides features including JSON support, full text search, and spatial
extensions. This enables developers to produce new and personalized solutions.
 Standards Support: PostgreSQL provides several extensions to cope with
different data types and functions and closely adheres to the ANSI SQL standards. As
a result, programmers may quickly migrate between various databases and write
portable code.
48
 Large community and support: The PostgreSQL database is continually
developed and maintained by a vibrant developer community. Developers can seek
support and find solutions thanks to the wealth of resources, forums, and
documentation accessible.
 A robust and adaptable database, PostgreSQL offers a dependable data
repository for a variety of applications. It is a fantastic option for developers trying to
construct dependable and efficient apps because to its extensibility, high
performance, and vibrant community.
3.3 Interface Features (Design, Storage)
3.3.1. Sign Up Page

The login screen now offers a choice of different authentication methods,
including username and password, social media logins such as Google, Twitter and
Facebook, and phone number verification. This allows users to choose the
authentication method that is most convenient for them.
Figure 3.3.1.1 - Login Page
Figure 3.3.1.2 - Registration Page
49
Figure 3.3.1.3 – Authorization Page
The "Registration" page is one common panel, which contains questions and
fields for entering answers. To check the correctness of the entered data, explanatory
inscriptions are used that indicate the type errors and what the user should correct
when answering a question. There is a button to check the account (login) for
employment. If the user entered a login that is already in the system, then the form
will display a message stating that this Login cannot be used for registration.
3.3.2. Home Page

The homepage displays fixed information about the application, resulting in an
appealing design. Its layout and substance align with the application's goals and
objectives, while catering to the preferences and requirements of users.
50
Figure 3.3.2.1 – Home Page
The home page of the project serves as the entry point for users, providing a
comprehensive overview of the system's features and functionality. It aims to deliver
a user-friendly and intuitive interface that promotes easy navigation and access to key
information. The home page serves as a central hub, offering a glimpse into the
system's capabilities while guiding users to specific areas of interest.
Figure 3.3.2.2 - Home Page
In general, the user interface of MedApp ensures easy to use encounter through
its intuitive layout and robust security measures. It presents a cohesive platform
51
where users can effortlessly navigate and engage with the information stored in the
Database. For each user, permissions are defined that govern access to tasks and
objects.
3.3.3. Patient Page

The patient information page is a dedicated section within the MedApp system
that provides comprehensive details about individual patients. It serves as a
centralized repository for managing and accessing patient-related data, promoting
efficient and secure healthcare delivery. The page offers various features and sections
that allow healthcare providers to view, update, and analyze patient information.
Figure 3.3.3.1 - Patient Page
In this section, a comprehensive summary of the patient's medical history is

provided, encompassing previous diagnoses and current medications. Healthcare
professionals can efficiently examine the patient's medical history, aiding in well-
informed decision-making and tailored care.
Information regarding data privacy and security measures is displayed to assure
patients that their personal health information is protected. It may include statements
about compliance with relevant regulations, encryption methods, and access controls.
52
Figure 3.3.3.2 – Patient Analysis List
The Patient Analysis List within the MedApp empowers doctors to conduct
targeted analysis and gain valuable insights from patient data. It supports evidence-
based decision-making, trend identification, and personalized care delivery. The
customizable analysis criteria, visualization options, and export capabilities enhance
the efficiency and effectiveness of data analysis processes.
3.4 Database Interaction Structure
3.4.1 ER Physical Model

The ER model helps database developers and other stakeholders to better
understand the structure of data and the relationships between them. It serves as the
basis for database design and can be used in many phases of information system
development, including requirements analysis, database design, and application
development.
53
Figure 3.4.1.1 - Block Database
Block DB part is universal, it can be used by other server clients and should be
clustered for decentrilized saving of blocks.
Figure 3.4.1.2 - Patient Database
Patient DB part is an example of implementation how we can use blocks

for medicine purposes and and access condfidential data.
3.4.2 Logical design of the DB

