The Use of Blockchain in Healthcare – How Can Technology Keep Health Data Secure and Private?

Finjan TeamBlog, Cybersecurity

Finjan The Use of Blockchain in Healthcare   How Can Technology Keep Health Data Secure and Private?

Blockchain technology is being proposed as a means of preserving the integrity and confidentiality of stakeholder information in the health sector.

Individuals and organizations in the healthcare industry are making increasing use of the cloud, to cut down on management costs and data access times. This comes at a potential cost in data security, if cloud services are poorly delivered or badly secured. Elsewhere, health practitioners have a history of lax practices and limited knowledge, when it comes to matters of data governance and cyber security with on-site data management. Blockchain technology offers the potential to fill in these security gaps.

It’s one of several use cases that have been suggested for a mechanism that’s still in its relatively early stages of development, and which has yet to prove its worth in wider applications.

What Is Blockchain Technology?

Blockchain technology first came to fame in 2009 as the infrastructure supporting the digital cryptocurrency Bitcoin. It’s based on a “distributed ledger” system that assigns a “block” to each digital transaction. Each block is connected to the transaction occurring immediately before and immediately after it, forming a “chain” that makes up the ledger.

This ledger is distributed, as all the records forming the chain are shared amongst a network of computers, rather than being stored in a single central database that could provide a single point of failure. All transactions in the blockchain are encrypted, with a cryptographic “hash” (characteristic number / letter mix, fingerprinting the transaction) generated for each, and linking it to the transaction directly preceding it.

In effect, this locks each event in place, creating an unchangeable (or “immutable” in Blockchain-speak) record of transactions.

Health Information Exchanges (HIEs)

An electronic health record (EHR) is supposed to give health industry professionals fast, reliable, and secure access to patient medical histories, prescription records, and laboratory test results. Used in this context, you’ll often hear them mentioned along with electronic medical records, or EMRs. Well-designed EHR systems can help reduce medical errors, shorten hospital stays, and produce better clinical outcomes.

But in the decades since the introduction of the first electronic medical records system in 1972, they’ve been designed and used principally for billing purposes. Worse, the structure and application flow of most EHR / EMR systems are not user-friendly, making it stressful and time-consuming for those who have to negotiate the software and sift through the reams of data that they contain. The problem is heightened, as individual EHR systems aren’t typically designed to integrate with others.

Health information exchanges or HIEs were developed to help co-ordinate the workings of various records systems, and to facilitate the movement and sharing of information between hospitals and other organizations.

Several HIEs currently use a decentralized approach to their data architecture. This helps in ensuring that patient data and sensitive health information can be monitored across multiple checkpoints, rather than a single gateway. Though this approach increases the level of security, a trusted process for the validation of information exchanges has been lacking.

Implications of Blockchain in Healthcare Sector

Validation of transactions and information exchanges lies at the heart of a blockchain system. With blockchain technology, transactions must be verified and recorded through the consensus of all parties belonging to the network. Each stakeholder retains an instance of the ledger, which is updated upon completion of a new transaction. And unless a majority of the members in a blockchain network agree that a requested action is accurate and valid, new transactions cannot be approved.

For the health sector, the verification and validation protocols of a blockchain system could make it possible to get a unified and consistent view of each patient or health service stakeholder’s interactions with various aspects of healthcare. As an example, this might include lab tests or clinical examinations conducted at different health facilities, drugs prescribed, outpatient care, monitoring, etc.

As the backbone of a new breed of health information exchange, blockchain also brings numeric public key and/or private key encryption protection to the level of each individual patient. Hackers attempting to break into a blockchain-protected HIE would face the challenge of first determining whose data was in each link of the chain, then figuring out a way to actually manipulate it. The same protection would prevent even healthcare professionals from gaining access to a patient’s records without their explicit consent.

Patients would also have a greater say in the treatment of their own health information. And as stakeholders in a blockchain network, they would be empowered to authorize the amendment or sharing of their own data, ensuring greater privacy and control.

Blockchain in Healthcare – Coping with a Widening Ecosystem

The issue of managing electronic health records and related information from a range of sources has become even more of a challenge, with the proliferation of health-related services and devices in the Internet of Things (IoT). Data streams from fitness and performance monitors, remote diagnostics tools, and other connected hardware have been added to what’s already a complex mix.

Here again, blockchain technology has potential (as yet, untapped) to bring some order to the confusion, and some security to the data handling. Assuming that techniques can be developed to identify unique individuals from multiple data-sets, blockchain could be used to link healthcare claims and medical records with personal biometric data from IoT devices. The ecosystem of linked information could also pull in data from purchasing records, geo-location, employment records, insurance, and other relevant sources.

Blockchain in Healthcare – Regulatory Considerations

One of the bigger challenges facing the potential use of blockchain technology in the health sector concerns the way in which professional standards, industry codes of practice, and regulatory compliance obligations can be met.

For instance, with the European Union (EU) General Data Protection Regulation (GDPR) now fully in force, EU citizens and residents may now exercise their right to be digitally “forgotten”, through the erasure of information about them that’s been gathered by commercial organizations or other institutions. If some of this data were to be personal health information (PHI) residing on a blockchain network, complications could arise. Remember that a blockchain ledger is supposed to be for life, and cast in stone.

One workaround that’s been suggested for resolving this dilemma is to store personal health information outside the blockchain in secure but accessible servers, but with cryptographic hashes associated with each record forming part of the blockchain. This would at least enable the organizations that handle this data to respond in a reasonable (and GDPR-compliant) manner, to requests from consumers to edit or delete their records. Each deletion would require a corresponding amendment to the blockchain, registered as a fresh transaction.

Blockchain in Healthcare – Practical Applications

While blockchain technology has had a successful run providing the infrastructure for cryptocurrency endeavors, it’s still early days for practical applications of blockchain in the health sector. But there have been some tangible moves and some viable proposals.

Estonia has been using blockchain technology to secure healthcare data and transactions, since 2012. 95% of the country’s health data is in electronic form, 99% of its pharmaceutical prescriptions are digital, and all healthcare billing is handled electronically.

In 2016, the EU started funding a multinational collaboration with privacy companies and leading research universities. The aim is to build a blockchain system that can aggregate and share biomedical information between healthcare organizations and individual patients across the continent. Under the proposed scheme, EU patients would have online and mobile device access to secure personal health data accounts.

Sweden has begun rolling out a blockchain health data platform called CareChain, which will enable companies and private individuals to store health information from various sources. Opportunities are available for developers on the platform to create apps and services for giving access to this data.

It’s also been suggested that blockchain technology could provide a new enabling environment for clinical trial research, housing demographic, diagnostic, and therapeutic data that could help identify patients and health facilities suitable for clinical trials.

Share this Post

Finjan The Use of Blockchain in Healthcare   How Can Technology Keep Health Data Secure and Private?
Article Name
Blockchain in Healthcare | How Technology Can Keep Health Data Secure
From electronic records to clinical trials, blockchain technology is being proposed to preserve the integrity/confidentiality of data in the health sector.
Publisher Name
Publisher Logo