Researchers Suggest Using Blockchain For Electronic Health Records (hbr.org) 70
The CIO at a Boston teaching hospital and two MIT researchers write in the Harvard Business Review that blockchain "has the potential to enable secure lifetime medical record sharing across providers," calling it "a different construct, providing a universal set of tools for cryptographic assurance of data integrity, standardized auditing, and formalized 'contracts' for data access." An anonymous reader quotes their report:
A vexing problem facing health care systems throughout the world is how to share more medical data with more stakeholders for more purposes, all while ensuring data integrity and protecting patient privacy... Today humans manually attempt to reconcile medical data among clinics, hospitals, labs, pharmacies, and insurance companies. It does not work well because there is no single list of all the places data can be found or the order in which it was entered...
Imagine that every electronic health record (EHR) sent updates about medications, problems, and allergy lists to an open-source, community-wide trusted ledger, so additions and subtractions to the medical record were well understood and auditable across organizations. Instead of just displaying data from a single database, the EHR could display data from every database referenced in the ledger. The end result would be perfectly reconciled community-wide information about you, with guaranteed integrity from the point of data generation to the point of use, without manual human intervention.
Imagine that every electronic health record (EHR) sent updates about medications, problems, and allergy lists to an open-source, community-wide trusted ledger, so additions and subtractions to the medical record were well understood and auditable across organizations. Instead of just displaying data from a single database, the EHR could display data from every database referenced in the ledger. The end result would be perfectly reconciled community-wide information about you, with guaranteed integrity from the point of data generation to the point of use, without manual human intervention.
Why call signed append-only structures blockchain? (Score:1)
Re: (Score:2)
Re: (Score:2)
How do you Store a 5gb MRI image (Score:5, Insightful)
Re: (Score:2)
Re:How do you Store a 5gb MRI image (Score:4, Insightful)
And what do you do when you need medical data expunged from the record? It's difficult enough as is today, but still doable in cases like wrong diagnoses or a doctor or nurse logging to the wrong journal. But you can't modify a signed chain without breaking it - that's the entire point.
No, I think this is a very bad idea.
A git-like approach would be a better idea, but that requires a dedicated merge master who can vet pull requests. And I sure as hell would not want that to fall on an insurance company, and they sure as hell would demand it.
How about this radical idea: The patient owns and controls data about the patient, and takes the consequences.
Re:How do you Store a 5gb MRI image (Score:5, Informative)
And what do you do when you need medical data expunged from the record? It's difficult enough as is today, but still doable in cases like wrong diagnoses or a doctor or nurse logging to the wrong journal. But you can't modify a signed chain without breaking it - that's the entire point.
Yes. It is the entire point. But you don't remove data from an EMR (Electronic Medical Record). Working with them on a daily basis, I can tell you the "removed" bits and "reason for removal" fields in their databases have a reason. You always add to the record, even if it is a removal. That is, you do if you and your customers value their legal skins.
Re:How do you Store a 5gb MRI image (Score:5, Informative)
Yes. It is the entire point. But you don't remove data from an EMR (Electronic Medical Record). Working with them on a daily basis, I can tell you the "removed" bits and "reason for removal" fields in their databases have a reason. You always add to the record, even if it is a removal. That is, you do if you and your customers value their legal skins.
That's the default, yes. But at least here in Norway you have the right to have information that is found wrong or unnecessary and strongly burdensome not only corrected, but actually expunged. Usually it involves possible substance abuse, child abuse, psychiatric diagnoses or something like that and the burden of proof is on you, it happens very rarely but it does happen from time to time. This is more a legal process around the registration of personal information than a medical process and you can appeal beyond the institution that logged it. Generally though the duty to document is very strong, even if what they thought or did was incorrect that's their basis for action and review so for example if you want to sue for malpractice that should be done first. But even if this happens in only one in a million journal entries, it's pretty incompatible with a blockchain.
Re: (Score:2)
My GP is responsible for my medical records (all medical results get copied to him regardless of where I go), though exactly how and where they're stored I've no idea. I do know the bastards charge ridiculous amounts of money in some instances to transfer or release records.
I suspect it's 3rd party vendors contracted by the province and restricted by the provincial Personal Health Information Privacy Act (https://www.ontario.ca/laws/statute/04p03).
The system seems to be working, more or less. I can't reca
Re: (Score:2)
How about this radical idea: The patient owns and controls data about the patient, and takes the consequences.
