惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

美团技术团队
P
Privacy International News Feed
P
Proofpoint News Feed
Security Archives - TechRepublic
Security Archives - TechRepublic
C
CXSECURITY Database RSS Feed - CXSecurity.com
Know Your Adversary
Know Your Adversary
Security Latest
Security Latest
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Attack and Defense Labs
Attack and Defense Labs
NISL@THU
NISL@THU
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
W
WeLiveSecurity
GbyAI
GbyAI
N
News and Events Feed by Topic
N
News | PayPal Newsroom
Y
Y Combinator Blog
C
CERT Recently Published Vulnerability Notes
N
Netflix TechBlog - Medium
S
Security Affairs
Spread Privacy
Spread Privacy
罗磊的独立博客
腾讯CDC
MyScale Blog
MyScale Blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
L
LINUX DO - 热门话题
The Cloudflare Blog
L
LangChain Blog
博客园_首页
H
Hacker News: Front Page
宝玉的分享
宝玉的分享
Martin Fowler
Martin Fowler
博客园 - 聂微东
SecWiki News
SecWiki News
A
Arctic Wolf
爱范儿
爱范儿
Google Online Security Blog
Google Online Security Blog
T
Threat Research - Cisco Blogs
Hacker News - Newest:
Hacker News - Newest: "LLM"
有赞技术团队
有赞技术团队
The GitHub Blog
The GitHub Blog
Cyberwarzone
Cyberwarzone
博客园 - 叶小钗
V
Visual Studio Blog
V
V2EX
T
Tailwind CSS Blog
Project Zero
Project Zero
T
The Blog of Author Tim Ferriss
F
Fortinet All Blogs
MongoDB | Blog
MongoDB | Blog
D
Docker

Hacker News: Ask HN

The New Window Delete ChatGPT Atlas Spyware Tell HN: Qwen Free Tier Is Discontinued Ask HN: SeedLegals Partnerships in London, worth it? Ask HN: How to highlight talent from untraditional backgrounds? Ask HN: We dont need a programming language now? Durable Object alarm loop: $34k in 8 days, zero users, no platform warning What if Time at the subatomic level has multiple arrows? How to add MidnightBSD Key to UEFI Secure Boot DBX? (Revoked and Forbidden Keys) Ask HN: What's your experience working at xAI as an AI tutor? Any engineers here with experience of clinical data standards? Ask HN: Who is using OpenClaw? Agent Skills for Software Test Automation Ask HN: Who needs contributors? Claude Code is thinking too much Ask HN: What Is the Big-O Order of a Jigsaw Puzzle? Ask HN: Stepping into a new role as a Senior, mentoring dos and dont's? Founder from Zurich heading to SF and Austin for the first time Hacker News No Manual Screenshots: I Built a Scalable Screenshot API Using Cloud Playwright Ask HN: Thought experiment: AGI giving us answers we don't like? Ask HN: I quit my job over weaponized robots to start my own venture 1% Vacancy, 81% Preleased: Where Midmarket Compute Deploys in 2026 Ask HN: Preferred pricing model for sound effects libraries? Copy of the email I sent to my undergraduate professors on Nov 30, 2025 Model API Performance | Hacker News Ask HN: Are open-weight LLMs the new offline encyclopedias? Valgrind 3.27 RC1 is out Claude Code OAuth down for >12 hours Ask HN: What's Better?–Tauri or Electron? Technical SEO vs. content optimization: which one moves rankings? Hacker News Ask HN: Can you cut off AI usage immediately? Nvidia's moat is not what it used to be Ask HN: What's your experience with PoW captchas against form spam? Ask HN: What are all the bad things that AI companies have done which we forgot Ask HN: Is Zero Trust Architecture Overkill? Ask HN: What is the best way to get your first users? Tell HN: OpenAI silently removed Study Mode from ChatGPT Ask HN: How to build an "AI native" company? Tell HN: docker pull fails in spain due to football cloudflare block Launchfolio – Create a portfolio in minutes for free, no account needed 120k USD compute credits from various providers Ask HN: How do you retain what you learn from podcasts? Ask HN: How is everyone dealing with the increase of code reviews? Ask HN: Agentic AI just makes me sad Ask HN: Do you trust AI agents with API keys / private keys? Ask HN: Anyone using Nostr as a lightweight back end/DB for rapid prototyping? Ask HN: What should I do with my app? 130 downloads 3 real subscribers Strong feeling: we are in a folded AI reality Hacker News What comes after Open Source? Ask HN: Former grok-code-fast-1 users, what coding model are you using now? When career anxiety becomes gameplay: lessons in China 'young-faculty simulator' I propose a new programming language, CPC Ask HN: Do you remux WebM to MP4 without re-encoding? Ask HN: How to have a macOS devcontainer in VS Code? I built a free 30-day habit tracker in Google Sheets Ask HN: What is the most annoying part of scheduling meetings? Ask HN: Has anyone reconsidered Antivirus software after recent security news? Tell HN: See the AI Doc Ask HN: Why have we not stepped back on the moon again? Ask HN: How did you specialize as a software engineer? Ask HN: Agentic Permutation of Testing Paths In A System Ask HN: Will AI Redefine Programming? Ask HN: How do you stop playing 20 questions with your AI coding tools Ask HN: Is the telehealth consulting for psychiatry even works? Ask HN: Im back end engineer, not front end – is this just excuse? What tools do you use to visualize algorithms? Tor Browser on Android leaks IP in desktop mode Published on Rapid API | Hacker News Persistent vs. Stubborn / Genius vs. Intelligent Is the pitch deck culture making founders worse at building businesses? Do founders' political views affect how you see a product? Ask HN: Easiest UX for Seniors My app hit 1,152 first-time downloads in a single day Claude API Error: 529 | Hacker News My AI workflow evolved from prompts to a near-autonomous workflow Hacker News Ask HN: Best books on building a programming language I collected startup ideas. It changed how I think about ideas completely Is algorithm still relevant in 2026 Is VC the new PMF strategy? Ask HN: Would you take your engineering team to Buenos Aires for an offsite? Hacker News Artemis 2 Coming Home | Hacker News Ask HN: Recommendations on which models to pay how much for? Open Source card game cuttle.cards has its world championship Saturday at 1pm ET Scanners are too late for AI-driven actions Ask HN: Negotiating Intern Pay Ask HN: Hiring in the age of AI-assisted coding: what works? Amazon Luna Shuts Down without refunds? The Weather Channel RetroCast Now Behind the Scenes and Technical / Design V1.21 Update for Gpumkat | Hacker News Valence and HYVE, RT Physics Attention and a "Synthetic Organism" Ask HN: Its either I or Agent code. Both of us on same codebase is a disaster Ask HN: Does Sam Altman know how to code? Ask HN: Is a purely Markdown-based CRM a terrible idea? Optimized for LLM agents Ask HN: Improving as mid-level dev with forced use of LLMs I built ClawIDE: A web-based IDE for managing multiple Claude Code sessions
Decentralized Medical Records | Hacker News
SERSI-S · 2026-05-30 · via Hacker News: Ask HN
Decentralized Medical Records
3 points by SERSI-S 7 days ago | hide | past | favorite | 10 comments

