Blockchain and its use in healthcare

Blockchain technology has the potential to assist organizations using alternative payment models in developing IT platforms that would help link quality and value. Differing from traditional IT databases and models, blockchains seek to create a “single source of truth” which can be securely accessed by its members. The likely use cases for blockchain will be focused on ACOs because of the lack of ACO specific software and lack of legacy applications. Blockchain will not be a panacea for interoperability issues, but will provide a robust platform to help advanced alternative payment models if used in the right application.

Blockchain is not Bitcoin

Blockchain is the underlying technology behind Bitcoin, a famous cryptocurrency that has surged in popularity and has been touted as a currency that retains relative anonymity while being accessible anywhere with Internet connectivity. At its core, blockchain is a distributed database secured by cryptography that ensures only people with the right key have access to the amount of currency over which they have authorized control. An alternative way to think about blockchain is that it is a protocol for solving the Byzantine Generals’ Problem, a famous computer science problem that aims to achieve consensus with a decentralized system. Blockchain’s potential applications go far beyond Bitcoin. Bitcoin is an application specific instance of the technology, whose very value is determined by the limitations set by its founder. By setting limitations such as fifteen million Bitcoins as the maximum amount of Bitcoins ever possible to be in existence, there is an artificial constraint on the Bitcoin supply. This limitation preserves its value as a currency, but it is not useful if the blockchain framework is used as anything other than a currency system.

What is a blockchain?

At its most simplistic level, blockchain technology is a distributed database secured by cryptography. In traditional databases, authority and access is governed by a centralized authentication system. Unless you have the right credentials given by this centralized authentication system, you will be unable to even access the database in any capacity. In blockchains, data is secured primarily by encryption. All transactions are encrypted into blocks by the relevant encryption and added to the front of the chain of blocks (hence the name “blockchain”). Ownership of the encryption key is the authority to access certain records. Rather than having a central authority, blockchains rely on the encryption system to maintain trust. A more detailed technical description of how blockchains work is beyond the scope of this whitepaper as this paper intends to describe the applications of blockchain rather than the technical architecture. However, for those readers proficient in programming, a blockchain can be thought of as a database created as a linked list of encrypted transactions that uses a hash rather than a pointer.

A comparison between a traditional database and a blockchain can be found by imagining a room full of records and how it might be secured. A traditional database is similar to a room filled with filing cabinets with few to no locks, all “secured” by a clerk staffing the room and its filing cabinets at all times and adding, updating, and eliminating records as well as checking the credentials of anyone making any requests to do the same. A blockchain instead replaces the clerk with a series of security deposit boxes and anyone with the right key will be able to open a particular safety deposit box and edit the record inside of that box deposit box. In this way, blockchains create trust in lieu of the clerk by using encryption.

/// Benefits of blockchain technology ///

The main benefit of blockchain technology is that there is no central authority, yet the database can still represent a single source of truth. Unlike conventional database technology which requires a central keeper of information to verify whether the information being placed into the database is valid, blockchains spread the processing of the database over different nodes, or processing units, and trust is maintained through encryption and the power of the network. Conflicting database transactions are negated through the blockchain architecture, and there is a high cost to revoke any transaction. This allows the blockchain to remain a source of truth that can be accessed by multiple individuals as long as each has the right encryption key.

While there are other benefits of blockchain, such benefits are application specific and less applicable to all situations relating to healthcare.

/// Drawbacks of blockchain technology ///

Blockchain is traditionally difficult to apply to the healthcare setting because of the opposite emphasis of transparency and privacy. While the blockchain can be secured with encryption, the idea of having an entire encrypted database downloadable by anyone may be seen as anathema by most healthcare organizations. Healthcare organizations would rather have everything secured behind firewalls with limited access because of regulations and the public’s perception and insistence on absolute security of their healthcare records. As such, blockchain will not likely to be deployed in healthcare unless there are limitations to how a user can access the blockchain.

