Survey of Interoperability in Electronic Health Records Management and Proposed Blockchain Based Framework: MyBlockEHR

Interoperability in Electronic Health Records (EHR) is significant for the seamless sharing of information amongst different healthcare stakeholders. Interoperability in EHR aims to devise agreements in its interpretation, access, and storage with security, privacy, and trust. A study and survey of state-of-the-art literature, prototypes, and projects in standardization of the EHR structure, privacy-preservation, and EHR sharing are very essential. The presented work conducts a systematic literature review to address four research questions. 1) What are the different standards for common interpretation, representation, and modeling of EHR to achieve semantic interoperability? 2) What are the different privacy-preservation techniques and security standards for EHR data storage? 3) How mature is blockchain technology for building interoperable, privacy-preserving solutions for EHR storage and sharing? 4) What is the state-of-the-art for cross-chain interoperability for EHR sharing? An exhaustive study of these questions establishes the potential of a blockchain-based EHR management framework in privacy preservation, access control and efficient storage. The study also unveils challenges in the adoption of blockchain in EHR management with the state-of-the-art maturity of cross-chain interoperable solutions for sharing EHR amongst stakeholders on different blockchain platforms. The research gaps culminate in proposing a blockchain-based EHR framework with privacy preservation and access control design. The proposed framework employs partitioning of EHR to on-chain and off-chain storages for performance guarantees with the retrieval of valid off-chain data. The framework is deployed on the Ethereum test network with Solidity smart contracts. It is observed that different test cases on the partitioning of the EHR data, yielded better read-write throughput and effective gas price than fully on-chain storage.


I. INTRODUCTION
Interoperability in the healthcare sector is the ability of the healthcare systems to share, interpret and use Electronic Health Record (EHR) coherently [1]. Interoperable solutions to EHR management are critical for seamless transfers of patient data and treatment details for improving the effectiveness of healthcare services with reduced cost and time. EHR refers to patient data that is recorded, processed, and analyzed at various healthcare organizations [2]. As this data originates from different organizations, it follows local standards and healthcare terminologies. The EHR standards of different healthcare organizations are not uniform, causing a low level of interoperability in healthcare information systems among the organizations [3] [4]. Hence interoperable EHR solutions aim for standardization of EHR structure. EHR sharing and interoperability amongst the different healthcare organizations is a critical area of research [5].
Patient-controlled interoperable solutions imply that the patient owns his EHR and he permits or denies access to his records to other stakeholders [6]. Seamless EHR sharing amongst different healthcare stakeholders (like Hospital A to Hospital B or Hospital to Insurance ) is essential for a better healthcare. Delivery Seamless transfers of EHR lead to time and cost-effective interoperable solutions [1].
Standardization of EHR structure, patient-controlled data access, and seamless transfers of EHR across the different healthcare service providers are the goals of EHR interoperability in modern healthcare systems [1]. This is depicted in Fig. 1. EHR representation and its sharing in the healthcare sector have evolved through different eras, as shown in Fig. 2. It is pretty significant and exciting to study how the challenges in EHR sharing evolved across the eras in healthcare. Healthcare 1.0 [7] marked the creation of manual records for the ease of use of the service providers. Healthcare 2.0 era was the digitization of health records with electronic health records [7]. With healthcare 3.0 [7], remote and real-time capturing of health data was possible by integrating wearable Internet of Thing (IoT) devices with the information system. This era also marks emphasis on the privacy consideration to EHR. Healthcare 4.0 [7] emerges with the need for integration of different healthcare information systems for seamless transfers of EHR. Besides, these information systems should guarantee privacy preservation and patient-controlled access to EHR to build interoperable EHR sharing.
Privacy of healthcare data is a significant concern [5]. Healthcare data is very personal, sensitive, and vulnerable to attacks. Privacy threats and lack of trust challenge healthcare data sharing. As per the Deloitte Health Consumer Survey, only 46% of healthcare consumers are willing to share their data in the initial phase of treatment [10]. Here the ownership of EHR is a significant concern. This issue can be handled by privacy preservation techniques and patient-controlled access in EHR interoperability solutions [7]. EHR sharing across multiple stakeholders is another critical management issue. The EHR must be shared seamlessly, but it should also be free from intermediaries to build trust in the EHR management [11].
Literature shows that interoperable solutions in EHR management should address these challenges for effective patient-care, as shown in Fig. 3. EHR structure and semantic interoperability deal with EHR representation using healthcare standards, ontologies, and data modeling [9] [12]. EHR ownership is realized with a patient-controlled privacypreserving mechanism. It implies that the EHR is owned and the access is controlled by the patient to audit sharing of their personal data [13]. EHR sharing in interoperable solutions aims to facilitate sharing of EHR across different healthcare systems.
EHR sharing should be non-mediated [14] i.e., without any intermediaries. It is an important aspect for privacy preservation [11].
Thus, it is essential to study these challenges to EHR interoperability with a systematic literature review to analyze the maturity of the solutions. The study also aims to evaluate blockchain technology to realize of interoperable solutions in EHR management [15] [16].

B. MOTIVATION
EHR management challenges fall in the three major areas of concern [9] [11][12][13] as described in Fig. 3. Blockchain technology offers a promising solution to the data ownership, sharing, and an audited trail of healthcare records [7]. The stakeholders share EHR on a decentralized ledger in a transparent manner. The immutability of the records, provenance tracking, and the access controls with smart contracts make this a better technology to manage the EHR systems [6] [13] [14] [17][18][19].
1) EHR transactions are high in volume and need to be stored on the distributed storage on the blockchain.
2) EHR transactions are personal medical records, and their privacy is endangered with distributed storage.
3) EHR transactions are higher in volume and incur heavy onchain computations. 4) EHR exchanges on cross-chain systems imply the need for sharing over heterogeneous platforms, which is a significant challenge.

FIGURE 3. EHR management challenges in interoperable solutions
The motivation of this work is two-fold. We aim to outline and evaluate the different standards and techniques to achieve interoperability in EHR structure, storage and sharing. The existing literature shows the increase in the adoption of blockchain technology for the implementation of trusted, transparent EHR management systems [6] [13] [14] [17][18][19][20][21] [23] with challenges. Hence evaluation of blockchain-based EHR management systems is essential.
However, these decentralized EHR management systems lack scalability and offer lesser privacy to sensitive health data [25]. This work proposes a framework that offers better privacy, scalability, and cost over existing blockchain-based EHR management solutions with standardization of EHR structure and semi-centralized storage. The prototype is implemented and evaluated with experimental validations on a blockchain framework with smart contracts.
2) The second objective of the work is to investigate blockchain-based solutions to address the issues in 1) with the study of the literary works on adopting blockchain in EHR management [6] [13] [14] [17][18][19][20][21][22][23]. The study was further carried out to investigate the research gaps in EHR deployment on the blockchain. a. The third objective is to address gaps in EHR management over blockchain with the proposed framework MyBlockEHR: b. Performance: Partitioning EHR data to on-chain and offchain storage for better performance and throughput [6]. c. Privacy: The data partitioning strategy in data storage [6] should preserve the sensitive patient data from unauthorized access d. Trusted data storage: The off-chain data storage needs to be trustworthy, tamper-proof, and available to the blockchain-based EHR management systems with smart contract oracles [6] that validate data from off-chain storage with on-chain hash. e. Access control: Patient-centric access control [6] [13] [60] implies that patients will be owners of the data, and access to EHR will be granted to other stakeholders with patient permission. The prototype is to be experimentally verified with smart contracts deployed on the network and evaluated for scalability and cost for different test cases.
3) The fourth objective of the study is to analyze the crosschain interoperability issues [15] [16] [61][62][63][64][65] in sharing EHR amongst different stakeholders over different blockchain platforms. With the study, we uncover the maturity of existing solutions like [15] [16]  and put forth the need for modeling a trust-based, non-intermediated solution for EHR exchange over cross-chain platforms.

