Scientific journal paper Q1
Enabling cross-institution health data sharing in Norway: EUDI wallets, on-chain consent, and openEHR↔FHIR translation
Sudip Phuyal (Phuyal, S.); Manila Bhandari (Bhandari, M.); Rabindra Bista (Bista, R.); Joao C Ferreira or Joao Ferreira (Ferreira, J. C.);
Journal Title
IEEE Access
Year (definitive publication)
2026
Language
English
Country
United States of America
More Information
Web of Science®

Times Cited: 0

(Last checked: 2026-07-15 09:00)

View record in Web of Science®

Scopus

Times Cited: 0

(Last checked: 2026-07-02 22:17)

View record in Scopus

Google Scholar

Times Cited: 2

(Last checked: 2026-07-14 17:10)

View record in Google Scholar

This publication is not indexed in Overton

Abstract
The cross-border use of health data is still limited by fragmented data models, weak guarantees around who is requesting access, and inconsistent mechanisms for obtaining and revoking patient consent. The European Health Data Space (EHDS) and the European Digital Identity (EUDI) framework aim to address these issues by giving citizens a portable digital identity and legally valid, auditable control over secondary use of their clinical data, but concrete, national-scale implementations are still missing. We present and evaluate a digital health wallet architecture for Norway that: 1) issues verifiable credentials to both patients and healthcare professionals; 2) records, enforces, and revokes patient consent on a permissioned distributed ledger; 3) verifies access rights using zero-knowledge proofs; and 4) bridges open Electronic Health Record (openEHR) repositories to EHDS-compliant Fast Healthcare Interoperability Resources (FHIR) bundles. The system is built on Hyperledger Besu, uses Groth16 proof circuits with Poseidon hashing for selective disclosure of consent, and encodes General Data Protection Regulation (GDPR) obligations directly into smart contract logic. The architecture was validated in a simulated hospital environment using synthetic ICU-style data. Professional onboarding and role verification completed in approximately 1.2 s (mean, std. 0.2 s). End-to-end consent issuance, verification, and on-ledger recording completed in under 3 s. On-chain verification of zero-knowledge proofs averaged 0.42 s (std. 0.09 s), supporting near real-time authorization without exposing patient identity. The FHIR–openEHR bridge achieved 98.5% mapping success between openEHR compositions and EHDS-mandated FHIR bundles. We further mapped each component to GDPR Articles 5, 7, 25, and 30, demonstrating explicit, revocable, and auditable consent with privacy by design. These results show that an EUDI-compatible digital health wallet can deliver verifiable identity, revocable consent, privacy-preserving auditability, and semantic interoperability fast enough for clinical use. Unlike prior blockchain proposals for consent management, this work demonstrates not only conceptual alignment with EHDS, but an implemented, measured architecture with national deployment potential.
Acknowledgements
--
Keywords
Consent management,Digital health wallet,Distributed ledger technology,FHIR,Healthcare professional authentication,Interoperable EHR,openEHR,Patient data management
  • Computer and Information Sciences - Natural Sciences
  • Health Sciences - Medical and Health Sciences
Funding Records
Funding Reference Funding Entity
UID/06486/2025 Fundação para a Ciência e a Tecnologia
UID/PRR/06486/2025 Fundação para a Ciência e a Tecnologia