Blockchain – a distributed, decentralised and immutable ledger where a program can be executed on a transaction receipt – is among the most heavily hyped of all recent digital technologies, but it is not fit for purpose for healthcare IT, the HIMSS AsiaPac18 IHE Summit has heard.
Tiani GmbH Italy IT Security Architect Dr Massimilliano Masi said, at the event, that blockchain could be good in facilitating monetisation and payments, but it has not reached the maturity levels to tackle interoperability within the healthcare sector.
“Interoperability is key in establishing sustainable health IT services and is not achieved by only using standards. But many blockchain projects do not tackle interoperability, enabling vendor lock-in. The cryptography of blockchain remains tamperproof, leaving IT security still vulnerable,” he said.
“The problem with vendor lock-in is that when a customer is dependent on a vendor for products, it is unable to use another vendor without substantial switching costs and risks, resulting in no component continuum.”
Dr Masi attributed a Gartner study that found that blockchain is entering the “trough of disillusionment”, meaning the industry is moving out of the hype phase of the technology, showing that the technology is here to stay.
But blockchain still presents its own set of challenges.
Dr Masi said storing unstructured data in blockchain is a guarantee of poor performance, depending on the blockchain deployment.
“Storing data in the blockchain isn’t a good idea, as data in the blockchain is publicly accessible; apart from storage costs, without a freely given informed consent you cannot disclose medical data; and encryption doesn’t help as it requires the update of usable algorithms often,” he said.
“So, the time spent waiting for a transaction to be processed in blockchain is time taken away from patient treatment.”
The issue of central governance is also of concern, said Dr Masi, as all transactions in blockchain are public by definition and it is “relatively trivial” to track all the transactions belonging to a public key, in addition to posing IT security issues.
“Good examples of blockchain in the healthcare sector are really hard to find. Of 26,000 blockchain projects launched in 2016, 92 per cent are now dead,” he said.
However, ESET Senior Research Fellow Nick FitzGerald said organisations should be aware of the security benefits that blockchain technology can bring to their data storage and handling.
“Blockchain is secure because it’s a distributed technology in which each network node stores an exact copy of the chain, so the availability of the information is guaranteed at all times,” FitzGerald said.
“Organisations dealing with large amounts of human data are most likely to benefit from blockchain technology, which makes it much harder for hackers to access private information.”
He claimed that in its digital state, most stored data is easy for internal or outside threats to copy or falsify but blockchain eliminates this option as each network node uses certificates and digital signatures to verify information and validate the transactions and data stored.
"Additionally, in blockchain, data is distributed across all network nodes, rather than one centralised model. With no central node, all participate equally, storing, and validating all information. This is a powerful way of transmitting and storing information. Blockchain technology is therefore a highly effective cybersecurity tool for proper, responsible, and quality data management," FitzGerald said.
Snowflake Computing Asia Pacific and Japan Vice-President of Sales Peter O’Connor said while blockchain has been heralded as a disruptive technology which will change lives, the healthcare sphere should take an “adopt with caution” approach to its use.
“That’s as it should be, in an industry where preserving trust is paramount and patient privacy and data security rightfully trump interoperability and efficiency. We share the optimism – provided it’s tempered with a healthy dose of realism. Despite the hype, blockchain isn’t, and won’t be, the be-all and end-all,” O’Connor said.
“At best, blockchain will be an augmentation of current solutions, not a wholesale replacement for everything in the healthcare sector’s collective technology stack.”
In the health insurance sector, he said, blockchain technology could be used to assist with the resolution of claims which involve a mutable chain of events. Other possibilities include streamlining the patient matching process, improving healthcare team coordination for complex patients, tracking medication histories and speeding the payer-provider reconciliation process.
However, one application for the technology that’s unlikely to be embraced in the foreseeable future, according to O’Connor, is the storage of patient data by healthcare practices.
“Recent debate in Australia around the Federal Government’s introduction of an electronic health record, the My Health Record, revealed the depth of public and professional concern about the possibility of confidential patient data being compromised or exposed,” he said.
“After a barrage of negative publicity, the government was forced to amend opt-out rules and provide stronger assurances patient data would be subject to stringent privacy and security measures.
“In this climate, it seems reasonable to assume there will be no stampede to expose sensitive patient records to an untested storage and security paradigm. Until the ICT industry advances a solution which can satisfy practices’ privacy requirements and offer an advantage over their existing systems, the status quo is likely to prevail,” he added.