Block Database. Blockchain databases use cryptographic methods to secure the
data stored in blocks. Each block contains a reference to the previous block, creating
a chain that makes it computationally expensive to tamper with past transactions.
This feature, called immutability, ensures the integrity of the data and provides a
transparent and auditable record of all transactions.
The use of cryptographic techniques, such as hashing and digital signatures,
adds an additional layer of security to the database. Transactions are hashed and
54
linked together, and any alteration to a block would require recalculating the hash of
that block and all subsequent blocks. This process is computationally intensive,
making it extremely difficult to modify past transactions without the consensus of the
network.
Furthermore, the distributed nature of a blockchain database enhances its
security. Instead of relying on a single central authority, the database is maintained by
a network of nodes that participate in the consensus mechanism. Each node has a
copy of the entire blockchain and validates transactions based on the predefined
consensus rules. This decentralized structure makes it more resilient to attacks, as
compromising a single node would not compromise the entire database.
Table 3.4.2.1 - Blocks Logical Design

Field’s name Type, length Note (Contraints)
id N (7) PK
hash C (50) NOT NULL
prev_hash C (50) NOT NULL
data DATETIME NOT NULL
time_stamp timestamp NOT NULL
patient_block_id N(7) FK
block_id N(7) FK
Table 3.4.2.2 – Patient Blocks Logical Design

id N (10) PK
iin N (10) FK
Table 3.4.2.3 – Patient Old Logical Design

id N (7) PK
iin C (50) NOT NULL
name C (50) NOT NULL
surname C (50) NOT NULL
middle_name C (50) NOT NULL
address C (50) NOT NULL
list_diagnosis N(7) NOT NULL
The combination of cryptographic methods and distributed architecture ensures

the integrity, security, and reliability of blockchain databases. These databases have
found applications in various industries where data integrity and transparency are
crucial, such as finance, supply chain management, healthcare, and more.
55
Figure 3.4.2.4 – Tables Block Database
Patient Database. A patient database for patient management typically consists

of several tables, including tests, diagnoses, patient information, and prescriptions.
These tables are interconnected to store and manage relevant information about
patients, their medical history, and treatment details.
Table 3.4.2.5 – Analysis Logical Design

id N (7) PK
value C (50) NOT NULL
taken_time DATETIME NOT NULL
doctor_fio C (50) NOT NULL
diagnose_id N(7) FK
Table 3.4.2.6 – Diagnosis Logical Design

id N (7) PK
code C (50) NOT NULL
created_time DATETIME NOT NULL
doctor_fio C (50) NOT NULL
patient_id N(7) FK
Table 3.4.2.7 – Patient Logical Design

id N (7) PK
name C (50)
last_name C (50)
middle_name C (50)
iin C (50) NOT NULL
address C (50)
Table 3.4.2.8 – Patient Logical Design

id N (7) PK
created_date DATETIME NOT NULL
56
start_date DATETIME NOT NULL
end_date DATETIME NOT NULL
info C (50) NOT NULL
diagnose_id N (7) FK
Figure 3.4.2.9 – Tables Patient Database
These tables work together to create a comprehensive patient database that

enables healthcare providers to store, retrieve, and manage patient-related
information effectively. The interconnections between the tables allow for data
consistency and facilitate the retrieval of relevant information for medical decision-
making, treatment planning, and patient care coordination.
3.5 Blockchain Structure
Figure 3.5.1 – Blockchain Structure
Block:
 Block;
 Blockchain;
 Crypt;
 PatientBlock.
57
3.5.1 PatientBlock Class
Figure 3.5.1 – Source Code of PatientBlock Class
In the PatientBlock class, we create a block inside which there will be a unique
ID and patient IIN.
3.5.2 Block Class
Figure 3.5.2 – Source Code of Block Class
58
In this class, we will add the block that was created in the PatientBlock class to
the blockchain block. The blockchain block will have its own data such as, ID, its
own unique hash, the hash of the previous block, the patient's data block and the time
of block creation.
3.5.3. Blockchain Class
Figure 3.5.3 – Source Code of Blockchain Class
In this class we will add a block in the blockchain. The addBlock method is
responsible for adding a block to this blockchain and setting the hash of the previous
block to the previousHash parameter in this block. The is ChainValid method is
responsible for verifying blocks in the blockchain for authenticity using hashing.
We iterate over all the blocks. Checking if the current hash is equal to the
computed hash or not. If the hashes match, then the current and previous blocks are
successfully saved.
3.5.4. Cryptography
The primary purpose of using the SHA-256 hash function in the project is to
ensure data integrity and verification. By comparing the computed hash value of a
piece of data with its original hash value, one can determine if the data has been
modified or tampered with. This can be useful in validating the authenticity and
integrity of stored data, such as patient records or transactional information.
59
Figure 3.5.4 – Cryptography
Cryptography plays a fundamental role in securing blockchain systems. It

