There is a problem today with poor management and protection of patient health data. The way data are collected and stored creates many problems across the health ecosystem. For example:
- Data errors are painful for everyone. Data often need to get entered over and over in different systems that don’t connect with each other. Every time the same data point is entered is a new chance for an error to be made (spelling mistake, transposed numbers, entering data into the wrong field in an online form, etc.) These errors slow down processes as steps need to be redone. They can also cause health workers to make incorrect evaluations of patients.
- Healthcare providers are woefully under-equipped to protect sensitive patient data. Hospitals, pharmaceutical companies, insurers, and other players in the health ecosystem have huge databases of sensitive patient data including names, addresses, medications prescribed, health diagnoses, etc. These databases need to be protected from cyberattacks, malware, and other threats. But most firms lack the sophisticated security expertise necessary to ensure the protection of sensitive data. As a result, breaches of health data continue to rise and malware attacks are getting more intense.
- Compliance is a nightmare. Health players need to show governments and regulatory bodies that they’re in compliance with local and national regulations regarding patient data. Unfortunately, the time it takes to report on that compliance is significant and there is a large cost associated with compliance. Additionally, as regulations change frequently, healthcare providers struggle to keep up and ensure they are in fact compliant.
Blockchain-Based Data Platforms Like healthbank Will Solve The Data Problem
New ways of capturing and storing data will be possible with blockchain technology. healthbank’s blockchain solution will allow data to be stored independently of the firms using the data, with patients controlling access themselves. As providers will access the data via blockchain, today’s challenges will be solved and the entire healthcare market benefits as:
- Data entry errors get significantly reduced. As companies forgo constantly re-entering data and rely on a single trusted source for each data point, data errors will decline sharply. The data also will be stored in the healthbank platform, with users giving explicit consent for different data points to be shared. A single version of the truth means fewer mistakes – resulting in lower costs for health businesses and higher satisfaction for patients.
- Less patient data means lower cybersecurity threats (and worries.) Without large databases of patient data to attract hackers, health providers will have a lower security threat profile overall and an improved ability to protect themselves from the remaining threats. They’ll spend less on security as they’ll have fewer data assets to protect.
- Compliance becomes easier and less expensive. With a blockchain-based solution, companies will have time-stamped, highly secured and auditable records for all of their dealings. This means instead of going through multiple systems to find the right reporting information, companies can more easily and quickly find their proof of compliance to report to authorities. Needless to say that no data will ever be shared without the explicit consent of the user, which in turn is going to be recorded in a blockchain approach.
How Blockchain Delivers The Data Solution In Ways Other Technologies Can’t
There are multiple technologies currently in the market, and many of them are also trying to solve the data problem. What makes blockchain a better option compared to other technologies? healthbank’s platform will take advantage of blockchain’s many strengths to bring the benefits described above.
- Public/private keys to control the data. Blockchain uses cryptography, a system for protecting data using “keys” – random strings of numbers based on mathematical computations where the answers cannot easily be reversed engineered. No data can be shared unless the private key owned by the patient and the public key randomly generated by the cryptography match and are “signed” by the patient/key owner. This means that someone who knows the public key can’t figure out who the patient is and can’t figure out what the person’s private key is. The patient is the ultimate arbiter of who can see the data because only the private key owner can conduct a transaction.
- Hashes make it simple to verify data sources and changes. When data are entered into the system, they are encrypted. The blockchain system generates hashes (random alphanumeric strings like the ones used for keys) for the data. If the data changes or someone attempts to otherwise alter a data point or transaction, the hash will no longer be valid – alerting everyone that a change happened (but not the details of what changed.) And in everyday situations where there is no foulplay, but there is a valid change (like someone’s address changing or a patient no longer takes a particular medication) then the hash is no longer valid and the fact that the hash changed is communicated to affected parties. Those parties can then go ask for access to the updated information.
- Distributed ledgers to ensure transparency and auditability. Unlike corporate systems where there is only one database, blockchain solutions use “distributed ledgers” or multiple replications of the same database in order to bring trust into the system. Since there are multiple copies, someone can’t simply hack one database – it would no longer match the other copies and it would become obvious that someone tampered with the data. (Keep in mind that the multiple ledgers or “nodes” are all encrypted and the data are only visible with the public/private key pairs once the owner gives consent.) The distributed ledgers also meticulously track and timestamp all transactions, so for auditing and compliance purposes, all parties can easily prove when transactions happened and that the transactions were compliant with GDPR and other regulations that govern data.
- Smart contracts automate many of the mundane parts of data sharing. Smart contracts are if-then statements that can self-execute as long as the pre-defined criteria are met. For example, in the instance of an address change as mentioned above, the healthbank system can have smart contracts that stipulate as long as a patient has given consent for a healthcare provider to see certain information, that the consent is automatically also transferred over to the new address. This reduces the need for a patient to remember to contact the provider and let them know of the address change. It also removes the provider’s need to do a massive annual data update process with patients as data and thus creates a much more dynamic consent than the current solutions.
healthbank is committed to blockchain as the best way to solve a few of today’s data problems. Not only does it bring a solid technical solution, but it also allows users to have control over data in ways that aren’t possible with other technologies.
healthbank’s strategy to adapt to blockchain technology follows the path to adapt to mature components that step-by-step decentralize without risking scalability and security. Therefore healthbank has focused on privacy-by-design-and-default principles right from the beginning. As blockchain implementations begin to emerge and scale, the next step in the evolution of decentralization will happen. healthbank is working toward this directly by building on public blockchain and incorporating smart contracts.
Patient data will not be stored on a public blockchain — that’s definitely not privacy by design! However, healthbank doesn’t want to build unnecessary technical siloes and so they believe in using public blockchain where possible and feasible given business needs and privacy demands, focusing private blockchains where they’re required.
Trust, transparency, and automated execution of business rules among health ecosystem members benefit everyone – patients, providers, insurers, and auditors. And ultimately, the technology is only there to solve the greater purpose – making patients more active participants in their own care and allowing health providers to offer better care as they can focus on using relevant data without being distracted by data problems.