Computational Framework for Privacy-Regulated Healthcare Data Sharing: Iterative ZKP-Blockchain-Cloud Architecture

Electronic health records (EHRs) capture the entire patient data history that enables early diagnosis, predictive analytics,improved co-ordination between health care providers,etc. However, centralized storage of EHR exposes the sensitive patient data to breaches while regulations such as GDPR Article 17 “right to be forgotten” and HIPAA 6-year retention limits sharing of data across different institutions. This systematic review consolidates 81 peer- reviewed studies (2015–2024) across different domains namely zero-knowledge proofs (ZKPs), blockchain consensus, trusted cloud execution, and regulatory compliance to propose a three-tier integrated framework that helps in regulatory compliant health care data sharing, yet preserving the privacy.The first tier is to generate ZKPs on the client side and redact personal information with chameleon hashes. The second tier anchors metadata hashes on PBFT blockchain with $f=\lfloor(n-1)/3\rfloor$ fault tolerance. The third tier stores data with an attribute-based encryption (ABE) off-chain on the cloud, integrated with FHIR/HL7 standards. It allows selective sharing, balances blockchain immutability with deletion via ZKP invalidation. The proposed architecture maps tools like zk-SNARKs/Circom for proofs, Hyperledger Fabric for blockchain, AWS KMS for keys. Challenges include lack of real-world testing, achieving proof generation latency (2-15 seconds), and scaling needs via Layer-2 hybrid consensus prototypes. \textbf{Keywords:} Zero-knowledge proofs, blockchain PBFT consensus, GDPR-HIPAA compliance, FHIR interoperability, attribute-based encryption.