New technology often follows a predictable hype cycle: from onset, through a “peak of inflated expectations,” down the “trough of disillusionment,” and up the “slope of enlightenment,” before reaching the “plateau of productivity,” to use the terminology from technology analyst firm Gartner, Inc. Blockchain, the distributed database technology that enables the bitcoin digital currency, is without a doubt rapidly ascending the inflated expectations peak. The excitement around using blockchain technology in health care is also growing. Proponents point to blockchain’s potential to liberate data from entrenched silos, empowering patients to securely “own” their data. Critics argue it’s all hype — a technological hammer looking for a nail — and that the complexities of health information prevent practical use of blockchain technology.
So, is it all hype? The core tenets of blockchain technology — a decentralized and encrypted way of distributing, sharing, and storing information — seem appealing for health data. Take the recent trend of ransomware attacks as an example. Ransomware attacks are successful in part because many clinical data sources are discrete, isolated, and segregated; this turns out to be a vulnerability, as attackers exploit these very attributes to lock a hospital out of its own data. In a blockchain world, where information is distributed and shared across many parties, these types of attacks would become more difficult. Yet blockchain technology raises its own security and privacy concerns just as it offers a new paradigm for distributing information. As we will see, blockchain’s potential in health care is heavily weighted by these limitations.
How Does Blockchain Technology Work?
Blockchain technology was first described in a 2008 pseudonymous paper by Satoshi Nakamoto as a decentralized, public, cryptographically empowered currency system — a way for financial transactions to go “from one party to another without going through a financial institution.” Digital currency, of course, was not a novel idea, but Nakamoto’s paper offered a solution to the “double spend” problem: how do you prevent an individual from copying their money and spending it multiple times? Blockchain currency — most famously bitcoin — has emerged as a viable form of financial transaction. As of this writing, there are over 800 bitcoin ATMs worldwide.
In essence, the blockchain is a shared database. Unlike a traditional database, however, there is no central ownership. Instead, data is managed through the consensus of participants in a network, who work together (with the help of cryptography) to decide what gets added, while each participant maintains an identical, full copy of all transactions. The network can be public (like bitcoin, open to anyone) or private (restricted to certain members). When new information needs to be added, every computer on the network is notified and updates its copy accordingly. The result is an expansive and distributed source of truth — built not from trust, but through cryptographically enforced consensus. The information stored can be anything: financial transactions (à la bitcoin), land-title deeds, personal identity, intellectual property, even “smart contracts” — computer code that executes when certain conditions are met. Yet blockchain’s most important attribute is its immutability: once something has been added, it is permanent — stored across thousands of computers, cryptographically locked in history.
The technical details of how this is done are somewhat complex, but involve public/private key encryption (for anonymity), proof-of-work (for agreement on what gets added to the ledger), longest-chain rule (for resolving conflict), and peer-to-peer networks (for communication).
How Can Blockchain Be Applied to Health Care?
One of the first use cases that typically pops up when discussing blockchain and health care is data exchange. Take medication prescribing as an example. A patient’s medications are frequently prescribed and filled by different entities — hospitals, provider offices, pharmacies, etc. Each one maintains its own “source of truth” of medications for a patient, frequently with outdated or simply wrong information. As a result, providers in different networks, or on different EHRs, may not see one another’s prescriptions. Additionally, electronic prescriptions must be directed to specific pharmacies, and paper prescriptions can be duplicated or lost.
To counter these difficulties, a medication prescription blockchain could be a shared source of truth. Every prescription event would be known and shared by those authorized to see it. This would allow, for example, prescriptions to be written electronically without specifying a pharmacy, or prescriptions to be partially filled (and “fully” filled at a later date, by a different pharmacy). Since the blockchain would be the source of truth, each pharmacy would see all events surrounding that prescription — and could act accordingly. Most importantly, all health care providers could have an immediate view into a patient’s current medications, ensuring accuracy and fidelity.
Here are some of the other ways that blockchain could benefit health care:
- Clinical data sharing. Advance directives, genetic studies, allergies, problem lists, imaging studies, and pathology reports are just some of the data elements that could be distributed. Alternately, instead of storing actual patient data, blockchain could be used to store access controls — like who a patient has authorized to see their health data — even if the clinical data itself is stored by the EHR.
- Public health. A shared, immutable stream of de-identified patient information could more readily identify pandemics, independent of governmental bodies currently aggregating this data — for example, an influenza reporting system.
- Research and clinical trials. Distributing patient consent or trial results could foster data sharing, audit trials, and clinical safety analyses.
- Administrative and financial information. Insurance eligibility and claims processing workflows could benefit from blockchain and have decreased transactional costs.
- Patient and provider identity. National (or international) patient or provider identities could be secured in the blockchain, providing the basis for health data portability and security.
- Patient-generated data. Personal health devices, “wearables,” “Internet of Things” (IOT) devices, and patient-reported outcomes are just some examples of patient-generated data that could leverage the blockchain for security and sharing.
Most of these use cases are top-down: data used and generated on behalf of patients. But perhaps the greatest potential of blockchain technology is the empowering of patients to own and gather their own data. In many ways, the promise of blockchain lies outside the current health information technology framework — directly challenging the siloed, centralized data stores that dominate health care data today.
Challenges of Implementation, and the ONC Challenge
While the above use cases are exciting and encompass many aspects of health care, there are several fundamental challenges with blockchain technology that need to be addressed before it reaches the plateau of productivity.
First, because the blockchain is anonymous but also public, identity is vulnerable to being discovered, despite being cryptographically hidden. Second, the blockchain relies on a unique identifier to link events together (similar to patient IDs in EHRs), so if a patient’s data exists under different IDs in the blockchain, they will have to be deduplicated somewhere — a fact made more challenging by the anonymity. Third, the sheer volume of clinical data generated far exceeds practical storage capabilities of the blockchain currently. Finally, while the blockchain is immutable, it is immutable because it works on consensus. If a majority of the network decides to go in a different direction, the blockchain could split (a very real scenario).
There are ways to mitigate some of these challenges — for example, storing data “off the chain” or using a private blockchain. Private blockchains are networks of trusted nodes; only certain, permissioned entities are allowed to participate. However, with a private blockchain, participants must trust other entities on the network. And if you have trust, blockchain is less necessary, and more just like a standard distributed database.
So what’s next? It still remains to be seen if blockchain technology will take hold for health care. This past summer, the federal Office of the National Coordinator for Health Information Technology (ONC) launched a contest to identify ways in which blockchain technology could be used for health IT and health IT research. This is an excellent first step. The submissions show the breadth of opportunities, such as blockchain for IT system interoperability (and also highlight the challenges). Additionally, this past month, IBM Watson Health and the Federal Drug Administration announced a research initiative to explore the use of blockchain technology for health care data, with a first eye toward oncology data.
The excitement around the technology may imply a certain inevitability, but the challenges and realities of health care and health care data may be insurmountable — even as some argue that blockchain could revolutionize how we share health care data. We need more real-world uses to truly understand how useful blockchain could be, how disruptive implementation would be, and how much is just hype.