Except, as we have seen time and time again, the patient is not exactly the customer - at least in terms of who is bankrolling the transaction. That entity is the insurance company and / or government. And you really can't use the 'takes the consequences' argument either. In the US at least, if the 'owner' of the information was the patient, what happens if the hospital messes up? The individual patient (your grandmother for instance) is supposed to fight the system to get 'their' information correct? W
Re: (Score:2)
And you really can't use the 'takes the consequences' argument either. In the US at least, if the 'owner' of the information was the patient, what happens if the hospital messes up? The individual patient (your grandmother for instance) is supposed to fight the system to get 'their' information correct?
That's the state today.
In a system where the patient controls the information, the patient can simply remove incorrect information.
What happens when your grandmother doesn't bring her USB stick in to the clinic? Or doesn't remember her password?
The onus will be on the patient to provide the information, whether in person or through a guardian, or a third party of choice. A digital upgrade to the SOS capsule that can hold full medical records could be one approach.
Re: (Score:2)
Re: How do you Store a 5gb MRI image (Score:3)
No. Checksums are short, easy to generate, and good at detecting accidental errors. They are also typically linear functions, so it is extremely easy to generate two (potentially very) different files with the same checksum.
Re: (Score:2)
Re: (Score:2)
No. Checksums are short, easy to generate, and good at detecting accidental errors. They are also typically linear functions, so it is extremely easy to generate two (potentially very) different files with the same checksum.
A cryptographic hash on the other hand... of course a blockchain could provide the integrity of the history, but it doesn't solve any of the hard problems like who everybody is and whether they have permission to write to your journal. Also in order to verify the blockchain you need access to everything in it, goodbye restricted access... there's many stupid things about this.
Re: (Score:3)
> Block chain is ledger, not a fucking database.
the blurb is mis-worded, but its not unreasonable: a patients health record [health record IT guy here] is not necessarily ever complete. interoperability between health systems and their different EHR products is not a thing. the *idea* that blockchain could be used to audit and update a master record for changes and updates is a great idea.
i wish i thought healthcare IT would ever pull this off, but honestly, even in an unsecured, unaudited way it probabl
Re: (Score:2)
Thank you so much for bringing some clarity to this discussion. I made it a point to visit all blockchain vendors at HIMSS 2017 and there was not a single answer for 10 MB CCD, let alone imaging data.
On top of that, HIEs solve many of the "sharing" use cases today. The challenges in healthcare data sharing are semantic interoperability. Trust is tertiary and easily solved using existing standards.
Blockchain... (Score:4, Funny)
Re: (Score:3)
It'll fix every security problem you have!
It worked wonders for my constipation, though the links were a bit uncomforatble
Re:HL7 (Score:5, Insightful)
Re: (Score:2)
And that's why HIEs exist. The problem is solved, no magic bullet required.
As an aside, HIEs also provide interesting analytics solutions that blockchain cannot.
Privacy? (Score:5, Insightful)
Public? (Score:2)
Isn't the point of a blockchain that the contents are publicly verifiable?
Isn't medical data something you don't want public?
Re:Public? (Score:5, Insightful)
You can store (and add to,) your records easily; and nobody can see it without knowing your "VERY_SECRET_PASSWORD".
But now, here's the problem. How do you disseminate the information to others? And how do you do this if you're in a coma?
Then someone else needs access to this "VERY_SECRET_PASSWORD". And who is that? The government? Insurance companies? That is the problem. Not securely storing it on the blockchain.
EMC has had this for over 15 years (Score:2)
CAS (Content Addressed Storage) isn't new - EMC introduced the Centera in 2002. The current iteration supports cloud storage as well.
https://www.emc.com/data-prote... [emc.com]
Privacy? How quaint. (Score:5, Interesting)
As a physician for > 30 years, I can tell you that the ship has sailed on privacy of your medical records a loong time ago. In the 80s, my senior partner's office medical records still consisted of brief notes jotted on index cards. This basic situation of written or dictated notes, on paper, which were copied and mailed or faxed, really began to shift with the wider adoption of EMRs only in the last 5-8 years - prompted by government diktat and financial penalties. In the hospital, it was all hand-written charts until EHRs became commonplace over roughly the same period.