The other main drawback is that blockchains are highly dependent on their encryption keys. If a user’s private encryption keys are lost, there is no way to recover them. This is especially complicated with healthcare data because the value of healthcare data is not only transactional but also longitudinal. If a person’s medical record is partly missing, it is exponentially less valuable. Tracking a patient through multiple records across different organizations is already difficult, but the threat of losing a key is large enough that it is unlikely blockchain applications for healthcare will involve patient involvement initially. Lastly, if an user’s private encryption key were to be hacked or stolen, the hacker would have all the information ever stored by the original user. While there are security measures for encryption keys such as interface software (i.e. wallets), the interface software adds additional attack vector for hackers and increase security concerns for blockchain implementers.

/// Public or Private blockchains ///

Blockchain setups can be classified first into two main types depending on the level of access to the blockchain. Blockchains can then be classified further by the differing levels of control each node has over the blockchain.

Public blockchains are totally open to the public and can be accessed by the public. The only protection is provided by encryption.

Private blockchains are blockchains that only certain participants have access to. There are varying levels of control of who can access the data, who can modify the data, and who ultimately has authority in the system.

The issue with public blockchains is that the public is not yet ready to use this technology. As the large number of hacks on Bitcoin exchanges have shown, loss of control is possible and losses are usually all or nothing. Since private encryption keys do not change, any hack or loss of the key represents a security hole that is not reversible and the victim of the hack or loss must start over with new accounts.

Additionally, since public blockchains are, by definition, publically available, there will be no future protection against technological progress in decryption methods unless additional security measures are regularly patched to the entire blockchain network. A hacked key in the Bitcoin blockchain has the limited downside of an individual losing all of his or her Bitcoins, which is not personal in nature. A hacked or stolen encryption key in a public blockchain designed for healthcare would expose healthcare data that is unique and personal.

Private blockchains, with some level of control over access, would likely be the norm in healthcare settings. Many of the issues of healthcare IT have less to do with technical interoperability and more to do with business agreements and bureaucracy. Private blockchains can be designed to follow the rules and authority laid out by business agreements. The mix of security and flexibility is more suited towards healthcare than the militant transparency in a public blockchain.


Ethereum is advertised as a “decentralized platform for applications that run exactly as programmed without any chance of fraud, censorship or third-party interference.”[1] Ethereum can be considered a more advanced platform than the blockchain technology used to power the Bitcoin system. Among Ethereum features is the smart contracts feature, which allows the blockchain to execute small computer applications as part of the blockchain process. This feature allows the blockchain to be more than a simple database of information — it becomes a distributed computer system with a database. Essentially, a blockchain powered by Ethereum is like a one-stop shop for running a host of applications with an emphasis on transparency and without any chance of fraud or interference by malicious parties.

For these reasons, some startups focusing on healthcare, like Gem Health, are using Ethereum as their blockchain framework.

/// Smart Contracts ///

Smart contracts act as small applications that can automatically affect the data in the blockchain without the need for any external applications. While it is possible to do the same thing as smart contracts through external means, having the process automated through smart contracts preserves transparency and removes the possibility of human error as it is triggered by conditions set ahead of time in the smart contract and the code in the smart contract is made public.

Some sample use cases for smart contracts that affect alternative payment models or Accountable Care Organizations (ACOs) are simple applications for pre-authorizations, or more complicated use cases such as real-time HEDIS measures reporting.

/// Gas ///

Gas is another feature of Ethereum that makes it ideal for healthcare in a private blockchain network. Gas is a feature that is used to prevent smart contract applications from running forever on the blockchain because of coding or scope issues. A side benefit of this architecture is that gas is a good measure of usage and can be used to divide the cost of running the blockchain infrastructure equitably amongst participants.

APM is the next step

Alternative payment models (APMs) is the next step for healthcare to take to rein in spending and control healthcare costs. In order for the US to move away from the fee-for-service model, there has to be a healthcare IT infrastructure that allows organizations to link quality, value and effectiveness of medical interventions.

