Article Text

Download PDFPDF

Future of blockchain in healthcare: potential to improve the accessibility, security and interoperability of electronic health records
  1. Shaun Mehta1,
  2. Kiran Grant2 and
  3. Alun Ackery1
  1. 1 Department of Emergency Medicine, St Michael's Hospital, Toronto, Ontario, Canada
  2. 2 Faculty of Medicine, University of Toronto, Toronto, Ontario, Canada
  1. Correspondence to Dr Shaun Mehta; sd.mehta{at}mail.utoronto.ca

Statistics from Altmetric.com

Introduction

The lack of accessibility to medical records for both patients and clinicians has long been recognised as a barrier to transparent and efficient healthcare.1 While electronic health record (EHR) systems help address this issue somewhat, many of these systems are heterogeneous, demonstrate varying success integrating into clinical workflows and exhibit minimal interoperability between platforms. Accordingly, many EHR systems in their present state struggle to deliver fundamental benefits of digital technology such as a streamlined user experience, data sharing capabilities and advanced analytics.2 3 This lack of interoperability becomes increasingly challenging as complex patients present to a variety of care providers in different healthcare jurisdictions with various EHR systems. A blockchain-based system is one possible solution conferring several benefits that could be exploited for data federation.1 That said, blockchain remains a nascent technology and there are key technical, regulatory and institutional barriers that limit its full potential in medicine.

Where are we now?

Presently, several resources are deployed to augment data sharing in this imperfect environment, from analogue tasks like faxing and mailing to a patchwork of digital portals. While these measures are currently the best option available, they can increase transaction costs and create incomplete or inaccurate data sets. The end result can be more than just a nuisance, with evidence demonstrating that this method of recordkeeping can contribute to patient harm.2 A lack of data sharing can also encourage repetitive investigations, consuming additional healthcare resources and potentially delaying definitive care.2 Reduced data sharing also undermines patient autonomy, as many patients cannot easily access their own health information and make informed decisions about their care.

What is blockchain?

Blockchain is a type of distributed ledger technology that creates a shared, immutable and chronological record of transactions. In the context of healthcare, transactions would be represented by pieces of patient health information. In order to maintain a universal ledger of patient data, each transaction—or instance of entering patient data into the ledger—is verified prior to achieving permanence on the blockchain (figure 1).

Figure 1

How a blockchain electronic health record (EHR) system would work.

Several blockchain verification processes exist with varying of levels of accessibility and governance. In a public blockchain model, there are no vetting processes for participants and therefore anyone can participate; this structure is used in Bitcoin.3 Conversely, in a permissioned or private blockchain, a trusted consortium governs the blockchain and evaluates potential candidates for participation. While both public and private blockchains could theoretically be used in healthcare, a private blockchain model would in theory enable greater oversight.4 Approved participants would be granted access to the blockchain with a private digital key. This would allow access for both patients and clinicians to the appropriate health information. In this way, blockchain could dramatically increase accessibility to records with potential impact on quality of care while maintaining appropriate oversight.

Why blockchain?

While not ready for prime time, blockchain technologies present an incredible opportunity to address the aforementioned issues. Although rigorous trials have not been conducted, several blockchain EHRs are in various developmental and implementation stages in the USA and Europe. For example, MedRec enables patients and providers to access EHR stored across disparate providers. Similarly, the European Union created MyHealthMyData, a blockchain platform that facilitates information sharing between healthcare systems, providers, governmental organisations and patients.3 Despite these advances, a number of technical, regulatory and institutional barriers undermine the use and widespread adoption of blockchain technologies in healthcare.

There are fundamental characteristics of blockchain that makes it uniquely suited to address the challenges in EHR systems (table 1). The fact that data are immutable provides a reliable record of events and makes it nearly impossible for malicious parties to tamper with information. Further, cryptographic designs built into blockchain technology make any information that is in the wrong hands difficult to interpret. From an accessibility standpoint, health data could be available to any individual in any location with a mobile connection and the appropriate credentials. This practice could greatly reduce transaction costs in information exchange. Indeed, as with any digital solution, data tampering and unauthorised access are major concerns, and these issues seem to be somewhat mitigated with blockchain. Innovation and research are secondary considerations that could benefit from the wealth of data that would be accessible via blockchain.

