Tag: privacy

Blockchain’s Promise for the Future of Healthcare

In the winter of 2017, the world was captivated by the rise
and fall
of Bitcoin. Every night during its historic rise, local
news ran rags-to-riches
stories
of basement investors who had cashed out at the right time.
Every day, bloggers, tech journalists, and finance journalists tried to diagnose
the market
and divine what portents this fluctuation may hold for
the future. Even before Bitcoin hit its fever pitch in December of 2017, the
national conversation focused on the technology powering it – Blockchain. Intrigued
by the success of Bitcoin, industry leaders sought to understand Blockchain’s structure,
potential, and capabilities. Although the Bitcoin craze eventually came to an
end, the conversation over Blockchain continues and it is now positioned to
make inroads into the healthcare industry.

Blockchain, in its modern form, was
created
in the fallout of the 2008 financial crises. It is “[a] digital
record or ledger [mini database] that is structured as a series of blocks that
are strung together in a chain. Each block—a digital expression of a
transaction or an event—is validated by multiple computers on the internet.”
Blockchain is also highly secure by distributing “blockchains” to millions
of computers
, creating a decentralized
database
.

This combined ability to both secure and share files
simultaneously makes Blockchain an attractive new frontier for the healthcare industry.
Large
healthcare providers
such as Cigna, Aetna, and Sentara Health have
signed onto Blockchain pilot programs; even Apple
signaled
interest in Blockchain applications. In
2018
, 45% of the healthcare industry experimented with Blockchain
applications and 11% of the industry deployed Blockchain applications for use
in business. By 2025, it is projected that 55%
“of healthcare applications will have adopted Blockchain for commercial
deployment.”

This growing trend of Blockchain’s presence in healthcare is
due to the enormous benefits the system presents. Cognizant’s
2017 report
, “Healthcare: Blockchain’s Curative Potential for
Healthcare Efficiency and Quality,” identifies top benefits that healthcare
organizations could gain through its implementation, such as strengthened data
security and improved interoperability. As Cognizant’s
report states
, “Blockchain technology enhances privacy through
modern public key encryption techniques, reinforces data integrity with its
properties of immutability, and improves security with its decentralized data
model” allowing for improved patient care through data interoperability between
different care providers. Deloitte’s 2018 global Blockchain
survey
also identifies areas where Blockchain will provide
significant value, such as disintermediation, transparency and auditability,
and industry collaboration.

These advantages present
solutions
to long-standing problems that have plagued the industry’s
ability to modernize, specifically the ability to digitize
patient records
into Electronic Health Records. Blockchain’s decentralized
data also provides a single authoritative source for patient records resulting
in lower cost for patients, better collaboration between professionals, and
increased efficiency for providers. Full realization of these benefits has the
potential to revolutionize and modernize the healthcare industry and drastically
increase the quality of care that patients receive.

Yet Blockchain’s real world implementation highlighted some operational hurdles. The Mayor’s office of Austin, Texas undertook a project called the “MyPass Initiative” to utilize Blockchain technology to improve the city’s homeless services by replacing paper records with “electronic encrypted records that would be more reliable and secure.” The initiative aims to “consolidate the identity and vital records of each homeless person in a safe and confidential way while providing a means for service providers to access that information.” Yet the program faces difficulties such as social buy-in and a reliable way to connect a person with an identity, which can hamper full implementation and in turn preclude the complete realization of the initiative’s benefits. These challenges are not insurmountable and overcoming them will pave the way for larger implementation of Blockchain technology in fields such as healthcare.

Blockchain’s utilization in healthcare is nowhere near complete, but its capabilities and potential operational effectiveness are becoming clear to industry leaders. Its promise to improve patient care through better interoperability, heightened data security, and lower cost is a benefit that the healthcare industry has long been looking to provide to patients. With growing industry engagement with Blockchain technologies and continued innovative pilot programs, such as Austin’s MyPass Initiative, we move ever closer to realizing Blockchain’s promise for the future of healthcare.

Electronic Health Records: The Dark Side of Digitizing Health Data in the Online Era

The Electronic Health Record (EHR) is permeating the healthcare industry. Easily accessible “minute clinics” and mobile apps providing diagnostic services are all fortuitous results of the increasing digitization of our medical history. While there are many clear benefits to having an EHR—providing accurate and better healthcare, better clinical decision making, and lower healthcare costs—there are numerous privacy risks associated with EHR utilization.

The EHR was a little-known concept when President George W. Bush broached the idea of computerizing health records in his 2004 State of the Union Address. Since then, the healthcare industry has seen a national push to become 100% EHR-dependent; a mission bolstered by President Obama promoting the use of EHRs in both the American Recovery and Reinvestment Act as part of the Health Information Technology for Economic and Clinical Health Act (HITECH) of 2009 and the Affordable Care Act (ACA) of 2010.

Private industries and the general public are increasingly buying into the idea of EHRs as well; according to the Agency for Healthcare Research and Quality, there has been an upward trend in the percentage of patients who find the implementation of EHRs important. There has also been a year-over-year increase in the percentage of healthcare providers who have adopted EHRs, reaching 67% in 2017.

However, this progress toward 100% EHR utilization has also caused increased privacy concerns as EHRs contain a patient’s most sensitive data. These medical records are valuable on the black market as they include a wide range of personal information such as medical history, social security numbers, and insurance details. The permanency of this information provides criminals enough data to completely steal an individual’s identity as well as the ability to commit a wide array of other crimes.

In the summer of 2016, a rogue online actor known as “thedarkoverlord,” stole 655,000 health records from three healthcare providers in the United States. The hacker quickly put the stolen records up for sale on the dark web for an asking price of $700,000. The anonymous hacker told Vice’s Motherboard publication that “[t]he data could be used for anything from getting lines of credit to opening bank accounts to carrying out loan fraud and much more.” This data breach represented a mere 2.4% of all stolen electronic health records in 2016.

More often than not, the burden to resolve the theft of medical records—such as in the case of “thedarkoverlord”—rests with the patient. According to Ponenom Institute’s Fifth Annual Study on Medical Identity Theft, “[s]ixty-five percent of medical identity theft victims […] had to pay an average of $13,500 to resolve the crime.” The heavy financial burden and continued attacks directly affect the public’s concern for its privacy. In 2015, 68% of patients were not confident that their healthcare providers could protect their medical records from loss or theft.

To prevent and combat security concerns, lawmakers have enacted regulations “to protect the privacy of individuals’ health information while allowing covered entities to adopt new technologies to improve the quality and efficiency of patient care.” These competing interests have become more difficult to balance with the increasing reliance on EHRs and thus the increasing opportunity to steal data.

The Health Insurance Portability and Accountability Act (HIPAA) has been the cornerstone legislation on health-data privacy and holds organizations responsible for breaches of data it protects, yet major data breaches still occur through company oversight. In an attempt to incentivize private entities to keep cybersecurity frameworks up to date, Ohio recently passed a law that creates a safe harbor against tort claims for companies who are victims of a data breach. In order to take advantage of this law, companies must comply with the strict state-mandated security framework criteria. Ohio’s innovative approach to cybersecurity enforcement aims to encourage all businesses to implement cybersecurity programs tailored to protect sensitive information while still allowing for technologies to improve.

When President Bush called for implementing EHRs in 2004, he—nor anyone—could have predicted the scale of the current data breaches. A healthcare system reliant upon EHRs is new territory for the health industry and will continue to draw in those who wish to steal its data. However, with continued reliance upon the protections of our regulations such as HIPPA and innovative methods to incentivize a high level of cybersecurity in the private sector, we can feel secure in our progress towards the future that EHRs can provide.