D. RESEARCH GOALS
This research aims to analyze the existing studies, standards, tools, and techniques in realizing interoperable EHR management in the three areas of focus, i.e. semantic interoperability, privacy-preserving techniques for EHR storage, and non-mediated EHR sharing. The research questions are listed in Table I to carry out the study of EHR management and application of blockchain technology of the same.
The scope of our work is described with a structure diagram, as shown in Fig. 4.

II.RESEARCH METHOD
The literature review is carried out with guidelines for Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) flow diagram stated in [95]. We have adapted the PRISMA flow diagram as shown in Fig. 5.
Seventy-eight research papers and articles from 2007-2021 have been reviewed for our work. Because of the recency in this area, there are undergoing industry-based products and projects. Hence, we have also referred to 80 web sources for our review. This topic's relevance led to finding web sources in healthcare ontologies, EHR standards, cross-chain solutions and blockchain platforms. We included research works, proof-ofconcepts, prototypes in the focus areas of interoperability. Since the application of blockchain in the healthcare sector has been recent, prominent blockchain-based solutions to the healthcare sector have been referred since 2016. The white papers, official websites, and web blogs have been referred for blockchain engines.

A. ELIGIBILITY CRITERIA AND INFORMATION SOURCES
As our focus was addressing interoperability in EHR with blockchain, projects on blockchain applications for EHR management and privacy preservation techniques have been surveyed. For cross-chain projects in blockchain, the official websites and white papers have been referred.

INCLUSION & EXCLUSION CRITERIA
We have listed inclusion and exclusion criteria for different categories of searches in Table II. We applied Google search engine for all searches, and they were conducted from January 2020 to August 2021.

B. KEYWORD SEARCH
The work focuses on three aspects of interoperability i.e., semantic interoperability, patient-centric privacy-preserving techniques, and cross-chain interoperability. Hence, related phrases were used as search terms in the Google search engine. Table III shows the related phrases used for interoperability concepts.
We have applied snow-balling techniques to retrieve top-ranked web pages, white papers, and research papers.  -text articles retrieved  where a=Semantic Interoperability, b=Privacy Preservation Techniques, c=EHR Interoperability within Blockchain, d=Cross-chain Interoperability, e=General  Information on Interoperability and on writing review paper   TABLE II  INCLUSION AND EXCLUSION CRITERIA FOR REVIEW   Topics of study  Inclusion Criteria  Exclusion Criteria Semantic interoperability in EHR The work must refer to EHR data standards or healthcare ontologies, or big data models popularly employed for EHR management.
Papers presenting ontologies and standards other than health records, big data models for non-medical applications.

Privacy preservation techniques in EHR
The work must refer to different privacypreserving techniques for EHR data storage. Works on blockchain and smart contract based EHR privacy techniques were also included.
Privacy Preservation techniques applied to non-medical use cases.

Cross-chain interoperability
White papers or official websites, or web blogs describing exchange mechanisms across different platforms of blockchain are considered. The projects where these standards are employed for healthcare use cases are included.
-  Name of the cross-chain project along with keyword "Blockchain"

III. DETAILED ANALYSIS OF LITERATURE
The need for interoperability in healthcare systems has been focused on in many research works. We surveyed on research works in prominent areas, namely a) Semantic Interoperability, b) EHR data security standards, c) Privacy Preservation Techniques d) EHR interoperability within the blockchain, and e) Cross-chain interoperability.

A. SEMANTIC INTEROPERABILITY
Structural interoperability defines syntax, format, and organization of data for standard representation [1]. Semantic interoperability implies that the sender machine and receiver system agree on the common understanding of the data [8].
After sharing data, the meaning of data has to be preserved and unaltered [26]. Both the structural and semantic interoperable systems should interpret data based on a common understanding of vocabulary and standard definitions.
Semantic interoperability in healthcare data is classified at two levels in [96], i.e. Partial and Full Semantic Interoperability. Partial semantic interoperability means that the health records are translated in an intermediate standard, acceptable to the sender and receiver systems. Full semantic interoperability means that the first health records are collected in the sender's standards, translated into intermediate standards, and then reproduced in the local standards of the receiver.
In this work, we review semantic interoperability of EHR with the study of popular healthcare ontologies, EHR standards, and EHR data models as shown in

1) HEALTHCARE ONTOLOGIES
Semantic interoperability in EHR requires working with semantic patterns and ontologies frameworks for heterogeneous healthcare data [97]. Such heterogeneous data forms heterogeneous EHR models.
Healthcare ontology is a model which represents the set of concepts within healthcare domains. An ontology represents the different domain terms in terms of labeled graphs and relationships between them. To show the relationships between such terms rich set of constructs are required. So, the ontological framework gives interoperable meaning to heterogeneous EHR models in labeled graphs, relationship diagrams and constructs. Ontologies are the best tools for data modeling of healthcare terms and act as bridges between heterogeneous EHR models. Semantic patterns are data representations of repetitive objects, terms, and terminologies in ontology libraries.
In this work, we study the features of significant ontologies employed for healthcare data interpretation as described in Table IV.

