Tag Archives: distributed ledger

blockchain healthcare data security

Is Blockchain Right for Healthcare?

You may have heard that blockchain is “the next big thing.” And while “next big things” seem to rain from the sky in the tech world, there may be some truth in this particular case.

Blockchain came on the scene in 2008, the brainchild of a still-anonymous person or team of people called “Satoshi Nakamoto.” Despite these tantalizingly mysterious origins, blockchain is well understood and implemented as a distributed ledger to both protect and disseminate important information.

But how does this apply to healthcare?

Does blockchain really have the opportunity to upend how medical computers, EMR, and even clinical studies operate?

What is Blockchain?

The “block” portion of “blockchain” refers to encrypted vaults of information, while the “chain” refers to the connections with other, similar blocks of data.

Blockchain, at its heart, is a way to safeguard digital data by sharing it with thousands of users simultaneously.

The basic idea is that blockchain keeps data safe by keeping it encrypted and redundant, not unlike how iCloud or Dropbox protects files by storing them in multiple locations.

The data is difficult if not impossible to corrupt, because it’s being compared with the same version of the file hosted on every other computer connected to the block. And this checking occurs nonstop, confirming the authenticity of each alteration and transaction.

This is where the term “distributed ledger” comes into the equation. Since everyone can see the changes and transactions done to any data in the block — and who made those changes —  the ledger is secure. It’s like having your own team of perfect, robot accountants auditing your EMR computer hundreds of times a day.

Why is Blockchain Needed in Healthcare?

Primarily, blockchain can help healthcare providers avoid the avalanche of HIPAA violations that have fallen on the industry as of late.

The number of breaches appears to be growing, and with it the price tag of the fines being levied. In 2014, Columbia University and New York Presbyterian Hospital settled a fine for a data breach to the tune of 4.8 million dollars, which at the time was the highest fine ever handed out.

In 2017, Memorial Healthcare System, a Florida-based healthcare group, suffered a data breach that compromised over 115,000 patient and staff records. They were forced to pay a $5.5 million settlement.

But in 2018, Anthem, one of the largest healthcare groups in the world, forked over a record-obliterating 16 million dollars in fines after 78.8 million member records were compromised by hackers.

Either hackers are becoming more adept, IT systems are falling behind, or the amount of digital information in unsecured storage has increased. In all likelihood, all three of these factors are responsible for the rise in both data breaches and ensuing fines.

Since laws and regulations around the country — and indeed, around the world — are only forcing more patient data to be digitized and shared, there’s only one way to securely move forward and protect both patient information and hospital liability: an encrypted, incorruptible distributed ledger like blockchain, with access availability right on the nearest medical cart computer in any exam or patient room?

Implementing Blockchain

Integration with EMR systems and EMR computers is priority one.

As it stands, many healthcare groups are on different EMR programs and standards, making transfer of medical data difficult. This transfer is also a common breach point for hackers and data thieves.

Electronic Medical Records

Unsecured transfer of data is an easy target, which is what makes blockchain so useful. Because data is encrypted, copied, and stored on every computer in the block, there’s no transfer to scoop up. There’s no single vulnerable point that can be hit by DDoS attacks or corrupted by a virus.

The implications of a secure, incorruptible system for electronic medical records point to a potential sea-change in how data is stored. Imagine storing patient consent forms like organ donor consent, living wills, and DNR directives, all easily accessible by the authorized users. Double down on security with a medical computer equipped with two-factor authentication like a smartcard (or RFID, or biometric) scanner and a quick pin code.

That’s a one-two punch of security that can make HIPAA compliance a breeze.

Clinical Trial Data

There are other, far-reaching uses for both secure and easily-accessible data. Clinical trials and medical studies, for instance, are often made difficult by the logistical issues of having to store and collate a wealth of data. In the case of multiple parties contributing to a trial or study, the problem is only compounded.

Then add in that clinicians often to have de-identify the patients in the trials (but also have the ability to re-identify them for implementation or health reasons), and you’ve got a multi-headed hydra of potential data breaches.

Storing clinical study data on a blockchain is a perfect use of the technology and something that health giants like Pfizer and Amgen are already considering.

Blockchain for Preventing Fraud

Of course, not all theft comes in the form of hacking. Both insurance fraud and drug fraud cost hospitals (and sometimes patients) millions of dollars a year.

Preventing Health Insurance Fraud

In 2014, there were 2.3 million cases of medical identity theft, and the number has only been rising ever since.

This identity theft was usually for the purposes of either scoring prescription drugs or for using a patient’s insurance for “free” medical procedures.

This particular form of fraud is particularly devastating because it affects patients and healthcare providers alike, both of whom can have their reputations and finances irreparably damaged.

And, even worse, if the thief does receive treatment, their information (blood type, risk factors, allergies, even diagnoses) can get mingled with the actual patient. If this happens, it could cause incorrect diagnoses, medication complications, or the infusion of incorrectly-typed blood which can seriously injure or even kill someone.

There are even other potential consequences of medical identity theft: a Utah woman, Anndorie Cromar, was nearly arrested (and almost had her children taken away) when an identity thief used her insurance to pay for maternal services. The thief’s baby tested positive for drugs, and since the name on the birth certificate was “Anndorie Cromar,” police and Child Protective Services descended quickly on the wrong person.

The mix-up was eventually sorted out, but not without money, frustration, and what turned out to be the scare of Cromar’s life.

Blockchain technology can mitigate some of the issues — the patient can have an encrypted ID vault on the block, one that the provider can use to make sure that the person standing in front of them is the real policyholder (or the policy holder’s authorized dependents or partner). This ID vault could contain a picture, all ID paperwork, and even biometric data depending on consent and regulations.

Then, the clinician need only check the data against the patient in front of them to prevent most forms of health insurance fraud. They don’t even need to be sitting at a computer — they could grab a nearby medical tablet and pull up the data then and there.

Tracking Drugs and Eliminating Counterfeits

The nature of blockchain’s distributed ledger is a perfect match for inventory and drug-tracking all throughout the supply chain.

The “Drug Supply Chain Security” act, established in 2013, mandates electronic drug tracking in the United States. A secure solution like blockchain is practically custom-built for verifying drug transactions, authenticating barcodes, and keeping every step of the shipping and use chain fully recorded and protected from illegal tampering.

Medical computers with integrated barcode scanners streamline the process. If you already have a USB-powered barcode scanner, medical panel PCs are capable of powering those peripherals on their own, just from the built-in batteries of the PC itself.

Those same medical PCs can also come with built-in two-factor authentication, making them compatible with the SUPPORT bill and a vital tool in combating the opioid crisis.

Combining Blockchain and Healthcare

Blockchain isn’t a perfect panacea to cure all data security problems forever, but its secure, incorruptible nature (combined with staff education and good network hygiene) makes it an excellent solution to many of healthcare’s current data-handling issues.

To learn more about integrating blockchain with EMR and secure medical computers, contact Cybernet today.