The driving force for EHR/EMRs is, of course, money. An electronic record can be audited more easily, screens applied, and payments denied. If you go into the hospital and sit in the nurse's station, you would see the medical record perused by doctors, nurses, pharmacists, LPNs, nurses' aides, PTs, OTs, lab techs, venipuncturists, and unlicensed employees of utilization review, quality assurance, billing and insurance preauthorization depts, etc. Not to mention remote access by doctors offices and all the apparatus of the out-patient utilization review, quality assurance, billing and insurance preauthorization, and govermental auditing (Medicare/Medicaid). There have been many many revealed instances of people viewing and distributing info from the charts of spouses, girlfriends, etc. And, this leaves aside the millions of medical records exposed by compromises and hacks of hospital and insurance co. databases. And, I'm sure the NSA or other TLAs have scooped all that data as well.
There really is no privacy to your medical info. But if you want to believe that, fine.
Re: (Score:2)
Oh, it's not so bad as all that. EHRs are so fucked up that nobody can find anything.
Security by obscurity really isn't a great design strategy but seemingly works in this giant clusterfuck we're creating in the US.
Re: (Score:2)
There's things I just won't tell my doctor because I know if they end up in EHR they are there forever, will likely follow me and can be used against me.
Re: (Score:3)
True story.
I went into the doctor for a regular checkup a few years ago.
It was non-eventful.
A week or so later, I got a letter from my insurance company, basically saying I had to check into drug rehab or risk losing my insurance.
I knew my insurance agent pretty well, and called him up. He couldn't give me any information. I tried to call my Dr... they don't actually TALK to people on the phone, and nobody in that office would give me any information.
Eventually, my insurance agent told me that someone had
Re: (Score:2)
I answer no to all the drug questions at the doctor's office and try to answer questions that may indicate mental health problems as neutrally as possible. I figure they can poke and prod and take samples, anything I tell them verbally is most likely to be used against me, especially when pre-existing conditions come back around.
You'd have to be crazy to tell your average doctor with a EHR data entry screen in front of them you use any drugs except what has been prescribed.
The real bullshit factor in all o
Re: (Score:2)
That is exactly what I did! No to all those questions.
The questions are pretty ridiculous. Have you ever used tobacco? yes, yes I have. I have smoked cigarettes/cigars in my lifetime. I have never ever been addicted to tobacco or used it on any regular basis. But, I still answer NO on those questionnaires because if you say yes, it means you are a smoker to them.
What my story illustrates is that you can still answer NO to all the questions, but if some medical clerk checks the wrong box by accident,
Re: (Score:2)
Two years ago at my physical was a period of extreme stress and anxiety for me and I actually answered the questions about stress, anxiety and depression at the extreme end of the spectrum.
Of course the doctor never mentioned them to me at all, which leads me to believe the doctors aren't using them as a source of information about the patient.
I think next year when the nurse comes in and fills that stuff out I am going to refuse to answer and cite my previous experience of having my responses ignored and/o
ROTFL... (Score:3)
... having actually looked at the problem, as opposed to saying the moral equivalent of "if pink unicorns farted fairy dust, toads could fly", what else is there to do but laugh hysterically at this proposal?
Look, if we lived in a sane universe, the problem being solved wouldn't even exist, because the government would have established a rigorous data portability standard in the first place. Given a rigorous data portability standard, data sharing across EHR's becomes a "necessary feature" instead of a malignant threat to the company that wrote the EHR who hopes that once you've invested the hundreds to thousands of hours and tens to hundreds of thousands of dollars in installing their product and porting/importing the data and training all of the staff to where they are expert enough to have learned just how their product really, really sucks, you will find all that money and time to be a large enough barrier to prevent you (physician, practice management company, hospital, whoever) from running away like a scalded llama towards absolutely anything else that might, just might, suck less.
The alternative -- that they'd actually have to continue to employ a large staff of developers who are tasked with both debugging their existing product and advancing it with feedback from users in order to actually make their users happy so that they stay with the product out of choice -- is anathema to them, because paying all of those developers and admitting errors and retraining customers as necessary dilutes their profits.
So now implementing an enormously complicated solution (one that will require a huge investment in programmers, security experts, trainers and so on and worse, will require every vendor to have hooks that permit more or less automated replication of features in other vendors' EHRs, some of which might even be proprietary or trade secrets or whatever) is suddenly going to make this particular post-apocalyptic landscape a lot better? Without laws mandating it? Without it immediately breaking as (say) Epic refuses to disclose key internals to (say) eClinicalworks or (say) Allscripts? Epic won't even willingly import HL7 data exported by other products.