guarantees the reliability, confidentiality and integrity of data, making the blockchain
technology a reliable and trusted tool for various applications.
60
4 ECONOMIC EFFECTIVENESS OF THE PROJECT
4.1 Technical Description
The concept of our project involves the development of a medical application

based on blockchain technology. This application is designed to manage patient data.
The target audience of the planned application will be the population of
Kazakhstan, medical institutions.
Advantages of the services provided:
 user data security.
 ease of use;
 the absence of an analogue in the territory of Kazakhstan;
 save time.
This technology allows you to manage patient data quickly and safely.
4.2 Marketing Analysis
In recent years, hacker attacks have become more common, posing a serious
threat to data. What attracts intruders in the healthcare sector? First of all, the ease of
implementing attacks. Medical institutions use outdated systems, rarely update
software, and therefore these solutions contain hundreds of dangerous vulnerabilities
that open access even for those hackers who are not highly qualified. Modern
technologies allow you to protect confidential information and prevent such attacks.
Blockchain is one of such technologies. The three strengths of blockchain are cost
reduction, increased security and transparency of transactions.
Thus, for a medical platform that decides to implement blockchain technology
into its system, this technology will significantly reduce time costs and improve the
data management system and also attract a large number of new users interested in
data privacy.
4.3 Marketing Action Plan
According to the "Global Data Protection Index" survey conducted by Veeam

in 2022s, which included Kazakhstan, 62% of healthcare organizations in the country
had experienced a data loss event in the previous 12 months. This suggests that data
threats are a significant concern in the healthcare sector in Kazakhstan, as in many
other countries.
It is important to note that data breaches and cyber attacks may go unreported,
so the actual number of incidents may be higher than reported statistics. Therefore, it
is crucial for healthcare organizations to implement strong security measures to
protect their patients' data, including using encryption, firewalls, and access controls,
as well as training staff on data protection best practices.
61
The study assumes the task of attracting 2-3 clinics per month during the first
year. The plan to attract customers is as follows:
Offer Free Trials: Offer free trials or demo versions of the security system to
help healthcare professionals understand the benefits and ease of use.
 Create marketing materials: Develop marketing materials that talk about
the benefits of the security system, such as brochures, flyers, presentations and
videos.
 Provide ongoing support: Provide ongoing support to healthcare
providers who have purchased a security system, such as training, customer support,
and regular updates.
Following these steps, a marketing action plan for a medical security system
can effectively inform about the benefits of the system and attract potential customers
for the company.
4.4 Calculation of the Economic Efficiency of Software Product Development
At the initial stage, it is particularly important to analyze the main economic

indicators and calculate the cost-effectiveness of the project. This gives an idea of
how much financial resources are needed to implement the project, determine the
price of the product, projected revenues and allows you to calculate the payback
period of the project.
In this project, cost-effectiveness will be evaluated by the cost of equipment,
labor of developers and maintenance personnel, related overheads, etc.
4.5 The Price of Progress: The Significance of Equipment Costs in Application

