A blockchain is a public distributed ledger that maintains a growing list of ordered records (called "blocks") representing transactions that occurred among all interested participants. Each transaction is verified by a majority of the participants before it can be placed in the blockchain. This new transaction is securely linked to the rest of the blockchain. Once it is placed in the blockchain, it can never be erased or manipulated.
Block chain has been applied most famously in creating cryptocurrency, but its application can be extended to any field that values accurate and secured record keeping including banking, accounting, notary, health record keeping, etc. Melanie Swan predicts three phases of blockchain adoption: Blockchain 1.0, 2.0, and 3.0 . Blockchain 1.0 manifested as online currency. Blockchain 2.0 is the near future, where blockchain is used to keep track of contracts, financial records, public records, and ownership of property. Blockchain 3.0 will be applied into science, medicine and education.
The Technology Behind Blockchain
Blockchain was first introduced in 2008 by Satoshi Nakamoto as the underlying technology behind bitcoin, a type of virtual currency that uses cryptographic proof instead of a third-party verifier (such as a banking system) to confirm transaction. The algorithm for how bitcoin works were explained by Nakamoto as followed:
- Each user of Bitcoin is given a “public key” and a “private key.”
- When a transaction occurs, a digital signature created from the private key of the sender is sent to the public key of the receiver.
- This transaction is broadcasted to the entire network, and is verified by every node in the network (called “miner” node).
- The verification process includes confirming the sender’s identity by checking the digital signature, and making sure that the sender has sufficient fund by checking all of prior transactions involving the sender.
- To allow for all nodes to participate in the verification process, each miner node must go through a time-delay process that involves solving a mathematical puzzle before its work can be accepted. This is called “proof-of-work” since it takes computing power to solve the puzzles.
- The miner node is compensated for their work by a small amount of Bitcoin.
- The transaction is recognized when more than half (at least 51%) of the nodes agree that it is valid.
- This transaction is now recorded in a block, then added to the top of the ledger, linking to the last block in the ledger by adding to itself a hash made from the prior block. This is called the “blockchain.”
- All nodes in the network has a copy of the ledger, which will be updated simultaneously when transaction is confirmed. If a ledger differs from the majority, it will be updated to reflect the most up-to-date ledger. This is the blockchain concept of “distributed ledger.”
The technology of Bitcoin and blockchain has several advantages:
- The public key is cryptographically generated, allowing for a degree of anonymity (if an individual can be linked to a public key, however, the transaction is no longer anonymous)
- Because the ledger is widely distributed and updated based on consensus, it is extremely difficult to manipulate it outside of the verification process, preventing fraudulent transaction without the need of a third-party verifier.
- Since every transaction is recorded in the ledger, the flow of currency is transparent and can be verified by anyone.
While the verification of Bitcoin involves simple calculations to adjust the balance of the sender and receiver after the transaction has been verified, there has been other cryptocurrencies such as Ethereum which take this further and run arbitrary user-defined programs on the blockchain, with the purpose of creating a “smart contracts.” The smart contract is an agreement between parties that is enforced automatically by the program. The person who requests the contract deposit currency into the program, which will wait until a certain condition is met before validating it and transfer the currency to the person who carried out the contract. If the condition is not met, the currency is refunded. This technology eliminates the need for a third party to enforce the contract.
Proof of Stake
There are some issues with the original Proof of Work that Satoshi created: 1) it was very resource intensive and 2) as the bitcoin reward becomes harder to obtain as the blockchain grows, there is less incentive to mine. With fewer miners come fewer validators of the block which could allow malicious actors to introduce fake block into the chain. An alternative to Proof of Work is Proof of Stake. In Proof of Stake, the amount of work a user can do depends on their "wealth," or the amount of currency they own (if they own 1% of the currency, they can mine 1% of the block). In order for someone to manipulate the block, they have to own more than a majority of the currency (51% or more), making successful attacks on the blockchain very expensive. Furthermore, the attack would devalue the currency, resulting in a big hit to the attacker.
Currently, all computers that participate in mining a blockchain process every transaction. This is very slow and resource wasteful. A solution to this is to calculate how many computers will be needed to validate a new block, and give the task of verifying a transaction to those computers. This will allow parallel processing and speed up transactions. At this point, the details behind how to manage this division of tasks without compromising security still being worked out.
Application of Blockchain in Healthcare
Even though we are still at an early stage of applying blockchain into health care, there are multiple proposals for its application. The majority of these proposals leverage blockchain’s ability to maintain an immutable record to place control of patient’s health record into their hand by allowing them to grant and revoke access to their medical records according to their preference [6,7].
- In a traditional system, patient’s health record is kept and maintained by a health care organization (e.g. hospital, clinic, etc.). Information can be freely shared between the organization and a Regional Health Information Organization (RHIO) or another organization that has a business agreement with the originating institution. If there is no business agreement between the institutions, one-off requests can be made, but this will take time and delay care (Figure 2A).
- As Meaningful Use Stage 3 is being implemented at health care organizations, there has been a push to create patient-facing application programming interfaces (APIs) that allow patient to directly retrieve their record from the institution and share it with the provider as needed (Figure 2B).
- A blockchain-enabled smart contracts controlled by the patient can be used to authorize direct sharing of medical record between institutions (Figure 2C). Patient can specify the subset of the record to be shared or set an expiration date on the authorization.
