The technology appears capable of safeguarding sensitive patient data, but it has yet to make a big footprint outside the cryptocurrency community.
The sudden disruption hit electronic medical records (EMRs) provider AllScripts sometime between 2 AM and 6 AM on January 18. Two of the provider’s data centers had been targeted by a ransomware attack, locking up Allscripts-managed data in an extortion attempt. About 1500 of its clients—mostly small practices, according to the company—were unable to access their records for 8 days.
Like many ransomware attackers, the Allscripts hackers offered to unlock their victims’ data in return for a ransom payment in bitcoin. The electronic cryptocurrency is popular with hackers because it is virtually impossible to tie the digital currency to its holder. It’s their preferred method of payment.
But blockchain, the very technology that underpins bitcoin, might have applications that help secure data from malicious hackers and others who seek to exploit private data, like EMRs and patient information. At the same time, blockchain has burst onto healthcare’s radar to great applause, much of which might be premature or unfounded.
One possible application is Datum, a blockchain network in development, whose cofounder and CEO Roger Haenni describes it as “eBay for data,” a secure marketplace where individuals would control the use of their private information and profit from its sale.
When Haenni first conceptualized what would become the Datum network, he was busy developing something comparatively prosaic: Clever Baby, a wearable device much like a fitness tracker, would be used to track an infant’s vitals. Haenni’s team took the device to the prototype stage and set about planning practical trials. But in conversations with hospitals to develop trials of the Clever Baby prototype, Haenni kept running into pushback.
“We always ended up with an ethics board at the hospitals we went to,” he said. “This whole discussion started about putting the device on babies. What data is collected? Is that compliant with the data collection and privacy laws we have in our jurisdiction?”
According to Haenni, the cautiousness around data collection stemmed from liability concerns. “All of these discussions were focused around the risk [aversion] of the hospitals,” he said. “They don’t care about the parents or babies so much, but rather about liability.”
Concerns regarding patient data collection and the responsibility to protect that data aren’t trivial. Due to Health Insurance Portability and Accountability Act (HIPAA) reporting requirements, the Department of Health and Human Services maintains a public database of breaches. So far in 2018, the department lists 219 breaches due to “unauthorized access” or “hacking incidents.” Allscripts is currently subject to a class action suit brought by affected clients who allege negligence and breach of the company’s duties under HIPAA to protect their health records.
These conversations about compliance and data protection prompted Haenni to think about how to enable everyone to secure the vast volumes of data produced by everyday activities and select who is able to access and use that information. “What is the real large issue here that we can solve?” Haenni said, describing the question Datum sought to answer.
It was “this notion of returning data ownership and giving back control to the data creators who are the individuals in many cases,” he added. “That was something much more important that would have a larger impact on the world than baby wearables.”
Blockchain technology provided the solution.
Blockchain is often described as a “distributed public ledger,” a public record of all transactions across a network, protected from tampering through encryption. Cryptocurrencies like bitcoin combined existing technologies—for example, public and private key encryption—in a novel way to answer straightforward questions: What is the best way to secure digital currency against malicious attacks or duplication? What about exchanging value in the absence of trust or central authorities like national governments?
Transactions across the network are packaged into blocks. Special members of the network, called miners, use computing power to solve a difficult mathematical problem to validate the block, definitively linking it with the rest of the chain, which is secured by encryption. In cryptocurrency networks, the member who first validates the new block is rewarded with the network’s currency.
Newer blockchain applications extend this mechanism to accomplish tasks far afield from currency transactions. Social network Steemit, for instance, rewards users for publishing popular content; Civil is a platform for blockchain-based journalism that runs on the Ethereum network.
The essential function of blockchain, argued attorney Steven W. Teppler, JD, is provenance. Teppler leads the Abbott Law Group’s technology litigation practice. He recently participated in a webinar with Healthcare Analytics News™ to explore the possibilities for blockchain applications in healthcare.
“It’s a transparency mechanism on steroids. It would expose fraud,” Teppler said. “What blockchain does is provide an audit trail—no more, no less.”
In the case of a blockchain used to encode healthcare data, “someone can carry around a key to their entire history and not fill out a new one for each provider they go to,” Teppler said.
“Every data instantiation is signed by the provider, and that digital signature, in turn, [is] timestamped so that both the signature and the data can be vetted years down the pike.”
How Datum Works
It’s an often-unquestioned bargain that to use free services like Google’s search or email services or Facebook, users supply vast amounts of data on a wide range of activities. Companies then use that data almost without restriction and in hushed ways. The huge amount of data collected by Google and Facebook is available to advertisers to better target ads, and Google constantly collects phone location data to calculate information, like traffic speed and density, for Google Maps.
Although Haenni said Datum will initially focus on connecting users with data to sell with advertisers looking for information to collect, he envisions healthcare data as a possible future use. “[Health] is just one of the verticals that can be built on our infrastructure,” Haenni said. “We’re looking to partner with other companies who have more realm knowledge—other developers who will build their services on top of [Datum].”
Haenni contrasted Datum with Apple’s HealthKit offering, which allows developers to leverage health data collected by Apple devices for new apps and services. But it’s unclear, according to reporting by The Outline, whether those data are protected by HIPAA. That means the same ethical concerns Haenni’s partners had about Clever Baby’s data collection are also present for HealthKit. How developers may end up using, distributing, or reselling HealthKit data is unknown.
“Datum uses blockchain to provide a public ledger to, in turn, provide transparency of who accessed what data at what time, whether there was a monetary transaction, or what this data was pulled for,” Haenni said. “We don’t want to lock this data away but to unlock this data under much more transparency and control. If an advertiser uses [your data], you should be compensated, you should know about it, and you should have the ability to refuse.” Individuals would also have the ability to make their data freely available to trusted organizations, like research institutions, he added.