Traditional infrastructures with a central database typically take a long time to deploy and connect. There are issues with business agreements about usage of data and trust issues about exposure of healthcare data from multiple stakeholders. Controlling access to centralized databases are difficult enough that the method for delivering data from one organization to another is typically done through extract-transform-load (ETL) operations that typically involve large amounts of redundant files being sent to different stakeholders.

By replacing traditional IT infrastructure, a blockchain can process data in a limited parallel capability. As well, since every node already has a constantly updated copy of the blockchain, no files are needed to be transferred between organizations. As blockchains are by nature decentralized, blockchains are fault tolerant[2] and may be more reliable than onboarding a participant in the traditional central database model.

Accountable care organizations (ACOs), typically lightweight organizations, are using information technology to link organizations together to increase quality and value. While ACOs are the most likely organizations to adopt blockchain as they are not hindered by legacy infrastructure and ACO specific IT platforms have not been fully developed, payers and health insurance exchanges (HIEs) can use blockchain in limited applications to increase engagement with their healthcare partners.

Some of the ideas presented below are the likely use cases of blockchain in the healthcare IT space. These use cases were selected based on the ease of development of the blockchain towards the use case, the alignment of values of the use case with the blockchain values, and the marginal effectiveness of blockchain over the existing traditional model. As mentioned above, none of these use cases relate directly to the patient as the technology is not yet mature enough to allow patients direct access to the blockchain.

Use cases

/// Claims clearinghouse ///

Currently, claims data is one of the datasets suitable for blockchain. Unlike clinical data which is typically implemented in many different ways, claims data is relatively standardized and follows strict formatting rules. Claims are a major part of the healthcare revenue cycle and there is payer investment in how services are billed and money is collected. Typically, claims systems are the more advanced parts of any healthcare setting (source). Additionally, the government is a large player in the reimbursement and claims system, allowing a standard to be implemented more rigidly. Lastly, the end goal is straightforward. Claims data is used to distribute money properly and getting paid is a binary result — either payment is distributed properly or improperly. Unlike treating a patient, claims data has only enough information to ensure getting paid properly is the end result.

Claims IT systems are well-suited to be powered by a blockchain. Claims IT systems are typically robust and claims data flows through multiple organizations. Each exchange of data from one organization to another creates a new need to verify that the data is correct since each organization has personal incentives to ensure no errors occur in their respective data. These exchanges between different organizations introduce costly time delays. The typical claims period is usually one month after the clinical event the claim actually references.

By decentralizing the system, blockchain will allow claims information to be processed at a much faster rate than previous and current rates, and data will be collected into a single location as part of the blockchain process itself. Traditionally, claims data has taken a long time to process as there is only a single database to process everything. Through blockchain technology, claims can be added to the database in real-time, allowing updates to analytics that may have needed months to collect and process. Some features that can be part of this blockchain by using smart contracts include real-time HEDIS reporting and automating and making prior authorization actions transparent because the code in smart contracts is typically open to any user. Errors would be fixed quickly if the users see any discrepancies.

By placing the claims clearinghouse into a blockchain, the real-time nature of the blockchain allows many other applications to exist and allow organizations that rely on claims for analytics to have access to real-time reporting. The possibilities of real-time claims can power a multitude of different quality improvement programs designed to increase value and quality of medical interventions.

/// Interoperable provider directory ///

Provider directories are typically unwieldy databases of names, locations and affiliations that are hard to maintain because of the arrangements different providers have with each other and with hospitals. Add in multiple NPI numbers, NCQA credentialing, and different contracting requirements payers have with their provider networks, and we have provider directories that are typically out of date as soon as they are generated or printed.

By putting a provider directory in a blockchain, it is possible to create a single interoperable provider directory that is valid over large geographies. Since there is no PHI involved, this blockchain can be made public and will have the transparency that is distinctive of public blockchains. Automated smart contracts controlled by payers can automatically invalidate providers as soon as their contract with payers expires. Providers can be trusted to update certain parts of their own information such as their office locations, business hours, and whether they are accepting new patients.

