Storing Medical Records On The Ethereum Blockchain
Here’s an uncontroversial take: medicine in the United States is fucked. Not so much regarding the actual treatment of patients, but more the bureaucracy surrounding (and often impeding) treatment of those patients. Whether you believe in medical deregulation or single-payer nationalized health insurance, the current system blows, as 54% of Americans are dissatisfied with a healthcare industry that often puts the onus on individuals to coordinate their own care.
Unsurprisingly, much of the conversation about healthcare in the United States revolves around health insurance and cost. Insurance and procedure/drug costs are enormous enormous factors in the quality and availability of the care people receive. However, in looking to improve the efficiency and equity of flawed systems–something toward which I imagine the blockchain community is particularly inclined–it is important to examine smaller, less obvious routes toward managing and improving the system as a whole.
Which brings me to medical records.
TL; DR: We should all put medical records on the blockchain (eventually).
But how would storing medical records on the blockchain work? What purpose would it serve? And, is it even possible?
Ethereum: The Final Frontier
Right now, the truth is we don’t really know what Ethereum can do. A lot of very impressive people believe the network and its underlying blockchain technology will revolutionize the way we lead our lives–perhaps even save the world.
Of course, that will take time. As of right now, storing information on the Ethereum blockchain is very expensive. Just in case you’re new, or need a quick review, here’s why:
Most people think of ether as a currency, like dollars or even Bitcoin, but it is also possible to think of ether as the fuel of the Ethereum network. In fact, completing transactions require payment on the part of the user in the form of gas, which powers verification of data on the blockchain. Gas is more or less a fee for miners, who process transactions and keep the blockchain secure–an expensive and energy intensive process. You can also think of gas as a measure of how complex an operation is–the more complex, the more gas it costs. For example, adding two numbers costs 3 gas, but multiplying two numbers costs five gas, because it is a more complex operation. The price for gas is usually measured in Gwei, which is a denomination of currency smaller than ether, much as cents comprise dollars. It takes one billion Gwei to add up to one ether.
While a user gets to decide what price he or she is willing to pay for gas, because miners prioritize transactions with a higher gas price, the cost of gas is effectively dictated by the market. Right now, an average gas price is somewhere between 20–30 Gwei.
But what does that mean practically?
Well, while simple operations like addition and multiplication are relatively inexpensive, they are still close to 400 million times more expensive than completing the same calculations off the blockchain. Storing data is even more expensive. According to the most recently updated Ethereum yellow paper, storing a 256 bit word costs 20 thousand gas, making a single kilobyte cost 640 thousand gas. Even at a relatively low gas price of 20 Gwei, storing a single kilobyte of data costs .0128 Eth, or $2.24 (with Eth at $175 today). Storing a gigabyte of data would cost over $2 million, and that’s before even dealing with gas per block limits, which cap the amount of data you can send in one block. At this rate, storing even a single, high quality x-ray on the blockchain could cost $11,000, so that more or less puts the kibosh on storing images, but storing text is a much more reasonable $4–5 a page. While it’s impractical and expensive to imagine hospitals or insurance providers storing detailed histories of millions of patients at that cost, it is already possible for individuals to privately store on the blockchain a simplified, text-based page of their most essential medical information (i.e. allergies, medications, past surgeries, etc.)
The high cost of data storage isn’t only an issue for someone interested in keeping records. Right now, the entire blockchain community is grappling with the problem of balancing cost and network speed against security and longevity. The benefit of storing important information, like medical records, on the blockchain is that its existence doesn’t depend on a single entity or company, making it unlikely to disappear (if, for example, a company goes bankrupt) and difficult to forge. Therefore, the value of storing something sensitive, valuable, and relatively fixed is much higher than the value of storing something like baseball scores, which change frequently and are easily accessible from many different portals.
Fortunately, it seems a number of improvements may be within our grasp. In particular, the Raiden Network, similar to Bitcoin’s proposed Lightening Network, has the promise to reduce transaction costs up to 7 times and process up to 1 million transactions per second. It does this by moving some transactions off the blockchain onto a peer-to-peer network, while still interacting with the Ethereum Network to retain security and longevity. And, unlike Lightening Network, Raiden could go live as early as next month.
Another important process in development is sharding. If implemented, this process would break the network into individual shards with their own set of validators, who do not need to validate any shard but their own. While sharding’s primary implications surround the scalability of the Ethereum network, it also has the potential to reduce transaction costs and ease the adoption of major institutional changes such as those we’re discussing.
Privacy on a Public Ledger
Another significant barrier to storing medical records on the blockchain is one of Ethereum’s fundamental elements: the public ledger. Currently, any transactions that occur on the blockchain are viewable by anyone who chooses the access it. This improves the security and longevity of the information stored there, but hinders anyone from storing truly sensitive information in the blockchain. Understandably, one might be reticent to store a list of allergens, prescriptions, and bodily information on a publicly accessible system.
