Accepted for/Published in: JMIR Medical Informatics
Date Submitted: Nov 26, 2025
Date Accepted: Apr 28, 2026
Blockchain-Based Dynamic and Revocable Consent for Secondary Health Data Use: Systematic Review
ABSTRACT
Background:
The secondary use of health data holds substantial potential for advancing biomedical research, strengthening population health analytics, and enabling AI–driven decision support. Yet ensuring that such reuse respects patient autonomy, privacy, and regulatory obligations remain a major challenge. Conventional consent mechanisms are typically static, difficult to revoke, and offer limited transparency or accountability after data disclosure.
Objective:
This review aimed to systematically examine blockchain-based frameworks that enable dynamic, auditable, and revocable consent for the secondary use of health data.
Methods:
A structured literature search was conducted in PubMed, Scopus, and Web of Science covering the period 2020–2025. Following PRISMA guidelines, 55 peer-reviewed studies meeting predefined inclusion criteria were analyzed. Data extraction focused on four dimensions: (1) consent lifecycle management; (2) auditability and traceability; (3) usability and patient empowerment; and (4) legal and ethical alignment.
Results:
Findings indicate that blockchain technologies provide a robust foundation for automating consent lifecycles, ensuring immutable auditability, and enabling decentralized patient control. Most frameworks employed smart contracts, DIDs (decentralized identifiers), and VCs (verifiable credentials) to implement programmable and verifiable consent processes. Nevertheless, key challenges persist, including limited usability testing, complexities in real-time revocation propagation, interoperability gaps with clinical systems, and tensions with regulatory requirements such as the GDPR (General Data Protection Regulation) right to erasure. Only a small subset of studies reported real-world deployments or user-centered evaluations.
Conclusions:
Blockchain offers substantial promise for improving the trustworthiness, transparency, and accountability of consent management for secondary health data use. However, wider adoption requires human-centered design approaches, stronger interoperability through standards such as FHIR, verifiable credentials, and consent receipts, and clearer legal guidance for compliance. Future research should prioritize integrating blockchain-enabled consent infrastructures into national and cross-border digital health ecosystems such as the EHDS (European Health Data Space) to support secure, patient-controlled, and ethically governed secondary data use.
Citation
Request queued. Please wait while the file is being generated. It may take some time.
Copyright
© The authors. All rights reserved. This is a privileged document currently under peer-review/community review (or an accepted/rejected manuscript). Authors have provided JMIR Publications with an exclusive license to publish this preprint on it's website for review and ahead-of-print citation purposes only. While the final peer-reviewed paper may be licensed under a cc-by license on publication, at this stage authors and publisher expressively prohibit redistribution of this draft paper other than for review purposes.