Privacy and data security are important, threatened concepts in today’s interconnected Internet of Things, Amazon Ring doorbell world. Medical records are amongst the most private and personal archives organisations hold on us. We don’t want them purloined by malicious actors or even lost by careless companies who get hacked in data breaches. Yet we also want medical workers of all sorts to have quick, easy access to them. What if you or I were unconscious from a road accident? We’d expect the first responders to give immediate aid, with access to any necessary information, without having to hunt around for a relative to give consent. But what if that accident was not in Britain, but in another country? How could we trust another nation with our precious medical records?

This dilemma haunts data controllers. Too much access is wrong, but in the medical world, there is a widespread and global need for easy access to medical records. The pandemic has shown us how necessary data mining and analytics are for a fast response to a mutated virus.Enter the blockchain. With the emergence of Bitcoin in 2009, a revolutionary change in how we handle data occurred. Essentially Distributed Ledger Technology (DLT) is a kind of immutable Excel spreadsheet, which keeps information available and safe, yet also easily accessible globally, and without “trusted third parties”, which include banks, insurance brokers and other middlemen who act as gatekeepers and take a cut of the funds passing through.

Blockchain technology is advancing rapidly. It has certain primary features:

  • Decentralised platform: The data is not stored centrally but at nodes spread across the dataverse. This makes it difficult for a hacker to modify the information. It would be immediately apparent and rejected by other nodes
  • Encryption: Powerful cryptography is central to the blockchain and ensures safety of the data.
  • Traceability:  every document or piece of information is saved in time-stamped chronological order, so tracking every interaction is straightforward, and all transactions are transparent and accountable.


Blockchains for Healthcare Records

To use this properly, an advanced healthcare system would need to have three key elements: scalability, access security, and data privacy. One model would have the blockchain as an index to all the other parts of the patient records, for example, formal medical records, tests, X-rays, specialist examinations, and patient-gathered information from wearables like smartwatches.

The actual information would be in a “data lake”, encrypted, but off the blockchain so that it could be massively scalable. Data lakes support interactive queries, text mining, text analytics, AI and machine learning. The information stored in the data lake would be encrypted, digitally signed, and have a unique patient identifier to ensure the privacy and authenticity of the information.

Who would control access? Ultimate control would reside in the user themselves, that is you and me, not some remote repository. The user would be instantly notified when any records are accessed. Permission for access would be flexible and effectively handle more than “all-or-nothing” permissions. The user would set up specific, detailed instructions about who has access, the allotted time frame for access and the particular types of data retrieved. At any  time, the user can alter the set of permissions. Access control policies would also be securely stored on a blockchain. Only the user would be allowed to change them.

Transparency is central to this schema and allows the user to decide what data is collected and how the data can be shared.

In the event of the notional road accident, there would be a protocol for emergency responders to have access to the records. We are already seeing remarkable uses of advanced blockchain software in many spheres where privacy and access are crucial. Ideally, permission and access systems would utilise biometric signatures for the highest levels of personal security. A data hacker would not be able to spoof this system. Even if they affected access, the encrypted data and the footprint they were leaving would mean they would have little to gain.

In the future, instead of top-down-centralised healthcare, we will see a more distributed and patient-centred service. Where the patient contributes from their own knowledge and the data from –increasingly sophisticated – wearable technology, so the healthcare provider can create a personalised treatment, perhaps based on an analysis of the patient’s DNA so they can get the most accurate readout on what will work for that individual.  It allows us to share this information with any doctor, physiotherapist, counsellor, or other health professions, from anywhere in the world; making healthcare a more collaborative field.

Blockchain data systems would allow patients, the healthcare community and researchers to access one shared data source to obtain timely, accurate and comprehensive health data.