To address the challenge of simultaneously ensuring privacy compliance (e.g., HIPAA) and data trustworthiness in medical research, this paper proposes a patient-centric blockchain-based healthcare data sharing framework. It introduces a fine-grained, patient-controlled access control mechanism supporting time-bound dynamic query authorizations; integrates zero-knowledge proofs with on-chain identity verification for decentralized auditability; and employs verifiable anonymization to preserve both data utility and privacy. Experimental evaluation demonstrates linear scalability with increasing numbers of patients and hospitals, and maintains efficient consensus and secure auditing even under 50% malicious miner participation. The core contribution is the first holistic integration of time-aware access control, Byzantine-resilient on-chain verification, and regulatory-compliant anonymization—achieving a unified design that satisfies privacy regulation, auditability, and high scalability.

Due to HIPAA and other privacy regulations, it is imperative to maintain patient privacy while conducting research on patient health records. In this paper, we propose AegisBlock, a patient-centric access controlled framework to share medical records with researchers such that the anonymity of the patient is maintained while ensuring the trustworthiness of the data provided to researchers. AegisBlock allows for patients to provide access to their medical data, verified by miners. A researcher submits a time-based range query to request access to records from a certain patient, and upon patient approval, access will be granted. Our experimental evaluation results show that AegisBlock is scalable with respect to the number of patients and hospitals in the system, and efficient with up to 50% of malicious miners.