Project highlights
Mutualink is transforming the medical referral system, enabling individuals to regain control over their medical data and experience improved healthcare services. Our vision is to create a data-driven referral system that fosters efficient and transparent communication between patients and healthcare providers. Through secure management and utilization of personal medical data, we aim to enhance healthcare quality by promoting data sovereignty recovery, providing efficient referral decision support, and ensuring transparent data management.
To facilitate data sovereignty recovery, we offer a platform that allows individuals to fully control their medical data. Our AI-based analytical tools and personalized services accelerate and refine healthcare referral decisions. We also implement cutting-edge security technologies to safeguard medical data while managing it transparently.
Mutualink provides an intuitive medical data management platform that allows users to easily handle their medical records and access them as needed. We use AI-driven analytical tools to deliver personalized health management suggestions and offer data insights to healthcare providers. Our referral decision support system presents various options to help patients choose suitable healthcare referrals tailored to their situations, assisting in their decision-making processes
Web3 advantages
Innovation in Medical Data Sovereignty Recovery and Secure Sharing
Mutual Link adopts a fundamentally different approach compared to traditional Web2-based medical data-sharing systems. The key differences and advantages of our system over existing solutions are outlined below.
1. Data Ownership and Control
- Traditional Web2 Systems
- Medical institutions store and manage patient data on centralized servers.
- Patients have limited access to their own medical records.
- Patients have minimal control over data transfer, leading to a lack of transparency.
- Mutual Link (Web3)
- Patients have full ownership of their medical data.
- Decentralized storage using ICP canisters eliminates single points of failure.
- End-to-end encryption ensures that only the data owner and authorized doctors can access the information.
- Public-private key encryption enables transparent and secure data access control.
2. Secure Authentication System
- Traditional Web2 Systems
- Authentication relies on ID/password systems, which are vulnerable to hacking.
- Authentication data is stored on central servers, creating a single point of failure.
- Unclear authentication mechanisms between doctors and patients.
- Mutual Link (Web3)
- Web3Auth integration enables social login for improved usability.
- Private keys are securely stored on user devices, preventing centralized data breaches.
- Role-Based Access Control (RBAC) ensures clear separation of permissions between doctors and patients.
- ICP-based security architecture provides a higher level of protection.
3. Data Transparency and Traceability
- Traditional Web2 Systems
- Difficult to track the movement and access history of medical data.
- Medical record modifications are not transparently managed.
- Patients have no clear insight into how their data is used.
- Mutual Link (Web3)
- Blockchain technology ensures full transparency in patient data movement.
- A medical data transmission tracking system is implemented.
- Patients can monitor their data access and sharing history in real time.
- Any attempt at data tampering or unauthorized access is instantly detected and recorded.
4. Medical Information Continuity and Emergency Accessibility
- Traditional Web2 Systems
- Sharing medical information across hospitals faces technical and administrative barriers.
- Emergency situations often lead to delays in inter-institutional data sharing.
- Hospitals operate independent systems, leading to interoperability issues.
- Mutual Link (Web3)
- Decentralized infrastructure via ICP enables seamless medical data sharing across hospitals.
- Emergency situations allow authorized doctors to access necessary medical records immediately.
- All medical records are managed using encrypted Content Identifiers (CIDs) for efficient search and retrieval.
- Enables rapid medical decision-making without missing the critical golden hour.
5. Regulatory Compliance and Flexibility
- Traditional Web2 Systems
- Requires complex system development to comply with medical data regulations.
- Expansion is restricted due to varying national and regional regulations.
- Adapting to regulatory changes is time-consuming and costly.
- Mutual Link (Web3)
- ICP’s subnets and chain-key system enable effective access control, simplifying regulatory compliance.
- Ensures high-level data confidentiality in line with personal data protection laws.
- Flexible access control policies can be applied to accommodate regional regulations.
- Provides an expandable architecture compatible with international standards.
Mutual Link does not simply transfer Web2 systems onto the blockchain—it introduces an innovative approach to solving the fundamental issues of medical data sovereignty recovery and secure sharing. This advancement benefits both patients and healthcare providers, enhancing the overall medical service experience and even saving lives in emergency situations.
How is it built
Mutual Link: A Web3-Based Project for Medical Data Sovereignty and Secure Sharing
Mutual Link leverages Web3 technology to restore medical data sovereignty and enable secure data sharing. The project is built using the following technology stack and architecture.