Table 1

Desirable health information exchange features and corresponding blockchain characteristics

Leveraging blockchain to make EHR data easily accessible for patients, providers, research institutions and government organisations has numerous potential benefits (figure 2). At the patient level, the consumerisation of healthcare is a well-recognised trend which has resulted in a plethora of patient-generated data through mobile applications and other digital tools.5 By making patients healthcare information more accessible, patients could take on a more active and engaged role in their care. In addition, clinicians would be equipped with all relevant health data at each encounter, enabling the provision of efficient and personalised care, as well as the elimination of redundant investigations. Increased access to anonymous patient information at scale could help researchers build larger data sets, leading to more robust studies and improved evidence-based decision-making.6 Similarly, innovative efforts by developers and pharmaceutical companies could translate to a reduction in research and development costs with more accessible data and the ability to manage consent through a patient-facing platform, leading to faster time-to-market and cheaper products and services for both patients and providers.

Figure 2

How blockchain-based EHRs could impact healthcare delivery.

Patient harms and organisational barriers

Technical and safety

From a technical perspective, the primary challenges are data throughput speed, file size restrictions and data security (figure 3).

Figure 3

Select limitations of blockchain: the 3 S’s.

The speed at which transactions occur on blockchain networks—known as throughput—is finite due to technical limitations. For example, the Bitcoin network processes roughly 7 transactions/s, while non-blockchain-based companies such as VISA and Twitter perform approximately 10 000–15 000/s.7 This transaction speed is also affected by file size. Many EHR files like imaging studies (CT scans and MRIs in particular) can be quite large. Such limitations on both the amount of data as well as the speed at which it can be shared undermine some of the fundamental benefits of the technology as a platform for broad, multijurisdictional EHR exchange.

In light of these issues, blockchain developers are creating new systems with faster speeds and that can accommodate larger file sizes. Some experts suggest the use of adaptive blockchain systems, whereby features such as block size and the number of confirmation blocks required to verify a transaction could change dynamically depending on the volume or content of data. For example, an allergy history could require a lower number of confirmation blocks given its relative simplicity, which would yield faster transaction verification speeds. To mitigate size limitations, larger files could also be stored ‘off-chain’ on a traditional database, and the blockchain-based system could instead provide indirect access via metadata and hyperlinks.7 Despite these solutions, one needs to reflect on the balance between on-chain and off-chain data storage, as an overly complex access system or interface would undermine uptake among healthcare providers working in a busy clinical environment. In addition, developers and organisations will have to work together to facilitate interoperability at the technical level to allow for broad information access, research and data analytics.

With respect to security, there is an inherent tension between protecting data privacy and providing meaningful access. While a private or consortium model may better mitigate privacy risks, access is more limited and undermines the universality of a blockchain model. In turn, while a public model could allow for broader access, the threat of malicious parties is larger. That said, a private blockchain model would still be more secure and accessible than any incumbent platform.8 9 It should be noted that a patient could provide their personalised credentials to a family member or friend who could then access that person’s health information. Furthermore, credentials could be lost or stolen; therefore, as with any digital solution, human factors may undermine the security of the system.

There is a concern about the climate impact of public blockchain models, as they consume large amounts of energy in order to generate the necessary computing power to function efficiently.10 While developers have created mitigating steps to reduce the energy use of public blockchains, private blockchains, which is the type most likely to be used in a healthcare setting, have far lower power requirements.10 11

Regulatory

At face value, blockchain-based EHR systems serve to augment both patient rights of access via decentralisation, and patient privacy by way of encryption. Patients could more easily access their own health data and act as their own ‘health information custodian’ (HIC).12 This is, however, a departure from the status quo where healthcare providers function as the HIC; data are housed on a hospital server or cloud account via the EHR system, and the HIC only releases data to the patient on request. In a blockchain system, patients would no longer need to request their records, and they could make independent decisions regarding third-party access to their data. Although there are clear advantages to this paradigm shift, the assignment of legal responsibilities must be considered.

