What Healthcare Organizations Need to Know about Blockchain

Blockchain: the next, great frontier?

Is blockchain the next, great frontier for healthcare? Or has the hype far surpassed reality – that it’s a pipe dream that could never conceivably work in such a complex and heavily regulated industry?

I believe the correct answer lies somewhere in between: Blockchain brings the promise of improved, more efficient information management, with possibly even better security. But, like any other technology that is new, complicated and disruptive, we should “walk before we run” by trying it out on a smaller scale to get a sense of “success stories” and “lessons learned” before expanding its reach.

At the very least, it’s encouraging to see that industry leaders are taking a close look at blockchains as a remedy for current information-management woes. The general public commonly associates the technology, understandably, with bitcoin and other cryptocurrencies. However, the actual innovation behind blockchains can apply to a far broader range of industries, including healthcare.

Traditionally, “owners” of particular patient information and other records store, keep and hopefully secure the data. If a vacationer has an accident at the beach, for instance, a physician from an oceanside clinic may need a prescription history of the vacationer from the family doctor from home, since the family doctor “owns” the information. The clinic has to request the history from the family doctor’s office – and if the accident occurs on a weekend, the information won’t be available until the following Monday.

Blockchains can help the industry “cut to the chase” by storing a vast array of data on linked, encrypted blocks which aren’t “owned” by any particular institution or person – circumventing cumbersome and complex procedures required to deal with a deluge of data that grows by the minute. The blocks are replicated throughout a network which is always kept in sync with consistent, updated information, producing a much-sought “single source of truth.”

Regardless of which healthcare organization employs them, users gain access to the blocks through authorization processes based upon the relevancy of the data to their job roles. From the patient care perspective, blockchain records could eventually include details about prior operations/illnesses, medications prescribed, blood work results, etc. From the healthcare provider administration and research side, they could cover clinical trials, insurance policies, billing accounts, etc. Note the use of the word, “eventually,” here, because we do not feel that such use cases are entirely possible right now – at least not without creating serious issues.

Despite the potential for obstacles, the industry appears poised to buy-in in a big way: The global blockchain in healthcare market will grow to $5.61 billion by the end of 2025, up from its current value of $176.8 million, according to a forecast from BIS Research. By sometime this year, no less than 86 percent of surveyed healthcare executives anticipate that their organization will finance blockchain applications in at least nine categories, with medical/health records (94 percent), billing and claims management (also 94 percent), medical device data integration (92 percent), asset management (91 percent) and contract management (90 percent) accounting for the top five categories for planned adoption, according to research from IBM.

When asked about the problems that blockchains could solve, healthcare providers cited inaccessible information (61 percent), information risks (60 percent), transaction costs (58 percent) and inaccessible marketplaces (58 percent), according to the IBM research.

But, to reach this point, we’d have to address the aforementioned obstacles, as posed by the following challenges:

Patient Identification

There is no unified, consolidated system for identifying every patient who would be connected to a blockchain. If a doctor and his team members in Detroit have to call up the medical history of a local patient named “Henry Brown,” how do they know they’re accessing information about the right Henry Brown? There are likely many people in the city with the same name. For blockchains to work as an all-encompassing, real-time repository of health records, we would need to develop – through the government and/or an industry effort – a reliable, comprehensive national patient identification database linked to all electronic medical records (EMR) systems to ensure that the right people are accessing the right information.

Data Volume

Blockchains are not currently designed to store very large files (radiology images, genetic testing results, colonoscopy videos, etc.). For now, this limitation will lead to the storage of large data “off chain,” with the blockchain itself strictly containing pointers to all the data.

Patient Privacy

Blockchains are inherently transparent – they reveal every transaction in the chain. This presents privacy issues, especially for patients. Blockchains for cryptocurrencies, of course, have gotten hacked, so the same likelihood exists for blockchains supporting medical purposes. One solution: Designating patients as the “owner” of their blockchains, just as cryptocurrency investors “own” their own e-wallets. If the patient owns a blockchain, the patient can decide who is allowed to view it on a case-by-case basis. Conceivably, the patient would also have to approve of the cybersecurity measures taken to protect the blockchain, or at least agree to absolve outside parties of any responsibility for a hack.

Authorized Access

Who should access blockchain, and how much should they see? How do you enforce authorized access? This necessitates understanding of contractual obligations between parties to take part in serial immutable transactions. Since these peers are frequently geographically distributed, a central entity would have to ensure that the contracts are adopted, executed, cataloged and auditable. They should adhere to regulations such as the Health Insurance Portability and Accountability Act (HIPAA) for storing the protected health information (PHI) of Americans, and the EU’s General Data Protection Regulation (GDPR). Because the communications need to be secured, highly effective encryption must not only secure the data in the blocks, but protect communication among the many peers. Existing systems will have to rethink how information is presented and consumed, since many were written in early days without interoperability in mind.

Information Validation

Medical records are incredibly intricate. They involve a myriad of dense data related to symptoms, treatments, tests, etc. How do users know that a diagnosis on the blockchain is the most recent and “true” one? Again, the clear establishment of the most recent and relevant data would require the government and/or industry standardization of the deployment of date/time stamps, statuses, and additional information-validation tools.

“Walk before we run”

Given the challenges, it’s inadvisable for the industry to dive “head first” into blockchain adoption. By definition, a disruptive technology, well, disrupts – often with both good and bad outcomes. If we focused on smaller and simpler business use cases – perhaps the tracking of joint implants or opioids, to cite two examples – we can improve the chances for positive experiences by standardizing practices as related to user authorization, privacy, information validation and security. With that, we can then decide how to expand (or not expand) our deployment. As a result, we’ll view blockchain not as some kind of new and mysterious and possibly risky disruptor, but as a better way to do what we do now.

How PAM Can Protect Feds From Third Party/Service Account Cyber Attacks

How PAM Can Protect Feds From Third Party/Service Account Cyber Attacks

Share This