OATH

OATH is an innovative solution designed to address critical challenges in the healthcare industry, specifically in terms of improving the integrity, privacy, and speed of healthcare transactions. Here’s a concise overview of how it works:

OATH (On-Chain Authentication of Transactions in Healthcare) provides a blockchain-based system where every key healthcare action (such as prescription, lab result, or emergency care) is recorded as a cryptographic "receipt" on the blockchain. Importantly, the medical records themselves remain encrypted off-chain, and only authorised users (e.g., doctors, pharmacists, insurers) can access them with the patient's consent.

Key Features & Benefits:

1. Privacy & Security

No PHI on the Blockchain: The OATH protocol ensures that no sensitive, personally identifiable health information is ever exposed on the public blockchain. Instead, only encrypted file hashes, event types, and organisation identities are stored.

Role-Based Access & Consent: Only individuals with the correct role (e.g., doctor, ER staff, insurer) and with the patient’s consent can decrypt the sensitive medical files. This ensures privacy and security, meeting global privacy laws such as GDPR and HIPAA.

Auditability: Every access or action on the records is logged on the blockchain, making it easy to track who accessed which data, when, and why. This provides a transparent and immutable audit trail, enhancing accountability.

1. Faster & Safer Healthcare in Emergencies

Emergency Access: In critical emergency situations, ER staff can request time-limited, scoped access to crucial information, such as allergies or chronic medication history. This data is unlocked only for the time necessary to make informed decisions, and the access is automatically logged for audit purposes. We have bio-metric scan which helps doctor to identify the medical history of patients and provide proper emergency treatment.

1. Combatting Fraud & Substandard Medicines

Counterfeit Detection: By tracking the dispensing of medications through on-chain receipts, OATH can help pharmacies and regulators identify counterfeit drugs or track faulty drugs through recall systems. For example, the pharmacy scans a prescription’s QR code at the time of dispense and generates a corresponding receipt, which helps in quick identification in case of a recall or counterfeit concerns.

Recall Notifications: In the event of a recall, impacted pharmacies and patients are quickly notified, thanks to the on-chain receipt system.

1. Streamlining Healthcare Claims

Claims from Receipts, Not PDFs: Insurers can use OATH to access authenticated receipts for critical healthcare events, such as doctor’s visits, prescriptions, and lab results. This removes the need for relying on paperwork (like PDF files), speeding up claims processing, reducing errors, and cutting down on fraud.

1. Patient-Centric Control of Data

Patient Control: Patients have complete control over their data. They can give or revoke consent for who can access their records and can track who has viewed their data through an access log in their app or wallet.

Self-Attested Documents: Patients can upload photos of paper documents (e.g., prescriptions or bills), which are initially self-attested. Once verified by the healthcare provider, these documents become authenticated receipts, which can then be used for insurance claims or cross-provider coordination.

1. Interoperability Across Borders

Cross-Border Medical Records: If a patient moves between regions or countries, they can take their encrypted records with them, enabling new healthcare providers to access only the relevant data with the patient’s consent, reducing the need for physical transfers of medical records.

Concrete Use Cases (End-to-End Stories)

A) Emergency Unlock (Life-Saving Scenario)

In an emergency, a patient arrives unconscious at the ER. The ER doctor needs immediate access to critical information (e.g., allergies, chronic medications) to avoid potentially fatal mistakes. OATH allows the doctor to request access for a limited, time-boxed window (e.g., 15 minutes). The patient's encrypted data is unlocked only for that specific window and only for the requested data. Once the window expires, the data is automatically re-locked. An access receipt is created, providing a transparent, tamper-proof log of who accessed the data and when.

B) Prescription, Dispense, and Recall

A doctor issues an e-prescription for a patient. The prescription is recorded on the blockchain as a "Prescription Receipt." The patient then goes to the pharmacy, where the pharmacist scans the prescription and generates a "Dispense Receipt" to confirm that the medication was dispensed. If a recall happens for the medication, the system can quickly identify the patients who received the affected medication through the on-chain records, ensuring faster, more accurate recall actions.