Development
Table 4.5.1 – Equipment Costs

Name Quantity Price (tenge) Total
(tenge)
System unit 5 200 000 1 000 000
Monitor 5 50 000 250 000
Keyboards 5 20 000 100 000
Computer mouse 5 10 000 50 000
Router 1 20 000 20 000
Specialized software 5 50 000 250 000
Network switch 2 10 000 20 000
Total - - 1 690 000
The cost of the necessary equipment was 1 690 000 tenge.
62
4.6 Expenses on Payroll (wage fund)
The work schedule of the company to develop information system is a standard

"five-day", but with some peculiarities.
The list of employees involved in the development of the information system is
presented in the table below.
Table 4.6.1 – Development Staff

Specialist Period of work Amount of Total salary, KZT
(in month) people
Project manager 1 1 400 000

Software 1 1 300 000
developer
UX/UI Designer 1 1 200 000
Tester 1 1 200 000
Database 1 1 250 000
manager
System architect 1 1 300 000
Business analyst 1 1 250 000
Blockchain 1 1 300 000
developer
Total - - 2 200 000
Thus, the payroll in the initial months was 2 200 000 tenge.
63
Next, it is necessary to calculate the amount of mandatory deductions from
wages, which include: social contributions, social tax and MSHI.
Pension contribution = 10% * accrued wages = 2200000 * 0,1 = 220000
Social contributions = 3.5%*(accrued wages – pension contributions) =
0,035(2200000 – (2200000*0,1)) = 69300
Deductions for compulsory social health insurance = 3.5% * accrued wages =
0,035 * 2200000 = 77000
Social tax = 9.5%* (accrued wages – pension contributions –deductions for
compulsory social health insurance from an employee) – social contributions =
0,095* ((2200000-2200000 * 0,1)-77000)- 69300 = 111485
Total mandatory deductions from the total salary of all employees = 69300 +
77000 + 111485 = 257785 KZT.
Payroll:
Total salary + deductions = 2 200 000 + 257 785 = 2 457 785 KZT.
64
4.7 Overhead Costs
Overhead costs are the costs that are not attributed to the direct costs of
developing a web application. In our case - it's rent of premises, payment of utilities,
Internet.
Table 4.7.1 – Overhead Costs

Equipment Amount Price, KZT Monthly total price,
KZT
Rental of office 30 sq. m. 4 000 120 000
Electric energy 300 kW. 16,86 with VAT 5 060
Heat and water 1 10 000 10 000
supply
Wi-Fi 1 5 490 5 490
Total - - 140 550
Total will be: 140550 * 2= 281100

We calculated overhead costs as presented above and they were 281 100 tenge.
Total infrastructure development costs were: equipment costs + payroll +
overhead costs = 1 690 000 + 2 457 785 + 281 100 = 4 428 885.
Promotion of this software package will include payment for a license for the
right to use this product and with implementation once –1 000 000 KZT.
Based on the marketing plan described above, income is not expected during
the first 3 months, since this time is given for development (2 months) and
implementation (1 month). After development, the program will be implemented in
10 private clinics in Almaty.
For the first year income = 10 * 1 000 000 = 10 000 000.
Absolute economic efficiency of the project for the first year = profit/costs =
(10 000 000 – 4 428 885) / 4 428 885 = 1.3 (profit = income-costs).
For the second year, with an increase in the rate of attracting 10 more clinics,
so for the second year income: 20 * 1 000 000 = 20 000 000.
Costs can be defined as a payroll of one administrator (technical support) with
a salary of 250,000 tenge equal to 279293.75 tenge, taking into account all
deductions. The purchase of equipment and the involvement of personnel for the
development of the application will no longer be required.
Absolute economic efficiency of the project for the second year = profit/costs =
(20 000 000 – 279293.75) / 279293.75 = 70 (profit = income-costs).
The absolute economic efficiency in two years will be: (30 000 000 – 4 708
168.75/ 4 708 168.75= 5.4
Average annual cash flow: (5 571 115 + 19 720 706,25)/2 = 12 645 910,625
Payback period = amount of initial investment/ average annual cash flow = 4
428 885 / 12 645 910,625 = 0.35 years (4 month and 6 day).
Cost-effectiveness and payback period shown above are calculated in terms of
justifying the profitability of the project for the developer of the information system.
65
Depending on the purpose of the project economic efficiency and payback
period should also be calculated for the users, i.e. users of the developed software
product (medical clinics) in terms of reducing labor costs, saving time, reducing the
number of staff, reducing the financial cost of labor, etc. As a cost in this case will be
the cost of the purchase of the clinic of this software (software product).
4.8 Calculation of Efficiency in the Implementation of Software in the

