Turkish Journal of Computer and Mathematics Education Vol.12 No.9 (2021), 2609– 2614 2609 Research Article A Framework for Blockchain-based Smart Health System Mousa Mohammed Khubrani a a Department of Computer Science, College of Computer Science & IT, Jazan University, Jazan/KSAPhD scholar in Computer Article History: Received: 10 January 2021; Revised: 12 February 2021; Accepted: 27 March 2021; Published online: 20 April 2021 Abstract: Electronic health record (EHR) is patient data that store health information in digital format. Patient-centred data enables an authorized user to access the data at any time, anywhere. E-healthcare provides increasing social benefits, health benefits and reduced medical errors. The most difficult aspect of improving the use of IT frameworks in healthcare is the security issues of the systems that store health information. In the health sector, Blockchain is a revolution that may bring considerable changes in offered health services. It solves the issue of adapting and building a health care system in the healthcare community, pharmaceutical industry and insurance companies. This paper presents a framework for securing healthcare data. Public Ledger, private ledger, smart contracts and context-based access control are the basic principles behind the proposed framework. This proposed model further provides interoperability, secure storage, and reliable access to patient's data. Keywords:Blockchain, Healthcare, Smart Contracts, Distributed Ledger, Hashing, Electronic Health Record 1. Introduction Patient data that store personal health information in digital format is the core of electronic healthcare. Data focused on patients allow any approved user to access the data from anywhere and at any time. The electronic health system also saves money by minimizing the efforts and storage space (Simpson, 2015). Increased social and health benefits, as well as reduced chances of mistakes, are achieved through e-healthcare. The digital reproduction of paper-based health documents is the electronic medical record (EMR). EMR further evolved into EHR that help the various stakeholders to share medical information quickly. The primary goal is to exchange medical information between multiple doctors and diverse stakeholders, including the Government, patients, health service providers, insurers (Menachemi & Collum, 2011). Healthcare Information and Management Systems Society, Inc. (HIMSS) is a non-profit corporation to extend health protection, security and convert health information through information technology. The main operation domain of HIMSS is North America, Asia Pacific, the UK and the Middle East. HIMSS' primary objective is to develop worldwide e-healthcare. Healthcare problems include attackers trying to modify health figures, leading to serious health system harm and severe attacks, such as a ransomware attack and a lack of cybersecurity. The challenge of increasing the use of IT frameworks in healthcare is probably security concerns when systems are supposed to have health information (Ermakova et al., 2013). The system includes the information security component (Samad et al., 2017)(Raghuvanshi et al., 2021). Researchers in (Avizienis et al., 2004) mention common health care security concerns such as privacy, approval and honesty. Following are the main requirements to consider the security of an EHR system: 1.1 Confidentiality Confidentiality is one of the core tasks of the healthcare provider. The health data are confidential information that must be protected against unauthorized access (Bigini et al., 2020). The system gives the approved user access to the information and requires the creation of a trusted environment for the patient to seek healthcare. According to the 1997 HIPAA act, the patient's health information had to be protected (Shuaib, Alam, Shabbir Alam, et al., 2021a). 1.2 Integrity Keeping eHealth record integrity is important because it is used to locate patients and pursue them when moving from one provider to another. In order to decide the level of patient care, the integrity of information in medical services becomes essential. It delivers precise and unaltered health information throughout the life cycle. It maintains data accuracy, consistency and reliability (M U Bokhari & Alam, 2013). 1.3 Authorization The EHR system agrees to provide access to the record and to be recorded by physicians, thereby improving the process of medical recording for an authorized user (Shuaib, Alam, & Daud, 2021). The organizations of medical services are required to alleviate these risks and are responsible for authorization. It is important to mention the access control mechanisms to protect the privacy of the patient. The authorization process is limited to external users. The system needs to determine eHealth data access privileges and the user responsibilities. 1.4 Availability The availability is an element that requires a framework to allow authorized users to open, use and access a record. It means that, if required by an approved user, the information is constantly accessible to customers. The