Future of HealthIT Security: Blockchain?

The ONC recently announced the winning papers for a competition it opened looking for innovative uses of blockchain technology in healthcare. For those of you growning at the site of the word "blockchain" - I completely feel your pain. It seems like the technology is being touted as a potential solution to just about any issue being faced in any industry. Luckily though, it would appear that the collective intelligence of the market points to a couple of specific applications for healthcare. Even more interestingly, these generally consensuated, theoretical applications could help the industry address two of its most pressing issues: information security and interoperability.

HealthIT Security

One of the biggest components of the winning papers tends to focus on the authorization and verification components of blockchain technologies. Exchanges of ePHI would essentially have to be authorized and validated before any information is actually transmitted and the transmition of the information would become a permanent entry into the blockchain that reflects the history of that ePHI allowing a comprehensive transaction history of the actual record itself. This form of access control around patient health records, inmutable ledger of transaction/transfer history and record encryption could provide significant improvements to information security in healthcare.  

HealthIT Interoperability

The peer-to-peer design of blockchain seems to, a priori, replicate very well the distributed nature of health care delivery across different providers, locations and networks. As part of the Shared Roadmap to Interoperability, the inclusion of the ever elusive unique healthcare identifier for individuals - a solution whose merits have been recognized since the passing of original HIPAA legislation but whose security and privacy concerns have kept it from coming to fruition - would enable precise exchanges of health information between providers. Coupling this with FHIR standards across EHR systems could go a long way to achieving interoperability at scale in the US healthcare sector. 

For More on HealthIT Interoperability, Read this Article

What does this mean for healthcare leaders?

For the near future, all of this is interesting no doubt - but for healthcare leaders proven, practical applications of blockchain technology in this industry are still off in the distance. Healthcare would be, essentially, a whole new application of the technology, breaking from its typical financial and cryptocurrency based use cases to date. The fact of the matter is that the technology is still very immature for the healthcare industry and any successful future application will be dependent upon improved interoperability across systems. These factors will lead to initial proof-of-concepts that will need to be developed iteratively and will pose more risks to healthcare organizations than benefits. 

For More on Handling Risk in HealthIT Innovation, Read this Article

Long-term, there very well could be a place for these technologies in healthcare and they just might live up to the hype that the market is attributing to them. But for now, healthcare executives and organizations would be much better served implementing a more practical approach to addressing their information security and interoperability challenges. Successfully navigating the changing healthcare landscape is predicated on calculated risk-taking and decision-making. The lowest risk, highest benefit options for interoperability and security come from working with partners who have a track-record of success building custom application interfaces and implementing industry best practices to create HIPAA-compliant infrastructure solutions.

Michael Scranton is the Director of Business Development at Medical Web Experts and is dedicated to helping health care organizations improve quality of care and patient outcomes while reducing health costs through the improved use of information and technology.