fbpx

Co-Founder and President of Protenus, an analytics platform that detects inappropriate activity in healthcare institutions.

Shutterstock

We hear a lot of talk about blockchain in healthcare and for good reason. Distributed ledger and/or blockchain technology is a hot topic in innumerable fields, ranging from finance to law to logistics and beyond. Definitions abound, but what we’re talking about at a fundamental level is an immutable, decentralized and transparent record of all transactions throughout a peer network.

In health care, we talk about blockchain in terms of its ability to securely, privately and comprehensively track patient health records. Currently, a patient’s medical history is a puzzle with its pieces dispersed across multiple providers and organizations. One piece is held by your primary care doctor. Several pieces are held by every specialist you have visited throughout your life. Another set might be held by wearables or devices that track your health.

Blockchain could help us assemble all of these pieces in real-time and view the entire picture of a patient’s health, with the confidence of knowing it’s both comprehensive and up-to-date. With a blockchain-based standard, every change to a patient’s record would be verified, combined with other transactions and added as a block to a larger blockchain. As a result, providers can be sure that they have the complete historical picture of a patient’s medical history, how it has changed over time and who made these changes. This provides a comprehensive record — one out of three of our hoped-for gains — but can it also provide privacy and security?

Can Blockchain Solve Any Real Cybersecurity Challenges?

Many of the immediate challenges that we’re facing today in healthcare cybersecurity will not be met by blockchain technology. For instance, blockchain will do little against attackers attempting to steal patient data, phishers looking for credentials or authorization to transfer money or steal financial documents, insiders looking at the records of patients outside of their care or the loss of unencrypted physical devices, as all of this data must somehow be accessible and readable within the four walls of the hospital. Fundamental blockchain-related changes to how we store health data may, in the future, address some of these challenges, but that is still quite a ways off.

However, blockchain may address a threat that is rapidly approaching: integrity-based attacks. In these attacks, malicious insiders or external actors modify data — such as by adding or removing drug allergy information — in such a way that is not trackable, leading to major patient safety and institutional trust concerns. Blockchain technology is an excellent counter to these integrity-based attacks, and it’s a good forward-looking tool we might deploy to address them. With blockchain in place, we’d have an immutable record of changes that could be retroactively examined to see precisely what was changed, when it was changed and who changed it.

It is likely that there are many other areas where blockchain might enhance privacy and security, and I welcome additional commentary on this front.