So excuse me if I pause to catch my breath before resuming maniacal laughter...
EHR is a Perfect Use Case for Blockchain (Score:3)
Took the time to quickly read through the Whitepaper. My intention will be to examine it more thoroughly over the next day or two. I found it interesting because it predates my own preliminary work on the subject matter. With the serious danger for medical record theft, the development of a secure EHR records system is paramount. It would be nice, to see a mandate by the federal gov't making such a system an absolute requirement in whatever healthcare bill becomes or stays law.
Blockchain technology provides a secure, distributed database. Accessing medical records from corresponding nodes should be very quick. Adding or updating them should require validation of the submitter and of the patient to ensure data integrity and privacy. The identify of a patient can be verified using existing technologies or a database constructed specifically for identification (i.eimage database, biomarkers, and TFA) by the health care provider (HCP). Records that submitted without a thorough vetting of the patient identity can be separated until vetting is complete. If the vetting fails, a new EHR record can be created.
Two-Factor Authentication (TFA) could be used when checking into a HCP or facility when the patient is conscious and has their smart phone or similar mobie device present. In emergency cases where the patient can not respond, the HCP would be able to keep the records separate yet able to retrieve history while the HCP contacts the patients emergency contacts for vetting. And, in the event a patient can not be properly vetted using these techniques, DNA biomarkers or dental records could be used to achieve a positive identification.
Such an approach would ensure that bogus information is not entered into a patients medical record. This will help lower insurance costs AND prevent the patient from potentially receiving life threatening procedures or medications (i.e. if allergic). Removing bogus information is very difficult. And, in accordance with HIPAA and health care privacy laws,, the real patient affected by the bogus information is not even permitted to know the identify of the individual who misused their record (stupid, I know) or to even have the erroneous information easily removed.
By law, everyone is still required to receive stabilizing medical care. But, individuals should not be subject to improper treatment based on bogus data due to misuse nor should they be responsible for medical bills associated with such treatment.
Unfortunately, a key factor in such a system, common EHR data formats, are still a ways away. EHR vendors tend to be proprietary and expect everyone else to use their protocol, if any. In the public safety sector, this was solved using GJXDM and NIEM to provide a standardized reporting standard. Many states and the federal gov't the implemented systems to facilitate the sharing of this data. Such a similar approach for EHR records, coupled with blockchain technologies would revolutionize health care.
Just my $0.02 worth.
RD
Re: (Score:3)
And when the patient loses their key? Or when a medical records clerk makes an error? You're introducing more problems than you're solving.
You don't want an unalterable, ever-growing database. You want standards to allow easy exchange of information, a system to which access is limited to authorized users, and privacy legislation to ensure anyone misusing the data can be severely punished.
Re: (Score:3)
Nice ideas and completely impractical. If I have to handle the charts of say, thirty patients during the day and I have to handle them at several times during the encounter, I'm supposed to use a clunky TFA system each and every fucking time? It's bad enough logging back in when you're gone from your desk for a few minutes (you know, to take care of the patient).
DNA testing? Takes weeks.
Dental records? I've got a guy bleeding out because he is on one to the new Factor Xa inhibitors (where you have to kn
Re: (Score:2)
>completely impractical.
This is the protection against this going anywhere of course. Any practical trial would show it to be a clusterfuck of epic proportions.
Re: (Score:2)
DNA and dental records werean example that could be used to positively identify a change - not to prevent treatment.
Changes to a record would not occur until the patient is identified. Until then, they sit in a pending status with the medical history available so as to not delay treatment. If an identify thief used wants to use your records, let them. But, you can easily extract the bogus information if an HCP fails to identify the patient.
TFA would be used by a patient checking in - not for every access
EHRs suck (Score:1)
First of all, all health records, especially EHRs, are full of errors. I always get my records from every encounter. 100% of the time it contains errors.
Next, these things need to go through the patient for QA, but they don't. The whole system is set up to do things behind the patient's back, and getting access to records is like pulling teeth, in fact harder -- try to get your dentist's records of pulling your teeth!
High tech whizbangs are the problem. (Score:2)
what if I don't want it? (Score:2)
What if I want to have control over my medical data and don't want anyone to have access to it unless I explicitly authorize it. ... never mind.
Oh wait.... I forgot there is no such thing as privacy any more
I think we need much stronger privacy laws. How about the right of the consumer to demand that ANY business purge all identifying information about them at any time, unless you have a currently active contract with them.