- A study by the Institut Teknologi Bandung suggests IOTA as a building block for electronic patient records in Indonesia.
- The proposed framework “DecMed” is intended to strengthen patient-centered access control, but is so far only an academic research contribution.
A new specialist study from the Institut Teknologi Bandung (ITB) in Bandung, Indonesia brings IOTA into play as an infrastructure for electronic patient records. the work, published am 24. February 2026 in der Fachzeitschrift Sensors, stammt von Hari Purnama, Putu Bakta Hari Sudewa, Tazkia Nizami, Bagas Sambega Rosyada, Pradipta Rafa Mahesa und Nur Ahmadi und trägt den Titel „Access Control Development Within the Framework of an IOTA-Based Electronic Medical Record Management System.”
IOTA as the basis for the Indonesian medical record
The study proposes “DecMed”, a decentralized framework for the management of electronic medical records in Indonesia. According to the authors, the need for this arises from the general conditions in Indonesia: Electronic medical records are mandatory in Indonesia, while centralized systems and third-party providers continue to generate significant risks in terms of access control, data protection and data integrity, according to the study. The problem formulation is:
“Electronic health records are mandatory in Indonesia under Ministry of Health guidelines, which poses significant challenges in data security and patient-centered access control. Current implementations rely on centralized healthcare systems or third-party providers, creating risks of unauthorized access, data leaks and uncertain data integrity.”
It is precisely in response to this that the study proposes DecMed, “a decentralized EMR management framework based on IOTA Distributed Ledger Technology”.
Technically, the model is not designed as a mere on-chain storage of medical records. According to the study, DecMed combines Capability-Based Access Control, Proxy Re-Encryption and IPFS while implementing smart contracts in Move on the IOTA ledger.
The goal is to shift more data sovereignty to the patients themselves. The authors also formulate this very clearly:
“Patients actively grant or revoke access, set the duration of access, and selectively share data with medical staff.”
The study is particularly relevant for IOTA because it suggests a practical use case in a sensitive sector. In their evaluation, the authors point out that unit tests with different unauthorized access scenarios showed that DecMed could effectively enforce fine-grained access rules while maintaining data confidentiality and integrity.
However, this is not yet an introduction to the Indonesian healthcare system, but rather a research contribution. This is exactly where the real significance lies. It shows that IOTA is receiving attention in academic research worldwide.
No Comments