Blockchain revolutionises data security, research and monetisation
Blockchain can provide the backbone for a health data infrastructure that enables patients
to control and benefit financially from their health data.
The power of health data
The tsunami of personal data brought about by the
digital revolution now extends far beyond consumer
preferences, as monetised by Facebook, Google and
the likes. As life sciences merges with information
technology, our most precious health data is also
being digitised. In the last 10 years, quantified health
has gone from electronic medical records to massive
DNA or microbiome sequencing. The Precision Medicine
Initiative launched in 2015 prompted the National
Institute of Health to create a research cohort gathering
all available data for one million people, allowing
scientists to explore why people get sick or stay
healthy. With similar ambitions, Verily Life Sciences’
(formerly Google Life Sciences), Project Baseline
collects phenotypic health data from approximately
10,000 participants over four years to identify tipping
points in the transition from health to disease. These
initiatives are paving the way for better diagnosis,
preventative alerts and more personalised treatments.
Beyond research, this new wealth of data is being
used by the Food & Drug Administration (FDA) to
modernise how it monitors the safety and efficacy of
new products. The FDA’s commissioner Scott Gottlieb
laid out a clear policy for the agency in 2018: “we are
expanding the opportunities for digital health tools to
become a part of drug review, to couple these capabilities
to drug delivery to form a drug delivery system.”
But to fulfill the outstanding promise of digital
health, we must still trust third parties with our most
intimate data. Of course, regulations exist to protect
our privacy. In the U.S., the Health Insurance Patient
Portability and Accountability Act (HIPAA), was enacted in 1996 to secure the confidentiality, integrity, and
availability of electronic Patient Health Information
(ePHI).
HIPAA imposes technical safeguards and processes
to restrict access to data, avoid or report any disclosure.
But HIPAA compliance is mostly self-declared,
and providers share information freely with third
parties, provided they sign a Business Associate
Agreement. This transfers responsibility to third
parties, but it does not extend controls. Most startups
analysing ePHI on behalf of providers will say they
comply with HIPAA. Few are ever audited.
Blockchain’s privacy promise
It should come as little comfort to patients that unauthorised
access to ePHI is commonplace. The numbers
are staggering. HIPAA breaches affected more than 5
million patient records in 2017, 27 million in 2016 and
more than 100 million in 2015. More than a third of
medical records have been compromised in the last
five years, mostly because of insiders mishandling
our data. With such figures, and lack of trust undermines
the very willingness of patients to share sensitive
information with care providers.
Because the laws that try to protect our privacy
have essentially failed to achieve desired results, we
urgently need to invent tools that let patients become
the custodians of their own data. The good news is
that this is exactly the value proposition of Blockchain
for healthcare.
How does it work? Today, no patient knows where
his health data goes for lack of access to transaction
logs ie who shares what with whom. By distributing ledgers of transactions across all participants (nodes)
in a given network, Blockchain essentially creates
trust by design. Indeed, no participant of the network
can falsify the log, because a consensus algorithm
reconciles the information across nodes, spotting any
discrepancy. This means each participant, ie patient,
knows at all time what happens to his data. It also
offers a way to share the same information with all
stakeholders in real time, fine-tuning who has access
to de-encrypted data.
To avoid any misconception, only the information
on the Blockchain is public, ie the index of what data
is shared with whom. Sensitive patient data, however,
can stay off-chain, secured in HIPAA compliant clouds,
in accordance with legal requirements. Transparency
with Blockchain technology is a first step to allowing
patients own their data.
Revolutionary elimination of the third party
Ownership goes beyond controlling how data is shared.
It involves appropriation of data as an economic asset.
But today, our records are being sold without patient
buy-in. Typically, when life sciences companies investigate
a particular disease, they are required by regulators
to benchmark the efficacy of new treatments
or monitor the safety of new. Studies are slow and
expensive. Brokers will buy datasets from hospitals
and pharmacy chains, and resell it to pharma, for what
constitutes a $15 billion business. The emergence of
new digital platforms has created new ways to acquire
medical records. For instance, when Roche bought
Flatiron (a software vendor that tracks cancer data)
for $1.9 billion, it got hold of the complete medical
history of 200 thousand patient records. This valued
each record at nearly $10,000. Even if pharmaceutical
companies have good reasons to acquire these datasets,
ie accelerate the discovery of new treatments,
patients never get a single dime for their own data. Here, Blockchain opens up a revolutionary possibility:
for the first time, individuals will be able to own
their digital assets. Quite simply, distributed ledgers
eliminate the need for a third-party reseller. It makes
it possible to automate payments in cryptocurrencies
via smart contracts. A person can be paid for giving his
consent to his data being aggregated within a cohort.
Data as ‘Information Age’ oil
The technology is here. Now, the law must also evolve
to treat personal data-like property, much in the same
way that it evolved to create real estate laws when
land was the prime asset, and to invent intellectual
property and finance during the industrial revolution.
This would secure equitable trade for the Information
Age’s new "oil". Citizens should be able to grant
licenses on their data for specific purposes and be
compensated with royalties. This would also mean
outlining the difference between data that cannot be
sold, for instance one’s name or age, and that which
represents an economic asset
In healthcare, the stakes far exceed the business
of selling health data, even though the possibility
of compensating patients does offer a promising
new way to reduce their economic dependence.
Pricing data provides unprecedented transparency,
as opposed to current-day opacity. More importantly,
giving patients access to a marketplace where their
health data could be funneled into clinical research
expands their medical options. This is especially true
for rare diseases, where wider access to data is acutely
needed, and holds the potential to radically accelerate
the development of treatments, and monitor
their effects in real time.
Key points
- Health data is used for health and drug safety purposes, amongst other research
- Unauthorised access to health data is commonplace
- Patients rarely know how their health data is used and monetised
- Blockchain provides framework for patient control over data
- This increases monetisation opportunities for patients and greater access to medical options