2) EHR STANDARDS
Semantics act as dictionaries with medical terminologies, whereas standards in semantic interoperability refer to representations for transmitting data between two different systems. They are the most essential building blocks in interoperable EHR sharing. Standards may be among three types i.e., messaging, terminology and document. Messaging standards focus on structure, content and other data requirements to enable effective EHR sharing. Terminology standards deal with disease and medication specific codes. With the help of document standards, type and location of information can be identified. Significant healthcare standards are described in Table V. EHR standards are being adopted across the globe. As per news article [98], the USA is collaboratively developing EHR standards with HL7, National Council for Prescription Drug Programs (NCPDP), X12, and other Health Standards Collaborative (HSC) members. As per the declaration provided by Ubitech company [99], Europe is developing an EHR interoperability framework by using standards such as OpenEHR, DICOM, ICD-10, Diagnostic and Statistical Manual of Mental Disorders (DSM) [100], and Medical Dictionary for Regulatory Activities (MEDRA) [101]. Indian ministry has suggested the healthcare organizations to use EHR standards such as SNOMED-CT, ICD-11, LOINC, DICOM, HL7, etc. [102]. As per article [103], healthcare systems in the US and Canada support the HL7 standard. France approved the use of Hprim Santé and PN13 standards, which are adopted from HL7 [104]. As per an article on healthcare interoperability worldwide standards, Germany has adopted eXtensible Data Types (xDT) [104] [105]. As per article [106], China has adopted HL7-based EHR standards since 2013. Standards like HL7, SNOMED-CT, CDA, and ICD are popularly employed by Australia, Denmark, England, Netherlands and Ireland [27] OpenEHR [107] and (Fast Healthcare Interoperability Resources) FHIR [108] are popular open standards adopted by many research works. OpenEHR is used to create EHR standards, archetypes and to build information in the healthcare sector. OpenEHR is the most popular standard for EHR persistence with over 300 archetypes specified in its reference model.
FHIR is the HL7 standard mainly designed for EHR interoperability. HL7 FHIR is a lightweight standard used for EHR sharing using RESTful Application Programming Interface (API). The comparative analysis between these two standards from perspectives of structure, complexity, and interoperability is presented in Table VI.

Focus
It has a strong focus on data persistence, with APIs and EHR sharing as a secondary focus.
Integrating different discrete elements of the EHR ecosystem such that coherent information of healthcare for data sharing.
Building Blocks It uses over 300 complex archetypes.
Have around 100 resources.
Complexity of data It defines EHR with greater detail in terms of structure and complex features.
It uses simple lightweight and ubiquitous data representation which is easier for data aggregation.
Data modeling It uses two-level modeling, i.e., ontology and archetypes. It uses query constructs and data modeling.

Data volume
It takes the whole volume of existing data.
It works on the 80:20 principles i.e., at least 80% of the system can implement it.

3) DATA MODELING OF EHR
EHR consists of personal details of the patient, his treatment, clinical trials, and follow-ups. EHR thus is a collection of heterogeneous data representations (text, images, documents, video, etc.) With digitization in the healthcare sector, a massive volume of EHR is generated. The data structure used for storing EHR and related operations are called as the data model. Thus, big data models are the best candidates for the representation of EHR [41]. We studied the projects and research works proposing and implementing the data management systems for EHR using different data models, with the diversities from the traditional relational database management systems to Not only SQL (No-SQL) big data models. We analyzed the different models employed for EHR in terms of object complexity and performance metrics like retrieval time, scalability, isolation, and consistency. The works are evaluated, and findings are outlined in Table VII below:

B. EHR DATA SECURITY STANDARDS. 1) GDPR
The General Data Protection Regulation (GDPR) [109] is a regulation on data protection and privacy in the European Union (EU) & European Economic Area (EEA). This regulation addresses the transfer of personal data outside the EU and EEA. GDPR binds any healthcare organization or individual collecting and processing data. Consent, purpose, data minimization, transparency, accuracy, privacy-by-design or privacy-by-default, data subject rights, retention period, accountability, security protections, and data breach protection are the general principles that safeguard data with the new GDPR [109]. Healthcare organizations are expected to follow these GDPR principles. As per the vision of the 21 st century [109], privacy to EHR is one of the six quality performances of the healthcare sector along with safety, effectiveness, timeliness, efficiency, and equity.

INSURANCE PORTABILITY AND ACCOUNTABILITY ACT (HIPAA)
HIPAA [48] is important rule defined by US regulations that safeguard the individual's right to the ownership and sharing of health data. HIPAA standard applies to healthcare stakeholders (healthcare providers, health plans, and healthcare clearinghouses) [110] who carry out EHR exchanges. Privacy rule protects health information identities created or received by the above-mentioned healthcare stakeholders. Identities maintained by other healthcare stakeholders are not protected under HIPAA [110]. According to HIPAA, healthcare stakeholders may use or disclose identity without an individual's consent for treatment, payment, and medical operations. For other purposes, an individual's consent is mandatory. Individuals should be informed of the usage or disclosure of their identities [110].

3) INTERNATIONAL ORGANIZATION FOR STANDARDIZATION (ISO) 27001/ISO 27799
ISO 27001 and ISO 27799 are the international standards that can be used in combination to protect sensitive healthcare data [111]. ISO 27001 adopts the Plan-Do-Check-Act cycle for information security worldwide in government and commercial organizations [112]. ISO 27002 implemented ISO 27001, providing the security controls guidance [112] and is already being used in the healthcare sector for worldwide security management such as Australia, Canada, France, South Africa, United Kingdom, and many more [113]. ISO 27799 implements the standard ISO 27002, providing guidance on best practices to protect confidentiality, integrity, and availability of personal health data [112]. Healthcare organizations certified with ISO 27001 are expected to improve health data security in conformance with ISO 27799 [113].  [114]. COBIT 5 framework consists of 5 principles, process domains, ITrelated guidelines, and ISO/IEC 15504 based process capability model [115]. Principles of COBIT 5 can be applied to the healthcare sector [115]. IT goals of COBIT 5 can be mapped with e-healthcare governance [115]. COBIT 5 frameworks can be used for healthcare with seven categories [114] as follows:

4) CONTROL OBJECTIVES FOR INFORMATION AND RELATED TECHNOLOGY (COBIT 5)
a. Principles, policies, and processes can be translated into practical guidance of daily management activities in healthcare b. Processes can be aligned with practices and activities at healthcare, which achieves objectives to produce outputs mapped IT goals. c. Organizational structures can be mapped as decision making entities in healthcare d. Culture, ethics, and behavior of healthcare stakeholders is a success factor in governance and management activities. e. As information is pervasive, it is very often the essential product at the operational level in healthcare f. Infrastructure, technology, and application facilitate IT processing and services in healthcare. g. Skilled personnel are required for carrying out precise decisions and taking corrective actions in healthcare.

5) DIGITAL INFORMATION SECURITY IN HEALTHCARE ACT (DISHA)
Ministry of Health & Family Welfare (MoHFW), Government of India, have issued DISHA [14] draft for healthcare security in November 2017 [116] [117]. If sensitive health data gets compromised it may lead to harm, violence, discrimination in society, and embarrassments to individuals. DISHA will give complete control of health data to the patient [116] [117].
A patient will decide to whom his data should be accessible. He should know to whom data will be transmitted. Only, in case of emergency, his data will be shared with his family members. If any person commits the serious breach to the patient's data without any consent, then person shall be punished with imprisonment for 3 years to 5 years or charged with fine minimum of ₹5,00,000. As per security compliance, this fine will be compensated to the concerned patient [116]. DISHA will be regulated by National Electronic Health Authority (NeHA), and various State Electronic Health Authorities (SeHA) [116] [118].

