The increase of data collection and analytics over the past few years the control over personal data has become an important issue. Control over data is the execution of privacy and the ability to protect the individual identity. Solutions to give consumers more control have failed in the past due to security and privacy concerns. On top of that is innovating in healthcare challenging because of the complex network of stakeholders involved, limited budgets and conservative culture.

The current definition of control, being able to disclose information to others, is outdated. Due to the digitalization of our world where data is easily copied and shared with others, the definition is too limited. This thesis proposes a new measurable definition of control that constitute the access, bookkeeping of access (record), clarity of use, the possibility of decisions, effort to access and freedom to make decisions as components of control. Furthermore, the obstacles that currently prevent consumers to control their data are identified, and the possible gateways around those obstacles. Finally, practical functionalities are proposed for the implementation of a solution that takes into account the perspectives of different stakeholders in the healthcare industry. Blockchain technology is proposed as part of the infrastructure for the registration of consent to health data.

The solution proposed in this thesis is an infrastructure that facilitates convenient control for the consumer by integrating health data from different sources (in and outside the hospital environment) and aggregates the data into a complete overview. Consent to the information is registered on the blockchain, to keep an immutable record of access authorization. The consumer is at the centre and can control who to share a part, or complete set, of their data with different stakeholders.