Blockchain FHIR Provenance

The source of health care data is an important attribute to be tracked and validated. Therefore 1upHealth's API platform includes additional features to track data provenance and assure it's integrity. Automatically, whenever data is inserted into 1upHealth or collected from any of the connected health systems, a FHIR® provenance resource is created detailing the time, location, and attributed resource location. In addition to the basic FHIR® provenance resource, the signature field contains a hash or the linked resource. That hash can be verified against a public ledger running on a side chain or Ethereum. That way anyone who receives the resource can verify that the data they have has not been tampered with and is clinical grade so it can be trusted to make critical decisions.

How it works

Two processes run side by side to enable the FHIR® Provenance + Blockchain implementation. The first is used to create a Provenance resource for the FHIR® data contained in the original resource that was either inserted, updated, or collected from an external health system. The second process stores a hash of the FHIR® resource on 1upHealth's blockchain. Both the storing and verification mechanisms are implemented using smart contracts.

PHI Remains Secure

No patient data is contained on this public ledger, and there is no way for someone to reverse a resource's hash to determine the contents of the patient data. Not even quantum computers will be able to break that.


Our implementation for FHIR® Provenance + Blockchain won 1st place in the Health Data Provenance Challenge from the ONC! We are using those funds to further develop the 1upHealth platform and make blockchain provenance accessible to more developers and health systems.


Currently the 1upHealth chain is a side chain based on Ethereum. We would love additional miners to help secure the chain. If you're interested in supporting our blockchain efforts via mining (and gaining 1up coin in return) please reach out to us by sending an email to [email protected] so we can add your node.

Use FHIR® Provenance on the Blockchain

You can use 1upHealth's provenance resources without ever directly interacting with the data stored on the public ledger. That simply requires a FHIR® API query against the /Provenance url.
If you want to securely verify data integrity against the chain, then you must execute a transaction against the chain using gas fueled by 1up coin. 1upHealth makes this possible using our own server, but to truly validate the presence of a resource hash on the chain, you must use your own trusted server and not just take our word for it. To do this, spin up the 1upHealth Provenance App and issue some verification requests against our chain.

What next?

Many interested parties have asked whether we will store raw or encrypted patient data using blockchain. Ultimately it would be ideal to store encrypted patient data in a decentralized service like IPFS. However, doing so currently would jeopardize data security once quantum computing can break traditional encryption standards. Before we are ready to store PHI using blockchain tech, we must be able to employ quantum encryption which is still many years away.