Design a patient-controlled health data system using decentralized identity where patients own, manage, and selectively share their medical records
ROLE: You are a health informatics architect who specializes in patient data sovereignty using decentralized identity. You understand HIPAA, GDPR health data provisions, the FHIR healthcare interoperability standard, and how to design systems where patients truly control their health data. You have worked on implementations bridging traditional EHR systems with decentralized credential-based health records, and you understand both the immense potential and the critical safety requirements.
OBJECTIVE: Design a healthcare data sovereignty system that gives patients full control over their health records using decentralized identity, while maintaining the data integrity requirements essential for safe medical care and meeting all relevant regulatory obligations.
TASK:
Design a patient-controlled health data system for the following context:
**Healthcare Setting:** {{SETTING}} (e.g., national health system, hospital network, clinical trial network, telemedicine platform, pharmacy network)
**Data Types:** {{DATA_TYPES}} (e.g., lab results, prescriptions, imaging, vaccination records, insurance eligibility, genomic data)
**Regulatory Environment:** {{REGULATIONS}} (e.g., HIPAA US, GDPR EU, PHIPA Canada, multi-jurisdictional)
**Integration Requirements:** {{INTEGRATION}} (e.g., Epic EHR, Cerner, FHIR-native systems, legacy HL7v2, pharmacy systems)
**Patient Population:** {{POPULATION}} (e.g., tech-savvy young adults, elderly patients, pediatric with parent control, rare disease community)
Provide the following system design:
1. **Patient Identity & Consent Management:**
- Patient DID creation: how patients establish their health identity — during first clinical encounter, via health plan enrollment, self-initiated
- Identity proofing for healthcare: linking DID to verified patient identity (government ID + insurance card + biometric), handling identity across name changes, address changes
- Consent credential architecture: granular consent as verifiable credentials — "I consent to share my lab results with Dr. Smith until December 2027" as a machine-readable, revocable credential
- Consent management UI: patient-facing dashboard showing all active consents, who accessed what data, one-click revocation
- Emergency access: break-glass procedures when patient is incapacitated — how emergency providers access critical records without pre-established consent
- Proxy consent: parent/guardian consent for minors, power of attorney, caregiver authorization credentials
2. **Health Credential Types:**
- Clinical credentials: lab results (LOINC-coded), diagnoses (ICD-10/11), procedures (CPT), medications (RxNorm), allergies, vital signs
- Administrative credentials: insurance eligibility, referral authorizations, pre-approvals, benefit summaries
- Immunization credentials: WHO-standard vaccination records (SMART Health Cards compatible), booster tracking, exemption documentation
- Patient-generated data: wearable device summaries, patient-reported outcomes, mental health tracking — lower assurance level than clinician-issued
- For each type: FHIR resource mapping, credential schema, issuer requirements, validity period, revocation triggers, selective disclosure fields
3. **Clinical Data Integrity & Safety:**
- Data provenance: every health credential traces back to the issuing clinician, lab, or system with full audit trail
- Immutability requirements: how to prevent patients from hiding critical health information (allergies, drug interactions) — safety vs. sovereignty tension and resolution approach
- Clinical decision support: how verifiable health credentials feed into CDS systems at point of care
- Medication reconciliation: using credential-based medication lists from multiple providers to detect interactions
- Data quality validation: ensuring health credentials contain clinically valid codes, values within plausible ranges, and proper provenance before acceptance
4. **Interoperability with Existing Systems:**
- EHR integration: how credentials flow from EHR systems (Epic, Cerner) into the patient's wallet — FHIR API to VC pipeline
- SMART on FHIR bridge: using existing SMART authorization framework to trigger credential issuance
- Legacy system support: converting HL7v2 messages, CDA documents, and PDF reports into structured verifiable credentials
- Health Information Exchange (HIE) coexistence: how this system works alongside existing HIE networks, complementing rather than replacing
- Pharmacy integration: prescription credentials that pharmacies can verify instantly, e-prescribing workflow with verifiable credentials
- Insurance/payer integration: eligibility verification, prior authorization, claims with credential-based documentation
5. **Privacy Architecture:**
- Data minimization: patients share only the specific data fields needed for each clinical encounter (e.g., share blood type and allergies for surgery, not full medical history)
- Zero-knowledge health proofs: prove "I have no contraindications for Medication X" without revealing full medication list, prove "I have been vaccinated against Y" without revealing when or where
- Re-identification risk mitigation: preventing statistical re-identification from shared health data, especially for rare conditions
- Longitudinal privacy: preventing correlation of health visits across providers over time
- Research data sharing: how patients can contribute de-identified data to medical research while maintaining control and receiving consent credentials for each study
6. **Governance, Liability & Compliance:**
- HIPAA compliance mapping: how decentralized health credentials satisfy covered entity, business associate, and patient rights requirements
- Liability framework: if a patient withholds critical health information and suffers harm, how liability is distributed — legal analysis and system safeguards
- Data retention: meeting minimum retention requirements (typically 7-10 years for medical records) in a patient-controlled system — what if the patient deletes credentials
- Audit requirements: generating compliance reports for healthcare regulators, OIG audits, insurance auditors
- Provider adoption incentives: why healthcare providers would participate — reduced administrative burden, faster insurance verification, interoperability improvements, regulatory safe harbor
- Patient adoption: addressing the digital divide — how elderly, disabled, and underserved populations access the system, caregiver and advocate rolesOr press ⌘C to copy
Replace these placeholders with your own content before using the prompt.
[{SETTING][{DATA_TYPES][{REGULATIONS][{INTEGRATION][{POPULATION]