C. PRIVACY PRESERVATION TECHNIQUES
Patient-centric healthcare services demand integration amongst different healthcare information systems [7]. As the data is shared amongst different stakeholders, the privacy of EHR can be compromised [13]. Healthcare 4.0 is expected to implement patient-centric privacy preservation techniques [7].
Patient-controlled privacy preservation implies that the EHR is owned by the patient and can confer as well as revoke the rights to access the same with other stakeholders. With patient-centric interoperability, there is sharing of EHR data amongst different healthcare information systems, which may lead to breaching patient privacy [13], even if the information sharing is limited to authorized healthcare actors. Often patients or data custodians are unaware that their information is disclosed. The threats to the privacy of healthcare data include tampering, loss, and unauthorized disclosure of data [119].
Effective Identity and Access Management (IAM) system [48] offer better privacy and access control solutions to data sharing problems. Data anonymization offers privacy to identity attributes [57] [58] of the patient data like name, address, and personal details. The use of patient-centric access control can help the patient to confer and revoke the rights to access their data. Role-based access levels with different levels of access granularities can be used as access management policy. Fig. 7 shows popular privacy preservation techniques employed for EHRs [11] [17] [20][21][22] [49][50][51][52][53][54][55][56][57][58][59]. Privacy preservation techniques for EHR offer data security but cost additional storage and loss of performance. The overheads with encryption time, retrieval time, and compliance checks during EHR access hamper the throughput. In this section, we outline different privacy preservation techniques of EHR and evaluate their performance.
Additionally, approaches for privacy preservation in blockchain-based ecosystems are also outlined below in Table  VIII. These solutions leverage the blockchain trust guarantees with additional privacy preservation policies for EHR data. They are further evaluated for performance metrics to get a broader view, as described in Table VIII. Research study on privacy preservation techniques on EHR helps in classifying the techniques as following types:

1) Disassociation:
The process of delinking highly sensitive attributes from identity attributes is disassociation. This helps in hiding the identity of the patients with rare medical conditions from adversaries.

2) De-identification:
The removal of personal data from the health records for privacy preservation is de-identification. Encoding, hashing, generalization of specific data are some of the strategies to de-identify the personal data in EHR.

3) Decoy:
It is a strategy for creating deception of the EHR dataset for protecting from the adversary. This aims to increase the probability of false-positive and make it challenging to retrieve actual data. 4) Encryption/Cryptography: It aims to apply encryption techniques on the sensitive data in EHR. A symmetric key, asymmetric key encryption techniques are employed with a digital signature to verify the authenticity and authority of the data. 5) Privacy Levels: Every healthcare service provider has predefined access privileges which define what can be accessed, how it can be accessed, and when it can be accessed. 6) Anonymity: Sensitive data or identity data in the EHR is suppressed by replacing it with wild characters, or generalized with general values to avoid specifics.

7) Blockchain-based privacy preservation techniques:
Blockchain supports pseudo-anonymity of the patients in EHR. Smart contracts deployed on the blockchain can help exercise the access rights of the user. Partitioning the EHR attributes to on-chain distributed ledgers and off-chain databases are also applied in some of the works [6] [17] [22]. 8) Cloud-based privacy preservation techniques: As cloud providers offer services for the users, they often deploy encryption techniques [48] in the cloud to secure data.
We have made the following observations on performance evaluation on privacy preservation techniques for EHR data from Table VIII. 1) ACCESS COST a. On-premise approach: Access cost is higher when EHR management frameworks leverage security standards [49] [50]. Privacy preservation techniques implemented in [52][53][54] show higher access costs in computation with encryption and decryption overheads. b. Cloud-based approach: As cloud-based data storage is remotely accessed. Hence, access cost is higher. The data is accessed through third-party intervention. Hence, security standards for data is established. Techniques like attribute-based encryption [52] [53], anonymity, and cryptography [48] are popularly employed on cloud-based data storage for privacy preservation. Hence, this results in additional access costs as discussed in [52] [53]. c. Blockchain-based approach: Blockchain-based solutions need user authentications and validation of the data through consensus before sharing with healthcare stakeholders [13]. Hence, access cost is much higher in comparison to on-premise as well as a cloud-based approach [17] [21] [22].

2) STORAGE COST:
a. On-premise approach: Storage cost is affected by onpremise centralized storage. b. Cloud-based approach: Cloud service providers offer pay per use model. Hence, in this approach, storage cost will be recurring as per the accounting model of cloud service providers. c. Blockchain-based approach: As distributed replicated ledger is used in blockchain, storage cost will be higher [17] [21] [22] in comparison to the above two approaches.
3) RETRIEVAL TIME: a. On-premise approach: Retrieval time will be significantly less for on-premise centralized storage. b. Cloud-based approach: As data is remote in location, retrieval time will be higher than the on-premise approach. c. Blockchain-based approach: In this approach, health data validation and user authentication are carried through smart contracts. Because of these factors, retrieval time is highest than on-premise as well as a cloud-based approach [17] [21] [22].

4) SECURITY VULNERABILITY
a. On-premise approach: Often, centralized approaches are vulnerable to security attack [6] like performance bottleneck, Denial of service attacks, tampering of the data, single point of failure, and many more. b. Cloud-based approach: In this approach, the cloud service provider acts as a third-party. We need to trust these third parties for the security of health data. Often there is a lack of trust in this approach. Client data can be compromised through different computing layers [120]. Work in [121] puts forth the need for basic security requirements like data privacy, data confidentiality, and data integrity for sensitive data to be preserved. c. Blockchain-based approach: In this approach, health data becomes immutable because of transparency, consensus algorithms, and hashing techniques. Privacy is preserved with encryption techniques. Hence the basic security requirements i.e. data privacy, confidentiality, and integrity can be preserved [14].
The following section D shows how blockchain architecture is conducive for the privacy preservation of EHR data.

D. EHR INTEROPERABILITY WITHIN BLOCKCHAIN
Before the rise of Healthcare 3.0, EHR management systems preserved patient records in central storage. Although central storage offered better isolation, they were vulnerable to various types of attacks on privacy, security, and reliability, such as malware and brute force attacks.
The central authorities own traditional databases. Blockchain is an encrypted distributed ledger and a global database [20]. It uses a distributed system where the updated data is validated, distributed, and stored on every node in the network with immutability guarantees. Nodes in the network will observe any modification in data. So, it is challenging to mutate the system by fake documents, transactions, and information without consensus. Blockchain, as a decentralized ledger overcomes the problem of a single point of failure.
Blockchain systems offer immutability to the EHR storage. The decentralized ledger offers better accessibility of the records to the distributed healthcare stakeholders [14]. It offers a platform for the trust-based sharing of health transactions, which the regulators can approve and validate to offer provenance of records. Fig. 8 shows the architecture of the blockchain that stores EHR transactions. EHR transaction is a collection of personal details of patient, clinical trials, diagnostic reports, and treatment data. Blockchain-based EHR solutions offer advantages but pose practical problems in their implementations, as shown in Fig. 9.

