Blockchain is one of the most polarizing and schizophrenic technologies of our era, simultaneously full of promise and disappointment, incapable of living up to the extreme hype it generates. While blockchain is presumptively disruptive, is still lacks significant, business-changing implementations. Like desert wanders searching for an oasis, blockchain proponents see opportunity at every turn, only to have hopes dashed by another mirage when a brave enterprise discovers that pilot results don’t match their lofty expectations. Nonetheless, as we’ve learned time and again in IT, it’s unwise to utterly dismiss a technology based on disappointing results from trials during its early years since the failures are often the result of immature implementations, poorly-aligned use cases and an overall lack of supporting ecosystem. As blockchain trial-and-error continues, one area that might fruitfully exploit its unique characteristics is healthcare data management and monetization.
Like all potential blockchain applications, healthcare has suffered through a cycle of exuberance and disillusionment that aligns with broader bitcoin-induced hype that peaked in early 2017. However, the intervening years have only added fuel to the need for some form of technology that can simultaneously exploit the explosion of digital healthcare data to foster new treatment and efficient delivery, but also maintain patient control over such deeply personal information. Blockchain by itself seems incapable of delivering on these conflicting needs, however new research sees blockchain as the foundation for a healthcare data marketplace that would allow patients to control third-party access to data records for a price.
Blockchain basics and why it has failed in healthcare so far
Before diving into the details, It’s critical to remember what a blockchain does, since the technology is often conflated with systems like cryptocurrencies that use blockchain. A NIST Blockchain Technology Overview provides an excellent summary (emphasis added):
Blockchains are tamper evident and tamper resistant digital ledgers implemented in a distributed fashion (i.e., without a central repository) and usually without a central authority (i.e., a bank, company, or government). At their basic level, they enable a community of users to record transactions in a shared ledger within that community, such that under normal operation of the blockchain network no transaction can be changed once published.
There are two general high-level categories for blockchain approaches that have been identified: permissionless, and permissioned. In a permissionless blockchain network anyone can read and write to the blockchain without authorization. Permissioned blockchain networks limit participation to specific people or organizations and allow finer-grained controls.
In sum, blockchain provides a cryptographically authenticated mechanism for multiple users to record and share data, however it doesn’t validate the identity and integrity of the actual user (just that a unique digital identity) or the data itself. Blockchain can therefore provide an authenticated, updateable record of patient data and could be used in a system that provides patients with control over their information written to a digital ledger, however there are several problems related to healthcare data security it doesn’t solve. For example, one research paper that examines the pros and cons of blockchain in healthcare notes the following problems:
- GDPR requires that individuals have the right to erase data, a requirement that could be difficult to meet using an immutable blockchain that shows an entire digital history.
- Health data typically involves large data records using a variety of formats, unlike early applications of blockchain, such as financial records.
The authors say that these problems could be solved with a hybrid system, “where data is kept outside of blockchain in a conventional or a distributed database, but the hashes of the data are stored in the blockchain. This is said to be the best of both worlds, as healthcare data is stored off-chain and may be secured, corrected, and erased as appropriate.” However, such systems introduce other security issues related to database access, management and integration with external systems. Not mentioned is the equally serious problem of establishing the integrity and validity of data written to a blockchain. While there are consensus algorithms that work well enough for cryptocurrencies (although they aren’t immune to manipulation through collusion), it’s unclear how effective these might be with healthcare data where the number of authoritative data sources is much smaller, nor is there a widely accepted neutral, trusted data mediator.
Another problem with using blockchain to empower patients is the technical savvy and, in many cases, declining mental capacity of those generating the most medical data, i.e. those with serious chronic diseases and the elderly. The Greatest Generation wasn’t weaned on computers or the Internet, which is a primary reason that cybercriminals target them for identity theft and other schemes. Expecting them, or even younger people dealing with life-threatening illnesses, to manage the cryptographic keys to their health records is reckless and risky. David Gerard, the author of a book on blockchain, aptly characterizes a situation in which blockchain seems to create as many problems as it solves, writing:
It’s easy to put already-encrypted data onto a blockchain — the entire hard part of the problem is digital identity that is usable by ordinary humans. It turns out that replacing a social construct with a computer program is difficult.