Is it possible that medical records are more secure within the IFPS thanks to end-to-end encryption?

 help


What I mean is, I envision a scenario in which personal data such as patient data is stored separately and independently from other institutions; that patient data is encrypted and then distributed to the IFPS, while the IFPS ID is stored on an immutable blockchain


I'll get flamed and downvoted if I name the open source project I've been grinding on for over a year to address sensitive data access by autonomous agents in a way that is similar... but I've been thinking of similar things - data sovereignty.

I think the solution is is for people to own their data, with cryptographic protections and audit trails. We should have the ability to grant JiT privileges to extremely narrowly scoped pieces, as needed, scrubbed of PII prior to egress. Patients should have to cryptographically sign temporary access, which is revoked immediately after the task... the ux should be as simple as a docusign... I could go on and on...

But, yeah, you're not alone.


You’re absolutely right. In my opinion, data like medical records is the most sensitive data in the world. How can you possibly entrust your data to another institution or organization when you don’t know if it could just be taken without your consent? I see a lot of medical records circulating out there being bought and sold, looking like a pile of trash.

I looked at this repository and tried running it: https://github.com/Mzhvnn-tch/sehati-apps. Maybe you can see how this workflow operates.


What if a patient loses their encryption key?

How do doctors get access to history?

HIPAA? EMR system integration?

blockchain is toxic, most people do not want to deal with the hassle of lose your keys, lose your money (data here)


When a patient loses their private key, it’s a very serious mistake, but I’ve thought this through carefully, and yes, your key is split into three or more parts using SSS (Shamir’s Secret Sharing) or another key-sharing method one for your mother, one for your father, and one for your sibling with each family member keeping one part. So, if you lose your key, you can recover it using the parts kept by your family members.

Regarding blockchain, this isn’t actually mandatory, but I believe blockchain plays a crucial role in the hashing process. When you receive your IFPS ID, you must save it and record it this feels very slow. In my opinion, using blockchain makes sense if you can incorporate RSA key exchange into your data so that your medical history data is encrypted and distributed via IFPS, and it is this IFPS ID that is sent to the blockchain; the advantage of blockchain is its immutable and unalterable nature.


FFS this all falls apart in an emergent situation. Tattoo the PKS on your ass (or whatever part you wouldn't normally leave exposed in public).


That’s a good point; I hadn’t thought of it that far. Maybe I’ll think more deeply about what it’s like when family members are far away and the key-sharing feature doesn’t work.

At first I thought about a biometric SDK, but in a more severe situation like if a finger were severed—it might be even more of a challenge.


Doctors must scan or request the patient’s sharing key (RSA) after the patient has given consent and verify that the treating doctor is indeed a licensed professional. This ensures that sensitive data can only be accessed after the patient approves the doctor’s request.

Regarding HIPAA, I haven’t considered it yet, but you can take your EMR with you anytime, anywhere, as it is protected by three keys: one for your IFPS, one for your personal data, and one for your medical data. An attacker would have no choice but to guess the key for each encryption two RSA and one AES. When you go to London for treatment, you only need to use your RSA key—that is, share that key with the doctor and then approve the doctor’s access to your medical history. No administrative procedures are needed; for example, if you’re treated in London, you don’t have to pay anything the hospital asks for just to access your data. That doesn’t sound logical, does it?


Key management and authentication are indeed complex issues, just as I had initially suspected, but after reading some older cryptography texts, I realized that we can use a key-sharing method. In an emergency, we can share the key with family members for authorization purposes or other technical matters.