Once a provider directory is on the blockchain, the blockchain’s real-time nature will allow further development of new features by linking the directory to other systems. Imagine a provider directory that is updated with reviews in real-time or connected to the providers’ scheduling systems so that a patient can schedule appointments as soon as the patient confirms that the provider selected is an in-network provider.

/// Patient Directories and Care Plans ///

Accountable care organizations typically have patient members who have standardized care plans that help the ACOs coordinate care and create cost savings by being more efficient. Typically, care plans are relatively static information that is transactional in nature — a care plan for a patient typically is not directly affected by a care plan that that patient had previously. When ACO staff updates a care plan, they usually do so in response to the patient’s current condition. This means that the information in the latest version of the care plan for the patient matters, indicating that this type of information fits well with the modular nature of a blockchain.

By placing a patient directory into a blockchain, there are several advantages such as being able to quickly deploy a service for providers to verify if an incoming patient has a care plan from the ACO to follow. More revolutionary is the ability to update the care plan by using smart contracts in real time based on different encounters that are recorded in the blockchain. If a patient is frequently checked by ER departments over a short period of time, smart contracts in the blockchain may add a flag in the care plan to ask the ER departments to consider putting this patient into an ER diversion program to avoid frequent ER re-admittance. This type of automatic program in the blockchain may help reduce burdens of the ER while reducing the overall cost of care for patients in general.

Unlikely Use Cases

/// Electronic Medical Record System ///

Many advocates of blockchains in healthcare have pushed for blockchain as a solution for interoperability. By incorporating medical records directly into the blockchain, advocates claim that medical records can be transferred and controlled via the blockchain (i.e. Gem Health). The reality is that most clinical data is not normalized into a set standard with many variations in how the medical record standard is implemented. Different electronic health record systems (EHRs) use multiple ways of implementing fields in the medical record. The blockchain does not provide any major innovation to the existing query portals and secure transport methods such as DIRECT. While there may be minor improvements, the interoperability issues inherent in current health information organizations (HIOs) will remain the same if blockchains were used instead of current query portal and DIRECT mail platforms.

Aside from the complicated formatting issues in clinical data, blockchains are much better for transactional data, which, by nature, is comprised of data points that are independent from each other. Blockchains allows data to be stored independently in a modular fashion, which fits the single block nature of information in blockchains. Clinical data is not transactional. The whole idea of alternative payment models is to link quality and value of medical interventions, which means each data point is connected. Clinical data is longitudinal. While it is possible to put medical records in blockchains, there is a lot of extra data besides the transaction that needs to be included in order for clinical records to be useful for use as an EHR. The more information included would also increase the size of the record, which would negatively affect the efficiency of the blockchain. There are no major benefits that offset the drawbacks of putting the medical record on a blockchain.

/// Global Patient ID software ///

The idea of using a public blockchain containing patient demographics to be used as a patient identification system will not be easy to implement. While blockchain advocates may claim that a public facing blockchain will encourage transparency and allow patients to update information in real time (source), access to single accounts on blockchains by patients may easily become unrecoverable whenever encryption keys are lost. While a blockchain allows for a public single source of truth for patient ID and data, it does not have significant advantages over existing Master Patient Index (MPI) models which match patients to clinical information and medical histories using a host of different demographics in a statistical matching model. While patients may not be able to directly access the MPI compared to the blockchain model, patients already indirectly update their demographics in a MPI through admit-discharge-transfer (ADT) messages anytime they check into a hospital or clinic and fill out paperwork with personal data that staff then enter into their hospital or clinic patient ID and data systems.

Sample Implementation

Blockchains will likely not revolutionize healthcare immediately. Blockchain uses are quite specific in what they can do well. Blockchains will likely enter the market discreetly, making certain parts of the industry more efficient. Similar to how EHRs, MPI systems, and analytics are slowly changing workflows by increasing the capabilities of staff in healthcare organizations, blockchains will enable healthcare staff to get information in a shorter time frame without file transfers, allowing more efficient workflows to evolve out of existing workflows.

Below is a description of how an organization may likely adopt blockchain into its infrastructure. (This sample is set in the context of a hypothetical ACO trying to adopt blockchains for its collections of hospitals.)

