Technical and safety
From a technical perspective, the primary challenges are data throughput speed, file size restrictions and data security (figure 3).
Figure 3Select limitations of blockchain: the 3 S’s.
The speed at which transactions occur on blockchain networks—known as throughput—is finite due to technical limitations. For example, the Bitcoin network processes roughly 7 transactions/s, while non-blockchain-based companies such as VISA and Twitter perform approximately 10 000–15 000/s.7 This transaction speed is also affected by file size. Many EHR files like imaging studies (CT scans and MRIs in particular) can be quite large. Such limitations on both the amount of data as well as the speed at which it can be shared undermine some of the fundamental benefits of the technology as a platform for broad, multijurisdictional EHR exchange.
In light of these issues, blockchain developers are creating new systems with faster speeds and that can accommodate larger file sizes. Some experts suggest the use of adaptive blockchain systems, whereby features such as block size and the number of confirmation blocks required to verify a transaction could change dynamically depending on the volume or content of data. For example, an allergy history could require a lower number of confirmation blocks given its relative simplicity, which would yield faster transaction verification speeds. To mitigate size limitations, larger files could also be stored ‘off-chain’ on a traditional database, and the blockchain-based system could instead provide indirect access via metadata and hyperlinks.7 Despite these solutions, one needs to reflect on the balance between on-chain and off-chain data storage, as an overly complex access system or interface would undermine uptake among healthcare providers working in a busy clinical environment. In addition, developers and organisations will have to work together to facilitate interoperability at the technical level to allow for broad information access, research and data analytics.
With respect to security, there is an inherent tension between protecting data privacy and providing meaningful access. While a private or consortium model may better mitigate privacy risks, access is more limited and undermines the universality of a blockchain model. In turn, while a public model could allow for broader access, the threat of malicious parties is larger. That said, a private blockchain model would still be more secure and accessible than any incumbent platform.8 9 It should be noted that a patient could provide their personalised credentials to a family member or friend who could then access that person’s health information. Furthermore, credentials could be lost or stolen; therefore, as with any digital solution, human factors may undermine the security of the system.
There is a concern about the climate impact of public blockchain models, as they consume large amounts of energy in order to generate the necessary computing power to function efficiently.10 While developers have created mitigating steps to reduce the energy use of public blockchains, private blockchains, which is the type most likely to be used in a healthcare setting, have far lower power requirements.10 11
Regulatory
At face value, blockchain-based EHR systems serve to augment both patient rights of access via decentralisation, and patient privacy by way of encryption. Patients could more easily access their own health data and act as their own ‘health information custodian’ (HIC).12 This is, however, a departure from the status quo where healthcare providers function as the HIC; data are housed on a hospital server or cloud account via the EHR system, and the HIC only releases data to the patient on request. In a blockchain system, patients would no longer need to request their records, and they could make independent decisions regarding third-party access to their data. Although there are clear advantages to this paradigm shift, the assignment of legal responsibilities must be considered.
One potential solution is to empower the patient as the custodian using consent management protocols on the blockchain itself.12 In this model, patients would be able to delegate dynamic access to proxies such as friends, relatives or legal entities (substitute decision-makers, powers of attorney) as well as to researchers, insurers and other parties as desired. This process would replace the current mechanisms for data sharing, which generally involve either providing physical copies of records or granting digital access through a portal that cannot be easily revoked if circumstances change. Within such a granular model, patients could perhaps select the level of access and/or content they would like to grant to third parties or even themselves in order to avoid large data dumps and facilitate a more meaningful interaction. Nevertheless, one must acknowledge the risks of placing total control with the patient, such as predatory practices from commercial entities wishing to retrieve data, a trend becoming increasingly apparent in other industries with the inception of a data brokerage market.
A second regulatory challenge involves blockchain systems scaling across state or national borders and the potential for triggering conflicting laws.13 Although blockchain functions through a harmonised set of predefined rules for the network, sufficiently large blockchain EHR systems could begin to function like the Internet, where defining the appropriate jurisdiction is increasingly challenging. There is precedent for such cyberspace cross-border issues—although not in current EHR systems. One potential solution is to set up the blockchain network according to the most rigorous bodies of law (eg, Europe’s General Data Protection Regulation for privacy) so that compliance will be optimised.12 While the spread of a public blockchain is difficult to predict given that any user can sign up, higher degrees of control exist in a private or consortium model, enabling policy-makers to develop systems prior to involving new jurisdictions.
Institutional
Notwithstanding technical and regulatory challenges, healthcare organisations are faced with the difficult task of implementing blockchain-based tools and motivating the end users to interact with them. At the organisational level, Iansiti and Lakhani describe a framework for facilitating adoption of technical applications with high degrees of both novelty and complexity.14 Based on this framework, organisations implementing blockchain EHRs could start with a narrow role for the new technology—such as a using an EHR for a subset of patient care or in a specific clinical area—and subsequently augment it to enable more complex applications such as a regional blockchain EHR system, with data exchange across multiple sites and entities. Each narrow application could also facilitate a better understanding of how the technology works in vivo and serve as an iterative implementation for other settings.
While shifting to blockchain-based EHRs is more about a change in the underlying technology than the user interfaces, adoption from end users will be contingent on the extent to which such systems can be user friendly and integrate into the routine clinical workflow. Given that blockchain systems would ideally include both providers and patients as end users, there may be competing interests in the design of the interface and presentation of data mandating separate modules layered on top of the core platform. Failure to take these considerations into account can have serious consequences, as evidenced by the pushback that digital documentation systems first received from clinicians, where poor user interfaces and onerous features reduced workflow efficiency, undermined the patient physician relationship and increased clinician burnout.15 16 Avoiding this issue can be readily done through the prioritisation of end-user experiences, and by leveraging cocreation principles early in the development process.