Cloud platforms are now central to the management of healthcare supply chains, offering faster information exchange, scalability, and improved coordination. Yet, the very features that make them attractive also bring new privacy and security risks. Sensitive data such as patient records, procurement transactions, and shipment details move across a web of hospitals, suppliers, distributors, and service providers. This complexity raises concerns over unauthorized access, data leaks, and compliance with regulations like HIPAA and GDPR, particularly when information crosses national borders.

Common problems remain stubbornly persistent misconfigured storage systems, uneven use of encryption, and overly broad access privileges have been implicated in several breaches. Traditional safeguards, while helpful, are often too rigid for rapidly changing supply chain environments. More advanced ideas, including blockchain audit logs and federated identity systems, show potential but still face barriers in scale, integration, and oversight.

The pandemic made these tensions visible: cloud tools helped organizations track protective equipment and medicines in real time, but incidents such as the ransomware attack on Ireland’s Health Service Executive also exposed how vulnerable these systems can be.

In response, this paper puts forward a multi-layer privacy framework tailored to cloud- based healthcare supply chains. It combines encryption, adaptive access controls, blockchain-enabled transparency, and automated compliance monitoring. Findings from the study indicate that this layered approach reduces exposure to breaches, improves accountability across stakeholders, and strengthens alignment with regulatory standards. Taken together, the framework balances operational efficiency with the trust and confidentiality that healthcare delivery depends upon.

healthcare supply chain, Cloud computing, HIPAA, GDPR, blockchain, encryption, access control, multi-layer framework, privacy-preserving technologies, cyber resilience, regulatory compliance

J. Smith, “Cloud Security in Healthcare: A Regulatory Perspective,” IEEE Trans. Cloud Comput., vol. 9, no. 4, pp. 233–245, Oct. 2022.

R. Gupta and A. Sharma, “Blockchain-Based Supply Chains: Opportunities and Challenges,” IEEE Access, vol. 10, pp. 13456–13468, Mar. 2022.

U.S. Department of Health & Human Services, “HIPAA Security Rule,” 2021. [Online]. Available: https://www.hhs.gov/hipaa

A. K. Jain et al., “Privacy-preserving Machine Learning in Healthcare,” IEEE J. Biomed. Health Inform., vol. 25, no. 11, pp. 4321–4332, Nov. 2021.

European Commission, “General Data Protection Regulation (GDPR),” 2018. [Online]. Available: https://gdpr-info.eu/

Z. Zandesh, “Privacy, Security, and Legal Issues in the Health Cloud,” Front. Public Health, vol. 12, 2024.

M. Mehrtak et al., “Security challenges and solutions using healthcare cloud,” J. Big Data, vol. 8, no. 1, 2021.

H. Taherdoost, “Privacy and Security of Blockchain in Healthcare,” Big Data Cogn. Comput., vol. 7, no. 4, pp. 1–15, 2023.

S. Sharma, K. Chen, and A. Sheth, “Towards practical privacy-preserving analytics for IoT and cloud-based healthcare systems,” IEEE Internet Comput., vol. 22, no. 2, pp. 42–52, Mar./Apr. 2018.

C. Thapa and S. Camtepe, “Precision Health Data: Requirements, Challenges and Existing Techniques for Data Security and Privacy,” IEEE Access, vol. 8, pp. 20507– 20527, 2020.

R. Zhang, R. Xue, and L. Liu, “Security and Privacy for Healthcare Blockchains,” arXiv preprint arXiv:2106.06136, 2021.

J. S. Jadhav et al., “Blockchain-based healthcare supply chain management: A review,” Mater. Today Proc., vol. 65, 2022.

A. Rizzardi, “IoT-driven blockchain to manage healthcare supply,” Future Gener. Comput. Syst., vol. 154, 2024.

B. Aljabhan, “Privacy-preserving blockchain framework for supply chain management,” Sustainability, vol. 15, no. 8, p. 6905, 2023.

NIST, “Framework for Improving Critical Infrastructure Cybersecurity,” National Institute of Standards and Technology, Gaithersburg, MD, 2018.

ENISA, “Cloud Security for Healthcare Services,” European Union Agency for Cybersecurity, 2021.

O. Bak et al., “Exploring blockchain implementation challenges in supply chains,”Int. J. Prod. Res., vol. 63, no. 3, pp. 812–828, 2025.

M. Al Zaabi et al., “Big data security and privacy in healthcare: A systematic review,” nf. Dev., 2024.

P. Shojaei et al., “Security and privacy of technologies in health information systems: A systematic literature review,” Computers, vol. 13, no. 3, p. 45, 2024.

J. Pool et al., “A systematic analysis of failures in protecting personal data,” Int. J. Inf. Manage., vol. 75, 2024.

A. Alamsyah et al., “Enhancing privacy and traceability of public health data using blockchain,” Front. Blockchain, vol. 1, 2025.

