Distributed databases with built-in control features are an ideal tool to ensure transparent record keeping and data transfer. Let’s take a look at the fascinating origin of “blockchain,” and discuss its amazing potential—and some of the serious risks—for health information…
“Blockchain” is another favorite buzz word of the digital age, somewhere between the vague generality and infinite promise of “Big Data,” and the beckoning excitement and ominous foreboding of “Artificial Intelligence.”
You’ve probably heard about the term in relationship to “bitcoin,” which is correct, and somehow connected to databases, which is also true, but that won’t tell you how they work, or what value they might provide, especially for health.
Several misconceptions about blockchain regarding data privacy also abound, and may hurt early adopters swept up by the hype. Blockchain for healthcare has arrived, but we need to proceed with caution commensurate to our enthusiasm.
Who is Satoshi Nakamoto?
The stuff of cloak and daggers geekery, creative coding at its best, blockchain is the 2008 brainchild of the mysterious “Satoshi Nakamoto,” the Keyser Söze of bitcoin: Allegedly either a Japanese genius born around 1975; the computer scientist, legal scholar, and cryptographer Nick Szabo; Japanese-American physicist and defense contractor Dorian Nakamoto; game console developer Hal Finney; Australian computer scientist Craig Steven Wright; or maybe a Finnish economist, Texas security researcher, former darknet operator, perhaps some combination of all these guys, like any great mystery nobody can say for sure.
Whomever Mr. Nakamoto is or isn’t, this unknown entity currently owns over a million bitcoins at an approximate value of nearly a billion US dollars, not bad for still controversial “cryptocurrency” digitally recorded and transferred without a central repository or sole administrator.
Blockchain plays a fundamental role in bitcoin, and is essentially a public ledger that permanently records transactions of the kind “payer X sends Y bitcoins to payee Z.” The data is validated and permanently stored across a distributed database housed on thousands of computers worldwide. Each participant has the exact same copy, digitally chained together to reveal any revisions or tampering.
Any node can validate and then add a transaction to their copy of the blockchain ledger, which then updates all other nodes with the verified information. Think of the ledger as a super-sophisticated kind of Google doc, where changes are verified, shared, and permanently stored across all users, with no central owner or administrator. Check out this succinct flow chart from guardtime:
Roughly every ten minutes a fresh group of verified transactions, a “block,” is created and distributed to all nodes in the bitcoin blockchain through a process called “mining”. Miners are rewarded with transaction fees and new bitcoin. Each block contains a “cryptographic hash” or locked key of the previous block, linking all blocks together. The newest block is only accepted into the shared blockchain if the miner solves a “proof-of-work” function, which is an extremely difficult mathematical challenge requiring heavy duty computing power. Every two weeks or so the blockchain makes the computational challenge even more difficult to ensure the ten minute lapse between blocks is protected and maintained, and the proof function isn’t hacked.
As the proof function exponentially increases in computational difficulty, so does the energy consumption required to crack the key. Between March 2014 and 2015, for example, the average tries miners required to crack a new block grew from 16.4 quintillion to 200.5 quintillion iterations—forcing bitcoin miners to move to Iceland for cheaper geothermal energy or Tibet for hydroelectric power!
But the payoff is proportionately impressive, a “virtually currency” minting and exchange system that solves the inherent problem of digital money, namely how to preclude “double-spending” by limiting each transaction to a single instance between payer and payee. The distributed database structure also has powerful capabilities including audit trails, full data transparency, permanent storage, and decentralized transmission—all well-suited for financial exchanges and medical records transfer, making blockchain hot.
Even though bitcoin continues to give regulators and investors the heebie-jeebies, a recent IBM survey revealed nearly 15% of banks and financial market institutions plan to implement blockchain services in 2017. The potential for healthcare is equally enticing, especially considering the interoperability and storage challenges that remain endemic throughout the system. From diagnostics and EHRs at the point of care to hospitals, health plans, and provider groups, petabytes of data are bottlenecked in silos, compromising efficiency and reducing the potential benefits of big data integration.
