Even the world’s best health systems are typically fragmented. “You have hospitals, community clinics, general practitioners, specialists, diagnostic clinics, and so on,” says Matt Jackson, who leads blockchain research at Canada’s Institute on Governance.
There are many reasons you might want to give someone access to your medical data. Maybe you just moved to a new city and want to give your new doctor access to your medical history, or perhaps you want to nominate a healthcare proxy in case of emergency or have your prescription sent to your pharmacy.
Some places, like the UK or Canada, have viable national systems for exchanging patient records, but those can be vulnerable to hackers.
In the United States, healthcare comes from a patchwork of private companies, which means the handling of patient data is even more fragmented. John Halamka, chief information officer at Beth Israel Deaconess Medical Center in Boston, Massachusetts, told MIT Technology Review last year that there are 26 different electronic medical records systems in his home city alone.
In 2016, Halamka teamed up with a group of scientists at MIT to try to find a solution to the problem using blockchain. They published their white paper on the subject in August 2016, laying out their proposal for a system that would help all those disparate databases exchange data — a project they called MedRec.
Andy Lippman, a senior research scientist at MIT, co-authored the paper with Halamka. The system they outlined was to use Ethereum software — which, unlike bitcoin, can integrate and execute smart contracts — to build a private blockchain, linking healthcare providers together and allowing them to share their data.
On this blockchain, each of these such instructions by a patient creates a specific smart contract on the blockchain that only the patient can cryptographically sign.
Security is one benefit: “Distribution makes the system more secure, because there isn’t a single place of attack or failure,” Lippman says.
Medical providers run a program module on their computer to access the database, as instructed by the smart contracts, which are initiated by the patient.
That module does three core things: First, it allows the healthcare provider access to the data when the blockchain is instructed to give it. Second, it executes the patient’s instructions as and when needed, sending data to a pharmacy or a specialist for referral — assuming the patient gives their consent. Third, the module allocates computing resources to maintaining the blockchain.