CHALLENGES
OF EHR MANAGEMENT WITH BLOCKCHAIN Scalability: Every health transaction on the EHR blockchain is validated, mined, and then added to the block on the blockchain [122]. With the increasing velocity of these transactions, the time for validation is very high. The system is non-scalable. On-chain computation: The EHR transactions are logged on the distributed ledger and verified with on-chain smart contracts. This is costly as the compute required for consensus is large [123]. On-chain EHR storage: The on-chain transactions are recorded on the distributed ledger and replicated for accessibility. This requires substantial on-chain data storage [123]. Privacy at stake for on-chain data: As the EHRs are stored on the blockchain, they are available to all the validators and DLT nodes. Thus, the privacy of the sensitive on-chain data is at stake [25].
It is thus evident that blockchain-based EHR management needs leveraged techniques for better trust and performance. Various EHR frameworks have been proposed or implemented on blockchain platforms. A comparison of such frameworks is shown in Table IX. We also present a blockchain-based framework for privacy-preserving and patient-controlled trustworthy EHR management system named MyBlockEHR, detailed in section V.

E. CROSS-CHAIN INTEROPERABILITY
Cross-chain interoperability should be visualized as a mechanism by which one blockchain can communicate with another blockchain with the same or different platforms [61] [62]. In most literary works on EHR, all the actors are assumed on a single blockchain system. EHR can be shared across health organizations, which have built systems on different blockchain platforms in the real world. Hence inter-organizational interoperability of EHR demands that cross-chain interoperability should be investigated for data sharing [24].
In this section, we investigate cross-chain interoperability in two ways. a) Study of architectural styles of crypto-based cross-chain interoperability for EHR sharing.
b) Analyzing the existing blockchain interoperability engines for EHR sharing.
We carried out studies to evaluate the following objectives of EHR sharing, as shown in Fig. 10.

1) STUDY OF ARCHITECTURAL STYLES OF CRYPTO-BASED CROSS-CHAIN INTEROPERABILITY FOR EHR SHARING
Vitalik Buterin, the inventor of Ethereum, described three architectural styles for cross-chain interoperability as shown in Fig. 11

Sidechains / Relays:
There is no need for a third party as notaries for communication between blockchains. Blockchains will directly communicate with each other through a piece of automated code called a smart contract. A smart contract of blockchain A will be able to read, validate and act upon events from blockchain B. Partial copy of a ledger of one blockchain must be stored on the ledger of another blockchain. There are two types of relays: One-way and Two-way relays [62] depending on the communication direction: a. One-way relay: A smart contract of blockchain A will be able to read from blockchain B, but a smart contract of blockchain B will not be able to read from blockchain A.
b. Two-way relay: A smart contract of blockchain A will be able to read from blockchain B, and a smart contract of blockchain B will be able to read from blockchain A. [61] [62]: There will neither be a third-party entity as notaries nor partial storage of another ledger as in relay. In a hash locking interoperable solution, two or more blockchain platforms will be interoperable through the same hash trigger. Operations on blockchain A and blockchain B will have the same trigger hash for a specific time duration. Within that time duration, the receiver on either of the blockchains should access the value else, it will go back to the sender after the time is out.   The limitation and advantages of the above architectural styles are shown in Table X.

2) BLOCKCHAIN ENGINES
In this section, we analyze the popular projects in blockchain interoperability. We have reviewed some projects in Table XI, achieving blockchain interoperability with different platforms.
Most of these approaches are implemented on cryptocurrency transactions. Data interoperability is constrained to issues like structure, semantics, privacy, and ownership. With EHR, sharing additionally need to be privacy-preserving. In this Table  XI, we analyzed the existing interoperable solutions for their suitability to EHR sharing either with some prototypes or with the architectural feasibility study.

IV.DISCUSSION
The objective of this section is to summarize the observations made in the previous section to address our research questions. It aims to discuss the need, goals, and challenges in the implementation of the interoperable solutions in the health record management and propose an interoperable framework for efficient, trust-based EHR sharing with blockchain. The work also discusses how cross-chain interoperability works with architectural solutions and blockchain engines to evaluate their adoption in privacy-preserving EHR sharing amongst similar and heterogeneous blockchain systems.

RQ.1 What are the different standards for common interpretation, representation, and modeling of EHR to achieve semantic interoperability?
We first looked at the importance of semantic interoperability in healthcare data. A literature study shows that the reviewed works [8] [24] [124][125][126] focus on the use of ontologies for knowledge representation of EHR. Ontologies offer clear organization of knowledge, systematic retrieval of information, and the ability to represent multi-dimensional healthcare data. They are thereby applied for semantic data representation for common interpretations of EHR.
OpenEHR is one of the most popular interoperable standards for EHR representation. The reference model of OpenEHR represents the structure of EHR data, clinical trials, and patient records in the standard format. This representation can be uniformly modeled to handle the issue of semantic interoperability very effectively. The attribute level description, the archetype of the EHR with the distribution of EHR at two levels, i.e. personal data and clinical trial, can be effectively modeled for complex solutions in decision support systems with OpenEHR standard.
FHIR on the contrary offers lightweight EHR modeling by working on the resources commonly agreed upon by most healthcare organizations. The data elements that are specific to a particular use case are created as FHIR extensions. FHIR resources are easily modelled by XML and JSON constructs and thus are more portable.
Many big data stores offer flexible data models to represent heterogeneous EHR with text, image, voice, and video data. Table VII discusses the comparative analysis of the different big data stores and evaluates their architectural styles for modeling EHR with performance metrics like retrieval time and consistency semantics. Mongo DB offers document-oriented and semi-structured architecture to model EHR documents and the EHR attributes as nested sub-documents and is most popular in the studied works. The (Creation, Retrieval, Update and Delete) CRUD guarantees of Mongo DB offer sufficiently strong consistency guarantees with better performance. Its dynamic indexing feature results in better retrieval speeds as per the studied projects.

RQ.2 What are the different privacy-preserving techniques and security standards for EHR data storage?
Healthcare data is susceptible and personal to a patient. Hence literature [48] [109] states that EHR data privacy should be an indispensable feature of interoperable EHR solutions. Literature discusses several different strategies employed in EHR management, like de-identification [50] [57] [127], disassociation [49], encryption techniques [52 -54] [60] and tunable access-control levels, role-based and attribute level accesses for privacy preservation [22] [55] [59] [128] of EHR. The application of data partitioning, delinking, and perturbations offers privacy-preserving solutions to data storage and blockchain-based EHR management solutions [6] [17] [22]. The privacy preservation techniques, when implemented as PBD [109], lead to overhead on performance in terms of storage and access time. Hence to build a robust and efficient EHR management system, evaluation and choice of privacy preservation techniques for EHR are essential.
With patient-centric privacy preservation, patients own the data and should be able to confer access to the other stakeholders at their discretion. Patients should be able to track the provenance of their records to realize more trustworthy health data exchanges.