/// Phase 1 ///

Polaris, an ACO consisting of seven hospitals and fourteen smaller clinics, realized that many of its hospitals were using different EHR systems that were not interconnected. As a first step in trying to identify if patients going to the hospital and clinics were part of the ACO, Polaris implemented a blockchain. By setting a blockchain with nodes at each of the hospitals and clinics, plug-ins and interface engines were used to connect the blockchain with the different EHR systems at each point of care setting.

Any time a patient is registered into a point of care setting, the EHR system sends an ADT message to the MPI to identify the patient if possible. In our example, Patient A is in registration at Sunnybrook hospital. The following journey is illustrated in Figure 1.

1. Patient A’s ADT message is sent to the MPI and the care plan in the blockchain is returned when Patient A is identified as an ACO patient.

2. Patient A is admitted and is discharged after the hospital checkup.

3. The ADT messages are sent during the admission time and discharge time respectively to the blockchain.

4. The smart contracts in the blockchain automatically updates Patient A’s care plan.

5. The blockchain adds a recommendation to put Patient A into an ER diversion program after noticing that the discharge message was for a minor diagnoses and this has marked three ER visits for minor diagnoses in the last month.

Figure 1. Blockchain use by hospital for Patient A (Courtesy of Michelle Mccoy)

Meanwhile, Patient B is not a Polaris patient.

The staff checks in patient. The MPI finds no record of patient B, suggesting patient B is not a Polaris patient. Noticing this, staff asks if Patient B wants to sign up and quickly enrolls Patient B through a web interface on the intranet that connect to the blockchain.

/// Phase 2 ///

After noticing the success of the patient directory, Polaris is looking to see how else the blockchain can be used in its clinical system setting. In order to become more analytical about costs, they decide to put claims data onto the blockchain and link patients and their claims through the MPI. Each of the hospitals and clinics of the ACO used the interface engine to connect the claims system to the blockchain. Through smart contracts, they were able to make a dashboard with rolling quality measures adapted from HEDIS scores to measure the quality of care the ACO was providing while tracking costs.

Certain hospitals outside the ACO were interested in the system as well to measure their own quality of care and costs. St. Peters Hospital, for example, was allowed access to the blockchain by paying a fee to the ACO, setting up a blockchain node with lower authority and connecting a claims feed to the blockchain. In return, Polaris was allowed to generate aggregate comparison reports of quality measures of St. Peters for comparison to its own hospitals. St. Peters knows that its individual medical records and patients’ privacy was maintained because of the encryption of blockchain. St. Peters knows that only the smart contracts can access the data in aggregate because the coding for the smart contracts is transparent and is readable on the blockchain. These analytics reports help both the Polaris ACO and St. Peters to develop better quality care and know what areas they need to improve on based on their own respective quality measures.

/// Future Phases ///

After these successes, Polaris has a multitude of ways to incorporate blockchain into its workflows. While none of the applications of the blockchains were a direct solution to interoperability or single-handedly enabling alternative payment models, the blockchain was able to provide information with a single source of truth. Future phases are expected to be similar: incremental innovations that eventually become indispensable because of the programs the information enable. Eventually, even payers and Bitcoin may be connected to private blockchains so that people have a one-stop shop to pay multiple doctors and departments immediately without the need to wait for invoices from multiple doctors and departments.


Blockchain is not limited to just Bitcoins. While not a pancreas for interoperability, blockchain provides incremental improvement to existing workflows by making a trustful system that can be decentralized and fully automatic, increasing speed and accuracy while reducing human error. More importantly, blockchain may help organizations understand where there are barriers arising from policy, regulation or business models as slow workflows will no longer hide inefficiencies. Technology is only part of the solution. But if blockchains are utilized in the right application, they can provide the information needed to drive programs and process that enable alternative payment models to achieve their aim of linking value and quality.

[1] Ethereum Project, retrieved 1 August 2016 from

[2] Blockchains vs centralized databases, retrieved 1 August 2016 from