Datum’s design raises the possibility that an individual’s healthcare data, like EMRs and patient health information, could be securely stored on its networked database, under the full control of an individual. With data made anonymous, encrypted, and distributed over a global network, attackers might not be able to unlock and abuse any data they manage to steal.
The rapid proliferation of blockchain startups and the checkered history of trading cryptocurrency makes figuring out how to usefully apply the technology bewildering. Bitcoin, the first blockchain implementation, has scored headlines for its extreme volatility. The exchange rate rocketed from just under $1000 at the start of 2017 to nearly $20,000 by the end of the year.
Cryptocurrency trading exchanges are periodically hacked, suffering eye-popping losses. In 2014, early heavyweight Mt. Gox lost around 850,000 bitcoin, valued at close to $450 million at the time ($5.7 billion at the time of publication). That record was surpassed this year when Japanese exchange Coincheck reported a loss valued at approximately $533 million.
Matt Suiche, the founder and director of cybersecurity startup Comae Technologies, is skeptical about the current development stage of blockchain. “What we see that’s popular now may not be what’s popular in 4 years,” Suiche said. “[Blockchain] technologies are not mature yet. They’re still experimental. But people treat them like they’re mature and will solve all their problems…Need a database? Add a blockchain. Need something secure? Add a blockchain.”
But security, Suiche pointed out, is a complex problem. Although the blockchain itself might be immutable, thieves can still prey upon a blockchain network. Some of their techniques are well-known classics, like phishing. In one case from July 2017, Israeli startup CoinDash lost a large portion of its initial coin offering, the equivalent of about $10 million at the time. Hackers changed CoinDash’s website by substituting their own address to receive investment funds for the address belonging to CoinDash.
Succeeding blockchain networks have evolved beyond some limitations of bitcoin. Ethereum, perhaps the most popular bitcoin successor, enables the use of “smart contracts”—bits of code, like computer programs—on its network, published to the blockchain and executed by members of the network.
Ethereum has a host of heavyweight backers, eager to take the decentralized public technology and apply it to private enterprise. The Enterprise Ethereum Alliance, which aims to develop standards and research enterprise applications for the network, counts among its members Deloitte, Accenture, JP Morgan, Credit Suisse, Intel, Microsoft, and Pfizer. Some companies have adapted the open source Ethereum code to build specialty enterprise blockchain networks; for example, Quorum, JP Morgan’s implementation of Ethereum.
Smart contracts allow a dizzying array of distributed applications, built on top of the Ethereum network, used by Datum. Ethereum’s blockchain offers more than a digital currency, although it produces a cryptocurrency called ether.
Smart contracts have their virtues. Cryptographically encoded into the near-inviolable blockchain, they can’t be tampered with. But like any other program, they are vulnerable to user error.
In 2016, an early Ethereum application run by smart contracts threw the network into crisis. The Distributed Autonomous Organization (DAO), an automated crowdfunding network run on Ethereum, lost the equivalent of around $56 million in ether to an unknown attacker who exploited a bug in the DAO’s smart contract design. In response, Ethereum’s developers and proponents of the DAO mounted a successful campaign for a “hard fork,” in which the entire network would be duplicated in a state where the theft never happened, essentially erasing history. This kind of collusion is what blockchain is supposed to prevent, yet most users cosigned this effort, shifting over to the hackless fork and abandoning the version where the hack had taken place.
Private blockchains, the kind that might be run by a group of participating companies, could be even less resistant to collusion. Private blockchains have a limited number of influential participants compared to the vast number who could potentially participate in public blockchains like bitcoin or Ethereum. A private blockchain could potentially be rewound or rewritten if its participants collaborate to alter it, obviating the technology’s value as an inviolable ledger.
Suiche developed a tool called Porosity to take apart and examine smart contracts already operating on the Ethereum blockchain. Suiche said that JP Morgan integrated Porosity into its Ethereum-based Quorum blockchain. A simpler smart contract design is safer, Suiche said, and has less chance of including unnoticed vulnerabilities. But one of the core virtues of smart contracts—their immutability when locked into the blockchain—is also a liability.
“Smart contracts are just like any other piece of software,” Suiche wrote in an email, describing what he learned from implementing Porosity. “They can have vulnerabilities, and the languages designed for smart contracts will need to be [mathematically] formally verifiable to reduce the number of issues.”
Asked about Datum’s use of smart contracts, Roger Haenni compared the risks of smart contracts to the risks of blockchain technology itself. “With bitcoin, you are putting your trust into the code that runs the bitcoin network,” he noted. “No one can alter this code without a majority of miners agreeing.”
The kind of alteration Haenni is talking about is similar to the change made by the Ethereum network to rewind the effects of the DAO hack. Even that, however, took a developed consensus arrived at through community discussion, not the arbitrary interference of a central authority.
“Your assets on the blockchain are protected by the impartial and hopefully bug-free code without the possibility of any central party interfering,” Haenni wrote. “It is precisely this immutability of the code that is critical to give everyone trust that the system cannot be gamed. But like any piece of software there may be bugs.
“The key is that the core systems and code have been reviewed many times by a huge community of developers and, ultimately, that is what you have to trust. With smart contracts, the problem is that anyone can write a smart contract, and you have to trust the creator and the team behind it.”
Suiche added that companies considering implementing blockchain take a step back and carefully consider their actual needs. Nonblockchain solutions might be easier and safer to address a particular need.
“Everyone is going to have a different use case,” Suiche said. Companies need to “identify what’s important for them and not focus on the technology, but rather on key verticals that they need to invest in.”