But as the CEO of a major payer speculates, blockchain could soon become transformational for healthcare, especially for payments and payer contracts. Swap bitcoins with health data, take the miners out of the blockchain equation, and the technology has the potential to automatically, autonomously, and securely connect, verify, and store vast amounts of information. And by eliminating the need for an intermediary, blockchain could lower administration costs, increase speed, and provide customized service to all stakeholders. Of all places, the country of Estonia is already actively using blockchain to validate the private data connection between a million patients and their electronic health records.
The integrated and decentralized features of blockchain have also attracted the interest of the FDA and IBM Watson Health, recently announcing a partnership to study the technological potential. The collaboration will initially concentrate on oncology, and take a look at how aggregate data from clinical trials, genomics, medical records, apps, and mhealth devices can be registered, verified, and connected across multiple touch points throughout the healthcare system using blockchain. Meanwhile, startups from San Francisco to Australia are pursuing blockchain solutions for everything from telemedicine to population management to triage, for organizations as diverse as ACOs, managed care systems, and hospitals. Interestingly, the ONC has announced winners of their “Blockchain Research Challenge,” revealing compelling potential uses of the tech throughout the healthcare system, especially for audit trails and revealing any evidence of tampering.
In summary, many of the potential benefits of blockchain for healthcare include comprehensive and immutable authentication logs for data access and auditing; optimized data sharing and syncing across devices; interoperability with existing infrastructure; a custom API for specialized content and integration with private blockchains; mining incentives for medical researchers; and even an intuitively designed user experience to maximize patient and provider engagement.
Thanks to these and other benefits the excitement throughout the healthcare community for blockchain is palpable, but experts including Alf Whitehead, SVP of Technology at Klick caution early adopters, especially regarding common misconceptions involving privacy. “Thorough security demands meeting three criteria,” Alf insists: “Data confidentiality, integrity, and availability.” Blockchain successfully precludes compromised availability, specifically those breaches related to denial of service and loss of access. But ensuring the confidentiality of personal data and the integrity surrounding its use are outside blockchain capabilities.
“Consider the Estonian example, “ says Alf, which used massive-scale data authentication without reliance on centralized trust authorities to securely connect millions of patient records across multiple platforms. “Any tampering or malfeasance is revealed thanks blockchain’s ability to provide a high quality audit trail, which should reduce the number of violations. But that doesn’t directly protect health records from snooping at all, or from other violations through the inappropriate use of that data after it’s been accessed.”
Another challenge with blockchain is an apparent strength, namely that all the data containing within it is “immutable.” Whereas permanence helps to reveal tampering, the capability also locks into place the cryptographic keys used to encrypt any data placed directly on the blockchain. So if that key is ever stolen your health records that were verified using it are vulnerable; and as time goes by, the ability to crack that key also increases, again potentially exposing your data to breach.
“HIPAA demands that you ensure personal health data security for the life of the patient, plus 50 years,” smirks Alf. “We can’t predict the future, but complex codes once thought to be unbreakable have since been cracked. So if a quantum computer goes online in the next century or somebody proves the Riemann Hypothesis and prime number factors become relatively easy and quick to find, then all today’s blockchain codes will fail, and all your personal health data will be exposed.”
Given these precautions, bold healthcare systems eager to implement blockchain solutions must understand the technology’s inherent capabilities—but also its intractable weaknesses, especially regarding data confidentiality. According to Alf, blockchain for healthcare is well-suited for enabling audit trails and interoperability, making the system terrific for validation, electronic signature, provenance-trakcing, and other important health information-related functions. “But blockchain is bad for private data of any kind. If you have personal information you want to secure, blockchain can provide a good ‘metadata’ stream that make privacy violations evident, but should never be used to store the private data itself.”
YOUR HEALTHCARE CYBERPARTNER
The exponentially increasing pace of change forces you and your brand to adapt to fluctuating market conditions, ideally in real time. Evolving technologies including blockchain are revolutionizing stakeholder communication across complex networks, especially in healthcare where secure storage and seamless integration are key.
Is your commercialization partner helping you crack the code, or are they the weakest link in the chain? Here at Klick Health we embody the creativity, data, and tech necessary to keep your brand moving at the speed of life. We also help caution you about the risks of new technologies like blockchain, and how to safely get the benefit your brand deserves.