Would you want your healthcare data or records stored on the blockchain?

1.7k views8 Comments

Worldwide Strategy & Portfolio, Cross Industry (Supply Chain, ESG, Engineering, Customer Experience, Intelligence Automation, ERP) in Manufacturing, 1,001 - 5,000 employees
I would be okay with having my healthcare records on blockchain, but there would need to be security around it that allows you to determine who can see which parts. I would want control over who sees what, which isn't feasible in a commercialized model.
2 Replies
Associate Vice President, Information Technology & CISO in Education, 1,001 - 5,000 employees

Is that technology available? For example: I know that with Monero, as a cryptocurrency, using their blockchain technology does provide that extra layer of privacy. But could that be used for healthcare records?

Worldwide Strategy & Portfolio, Cross Industry (Supply Chain, ESG, Engineering, Customer Experience, Intelligence Automation, ERP) in Manufacturing, 1,001 - 5,000 employees

In theory, yes; but in practical application, I'm not sure that that's a possibility at this moment. In terms of implementation, it would be a struggle to make that happen.

Board Member, Advisor, Executive Coach in Software, Self-employed
If I have multiple healthcare providers and I need them to have consistent, portable and secure access, then storing that data on the blockchain is a good way to do it. But it is always contextual. If I'm with an integrated care provider, like Kaiser, then all that information is within their systems and network, so I wouldn’t need that. If that provider chooses to use blockchain internally, in order to facilitate the right access and data protection, then sure. But as a potential customer, consumer or patient, I don’t care at that point. That's just how they best decided to enable data usage and data security.
1 Reply
Worldwide Strategy & Portfolio, Cross Industry (Supply Chain, ESG, Engineering, Customer Experience, Intelligence Automation, ERP) in Manufacturing, 1,001 - 5,000 employees

Even with organizations like Kaiser, the systems aren't always connected. If I'm using a sonogram to look inside somebody, the digital health record doesn't always connect to something else. It would show that you were there and had that procedure, but you wouldn't be able to access that other data, so another doctor couldn't just bring something else up. If you wanted a broader context to understand how precursor symptoms lead to a certain condition, for example, you wouldn't necessarily be able to see any of those trends or access the data.

Technology Compliance Director, Information Security in Travel and Hospitality, 51 - 200 employees
Highly sensitive PII being "On the blockchain" is a problem.   Public blockchain is public, so that is a "no".   "The Blockchain" requires an implementation, and as we have seen with all the vulnerabilities and recent security failures of commercial cryptocurrency exchanges, security is clearly not on anyone's list of requirements for developing commercial applications.
A company using a private blockchain fabric for their internal use could be good for internal efficiency, but that would not be "medical records on The Blockchain" in the sense that the original question was asked.
So, my opinion is "no".  I just don't think anyone will implement a sufficiently secure commercial product.
Director, USC Center for Computer Systems Security in Education, 5,001 - 10,000 employees
This question requires an understanding of what it means for healthcare data to be stored on the blockchain.  If one considers a traditional "public blockchain", all data is visible to all participants and I would not want my healthcare data to be present and visible and there would be HIPAA and similar regulations elsewhere that would prevent it.  The blockchain is not, in and of itself, a technology that provides for confidentiality of the data present on the blockchain.

That having been said, what blockchain technologies do provide is for integrity, and more specifically, immutability of information that has been added to the blockchain.  It is ideal when you want to make sure that any changes (after the fact) to data can be detected.  This is a characteristics that I definitely would want for my (and for everyone's healthcare data).  This prevents hospitals, governments, and others from changing medical records to coverup or shift blame from an adverse outcome, and it prevents hackers and others from changing medical records in an undetectable manner.

To accomplish this aspect of the blockchain, without a corresponding breach in confidentiality, you do something a little bit different than storing your medical records directly in the blockchain.  Instead, the records themselves are stored in a traditional EMR (medical record system), but you take hashes (cryptographic checksum) of the data records in the EMR and add the hashes to the relevant blockchain.  The underlying records can not be recovered from the blockchain, but you can use the hashes to verify that the underlying records have not been modified.

Director of Data in Healthcare and Biotech, 10,001+ employees
I could accept this given that several challenges are overcome, but this question certainly carries a lot of complexities. From my perspective, the three main challenges are:

1.) Public vs. Private Blockchains: I'm uncertain if a private blockchain could reach the critical threshold necessary for effective operation. Any system like this would have to be gradually developed. Initially, one institution may participate, followed by another, to demonstrate its value before expansion. Public blockchains also have their own set of challenges due to personally identifiable information (PII). Maybe an encrypted key methodology could protect the data on the blockchain if it's public?

2.) Gas Prices: If a public blockchain is used, who is responsible for the transaction costs, and which blockchain is chosen? Some transaction costs can amount to dollars. For a healthcare system to work, these costs must be fractions of cents. Also, who would cover these costs? If each access or insertion to a patient's chart incurs an I/O fee, as is currently the case, it wouldn't be financially viable unless the costs are extremely low.

3.) Data Storage: Blockchain isn't designed for bulk data storage. A different method would be required for storing large items like MRIs and DICOM images, which can be in the GB and TB range.

Content you might like

CTO in Software, 201 - 500 employees
Without a doubt - Technical Debt! It's a ball and chain that creates an ever increasing drag on any organization, stifles innovation, and prevents transformation.
Read More Comments
42k views131 Upvotes319 Comments

Very likely6%


Moderately likely20%

Moderately unlikely5%


Very unlikely1%