RQ.3 How mature is blockchain technology for building interoperable, privacy-preserving solutions for EHR storage and sharing?
Literature [11] [17] [20][21][22] [59] shows that the application of blockchain-based solutions offers promising solutions to address the objectives like robust interfacing, non-tampered data storage, and integrated solutions with stakeholders. Blockchain-based solutions are decentralized and promise immutability to EHR. The adoption of blockchain in healthcare applications provides potent features like integrity, traceability, and confidentiality of data and results in decentralized and trustworthy storage and exchanges of health records. Privacy in the blockchain is challenged because of the decentralized ledger where every ledger node holds the data. Also, on-chain data storage and computations are costly for Big data applications like EHR management. Privacy preservation of sensitive data on the blockchain can be enforced with strategies like encryption, signcryption, and off-chain data storage.
Identity management can be implemented with a blockchain design that guarantees pseudo-anonymity [56 -58]. Identity management for the user access control can be enforced with smart contracts.
Offloading EHR data to off-chain storage can optimize the requirement of computation on the blockchain. However, the off-chain stores may not guarantee immutability and tamperproof EHR. [6] handles this with cloud-based storage of hash for tracing the tamper of data.

RQ.4. What is the state-of-the-art for cross-chain interoperability for EHR sharing?
Blockchain solutions should provide a distributed framework for interconnected healthcare organizations. However, crossplatform (cross-chain) data exchanges are significant for the exchange of values across two blockchains. Our study helps us to outline the goals of EHR interoperability in cross-chain exchanges. The existing blockchain platforms [129 -135] are critically analyzed for their application to healthcare data exchanges concerning these goals.
Existing cross-chain architectures [ [71] show that they can be employed for data transfers across two chains. However, they need to be evaluated for data privacy guarantees and non-intermediated solutions.
The literature study shows that the framework for privacy preservation [70] [137 -141] in cross-chain data exchanges is, however in the modeling phase, and there is a need to develop more matured prototypes.
The discussions on the research questions in the areas of interoperability under this study help us discover the research gaps in the existing solutions of the EHR management framework. a. The EHR management frameworks are less sensitized towards adopting of open EHR standards, which can lead to better semantic interoperability with common representation and interpretation. b. The EHR frameworks using decentralized blockchain ledger are less explored towards a hybrid architecture of on-chain and off-chain data segmentation, which can be used for better privacy and throughput guarantees. c. The EHR framework should always guarantee retrieval of valid data both on-chain as well as off-chain d. The framework should yield better performance concerning both compute time and cost, which are enormous with blockchain-based solutions [123]. In the next section, we present a prototype of MyBlockEHR to meet privacy, integrity, and performance requirements in implementing EHR frameworks on a blockchain platform. The experimentation section validates the proposed framework. Its implementation with on-chain and off-chain data storage and smart contracts demonstrates trust-based EHR storage. The offchain storage is verified for data retrieval. We evaluate the test prototype of our implementation with the evaluation of its responsiveness and cost.

V.MYBLOCKEHR FRAMEWORK A. MyBlockEHR ARCHITECTURE
The artifacts of the proposed MyBlockEHR architecture, as shown in Fig. 12, aim to address the challenges of deploying EHR management with blockchain and leverage its advantages. The EHR structure can be built using standards like OpenEHR [107] or FHIR [108]. Section "EHR standards" in "Semantic interoperability" discusses the features of each of these interoperable standards in Table V.

1) Membership and CA Authority:
The framework uses a role-based system like the work in [6] that attributes different roles to the actors. For presented use cases of the system, we outline three significant roles as follows.
 Membership Certification Authority: Every member is conferred with a symmetric key pair. Public key implements the unique identity of every member of the system. This stands for the authentication of the member. The private key is used to authorize the owner of the record and implement a digital signature. This is like enterprise application platforms [14] [21].  Patients: The patients are the owners of their EHR, like proposed in [6] [13]. They grant access to the other users.  Doctors: They get lease rights of the EHR. Rights can be conferred with event-based or time-based scenarios. The rights can be revoked by the authority or by the patients.

2) Information & Access Management
Access-control policy: The patient controls the access to their EHR data [6] [13]. Blockchain system guarantees public key and private keys for digital identity and pseudo-anonymity [56][57][58]. Patients define access policy for all the users (clinicians, doctors, etc.) of EHR. These can be defined as access privileges like Read and Download with access control policies. Smart contracts can be used to enforce the consent of the patients for updates [6] [13] [14] [18] [19].
On-chain data storage: Most of the EHR frameworks [14] [22] [23] add the patient records on the on-chain database, which are stored on decentralized ledgers of blockchain nodes. However, there is a limitation to on-chain data storage, and the system cannot scale with data explosion [23]. The decentralized storage is replicated and copied on multiple ledgers and endangers the privacy of sensitive records [25]. This can be compensated by augmenting off-chain data storage with on-chain data storage. EHR data is thereby partitioned. We put the light-weight EHR attributes, and the transaction details on the blockchain ledgers for the persistence of the records, and these transaction details are always tamper-resistant.
Off-chain data storage: MyBlockEHR conceptualizes EHR storage on on-chain as well as off-chain data storage. Off-chain data storage will store the bulkier medical records like scan images, medical reports with patient identity attributes [6]. There will also be a referential key to associate with the on-chain treatment details for retrieval.
We propose a document-oriented No-SQL data store, Mongo dB, for off-chain data storage for its advantages as discussed in section III in "Data modeling of EHR" of semantic interoperability. The off-chain storage will have large, heterogeneous data records like medical reports, prescriptions, and scanned images. The document-oriented approach uses document-subdocuments to model heterogeneous records in EHR [12]. Mongo dB is suitable for CRUD operations and offers better concurrency guarantees [12], as discussed in Table  VII. On-cloud deployment of the data model can also be considered for better throughput and performance. Mongo dB offers better indexing techniques for efficient query retrievals [40]. The retrieval speed can be further improved with proper key indices.

3) Smart Contracts:
Off-chain data storages are vulnerable to attacks and tampers as access to data cannot be audited [6] [17]. Hence a data validation scheme that can leverage the immutability of onchain records is desirable. Our architecture proposes a validation scheme that will ensure that the data on the off-chain data stores is free from an accidental tamper. This can be assured with a smart contract that performs the hash verification of the data fetched from off-chain storage with the onchain hash value of the counter-part record. This will ensure that data is verified every time data is fetched from off-chain storage.
The proposed EHR partitioning system aims to achieve tamper-proof storage of the EHR on off-chain big data stores of MongoDB. Its encrypted hash signature is stored on on-chain data storage. This preserves the privacy of the patient data by putting its encrypted signature on the blockchain against the entire record. Also, lesser the storage of the on-chain, better the scalability of the system with lesser mining time and storage cost. This is further experimented and discussed in the results section.
The proposed architecture uses an encryptor module, which can affect computation time for verified access. Additionally, inserting the data into on-chain and off-chain data stores will also affect the performance. We evaluate the following scheme on a test network for response time and throughput of the transaction in the experimentation section below.