Enterprise (for the user)
Let's calculate the cost-effectiveness of implementation in the clinic.

Economic efficiency is calculated on the basis of both direct and indirect
effects. In our case, we can calculate the economic efficiency by reducing the labor
costs of the personnel involved in the use of this PP.
The absolute reduction in labor costs (DТ):
DТ=Т0-Т1 (4.9)
where Т0 - labor costs for processing information on existing equipment; Т1 -

labor costs for information processing when using new equipment;
coefficient of relative reduction of labor costs (КТ):
КТ=DТ/T0 (4.10)
index of labor cost reduction or increase in labor productivity due to the use of
new equipment (YT):
YT=T0 /T1 (4.11)
Table 4.8.1 – Calculations of Economic Efficiency by Reducing Labor Costs

Stages of work T0 T1 ∆T KT YT
User authorization 10 min 1 min 9 min 0.9 10
Making an appointment 5 min 2 min 3 min 0.6 2.5
Acceptance of payment 15 min 1 min 14 min 0.92 15
for medical services
rendered
Sending survey result 25 min 3 min 22 min 0.88 8.3
Total 55 min 7 min 48 min 0.87 7.8
These calculations show a reduction in labor costs of up to 87% in the

processing of customer requests for the clinic when using this software. This
reduction in labor costs involves reducing the amount of work on the processing of
the flow of calls and appeals, due to increased automation, as well as improving the
66
quality of service, which confirms the effectiveness of the implementation of this
software.
We will calculate the cost reduction in value terms by comparing the cost of
work with the traditional type of customer service of the clinic and the PP proposed
in the project, by determining the economic effect, i.e. by comparing the cost costs
due to an absolute reduction in cost costs.
Economic effect = costs before implementation – costs after implementation
Table 4.8.2 – Calculation of the Economic Effect in the Implementation of the

Proposed Software for the Year
№ Cost of work Before implementation After implementation
1 Cost of PP 0 1000000 tg
2 Information security Salary: 300 000 tg * 12 month =
specialist 3600000 tg (including taxes = 0
4 021 830 tg in a year)
3 Payroll of registry staff Salary: 150 000 tg * 4 8 043 660 –
employees * 12 month = (8 043 660*0.87) =
7 200 000 tg (including taxes = 1 045 675 tg
8 043 660 tg)
4 Total 12 065 490 tg (4 021 830 + 2 045 675 tg (1 000 000
8 043 660) in a year + 1 045 675) in a year
5 Economic effect 10 019 815 tg (12 065 490 – 2 045 675)
(formula 4)
We will calculate the payback period for the implementation of this PP in the
clinic's activities:
Payback period = initial costs/ cost savings
Payback period = 2 045 675 / 10 019 815 = 0.204 year (2 month and 13 days).
Thus, the clinic, having acquired a software product developed in the project,
at a total cost of 2 045 675 tenge, will reduce labor costs by 87% and will recoup
these investments within 0.204 years, i.e. within 2 month and 13 days, will receive an
economic effect in saving 10 019 815 tenge, which proves the profitability of
acquiring and implementing into its activities the developed in the project the
product.
67
CONCLUSION
In conclusion, the development of a data management system for multi-user