1. Technology Stack
1.1 Backend
- Programming Language: Motoko
- Platform: Internet Computer Protocol (ICP)
- Canister Structure:
mutual-link-backend
: Main backend canisterDoctorManagement
: Doctor information management moduleMedicalRecordManagement
: Medical record management module
1.2 Frontend
- Framework: React, TypeScript
- UI Library: Ant Design
- State Management: React Context API
- Build Tool: Vite
- Styling: SCSS
1.3 Authentication & Security
- Authentication System: Web3Auth
- Social Login: Google OAuth Integration
- Encryption Algorithm: Elliptic Curve Cryptography (secp256k1)
- Data Encryption: AES symmetric encryption + asymmetric encryption hybrid method
1.4 Notifications & Communication
- Notification System: Firebase
- Real-Time Updates: Firebase Realtime Database
2. Architecture Design
2.1 Canister Architecture
Mutual Link operates on ICP with the following modular canister architecture:
- Main Canister: Manages all API endpoints and coordinates between modules.
- DoctorManagement Module: Handles CRUD operations for doctor data, search, pagination, and public key management.
- MedicalRecordManagement Module: Manages medical record creation, updates, retrieval, and transfer history.
This modular architecture improves maintainability and scalability.
2.2 Data Encryption Architecture
To ensure secure management of medical data, we implement a multi-layer encryption system:
- AES Symmetric Key: Used to encrypt actual medical data.
- Asymmetric Encryption: Each doctor and patient owns a unique public/private key pair.
- Encryption Process:
- Medical data is encrypted using AES.
- The AES key is encrypted separately using the sender’s and recipient’s public keys.
- Only the recipient can decrypt the AES key with their private key to access the data.
2.3 Authentication & Access Control
We implement Web3Auth-based social login and Role-Based Access Control (RBAC):
- Web3Auth Integration:
- User-friendly social login (Google)
- Non-custodial private key generation and management
- Role-Based System:
- Defined roles such as administrator, doctor, and patient with specific access rights.
- Role-based UI and functionality customization.
2.4 Notifications & Real-Time Updates
A real-time notification system is implemented using Firebase:
- Medical Record Sharing Notifications:
- Alerts recipients when a new medical record is shared.
- Sends updates when a medical record status changes.
- Notification Management:
- Read/unread status tracking.
- Notification history storage and retrieval.
2.5 Key Design Decisions
1) Choosing Motoko as the Programming Language
- Optimized for ICP, ensuring high productivity in canister development.
- Strong type safety, reducing development errors.
- Supports upgradable canisters, making system maintenance easier.
2) Web3Auth Integration
- Improves accessibility for non-technical users in the medical field.
- Eliminates the complexity of private key management.
- Preserves the familiar experience of social login while leveraging Web3 capabilities.
3) Data Encryption Approach
- Meets the high confidentiality requirements for medical data.
- Ensures secure data sharing between patients and doctors.
- Protects against man-in-the-middle attacks.
4) Modular Canister Structure
- Clearly separates business logic.
- Allows parallel development by different teams.
- Enables independent module upgrades as needed.
Mutual Link is not just a migration of Web2 systems to blockchain; it represents an innovative approach to solving fundamental challenges in medical data sovereignty and secure sharing. By ensuring robust security, transparency, and accessibility, the system significantly improves the healthcare experience for both patients and medical professionals while facilitating critical decision-making in emergency situations.
Internet Computer superpowers
The Mutual Link project leverages various strengths of the Internet Computer Protocol (ICP) to enhance implementation, development efficiency, and user experience. The following ICP features have significantly contributed to the project’s success.
1. Canister Architecture
ICP’s canister architecture enabled the modular design of the Mutual Link project. By separating the main canister from submodules such as doctor management and medical record management, parallel development among teams became possible. This structure also facilitated independent upgrades and maintenance for each module, improving system scalability and maintainability.
2. Subnet and Chain-Key System
ICP’s subnet and chain-key system played a crucial role in access control and regulatory compliance for Mutual Link. Subnets ensured scalability as the user base grew, while the chain-key system allowed for precise access control among different roles such as doctors, patients, and administrators. This approach ensured compliance with medical data security and privacy regulations.
3. Upgradeable Canisters
The upgradeability of ICP canisters contributed to the continuous improvement of the Mutual Link project. New features and bug fixes could be implemented while preserving existing user data and experience. This capability enabled the project team to quickly incorporate user feedback and adapt to the evolving needs of the medical field.
4. Role-Based Access Control (RBAC)
ICP’s RBAC functionality was essential for managing user permissions in Mutual Link. Detailed access control settings were implemented for different roles, such as doctors, patients, and administrators. This system prevented unauthorized access to medical data while optimizing the user experience according to their respective roles.