Gordon et al. suggested five features of block chain that allow for successful patient-driven interoperability:
- Digital access rules: The blockchain-enabled digital access rule is centralized, which makes it accessible by multiple institutions, while facilitating editing of the rules by the patient at any moment via a smart phone-based or web-based application
- Data aggregation: Patient could also aggregate their data (or metadata) across institutions to a blockchain or another secured location using the digital access rule, thus creating a complete record of their health
- Data liquidity: Because the change in digital access rules will take effect as soon as the patient (or legal representative) approves it, data can be share rapidly to the requesting institution, allowing access to time-sensitive information such as allergies, “code status,” etc.
- Patient identity: Even though there is no national patient identifier, institutions can use the blockchain-assigned individual’s public key and match it with their local identifier to start sharing data across systems
- Data immutability: Since all changes made to the blockchain is recorded and immutable, the risk of loss is minimized, and the record can be audited at any time.
Application of Blockchain in Biomedical Research
Another application for blockchain is in clinical research. A problem that has plagued research is the lack of reproducibility , which could be from multiple types of errors, misconduct or fraud. Blockchain offers a solution to this problem by providing an ability to track, share and care for data . A recent study has shown that 80% of US employees would share their medical data provided privacy and security can be ensured .
Blockchain can be applied to biomedical research in the following ways:
- With blockchain-enabled data access rules, patient can easily allow researchers to gain access to their anonymized data, thus increasing the scope and sample size of the clinical research.
- The integrity of the clinical trial phase can also be maintained by entering each step of the trial with a time stamp into a blockchain and, using smart contract, only allow the next step to be validated after the preceding steps has been fully validated. This will avoid post-hoc data manipulation and posteriori calculus bias.
- Upon completion of the trial, the publication can be sent along with the link to the block chain which verifies that the study protocol has been followed as it was designed. The blockchain is also readily available to anyone who wants to evaluate validity of the study.
Limitations and Proposed Solutions
As exciting as the potential for application of blockchain in healthcare is, there remains a number of limitations of blockchain that prevents its widespread use.
- The first concern with block chain is its inability to handle the transaction volume of clinical data. Blockchain is great at keeping a record of changes to a small amount of data (such as account balance, owner’s identity, etc.). However, it is not economically practical to store a large amount of data on the blockchain due to cost associated with creating a very large ledger to store this information and to perform proof-of-work on this ledger. Proposed solutions include:
- Validate data using a different approach to consensus such as proof-of-stake.
- Store a summary of, instead of a complete clinical report .
- Patient’s data can be stored on a permissioned (private) regional blockchains that are built to handle large transaction volumes without time-intensive validation.
- A second limitation of blockchain is the lack of privacy and security. Even though the identifier on the blockchain is the cryptographically generated public key, this is only pseudonymous, as patient can still be identified by matching for other basic demographic information, and once the public key has been linked to the patient, their activity on the blockchain can be tracked. A few solutions to this problem has been proposed:
- Use permissioned (member-only) blockchain to avoid public exposure.
- Basic demographic information stored on a block chain can also be encrypted to prevent access.
- Store sensitive data off-chain, with on-chain data focusing on granting permission to access requested data using pointers and metadata. This would also allow patients to assign different access rule for different users of their data
- Since the focus of many blockchain-based projects is on patient-controlled health care data, it necessitates more patient participation than the traditional, institution-based paradigm. They must be able to assign certain permissions for different institutions that request access.
- Having a patient-friendly “app” to manage public keys and permissions will become very important to get more buy-in from patients.
- Patient will also need to keep track of their password to gain access to their private key in order to make changes to the block chain. There will need to be a mechanism for recovering lost password when this occurs.
- The largest barrier to widespread adoption of blockchain in healthcare deals with the issue of incentives. Meaningful Use stage 3 requires implementation of patient-facing API, but this does not entail handling access control of healthcare record to patient. Institution has little incentive to pay for the cost of setting up a blockchain just to give patient more control even though this will improve interoperability. To overcome this, a few proposals have been made:
- Expand federal incentives to patient-controlled medical record.
- Researchers can be incentivized to pay for the setup of these blockchains by gaining access to patient anonymized data for research purposes.
1. Nakamoto, S. (2008). Bitcoin. A peer-to-peer electronic cash system.
2. Wood, G. (2014). Ethereum: A secure decentralised generalised transaction ledger. Ethereum project yellow paper, 151, 1-32.
3. Siim, Janno. "Proof-of-Stake."
4. Croman, Kyle, et al. "On scaling decentralized blockchains." International Conference on Financial Cryptography and Data Security. Springer, Berlin, Heidelberg, 2016.
5. Swan, M. (2015). Blockchain: Blueprint for a new economy: " O'Reilly Media, Inc.".
6. Gordon, W. J., & Catalini, C. (2018). Blockchain Technology for Healthcare: Facilitating the Transition to Patient-Driven Interoperability. Comput Struct Biotechnol J, 16, 224-230.
7. Yue, X., Wang, H., Jin, D., Li, M., & Jiang, W. (2016). Healthcare Data Gateways: Found Healthcare Intelligence on Blockchain with Novel Privacy Risk Control. J Med Syst, 40(10), 218. doi:10.1007/s10916-016-0574-6
8. Ioannidis, J. P. (2005). Why most published research findings are false. PLoS medicine, 2(8), e124.
9. Benchoufi, M., & Ravaud, P. (2017). Blockchain technology for improving clinical research quality. Trials, 18(1), 335. doi:10.1186/s13063-017-2035-z
10. Chu, S. Apple watch release news: survey finds 80 percent of US employees would give health data from wearables to employers. iDigitalTimes (2 February; accessed 2015 07 07).