Masoumeh Jafari

Yazd University

Title: CardioChain: A Privacy-Preserving Decentralized Framework for Secure Cardiac Data Sharing in Wearable IoMT

Biography

Masoumeh Jafari received the B.S. degree in computer science from the Shahid Bahonar University of Kerman, Iran, in 2010, and the M.S. degree in computer engineering (software) from the Payame Noor University of Tehran, Iran, in 2016. She is currently pursuing the Ph.D. degree in computer engineering (software), at the University of Yazd, Iran. Since January 2020, she has been a diligent research assistant to Dr. Adibnia, and she is also working as a visiting student at the National University of Singapore (NUS) under the supervision of Prof. Biplab Sikdar. Her research interests include blockchain, big data, the Internet of Things (IoT), machine learning, telemedicine, security, privacy, and smart contract development using solidity.

Abstract

Objectives: Cardiac health monitoring via wearable Internet of Medical Things (IoMT) is rapidly expanding, yet current systems suffer from centralized vulnerabilities, weak patient authentication, and limited personalization. This study aims to develop a decentralized framework that enables secure cardiac diagnosis and encrypted treatment delivery, while preserving patient privacy, ensuring data revocability, and complying with global health data regulations.

Methods:

We designed CardioChain, a multi-layered architecture integrating:

Biometric Authentication: Fusion of ECG-based identity signatures with fingerprint/voice modalities, validated using zero-knowledge proofs and decentralized identity (DID) protocols.

Federated Learning: Privacy-preserving training of cardiac diagnostic models (e.g., atrial fibrillation, myocardial infarction) across distributed IoMT nodes, using secure aggregation and differential privacy.

Smart Contract–Driven Treatment Dispatch: Diagnoses trigger encrypted, rule-based therapeutic recommendations delivered to authenticated patients via blockchain.

Off-Chain Data Storage: Sensitive cardiac data is encrypted and stored in decentralized repositories (e.g., IPFS), while only hashed references are recorded on-chain to ensure GDPR-compliant data revocability.

The system was evaluated on 100K synthetic ECG records and adversarial simulations to benchmark performance, privacy, and clinical reliability.

Results: Authentication Accuracy: 98.7% with zero identity leakage

Diagnostic Precision: 91.2% for AFib and MI across heterogeneous datasets

Latency Reduction: 38% faster than cloud-based models

Treatment Dispatch Integrity: 100% secure under adversarial testing

Compliance: Fully compatible with HL7 FHIR, GDPR (right to erasure), and HIPAA (access control and auditability)

Conclusion: CardioChain offers a transformative solution for global cardiac care by combining decentralized security, federated intelligence, and personalized treatment delivery. By storing sensitive data off-chain and empowering patients with control over their identity and access permissions, the framework ensures both clinical utility and regulatory compliance. Scalable, interoperable, and privacy-preserving, CardioChain aligns with the congress theme: Heartbeat of Change: Inspiring Solutions for Global Cardiac Health.