The Healthcare Professional’s Guide to Blockchain: Part Three
This article is part three of four of an ongoing series concerning blockchain in healthcare. The following is excerpted from our e-book, “The Healthcare Professional’s Guide to Blockchain.” Each week, we’ll feature a new section of the book, but you don’t have to wait. Download the e-book for free today!
THE PROMISE OF BLOCKCHAIN FOR HEALTHCARE:
At first glance, blockchain technology seems to be tailor-made for healthcare situations that rely on trusted, traceable, and secured data. Correspondingly, in 2017 we weathered a deluge of articles promoting blockchain as the panacea to countless healthcare IT problems.
We learned that blockchain could create a universal medical record system, dramatically reduce the overhead of payment systems, and usher in a new era of medical system interoperability. Those are some pretty lofty goals!
But what if we kept our goals a bit more grounded to reality…what else could blockchain do? The list is endless, but here are a few goals that may be achievable in the short term:
- Patient prescription ordering and fulfillment system that is accurate, traceable, and resist to fraud
- Provider licensing and CEM tracking database
- Pharmaceutical supply chain tracking (DSCSA)
- Medical device tracking, maintenance, and servicing
- Transplant organ chain of custody
- Clinical research data storage
- Medical device-generated patient data storage
- Centralized data repository for deidentified population data for use in large-scale analytics
That is just the tip of the iceberg for potential solutions using blockchain technology in healthcare. It’s an exciting time for blockchain, but we are still in the beginning stages of technology adoption.
While the blockchain holds a lot of promise, don’t expect to replace your enterprise databases anytime soon, if ever. Where enterprise databases provide nearly instantaneous access to data, blockchains operate on a timeframe that is magnitudes slower.
So, let’s be clear: blockchain solutions will work for specific IT challenges geared toward the following:
- Storing data that is immutable, accessible, traceable, cryptographically-secure
- Allowing multiple parties to contribute to common records sets
- Eliminating a centralized gatekeeper or transaction processor
While blockchain boosters paint a rosy picture of the future, naysayers are quick to point out that blockchain isn’t the magical cure some say it is. The promise of a universal medical records system or nationwide healthcare interoperability is overly optimistic for the next decade. Blockchain technology doesn’t have any inherent ability to manage medical records and represents just one piece of a ridiculously complex technological puzzle.
Furthermore, blockchain can’t magically make systems interoperable. It can provide the foundation for a publicly-accessible, cryptographically-secure data repository, but it can’t suddenly standardize the complex data that needs to be stored in the blockchain.
Each medical system manufacturer has their own way of storing and transmitting data, each presumably infused with different advantages. Over the years, great strides have been made toward interoperability between systems, but we are a long way from having a set of standardized data elements that can handle the complexity and variety of data that is involved in patient care.
When we talk about storing medical records in the blockchain, there are obvious challenges to be solved. An electronic medical record may consist of PHI, PII, lab results, prescriptions, radiological images, doctors notes, medical device data, EKG readouts, and more. While the blockchain is suitable for text data, it is not well-suited to large-scale files such as waveforms or radiological image files which would need to be stored securely off the chain. (See IPFS.)
Who would work to standardize all of this data? Who would devise the mechanisms that grant access to patient records? How exactly could a patient provide granular permission to individual providers for discrete pieces of data within their medical record?
While there are a lot of theoretical uses of blockchain, there are still a plethora of real-world issues that are very hard to solve, both technically and politically. We will need to rely on the willingness of governments, trade organizations, industry leaders, and technological innovators to work to solve problems jointly.
As much as we would like to believe that blockchain is secure, issues at endpoints (where the blockchain and users meet) can thwart all of this.
To utilize a blockchain, users will need to have a security key that is comprised of both a private and public part. A private key is nothing more than a cryptographically unique string, stored in a text file, that one can use to generate unique public keys. Since this private key is typically stored on a personal computer or in “wallet” software, it is vulnerable to hacking attacks. Should a hacker gain access to your private key, the data protected by that key is vulnerable.
Despite the fact that most blockchains themselves have proven secure, we only need to look at Bitcoin’s history to see the problem. Over the years, hackers have targeted users in major incidents that involved trojans, malware, or system hacking. These exploits have resulted in stolen passwords or private keys, and with it, millions of dollars worth of Bitcoins. Since there is no centralized authority to investigate or rectify fraud, there is usually nothing that can be done about stolen cryptocurrency.
If you lost your private key, say in a hard drive crash, your cryptocurrency or data could effectively be lost forever. One might discount this risk, seeing this as a rare occurrence, but it is something that happens quite often. Over the years, it has been estimated that up to $950 million in Bitcoins are permanently frozen — present, but unspendable due to lost private keys.
REGULATIONS & PRIVACY
One very important consideration for blockchain technology is healthcare privacy and regulation concerns. On the surface, blockchain’s encrypted technology might seem tailor-made for an industry where data privacy is a top concern. However, existing HIPAA regulations, as they stand, may cause problems.
With strict regulations that require PHI and PII to be tightly controlled, will it be okay for organizations to disperse patient data to a distributed ledger? Can an organization really use a distributed ledger technology that removes direct control and oversight of data they are legally obligated to protect? Even in private blockchain networks, there are still significant privacy issues that need to be worked through.
These HIPAA questions will take years to be fully resolved, but there is healthcare information that can be stored in a blockchain that doesn’t run afoul of privacy regulations – that is where we are likely to see the first wave of blockchain-enabled healthcare solutions take shape.
Join us next week for the final installment of our e-book. Of course, you don’t have to wait! The complete e-book is available now, for free. Get up to speed on blockchain technology for healthcare in 15 minutes or less.