WHO, “Digital health and data protection: Global guidance,” World Health Organization, 2023.

ISO/IEC 27701:2019, “Security techniques – Extension to ISO/IEC 27001 and ISO/ IEC 27002 for privacy information management,” ISO, Geneva, Switzerland, 2019.

M. S. B. Kasyapa, “Blockchain integration in healthcare supply chain systems,” Health Inf. Sci. Syst., vol. 12, no. 1, 2024.

J. Zhou et al., “Security and privacy in cloud-based e-health systems: A survey,” IEEE Access, vol. 9, pp. 50017–50037, 2021.

A. Rghioui et al., “IoT-based healthcare: A survey on security and privacy,” Comput. Netw., vol. 197, 2021.

J. Lin et al., “Blockchain and IoT integration for healthcare data management,” Future Gener. Comput. Syst., vol. 133, 2022.

D. He et al., “Data security in healthcare IoT: Challenges and solutions,” IEEE Commun. Mag., vol. 58, no. 6, pp. 26–32, Jun. 2020.

A. Faridoon and M. T. Kechadi, “Healthcare data governance, privacy, and security: A conceptual framework,” arXiv preprint arXiv:2403.17648, 2024.

C. Esposito et al., “Blockchain-based supply chain management: A survey,” IEEE Trans. Eng. Manage., vol. 67, no. 4, pp. 1322–1336, Nov. 2020.

A. Zhang and X. Lin, “Towards secure and privacy-preserving data sharing in e- health systems via consortium blockchain,” J. Med. Syst., vol. 42, no. 8, 2018.

S. Nakamoto, “Bitcoin: A peer-to-peer electronic cash system,” 2008. [Online]. Available: https://bitcoin.org/bitcoin.pdf

M. Paul et al., “Digitization of healthcare sector: A study on privacy and security,” Digital Health, vol. 9, 2023.

H. Xu et al., “Privacy-preserving healthcare data sharing through federated learning,” IEEE Trans. Netw. Sci. Eng., vol. 8, no. 2, pp. 1052–1065, Apr./Jun. 2021.

A. Joshi et al., “A survey on security and privacy of federated learning in healthcare,” Future Gener. Comput. Syst., vol. 129, 2022.

S. Wang et al., “A blockchain-based privacy-preserving healthcare system,” J. Med. Internet Res., vol. 21, no. 6, 2019.

T. Fernandez-Carames and P. Fraga-Lamas, “A review on blockchain technologies for healthcare applications,” IEEE Access, vol. 7, pp. 164490–164508, 2019.

Y. Luo et al., “Secure data access control for cloud-based healthcare systems,” IEEE Trans. Cloud Comput., vol. 8, no. 2, pp. 484–496, 2020.

A. Ahmad et al., “Security and privacy in healthcare: Issues and solutions,” J. Ambient Intell. Humaniz. Comput., vol. 12, no. 3, pp. 3293–3310, 2021.

H. Wu et al., “Secure and efficient data sharing for cloud-based healthcare systems,” Future Gener. Comput. Syst., vol. 95, pp. 623–633, 2019.

P. Zhang et al., “FHIRChain: Applying blockchain to secure and scalable sharing of healthcare data,” Comput. Struct. Biotechnol. J., vol. 16, pp. 267–278, 2018.

M. Hussain et al., “Healthcare data privacy in IoT: Blockchain-based approach,” Sensors, vol. 21, no. 12, 2021.

L. Benchoufi et al., “Blockchain protocols in clinical trials: Transparency and traceability,” J. Med. Internet Res., vol. 21, no. 3, 2019.

A. Azaria et al., “MedRec: Blockchain for medical data access,” Proc. IEEE Int. Conf. Open Big Data, 2016.

S. Rouhani and R. Deters, “Security, performance, and applications of smart contracts: A systematic survey,” IEEE Access, vol. 7, pp. 50759–50779, 2019.

K. Fan et al., “MedBlock: Efficient and secure medical data sharing via blockchain,” J. Med. Syst., vol. 42, no. 8, 2018.

T. Alladi et al., “Blockchain in smart healthcare: Challenges and solutions,” IEEE Access, vol. 7, pp. 247–257, 2019.

J. Yue et al., “Healthcare data gateways: Security and privacy perspectives,” IEEE Access, vol. 4, pp. 205–216, 2016.

M. Mettler, “Blockchain technology in healthcare: The revolution starts here,” Proc. IEEE Healthcom, pp. 1–3, 2016.

R. G. Holliday, “Cybersecurity threats in healthcare supply chains: A review of ransomware and insider attacks,” Health Policy Technol., vol. 12, no. 1, 2023