Medical Permissions Management needs a steroid boost
I am a primary care physician. Like most medical doctors in the U.S., I am disappointed by the the failure of the Healthcare IT industry to provide timely access to critically important patient health data, across platforms, when it is most needed: for example, in emergency rooms, urgent care centers, hospitals, nursing homes, and in primary care and specialists’ offices during transitions of care. We have thrown ungodly amounts of money at the problem, and have issued several rounds of federal mandates to fix it, all to no avail.
Healthcare IT is a $28 billion per year industry, projected to reach $36 billion by 2021 (https://www.kaloramainformation.com/Content/Blog/2017/04/28/The-State-of-the-EMR-Market-in-2017). Despite this exhorbitant cost, information stored in Electronic Medical Records (EMR’s) is still not organized in a useful way. The information is split up among hundreds of private EMR vendors, and stored in proprietary SQL databases behind firewalls. Data is accessible to patients via third-party healthcare portals, and authentication for access is done either via username/password, or via OAuth2. But a different portal is required for each healthcare provider. When you consider primary care, specialty care, hospital, lab, and imaging, it is easy for a single patient to have 5 separate active portals during one episode of care. In addition, a patient cannot electronically delegate access permission to caregivers who need access to the information.
What if there were a way to record “permissions transactions” in which patients are delegating, revoking, or specifying specific granular permissions for their healthcare providers to access and aggregate their health history, and these transactions were encrypted for privacy, and stored in a public ledger outside of all the EMR’s, accessible globally?
This is the point in the article where the reader is permitted to roll his or her eyes. “Here comes another random person who thinks blockchain technology is the next generation for everything.” But in this use-case, there are specific components to the solution: we need to be able to record “permissions transactions”, there needs to be delegation from one identity to another, it needs to be encrypted and private, it needs to be inexpensive, it needs to be immutable, it needs to be available 24/7 with no down time, it needs to be available via API around the globe without respect for national borders, and it has to be outside the confines of any specific private EMR vendor.
All of these specifications can be accomplished with a centralized server, or with a public blockchain. However, any solution involving a centralized server would potentially be flawed in terms of governance. Who are we going to entrust with the responsibility to guard the privacy of global healthcare records? A private company? A country’s government? A political party? A government agency? An international alliance? A favorite EMR vendor? The beauty of the blockchain in this use-case is that it is completely “trustless” and reliable at the same time, due to the power of cryptography mathematics. People have been conned and duped into fraudulent transactions on the blockchain by other people, but no one has ever broken elliptic curve (EC) cryptography itself. That is why we use EC cryptography every day to secure sensitive web transactions, verify digital certificates, and so on, with very high confidence.
The Syscoin API is a unique and ideal solution. Not only does it provide an API with direct access to a very robust blockchain, it also provides users access to fast transactions, and rapid confirmation times. In addition, the API provides access to critically important components for permissions management: on-chain aliases and digital certificates. I will focus on aliases for now.
Syscoin aliases are amazingly simple, versatile, and powerful at the same time. Each alias has two asymmetric keypairs, one associated with the address (the “alias keypair”), and one to use for encryption (the “encryption keypair”). They are compact, they are time-limited, and therefore pruneable. They can be attached and detached from addresses at will with very inexpensive transactions. They can also be attached to certificates. Ownership can be transferred. Encryption keypairs can be changed. And it is very easy for two separate aliases to generate a shared secret that is invisible to the rest of the world.
It is important to understand how an Elliptic Curve Diffie-Helman (ECDH) shared secret works. Let us say Alice and Dr. Bob possess their own keypairs. It turns out that Alice can combine her private key with Dr. Bob’s public key, and Dr. Bob can combine his private key with Alice’s public key, and they can both derive the same shared secret. But since no one else has access to the private keys, no one else can derive the shared secret. This shared secret can in turn be hashed and used as a cipher to AES encrypt data.
When logging into a healtcare portal, an access token is required. For example, patients logging in with a password, or with OAuth2, will obtain a JSON Web Token (JWT) for access for a set period of time. My proposal is for a patient to encrypt the JWT with the shared secret and store it inside an alias or a certificate. Once it is there, a patient can transfer it to a caregiver, or to a set of caregivers, via additional alias and certificate transactions. Patients can revoke permissions easily by generating a new JWT, which expires previous tokens.
The implications of such a mundane tiny bit of software could be profound. From now on, any patient, in any state, or any country for that matter, that has a set of healthcare portals will be able to access all of them using a unified authentication process, and further will be able to delegate the entire set, or any subset of permissions to any of their caregivers at will, in a matter of minutes. The quality of healthcare at the point of service, and the user-experience for all involved, would be greatly improved! There are already hundreds of millions of patients signed up with and using healthcare portals every day. However, they are not being used to full advantage, yet!
That is the extremely short version of a proposal that I have submitted to the Syscoin Community for consideration. If approved, this could pave the way potentially for the first ever application for ONC certification of a blockchain for use in healthcare communication. It will take a collaborative effort, between clinicians, patients, healthcare portal administrators, and the office of ONC (Office of the National Coordinator for Healthcare IT). In a favorable development, the ONC published a draft of my proposal two years ago and this was presented at a joint ONC/NIST conference in Washington DC in 2016. A link to the publication can be found here. https://oncprojectracking.healthit.gov/wiki/display/TechLabI/Blockchain+Challenge+on+ONC+Tech+Lab?preview=/14582699/16318506/14-ONC_Challenge%20(1).pdf