B. EXPERIMENTATION 1) PRELIMINARIES
Ethereum: Ethereum is prominently used to write simple, smart contracts and develop Decentralized Applications (DApps). Ethereum was launched in 2015 by Vitalik Buterin [145]. The main idea behind Ethereum is to provide the capability of the execution of logic through smart contracts. Smart contracts can be written in Solidity or Vyper language. Ethereum also provides cryptocurrency as Ether and Ethereum accounts can be managed by different Ethereum wallets. Currently, there are 31 Ethereum wallets [146], i.e. MetaMask, MyCrypto, Trust, TokenPocket, to name a few. Smart contract deployments on the Ethereum main network require cost, which is measured in terms of gas. Generally, gas is represented in Wei. For demonstration purposes, tests on the deployment of such smart contracts can be very costly. So, wallets like MetaMask provides test Ethereum networks, i.e. Rinkeby [147], Ropsten [148], Kovan [149], and Goerli [150], for test deployment of research projects. We thereby, deployed our prototype for MyBlockEHR on the Rinkeby test network.
Information Transaction: When information is stored or retrieved from Ethereum, it is stored in terms of the transaction. The general Ethereum transaction format is as follows [151]:  Transaction Hash: It is a transaction hash of 66 characters generated after transaction execution  Status: It indicates the status of transaction, i.e. success or failure  Block: It is the number of block in which this transaction was recorded.  Timestamp: It gives information about the date and time of mining of transaction.  From: This is the address of the party who is initiating this transaction.  To: This is the address of the party who is receiving this transaction.
 Value: The amount of Ethers transferred during this transaction is indicated by this field.  Transaction Fee: This is the fee that is given to the miner for processing this transaction.  Gas Price: This field indicates the cost per gas unit in terms of Ethers or Gwei for processing the transaction.  Gas Limit: This is the specified higher limit of gas that is provided for the transaction.  Gas Used by a Transaction: It gives the exact quantity of gas used for the transaction execution.  Nonce: It is a sequential running number for an address starting with 0 for the first transaction. It will be incremented by one with the following transactions.  Input Data: It gives additional information about the transaction.
Smart Contract: Smart contract is a piece of code that can automatically execute with set certain business rules, terms or conditions [152]. Solidity [153] is a popular language to write the smart contract in Ethereum.
There are web-based and desktop-based Integrated Development Environments (IDE) to write the smart contracts [154]. Programming languages like Javascript or Python can encapsulate calls to Solidity smart contracts. Web3.js [155] is an Ethereum JavaScript API which provides a collection of libraries to interact with local or remote Ethereum nodes.
Mongo dB: Mongo dB [156] is the document-oriented NoSQL database. Heterogeneous documents having different formats and values can be stored in Mongo dB. It is much faster than traditional relational database management systems for retrieval time. JSON documents are created in Mongo dB. It also supports deep query ability. Indexing technique is an important factor for the faster execution of queries. Mongo dB allows single-field indexing, compound indexing, multikey indexing, geospatial indexing, text indexing, and hash indexing. Fig. 13 indicates system architecture. Smart contracts, i.e. Register_Patient, Add_Medical_Record, and Fetch_Record are written in Solidity language. These smart contracts are deployed on the Ethereum blockchain. Patient's identity attributes and base64 encoded string of medical record images are stored on-chain. Medical records are saved on off-chain storage. Off-chain data is accessible to oracle smart contracts.

Transaction
The System includes smart contracts transactions as follows:  Register_Patient: Using this smart contract, basic information of the patient, i.e. Patient ID, patient name, and referred doctor name, is stored on-chain.  Add_Medical_Record: The patient's identity attributes are saved on-chain. The base64 encoding and hash of these records will also be stored on-chain. Entire medical records are stored off-chain.  Fetch_Record: In this smart contract, we are trying to fetch patient's records with the help of Patient ID. At the same time, patient's off-chain medical records are also fetched after validating. Validation is done by verifying recalculated hash value with the on-chain stored hash value. Apart from these smart contracts, there are two essential functions as follows:  Base64 encoding [157]: As an image, document-based medical records cannot be saved on-chain, we have encoded medical images in base64 encoded format and saved on-chain. An example of working base64 encoding is as shown in Fig 14. Hash function: We have applied hash function on patient information as well as on his medical record. We have used keccak256 [158] hashing function. This function returns 256 bits unique hash value of data. We verify the data by fetching its hash value from on-chain records. Following is an example of keccak256 hash for a sample medical record with the following structure: Patient ID + Patient name + Referred doctor name + base64 of medical record1+ base64 of medical record2+ base64 of medical record3+ base64 of medical record4. 0x4e918d39f5bf28adda7788eec4ec0c8adaf2d3a7f95ea8e3e6 9cbdad22db9a86

3) SYSTEM IMPLEMENTATION
The system was implemented with Ethereum smart contracts deployed on Rinkeby test net blockchain using Metamask. Following smart contracts are included in our framework: We have written smart contracts in Solidity language on Remix IDE. This deployment was done on Ubuntu (18.04.5 LTS) 64-bit operating system, 7.6 GB RAM, Intel processor (i5-8500 CPU @ 3.00GHz × 6). We have used the localhost Mongo dB server.

Structure of patient's identity attributes and medical records
We uploaded data on the Ethereum test network for the following test cases as described in Table XII. Test case 1 implies that patient identity attributes, i.e. Patient ID, Patient Name, and Referred doctor, are recorded on-chain. Case 2,3,4,5 increase the EHR size and heterogeneity with an increase in the number of medical images (1 to 4). The record size and type are not varied in the presented experimentation. This implies that the tests cases have increasing size and heterogeneity of the data. Test case 6 shows the proposed partitioning of EHR with patient's identity attributes stored on-chain and four medical records and their base64 values stored off-chain.

Evaluation Metrics
As part of the medical record, we selected a blood report image. Same image has been used for all cases. We have used the following terms for evaluation of experimentation:  Gas: The fee is required for every transaction to execute related operations on the Ethereum blockchain. This fee is called as gas.

Performance analysis
We can observe that from Fig. 16 that as on-chain record size increases (Case 1 to Case 5), total response time increases. This implies that as the EHR size and complexity increase, on-chain total response time also increases. In Case 6, we have applied the proposed EHR partitioning to on-chain and off-chain. Case 6 in Fig. 16 indicates total response time, which is majorly for on-chain storage. Fig. 17 indicates off-chain response time of Table XIII and shows the off-chain response time with a rise in the number of medical record images stored on premise Mongo dB server. It is evident from Fig. 16 & Fig. 17 that the total response times of the same number of (4) medical records for on-chain and off-chain are 44154.3ms and 48.9ms, respectively. This shows that the proposed partitioning scheme for EHR works better than the on-chain EHR storage for response time.
We have observed that gas required for on-chain storage in Fig. 18. As shown in Fig. 18, as on-chain record size increases, gas required also increases. This shows that the proposed partitioning scheme for EHR works better than the on-chain EHR storage for transaction cost.