medical platforms using blockchain technology is a significant contribution to the
field of healthcare. The project aimed to address the challenges of data security,
integrity, and interoperability in the context of medical platforms. By leveraging
blockchain technology, the system ensures the immutability and transparency of
medical data, while also providing a decentralized and trusted environment for data
sharing and collaboration among healthcare providers.
Throughout the project, extensive research and analysis were conducted to
understand the requirements and needs of multi-user medical platforms. The
theoretical foundations of blockchain technology and data management systems were
explored, providing a solid basis for the development process.
The practical implementation of the system involved the design and
development of various components, including the user interface, database
management, smart contracts, and encryption mechanisms. The use of Java
programming language and Android Studio facilitated the creation of a user-friendly
interface and seamless integration with existing medical platforms.
The system's functionality was designed to support patient management,
including the storage and retrieval of patient information, test results, diagnoses, and
prescriptions. The use of SHA-256 encryption ensured data security and integrity,
protecting sensitive medical information from unauthorized access and tampering.
The successful development and implementation of the data management
system for multi-user medical platforms using blockchain technology have the
potential to revolutionize the healthcare industry. It provides healthcare providers
with a secure and efficient platform for managing patient data, promoting
collaboration, and improving the overall quality of healthcare services.
However, it is important to acknowledge that further research and refinement
may be necessary to address scalability and interoperability challenges associated
with blockchain technology. Additionally, ongoing efforts should focus on ensuring
compliance with relevant regulations and standards to guarantee the privacy and
confidentiality of patient information.
Overall, this diploma project has contributed to the advancement of data
management systems in the healthcare sector and demonstrated the potential of
blockchain technology in revolutionizing the way medical data is managed, shared,
and secured.
68
REFERENCES
[1] BlockchainHub, “Blockchain in Healthcare: Use Cases and Applications.”,

2021.[Online]. Available: https://blockchainhub.net/blockchain-in-healthcare-use-
cases-applications
[2] Johnson, A., & Thompson, R, “Blockchain technology in healthcare: A
systematic review. International Journal of Medical Informatics.”, pp. 134, 1-10,
2020.
[3] Digital, “Blockchain in Healthcare: An Executive’s Guide for 2023.”, 2022.
[Online]. Available: Blockchain in Healthcare Industry 2023: An Executive’s Guide
(digitalauthority.me)
[4] Ichikawa, D., Kashiyama, M., Ueno, T., & Suzuki, T, “Blockchain-based
secure sharing of genetic data using attribute-based encryption. International Journal
of Genomics”, 2017.
[5] P. Johnson, “Blockchain and Digital Asset projects worldwide in 2023.”,
[Online]. Available: Blockchain and DeFi Projects worldwide in 2023 [Updated] -
CFTE
[6] Dagher, G. G., Mohler, J., Milojkovic, M., Marella, P. B., & Al-Beywanee,
B , “Ancile: Privacy-preserving Framework for Access Control and Interoperability
of Electronic Health Records Using Blockchain Technology”, 2018.
[7] Zhang, P., White, J., Schmidt, D. C., Lenz, G., & Rosenbloom, S. T.
(2016). FHIRChain: Applying blockchain to securely and scalably share clinical data.
Computers in biology and medicine, 78, 52-64.
[8] Xia, Q., Sifah, E. B., Asamoah, K. O., Gao, J., Du, X., & Guizani, M.
(2017). MeDShare: Trust-less medical data sharing among cloud service providers
via blockchain. IEEE access, 5, 14757-14767.
[9] Ekblaw, A., Azaria, A., Halamka, J. D., & Lippman, A. (2016). A case
study for blockchain in healthcare:“MedRec” prototype for electronic health records
and medical research data. Proceedings of IEEE open & big data conference, 2016,
228-231.
[10] Mettler, M. (2016). Blockchain technology in healthcare: The revolution
starts here. In Proceedings of the 2016 IEEE 18th international conference on e-
Health networking, applications and services (Healthcom) (pp. 1-3). IEEE.
[11] Benchoufi, M., Porcher, R., & Ravaud, P. (2017). Blockchain protocols in
clinical trials: Transparency and traceability of consent. The FASEB Journal,
31(1_supplement), 874-816.
[12] Zhang, P., & Schmidt, D. C. (2018). Medical data integrity assurance
using blockchain, big data and trust anchors. Journal of medical systems, 42(8), 1-10.
[13] Liang, X., Zhao, J., Shetty, S., Liu, J., Li, D., & Li, X. (2017). Integrating
blockchain for data sharing and collaboration in mobile healthcare applications. In
2017 IEEE 28th Annual International Symposium on Personal, Indoor, and Mobile
Radio Communications (PIMRC) (pp. 1-5). IEEE.
69