C) Claims Processing

An insurance company needs to process a claim. Instead of waiting for PDF files or faxed documents, the insurer can access minimal, verifiable evidence (e.g., prescription details, lab results) directly from the blockchain. After verifying the data, the insurer issues a "Claim Decision Receipt," speeding up the claims process and reducing disputes.

D) Counterfeit & Quality Signals

A pharmacy dispenses a medication, scanning the QR code on the pack at the time of dispense. The "Dispense Receipt" is stored on the blockchain, ensuring that the transaction is transparent and verifiable. If there’s a counterfeit issue or recall, the system can detect the affected batches and notify both patients and pharmacies.

E) Telemedicine & Remote Consultations

A patient who has had remote consultations or telemedicine appointments can take their encrypted medical records with them. When consulting a new doctor, the new doctor can verify the authenticity of the records using the on-chain receipt, ensuring that the information they are seeing is accurate, without the need for a shared database.

Privacy & Security:

No PHI on-chain: The blockchain only stores cryptographic receipts, meaning no personal health information (PHI) is ever exposed to the public chain.

Role-based Access: Only those with the correct role (e.g., doctor, insurer) and patient consent can access the encrypted medical records, ensuring that data privacy is maintained.

Auditability: Every access is logged with an immutable receipt, providing transparency and traceability.

Why Blockchain?

Healthcare systems, including hospitals, labs, and insurers, often operate in silos without sharing a centralized database. Blockchain provides a tamper-evident, decentralized record that can be trusted across different institutions, while the actual sensitive data remains encrypted and private.

Legal Compliance:

Data Minimization: Only the minimum necessary data is recorded on-chain, with no personal identifiers or clinical data exposed.

Consent-Driven Access: Patients have control over who can view their data, with the ability to revoke consent at any time, ensuring that the system aligns with privacy regulations like HIPAA.

How It Differs From Supply Chain Solutions:

OATH is not just a supply chain solution. While it does track medications (like anti-counterfeit solutions), it goes beyond that by providing a unified, cross-sector protocol for healthcare transactions. It connects patient → clinician → pharmacy → lab → insurer, with strict consent and privacy controls for each step.

Real-World Impact:

Faster, Safer Medical Responses: In emergencies, doctors can access only the data they need to save lives.

Faster Claims Processing: Insurers have faster access to verifiable, tamper-proof evidence for claim decisions.

Patient Empowerment: Patients control their data and can verify its authenticity, especially when dealing with paper records or second opinions.

This approach tackles several systemic issues at once: privacy, fraud prevention, and the inefficiencies that often slow down healthcare operations.

To build OATH, we combined a set of modern, powerful technologies to ensure scalability, security, and a seamless user experience. Here's a breakdown of the tech stack and how everything fits together:

1. Blockchain Development with Solidity

The core of the project is based on Solidity, the primary language for smart contract development on the Ethereum blockchain. We use Solidity to write the smart contracts that handle the creation of cryptographic "receipts" for various healthcare transactions. These receipts contain only non-identifying metadata—such as event types, timestamps, and cryptographic hashes of encrypted files—ensuring that sensitive data is not exposed on the public blockchain.

Solidity smart contracts are deployed to the Ethereum Sepolia testnet for the demo and testing purposes, which allows us to simulate real-world use cases without incurring significant transaction costs. The smart contracts also handle the role-based access control (RBAC), ensuring that only authorized users (e.g., doctors, pharmacists, insurers) can interact with the blockchain based on the patient’s consent.

1. Frontend with React, TypeScript, and TailwindCSS

The frontend is built using React for its flexibility and component-based architecture, making it easy to build reusable UI elements for different stakeholders (patients, doctors, pharmacies, and insurers). We use TypeScript to enhance the reliability of the code, ensuring that it’s type-safe and more maintainable in the long term. TypeScript also helps us catch potential bugs early in the development process.

For styling, we chose TailwindCSS, a utility-first CSS framework that enables us to rapidly prototype and build responsive, user-friendly interfaces. Tailwind's flexibility allows us to create sleek, consistent designs across the platform without writing a lot of custom CSS. With React and Tailwind, the UI is highly interactive and responsive, providing a seamless experience whether the user is on desktop or mobile.