5. Decentralized Storage
ICP’s decentralized storage function played a key role in managing medical data within Mutual Link. By storing patient medical records as encrypted Content Identifiers (CIDs), data could be securely maintained without a single point of failure. This also significantly improved efficiency and transparency in data sharing between medical institutions.
Conclusion
ICP’s canister architecture, subnet and chain-key system, upgradeability, RBAC, and decentralized storage have been fundamental to the successful development of the Mutual Link project and the enhancement of user experience. These features have allowed Mutual Link to provide an innovative solution for restoring medical data sovereignty and enabling secure data sharing.
Go-To-Market strategy
1. Establishing Partnerships with Medical Networks
- We will establish an initial user base by collaborating with major hospitals, clinics, and medical institutions, centering on domestic university hospitals.
By working with emergency rooms where patient transfers frequently occur, we will accelerate the adoption of our system. - To build trust with medical professionals, we will form partnerships with participating hospitals.
2. Pilot Testing and Initial User Acquisition
- Recruit 100 doctors and medical professionals from pediatric emergency rooms for pilot testing. Optimize the initial user experience and establish credible case studies.
- Offer initial benefits (e.g., free access, data analysis reports) to encourage participation.
- Expand target groups based on pilot test validation:
- Pediatric emergency rooms → Emergency rooms → General wards.
3. Collaboration with Related Communities and Associations
- Partner with **expert communities and academic societies to enhance awareness.
4. Emphasizing Medical Data Security and Transparency
- Promote the system’s strengths in ensuring the secure management and utilization of personal medical data.
- Build user trust through transparency and security-focused messaging.
Monetization
Monetization Model 1: Pay-Per-Use Model
This model generates revenue whenever a user consents to transferring their patient information for hospital transfers. It functions similarly to the traditional CD issuance method, where hospitals provide patient medical data on CDs, but in a more digital, convenient, and efficient manner.
Details
- Revenue Structure
- Users are charged a fee per transfer when using the system to send their medical records to another hospital.
- Example: KRW 5,000–10,000 per transfer, similar to existing CD issuance fees.
- Enhanced User Experience
- The traditional CD issuance process requires patients to visit the hospital, request their data, and collect the CD in person.
- Mutual Link replaces this with a fully digital solution, allowing patients to request and securely transfer data through the system.
- The system records explicit patient consent for transfers and enhances security through encryption.
- Collaboration with Hospitals & Medical Institutions
- Partner with hospitals to establish Mutual Link as the standard system for patient data transfers.
- Hospitals can reduce their reliance on CD issuance and improve operational efficiency by adopting Mutual Link’s digital data transfer system.
Monetization Model 2: Subscription Model
Users pay a monthly fee to securely store their medical records and seamlessly transfer data when needed.
Details
- Revenue Structure
- Users are charged a monthly or annual subscription fee, ensuring a stable revenue stream.
- Monthly fee: Set at KRW 5,000, with tiered pricing based on storage capacity and service scope.
- Annual subscription discount: 15–20% off the monthly rate to encourage long-term subscriptions.
- Service Offerings
- Secure Medical Record Storage: Users can store their medical data on the Mutual Link platform securely.
- Seamless Data Transfers: Enables hassle-free transfers of stored data when switching hospitals.
- Data Management Tools: Users can view, manage, and share their records with hospitals or medical professionals as needed.
- Technological Differentiation
- Blockchain-based encryption and decentralized storage ensure security and reliability.
- Users have full ownership of their data, with the ability to access or delete their records at any time.
Status of the project
Technical Achievements
- Backend Canister Development Completed: Core functionalities such as doctor management, medical record management, and access control have been implemented.
- Frontend UI Completed: Developed a user-friendly interface for managing and sharing medical data.
- Web3Auth and Firebase Integration Completed: Built features for social login, real-time notifications, and database integration.
- Role-Based Access Control (RBAC) System Established: Implemented permission management for different user roles such as doctors, patients, and administrators.
Resources
- GitHub : daeu81404/mutual-link
Future Plans
1. Additional Feature Development
Patient-Centered Data Management Features
- Developing a personalized dashboard that allows users to easily manage and share their medical records.
- Enhancing user experience by adding features such as medical record summaries, data analysis reports, and personalized medical service recommendations.
Enhancing Blockchain-Based Data Security
- Strengthening data security and reliability by encrypting and storing patient records using blockchain technology.
- Improving transparency in medical data management to enhance user trust.
2. Upcoming Conferences & Networking Activities
- **Participation in the academic conference and training programs to promote the medical data management solution and recruit participants for pilot testing.
- **Attending the K-HOSPITAL FAIR to showcase the solution and explore partnership opportunities.