VI.LIMITATIONS OF THE WORK
Our review is limited by the weaknesses of the selected literature. As blockchain technology is emerging, its application in the healthcare sector is also under experimentation. Hence many of the selected works were limited to prototype-based validations.
The documentation was limited to 78 works (including white papers) from 2007 to 2021 and 80 web sources. This causes a risk of bias in the overall work. We used popularity ranking and manual screening for the resources on healthcare sector evolution, blockchain evolution, blockchain concepts, and state of the art literary works done in healthcare data interoperability.
Review on interoperability in EHR has been limited to the stated three areas, i.e. structure and semantic interoperability, patient-centric privacy preservation, cross-chain interoperability.
The works on semantic interoperability focus on the popular ontologies, standards, and data stores. The most common open standards for EHR are evaluated for interoperability.
The works on privacy-preserving techniques is limited to the works in healthcare data privacy, and the evaluation is done based on limited performance and consistency metrics.
The reviews on the cross-chain interoperability platforms are limited by the availability of technical white papers. These works were analyzed for the underlying goals of secure and seamless data transfer, while other performance features like scalability, responsiveness, storage, and cost are not evaluated. The choice of blockchain engines for the study was also done on the popularity ranking and may have introduced bias.
This work also presents an architecture of MyBlockEHR: framework of blockchain-based tamper-proof EHR storage with off-chain storage augmentation. The experimentation is based on the proof-of-concept implementation on the test network and lacks the evaluation in performance by choice of the hashing function, partitioning strategy, and No-SQL data store. The work on the article is limited to demonstrate smart contract implementation for verifiable off-chain data retrieval with different EHR sizes. The test cases are limited to two scenarios that are complete on-chain EHR versus on-chain and off-chain storage. We observe the two scenarios for different EHR sizes regarding the number of medical images as test cases. The experiments are also limited with the uniformity of the medical record images (size and type). The performance is limited with two significant performance metrics, i.e. total response time and gas price.

A. CONCLUSIONS
This work, presents the importance of EHR interoperability in terms of EHR structure, EHR ownership, and EHR sharing for seamless healthcare services. This review presents an exhaustive survey of healthcare ontologies for EHR knowledge representation, open standards for EHR interpretation, and big data stores for EHR modeling. This helps researchers to analyze how literature works have addressed the challenges of nonuniform semantics and the heterogeneous structure of EHR for semantic interoperability.
The two prominent open standards for EHR are evaluated for interoperability guarantees. A comparative analysis of data stores to represent the heterogeneous EHR structure is carried out using the performance metrics and consistency semantics. It is conclusively found that document-based data stores can model the EHR structure very effectively with respect to storage, search, and retrieval efficiency.
This review prioritizes privacy preservation of the patient data as an indispensable feature of an interoperable solutions. The review presents extensive research on literary works on privacy preservation for EHR by classifying them into prominent techniques. The blockchain-based privacy preservation techniques were also studied to consider their adoption in the proposed framework for realizing patient-centric EHR ownership.
The work presents the significance of the adopting blockchain to EHR as it offers a promising solution by design towards immutable EHR storage, EHR traceability, and IAM with pseudo-anonymity. However, with the study of challenges in adopting blockchain to EHR management, our study reiterates the findings that it is vulnerable to privacy attacks with decentralized ledgers and is computationally intensive with onchain data.
The survey evaluates the potential in adopting blockchain for interoperable, privacy-preserving, trusted solutions to data exchanges across different healthcare sector stakeholders for patient-centric services. The significant contribution of our work is a framework of prototype MyBlockEHR for trust-based, privacy-preserving EHR management. Its implementation with on-chain/off-chain data partitioning and smart contract demonstrates that it shows better performance, access control, and verifiability over the centralized EHR systems and nonpartitioned blockchain-based EHR management framework.
The work highlights how interoperability across blockchain platforms is another research challenge for inter-organization exchange of health reports with interoperability goals in healthcare data. The data interoperability solutions across different blockchain engines are reviewed for the realization of the objectives of EHR exchange. Our study finds the need for good research work on cross-chain data exchanges in healthcare data. Thus, our study of healthcare data interoperability encourages more prototype testing and integration strategies for trust-based healthcare services.

B. FUTURE WORK
The findings of the exhaustive survey and the proposed framework with experimental findings highlight the need for future work in the following areas: Semantic interoperability in EHR:  A Study of ontologies discovers that they are incredibly narrow in terms of use cases and applications. Hence are limited in scope. Also, they are guided by OWL and RDF structures which focus on the representations. They can be leveraged with the application of Natural language processing and deep learning methods for better interpretation with more accuracy.  Integration of blockchain-based decentralized systems with ontologies and EHR standards for semantic interoperability will guarantee trust-based and tamper-proof data exchanges with the common understanding of the health record. The current implementations of Ontologies are centralized in the architecture and face scaling issues. Also, these implementations are focused only on query optimizations and lack privacy issues which can be the area of research in future work. Privacy preservation techniques  Privacy preservation techniques with blockchain encourage more research for data partitioning techniques on on-chain and off-chain storage.  Patient-centric privacy preservation is the forthcoming research area for EHR management on the blockchain. This will encourage more works on patient-controlled access control, data flow monitoring, and tracking provenance of data.  Incentivization techniques for data sharing can be built with blockchain integrated platforms to encourage patients to share more data for research in a trusted manner in the future. Blockchain frameworks for EHR interoperability  Existing blockchain frameworks work on customized semantics and EHR structures. Adoption of open standards will improve the semantic interoperability of the EHR framework.  Blockchain platforms are challenged by a lack of scalability and excessive power consumption issues. EHR management faces big data problems like velocity and volume of data. The Study of solutions to reduce the on-chain storage and on-chain computations of EHR needs further research.  Distributed ledger in blockchain distributed the data in distributed system, and the privacy of patient data is threatened. Building blockchain-based solutions with leveraged privacy preservation techniques is the future research area.  The development of smart-contracts, access control techniques for patient-controlled audits is of utmost importance in Healthcare 4.0.  Building of verifiable, tamper-resistant off-chain storage will be the concern of future research.

Cross-chain interoperability
 Cross-chain interoperability for healthcare data should be seamless exchange across the different systems. Seamless transfer of data across different blockchain-based systems is the area of work.  Healthcare data exchanges need to be privacy-preserving and should desire non-intermediated solutions. Building a data-sharing framework between two blockchain-based healthcare ecosystems to preserve the patient-privacy is the most critical research challenge put forth by the work.