BTC Inc
by Michael Scott, Jun 27, 2017

Questions Loom for Healthcare's Data Security


Healthcare Questions Loom

The speed of the internet makes personal healthcare information more readily available than ever before. Though it’s tough to quantify the results of this change, it seems certain that health data security will remain a top priority for hospitals and other healthcare organizations tasked with securely managing people’s information.

2016 saw a significant increase in data breaches, from 600 million to more than 4 billion — a 566 percent increase, in fact, according to a recent IBM report. This means that in 2016 alone, 12 million records were compromised in the healthcare industry.  

With these breaches in mind, a growing number of conversations about data security invoke blockchain technology as a potential solution. Blockchain technology is best known as the data architecture which runs the cryptocurrency bitcoin. One definitive feature of a blockchain is that it allows transactions to be verified and recorded through the consensus of hundreds of computers in its network. This type of network is decentralized.

Blockchain technology may be highly significant for healthcare, as any data transaction or entry entered into a computer system or electronic health record could be effectively validated against a ledger containing previous activity.

Moreover, because a blockchain is a distributed technology, each consumer can have their own copy of the ledger instead of it being held and controlled in one centralized location. Blockchain technology also provides medical providers with the opportunity to reconcile their records with the versions that may be in the patient’s possession. For instance, if a patient visits four different medical providers and each makes an error on their information record, the gaps in that patient’s data continuity could have a drastic effect on care.

The Blockchain: A Potential Solution?

Blockchain technology would give patients much greater accountability in terms of ownership of their health information. Patients could approve or deny data sharing or changes. A healthcare information model based on blockchain technology would not only prevent recording mistakes, but also boost privacy levels and consumer control.

If there was a need for a patient to see a new specialist, the patient would no longer have to take the time to gather their records from all their different healthcare providers. Instead, the specialist would simply be granted access to the patient’s collection of data on the blockchain.

In the end, issues of accountability and accessibility tie back to the security aspect of health information exchanges. Sharing data between healthcare organizations continues to grow in popularity as interoperability and population health protocols advance. These changes are partly due to the need to ensure that privacy and security requirements and regulations — such as the Health Insurance Portability and Accountability Act of 1996 — are met.

Data security will be among the many IT issues discussed on August 22–25 in Nashville at the Tennessee Healthcare Information and Management System Society’s Summit of the Southeast. John Bass, founder and CEO of Hashed Health, a leading blockchain innovation consortium of healthcare companies, will be one of the featured speakers at the event. Along with healthcare identity security, Hashed Health is guiding the exploration of blockchain technology to improve healthcare systems such as payments, provider information, and pharma.

Is Blockchain the Right Remedy for Healthcare’s Data Security Problem?

Chicago-based attorney, and blockchain and digital security expert, Pamela Morgan likes to play the devil’s advocate. Morgan admits there is some confusion as to what a blockchain can and cannot do. In conversation, she stated that many healthcare blockchain applications she has seen are at best “impotent and [at worst] the outline of a horrific future.” Morgan pointed out that when people and institutions add records, it is nearly impossible to go back and correct mistakes down the line.

Morgan also pointed out that a blockchain cannot validate an individual's health data. In other words, a blockchain isn’t a euphemism for artificial intelligence. Furthermore, she suggested that consensus rules (validation tools of blockchains) are good at black-and-white distinctions: valid or invalid, true or false. But consensus rules aren’t effective for nuanced in-betweens such as new or strange symptoms, and experimental or new treatments.

Morgan is doubtful that data integrity will be provided by a blockchain — unless the data is part of a consensus, which would effectively mean a blockchain for one. For consideration, Morgan posed the following questions about consensus protocol:

  • Who would pay to maintain a blockchain for one?

  • Who would approve the transactions? (Most providers are already overworked.)

  • How will that provider be compensated? And will they be legally responsible for malpractice if they approve a transaction that turns out to be incorrect?

  • If patients want to change family doctors, will they need a new blockchain?

These questions appear to point to three clear facts: Healthcare’s data infrastructure has problems; blockchain technology is too often looked to as a one-size-fits-all solution; and if blockchain is to provide a solution, it must be applied with specificity.


You might also like

Smart Contracts and the Future of Banking

Giulio Prisco

For The Distributed Ledger