Life data economics - creating a market for healthcare data
Nevertheless, blockchain in healthcare is an idea that won’t go away. A recent paper by two medical researchers, George Church, a professor at Harvard Medical School and the co-founder of Nebula Genomics and Alex Zhavoronkov, the founder of Insilico Medicine, introduces a new concept called life data economics in that uses blockchain to provide patients with access control over their records and a mechanism enabling them to sell their data on healthcare marketplaces. The catalyst for such a marketplace is the growing sophistication of data-hungry AI models that can use a variety of data types and categories, increasingly in combination, to predict trends and spot relationships that aren’t apparent using traditional statistical analysis.
A suitable marketplace to encourage data sharing could significantly enhance the size, variety and demographic diversity of healthcare datasets, thereby significantly improving the accuracy of AI-driven insights. The authors believe that a token-based marketplace would facilitate and encourage such data sharing and have developed a formal model for valuing and pricing such data based on seven parameters that “affect the value of human life data for drug discovery, biomarker development, diagnostic, or actuarial purposes.”
Recognizing the impracticality of storing health data in a blockchain, the authors instead propose using a digital ledger for access control and tracking. The data itself would be stored in a cloud-based system that is designed to only allow in situ processing, but not downloading the data. As they write (emphasis added):
The availability of alternative solutions made it difficult to justify the use of Blockchain in these closed network data marketplace ecosystems [such as the cloud system they propose]. Blockchain only provides an additional level of trust to the patient. The most important challenge that could be elegantly solved with Blockchain technology is enabling the patient to participate in the profits of the ecosystem beyond the initial sale of data. Tokens issued in return for data would increase in value as the ecosystem developed, offering patient engagement, participation, and profit sharing.
Left unsaid are critical details about the design, governance and security of such a centralized cloud data warehouse, issues that have vexed proponents of electronic health records for years before blockchain came along.
The authors compare the establishment of such health data marketplaces to the ICOs some startups have used to raise venture capital, noting that several companies are developing closed blockchain-based systems for hospital networks and drug research. Indeed, Jerry Bowles wrote about such a system for medical researchers last year in Diginomica, while I mentioned that the FDA is researching a similar system to track electronic health records. The authors conclude that (emphasis added):
If these companies succeed to demonstrate the utility of their technologies, they are likely to be the winners after the Blockchain bubble hangover passes. There is no question that for the nascent field of genomics, precision medicine, and pharmacogenomics, Blockchain can be a truly enabling technology with an unparalleled impact.
Surveys continue to show enterprise interest in blockchain is increasing, however, as the healthcare examples illustrated, there’s a dearth of specifics about where and how the technology might be used. For example, a 2019 Deloitte blockchain survey found a majority stating that blockchain will be one of the top five strategic priorities in their organization, with 81% claiming that it will replace systems of record. Nevertheless, a declining majority think that blockchain will disrupt their industry with 43% believing that the technology is overhyped. Sadly, we see (and believe me, everyone at diginomica is eager to write about successful case studies) few concrete examples of such widespread enterprise use of blockchain.
While blockchain can be a useful tracking method in some situations, I remain unconvinced that it is superior to more conventional alternatives. Indeed, as the healthcare data example demonstrates, the deeper one looks at the problem, the more apparent it becomes that blockchain is but a small piece of a much more complicated system. Indeed, a separate Deloitte report on Blockchain Opportunities in Healthcare is full of the hypothetical qualifiers “could”, “might” and “may.”
Before force-fitting blockchain into a system, enterprise architects and executives would be well served by working through a flowchart produced by the U.S. DHS as cited in the NIST blockchain overview. If, after navigating through the series of filters, blockchain seems to provide capabilities not readily available and more efficiently delivered by more traditional technologies, by all means, by all means, pursue a design. However, don’t jump to a solution because “the executive team believes there is a compelling case for blockchain” or your “suppliers, customers and competitors are discussing or working on blockchain solutions.”
I can’t improve on the NIST’s pithy summary other than to emphasize the critical point:
Most of the advice surrounding blockchain technology is: investigate it and use it if it is appropriate – not because it is new.