Emergency Medical Access Contract

What it does:
Allows authorized emergency responders to temporarily access a patient’s critical medical information during life-threatening situations without waiting for manual consent.

Why it matters:
Balances patient privacy with lifesaving urgency by enabling controlled, auditable emergency access while preventing silent abuse or permanent data exposure.

How it works:

Patients predefine trusted emergency responders
Emergency access rules and time limits are set on-chain
Responder triggers emergency access during critical events
Access is granted temporarily and automatically expires
Patients can review all emergency access logs afterward
Every emergency action is permanently auditable on-chain

      // SPDX-License-Identifier: MIT
pragma solidity ^0.8.20;

/**
 * @title EmergencyMedicalAccess
 * @author Nam
 * @notice Temporary emergency access to patient medical records
 */
contract EmergencyMedicalAccess {

    // -------------------- STRUCTS --------------------

    struct EmergencyPermission {
        bool trusted;
        uint256 accessExpiry;
    }

    // -------------------- STORAGE --------------------

    // patient =&gt; responder =&gt; EmergencyPermission
    mapping(address =&gt; mapping(address =&gt; EmergencyPermission)) public emergencyPermissions;

    // -------------------- EVENTS --------------------

    event ResponderAuthorized(address indexed patient, address indexed responder);
    event EmergencyAccessTriggered(
        address indexed patient,
        address indexed responder,
        uint256 expiry
    );
    event EmergencyAccessRevoked(address indexed patient, address indexed responder);

    // -------------------- MODIFIERS --------------------

    modifier onlyPatient(address _patient) {
        require(msg.sender == _patient, "Not patient");
        _;
    }

    // -------------------- AUTHORIZATION --------------------

    /**
     * @notice Patient authorizes an emergency responder
     */
    function authorizeResponder(address _responder)
        external
        onlyPatient(msg.sender)
    {
        require(_responder != address(0), "Invalid responder");

        emergencyPermissions[msg.sender][_responder].trusted = true;
        emit ResponderAuthorized(msg.sender, _responder);
    }

    /**
     * @notice Patient revokes responder trust
     */
    function revokeResponder(address _responder)
        external
        onlyPatient(msg.sender)
    {
        emergencyPermissions[msg.sender][_responder] = EmergencyPermission({
            trusted: false,
            accessExpiry: 0
        });

        emit EmergencyAccessRevoked(msg.sender, _responder);
    }

    // -------------------- EMERGENCY ACCESS --------------------

    /**
     * @notice Emergency responder triggers temporary access
     */
    function triggerEmergencyAccess(
        address _patient,
        uint256 _duration
    )
        external
    {
        EmergencyPermission storage permission =
            emergencyPermissions[_patient][msg.sender];

        require(permission.trusted, "Not authorized responder");
        require(_duration &gt; 0, "Invalid duration");

        permission.accessExpiry = block.timestamp + _duration;

        emit EmergencyAccessTriggered(
            _patient,
            msg.sender,
            permission.accessExpiry
        );
    }

    // -------------------- VIEW --------------------

    /**
     * @notice Check if emergency access is active
     */
    function hasEmergencyAccess(
        address _patient,
        address _responder
    )
        external
        view
        returns (bool)
    {
        EmergencyPermission memory permission =
            emergencyPermissions[_patient][_responder];

        return
            permission.trusted &amp;&amp;
            block.timestamp &lt;= permission.accessExpiry;
    }
}