The privacy protection of electronic health records (EHR) has become an issue which attracts more and more attention in public. Blockchain is a technology that has emerged with the spread of digital cryptocurrency such as Bitcoin and has features of “decentralization” and “unmodifiable”. Existing electronic health record management systems ignore the security problems of patients’ interaction with other roles while focusing on protecting the user’s privacy data, especially there is no such an appropriate solution to problem nowadays that insurance can view patients’ sensitive data and invade privacy. This paper proposes a scheme based on blockchain for solving the above three problems. In combination with homomorphic encryption and smart contract technology based on Ethereum, we implement the feature that the insurance company can judge whether to handle the claim requests, although it has no way to obtain the plaintext of EHR and the ID. So there is no sensitive data of the patient which will be leaked to unauthorized users during interaction, thus the privacy protection of users’ data is strengthened. This thesis focuses on analyzing the interaction process of different roles under different application requirements based on the premise of patients’ privacy and carries out security analysis and performance evaluation.