Diploma Project Last

Uploaded by

Copyright:

Available Formats

Diploma Project Last

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Diploma Project Last

Uploaded by

Copyright:

Available Formats

MINISTRY OF SCIENCE AND HIGHER EDUCATION OF THE REPUBLIC OF

INTERNATIONAL INFORMATION TECHNOLOGY UNIVERSITY

FACULTY OF COMPUTER TECHNOLOGY AND CYBERSECURITY

Data Management System for Multi-User Medical Platforms Using Blockchain

Educational program 6B06303 – Network Security

INTERNATIONAL INFORMATION TECHNOLOGY UNIVERSITY

Data Management System for Multi-User Medical Platforms Using Blockchain

Educational program 6B06303 – Network Security

Done by: Altynbek A. _______

Research supervisor: Kabylzhan A. _______

Reviewer: Kim E.R. _______

Diploma Project Assignment

Approved by IITU order № 84-с dated «06» December 2022

Diploma project submission date «16» June 2023

Diploma project initial date

CD containing the digital version of diploma paper and attachments

Consultant Name Signature, date

Date «__» _________2023

Research supervisor ___________ Kabylzhan A.

Assignment received by ___________ Altynbek A.

Altynbek A., Islambek D., Bakytbekov N.

Topic: Data Management System for Multi-user Medical Platforms Using

№ Assignment Submission date

Done by: Altynbek A. _______

Бұл дипломдық жобада медициналық ұйымдардағы емделушілердің

Кілттік сөздер: БЛОКЧЕЙН ТЕХНОЛОГИЯСЫ, ҚАУІПСІЗДІК,

В данном дипломном проекте предлагается создать платформу, которая

Ключевые слова: ТЕХНОЛОГИЯ БЛОКЧЕЙН, БЕЗОПАСНОСТЬ,

In this project, it is proposed to create a platform that will provide a single

Keywords: BLOCKHAIN TECHNOLOGY, SECURITY,

1.1 Introduction to Cybersecurity in Healthcare

Digitalization in the healthcare sector increases the efficiency of medical

Figure 1.1.1 - Calculations Based on KZ-CERT

Figure 1.1.2 - Analytics of Increasing Interest in Information Security

Каналы утечек, 2022г

Сеть(браузер, Cloud) Электронная почта ПК, сервер

Figure 1.1.3 - Statistics of Information Security Incidents by Type

The allocated money for cybersecurity is another important part of security. It

1.2 Classification of Information Security

Information security is the protection of information and related infrastructure

Based on the diagram shown above (Figure 1.2.1), some common

1.3 Comparison of Existing Solutions

Blockchain solutions offer effective approaches to reliable data management,

Table 1.2.2 – Comparison table

Patientory 2015 Atlanta, Patientory works with Limited availability in

MedRec 2018 London, UK Data sharing: MedRec Limited adoption: MedRec

Healthere 2017 Pittsburgh, Structured interface; Token system: The use of

 Patientory: Patientory is a blockchain solution for safe, cloud-based

Figure 1.2.3 – Interface of Patientory App

 MedRec: MedRec is a medical records platform that uses blockchain to

Figure 1.2.4 – Interface of MedRec Web Site

Figure 1.2.5 – System Architecture of MedRec

 Healthereum: Healthereum is a blockchain healthcare company created to

1.4 Project Description

Figure 1.4.1 – System Architecture of the Project

This is a structure of our project based on the blockchain protected with an

1.5 Exploration of Potential Future Developments for the Product

2.1 Project Scope

1. Research conditions and planning:

Date «» _______2023