One potential solution is to empower the patient as the custodian using consent management protocols on the blockchain itself.12 In this model, patients would be able to delegate dynamic access to proxies such as friends, relatives or legal entities (substitute decision-makers, powers of attorney) as well as to researchers, insurers and other parties as desired. This process would replace the current mechanisms for data sharing, which generally involve either providing physical copies of records or granting digital access through a portal that cannot be easily revoked if circumstances change. Within such a granular model, patients could perhaps select the level of access and/or content they would like to grant to third parties or even themselves in order to avoid large data dumps and facilitate a more meaningful interaction. Nevertheless, one must acknowledge the risks of placing total control with the patient, such as predatory practices from commercial entities wishing to retrieve data, a trend becoming increasingly apparent in other industries with the inception of a data brokerage market.

A second regulatory challenge involves blockchain systems scaling across state or national borders and the potential for triggering conflicting laws.13 Although blockchain functions through a harmonised set of predefined rules for the network, sufficiently large blockchain EHR systems could begin to function like the Internet, where defining the appropriate jurisdiction is increasingly challenging. There is precedent for such cyberspace cross-border issues—although not in current EHR systems. One potential solution is to set up the blockchain network according to the most rigorous bodies of law (eg, Europe’s General Data Protection Regulation for privacy) so that compliance will be optimised.12 While the spread of a public blockchain is difficult to predict given that any user can sign up, higher degrees of control exist in a private or consortium model, enabling policy-makers to develop systems prior to involving new jurisdictions.

Institutional

Notwithstanding technical and regulatory challenges, healthcare organisations are faced with the difficult task of implementing blockchain-based tools and motivating the end users to interact with them. At the organisational level, Iansiti and Lakhani describe a framework for facilitating adoption of technical applications with high degrees of both novelty and complexity.14 Based on this framework, organisations implementing blockchain EHRs could start with a narrow role for the new technology—such as a using an EHR for a subset of patient care or in a specific clinical area—and subsequently augment it to enable more complex applications such as a regional blockchain EHR system, with data exchange across multiple sites and entities. Each narrow application could also facilitate a better understanding of how the technology works in vivo and serve as an iterative implementation for other settings.

While shifting to blockchain-based EHRs is more about a change in the underlying technology than the user interfaces, adoption from end users will be contingent on the extent to which such systems can be user friendly and integrate into the routine clinical workflow. Given that blockchain systems would ideally include both providers and patients as end users, there may be competing interests in the design of the interface and presentation of data mandating separate modules layered on top of the core platform. Failure to take these considerations into account can have serious consequences, as evidenced by the pushback that digital documentation systems first received from clinicians, where poor user interfaces and onerous features reduced workflow efficiency, undermined the patient physician relationship and increased clinician burnout.15 16 Avoiding this issue can be readily done through the prioritisation of end-user experiences, and by leveraging cocreation principles early in the development process.

What can we expect?

Blockchain technology holds promise for augmenting health information exchange and fundamentally enabling greater data transparency, safer patient care, improved healthcare efficiency and more robust medical research. Despite the upside, there are several fundamental issues that must be resolved prior to a safe and successful widespread implementation.

As with any disruptive technology, healthcare organisations must appropriately assess blockchain in the context of their needs and equip providers with the skills to use these tools effectively. Although blockchain may offer a superior platform for information exchange, it is simplistic to assume that the aforementioned benefits will automatically ensue after implementation of a blockchain system. In order to achieve its full potential, blockchain platforms will need to possess a balance of guidelines to allow for broad use as well as flexibility to accommodate local practice variation. Furthermore, emphasis cannot only be placed on technical solutions but must include consideration for human factors that otherwise limit the use of any digital platform.

Just as blockchain fundamentally opposes a siloed approach through principles of decentralisation, solutions too must be decentralised and involve a broad group of multidisciplinary experts including healthcare providers, legal professionals, technology developers and patients, in order to optimise information exchange while preserving patient safety.

References

Footnotes

  • Contributors SM and KG performed the literature review and wrote the manuscript. AA edited the manuscript and supervised the project.

  • Funding The authors have not declared a specific grant for this research from any funding agency in the public, commercial or not-for-profit sectors.

  • Competing interests None declared.

  • Patient consent for publication Not required.

  • Provenance and peer review Not commissioned; externally peer reviewed.

Request Permissions

If you wish to reuse any or all of this article please use the link below which will take you to the Copyright Clearance Center’s RightsLink service. You will be able to get a quick price and instant permission to reuse the content in many different ways.