One basic solution is to encrypt files before storing them on the blockchain, and then keep the private encryption key offline. As long as you kept the encryption key, you could rest assured that your medical records are safe and easily accessible. If you needed for a health professional to access those records, you would re-encrypt the files using the public key of whatever health professional to whom you want to send your records. This, however, would only be useful for voluntary activities, like changing insurance providers or primary care doctors, but wouldn’t allow for emergency use–a potentially significant benefit of storing medical records on the blockchain, which we’ll get to shortly.
Fortunately, as more and more people in the Ethereum community discuss and develop methods of integrating daily life and the blockchain, it has provoked a discussion of the need for privacy. While the public ledger is one of Ethereum’s most valuable tools, there are certain very exciting possible use cases for Ethereum that would likely never be realized without enhanced privacy protections (i.e. voting, “silent” auction bids, verified social networks).
Last year, God Vitalik himself wrote an article examining methods of implementing privacy on the blockchain.
One solution involves multi-party computation, which requires that you trust a majority of the participants involved in storing the information–likely possible if you trust your doctor or another family member with that information. However, such encryption also increases the cost of writing that information.
Even more exciting possibilities lie ahead. It is likely that in the next major protocol fork, known as Metropolis, that Ethereum will implement zero-knowledge proofs, called zkSNARKs. Partnering with the team behind ZCash, an anonymous cryptocurrency, to form Project Alchemy, the Ethereum R&D team promises to merge the best aspects of the two networks into one platform with the most flexibility and security.
Even Project Alchemy, however, would not solve all of our problems. In his aforementioned article, Vitalik even specifically addresses the possibility of storing medical records specifically, saying:
“…it is once again important to note that blockchains do NOT solve privacy issues, and are an authenticity solution only. Hence, putting medical records in plaintext onto a blockchain is a Very Bad Idea. However, they can be combined with other technologies that do offer privacy in order to create a holistic solution for many industries that does accomplish the desired goals, with blockchains being a vendor-neutral platform where some data can be stored in order to provide authenticity guarantees.”
So, what tool does Vitalik suggest? Personal encryption! Just like where we started. While this isn’t necessarily the most elegant solution, it is a possible workaround as the community builds greater privacy measures into the Ethereum network.
Alright, we get the point. But why is this useful?
As we discussed at the beginning, medicine in the U.S. is fucked. What’s more, this fucking is mostly bureaucratic in nature. Insurance regulations vary widely and are often difficult to parse. Furthermore, in today’s political climate, insurance rules could change at any moment (and perhaps change back, depending on elections). Second, more and more young people are moving than ever before. They aren’t buying homes, they’re freelancing, and fewer and fewer have insurance through work. If you’re constantly changing hospitals or providers, for either political or personal reasons, it can be difficult to coordinate treatment. Even more basically, it’s just a hassle to manually update medical histories every time you move or change providers.
That’s not even considering the many issues that hospitals run into with internal storage of medical records. Thousands of medical records were lost in the late 90s and early 2000s when hospitals made the switch to digital record keeping, and a similar problem is occurring now as many hospitals begin another round of updates. In 2012, dozens of hospitals lost their patient medical records when Cerner Corp., the company storing the information, experienced a major computer outage. Furthermore, keeping medical records within the hospital may be about as secure as keeping it in a public ledger, as a 2014 study showed that over half of major security breaches occur in the medical industry, with up to 90% of healthcare organizations having exposed their patients data or had it stolen.
Most importantly, though, readily accessible medical records could potentially save hundreds of lives. Imagine a world in which an unconscious patient comes into an ER, and an emergency room doctor–who has verified his credentials on the blockchain–could access the patient’s records, checking against allergies and past medical procedures. While some people wear medical bracelets or dog tags, not everyone with medically relevant history keeps such information on them. Even Apple has gotten into the game, now allowing iPhone users to store sensitive medical information on the emergency unlock screen, but that information is by design accessible to anyone who has the phone. You’re shit out of luck if you lose it. However, there are some interesting possibilities that emerge by partnering physical technology like smartphones with the Ethereum network. Imagine that, instead of medical records being accessible to anyone who holds the phone, they are completely encrypted. A verified doctor (perhaps on her verified work schedule in a region you verified living in or traveling to) could run a function using her private key on a smart contract that only allows access to specific medical professionals, which unlocks individual medical records on smartphones watching the blockchain. Voila! A strange–but possible–solution.
While it may take months to years of development for Ethereum to reach the point at which this vision can be realized, the capabilities of the network continue to expand rapidly. Stored on a future version of the Ethereum network, one with fewer costs and greater privacy protections, medical records could become simultaneously liquid and secure–a potentially life saving development.
