Medicalchain: This Startup Wants to Put Your Health Records on a Blockchain
The process is so familiar that it's easy to ignore what a relic it is: you go to see a new doctor, and they make you recount your medical history on a sheaf of forms. That information is already out there somewhere—probably multiple somewheres—so that if it was stored in a digital format, it would take fractions of a second to beam over to your new doctor. If only someone would wrestle medical data into the digital age.
"It's absolutely nuts," Abdullah Albeyatti, a doctor in the UK's National Health Service, told me via video chat earlier this month. "We can do everything so fast, but we can't do this." The problems with the current system don't end at anachronistic tedium, either (Albeyatti brought up the NHS' continued use of fax machines more than once). If a doctor can't access the results of a recent blood test, you may have to repeat it: that's expensive. If a doctor can't access the results of a recent CT scan of your head, you may have to repeat it: that's expensive and "500 X-rays to the head in one go."
Fed up, Albeyatti and Mohammed Tayeb, a veteran technology entrepreneur, founded Medicalchain, a blockchain-based platform that is slated to launch in February. The company aims, in Albeyatti's words, "to collate all of the patient's records into one platform, one place, which is their mobile device." If it succeeds, the ultimate result could be to make "the patient the true owner of their own records."
Morphine Five Times a Day
So why are medical records stuck in the past? Nothing in principle prevents a patient in the U.S. or UK from obtaining their records and bringing them to each appointment. The issue is how to establish trust. Albeyatti says that when he talks to other doctors about the blockchain's potential impact on their field, "they always say, 'well how do you know they're [the patients] not going to add morphine five times a day?'"
Around February 2016, Albeyatti and Tayeb realized that blockchain technology provided a way to facilitate medical data transfer while keeping patients' records private and safe from tampering—including by the patients themselves.
Blockchains are secure, distributed ledgers that allow multiple parties to maintain a single data set without having to trust each other or any central arbiter. The first blockchain was bitcoin's, launched in January 2009, and it captured the imaginations of cypherpunks, libertarians, software developers, and Wall Street (in roughly that order) with its ability to securely transfer money between total strangers—no bank, broker or clearinghouse required.
Before long it became clear that blockchains' usefulness is not limited to money. Any sort of data can in principle change hands in the way that bitcoin's transactions do, and the rush to commit anything and everything to a blockchain has already begun: land titles, email, bond trades, descriptions of diamonds, and yes, medical records.
How It Works
Under Medicalchain's model, health records will be encrypted and housed in regulatory-compliant databases much as they are today; storing copies of the ledger locally on users' devices would be legally tricky and impossible in terms of storage capacity. "We don't want to hold anybody's data," Albeyatti says. "We don't want to have servers, we don't want to have access to anybody's records." (He acknowledges, however, that the firm might host some patient data in the early, proof-of-concept stage.)
The company's blockchain will instead act as a platform, recording hashes that point to the data's location on encrypted servers within the patient's own jurisdiction. This setup enables access from mobile devices anywhere around the world. The patient, as the owner of the data, will use a private key to grant permission to a doctor to decrypt, view and edit the records. The patient can view the records, but can't edit them.
With luck, this arrangement elegantly sidesteps regulatory hurdles. "There's nothing legally that's stopping you as the patient to say, 'I want my medical records,'" says Albeyatti. By the same token, he adds, a patient can say, "'I want to give it to these guys to put it in a format that I can carry around electronically.'"
Nothing stops doctors from looking at records they've been given access to, either, so Medicalchain is eyeing a slew of markets: the UK, Europe, the U.S., Japan, South Korea and Singapore. It remains to be seen, though, whether the company's model is in fact immune to regulatory complications.
Albeyatti sees several additional benefits to facilitating the transfer of medical records: telemedicine would be more productive if doctors could see patients' history right on their screens, and Medicalchain is building a platform to offer that capability; health data from wearables and other connected devices could be committed directly to the ledger; and insurance companies could offer discounts to Medicalchain users, since they would be more confident that these customers' medical histories are free of fibs and omissions.
The Privacy Problem
Medicalchain's blockchain will differ from bitcoin's in one major way. Bitcoin enables secure, trustless transfers of payment data by making the whole ledger utterly public: head to blockexplorer.com, and you can see every transfer that's ever taken place on the network. The identities may be obscured by the use of long strings of numbers and letters, but as soon as you know who a given address belongs to, you know everything they've ever done with it.
And the network is completely open: not only can anyone send and receive bitcoin, but anyone can assemble a mining rig and start contributing to the maintenance of the ledger.
That setup would not work for medical records. Certain medical conditions carry enormous stigma, but even the blissfully healthy would prefer not to let the world peruse their entire medical history. As for maintaining the ledger, letting just anyone commit data to the blockchain resurrects the morphine-five-times-a-day dilemma. Bitcoin works as an open ledger by imposing a simple rule: you can only spend money you have. Medicalchain has a more complex need: to ensure that only qualified professionals are writing on its ledger.
"We have to use a closed, private blockchain," says Albeyatti. Rather than building their own from scratch, Medicalchain is working with Hyperledger Fabric. The network will admit only licensed, practicing, insured doctors with no outstanding cases against them. That way doctors can rest assured that no quacks, cranks or—worst of all—patients have tampered with the data. As for the validator nodes that maintain the ledger (analogous to bitcoin's miners), Medicalchain is in the process of recruiting nonprofit organizations to fulfill this role.
Private, permissioned, or enterprise blockchains—as they are variously called—are controversial. The skepticism is in part ideological. It is probably no coincidence that bitcoin appeared during the depths of the financial crisis, when trust in financial institutions was at a historic low. Many saw the cryptocurrency's promise to render these institutions obsolete as its core appeal. Today banks are among the most enthusiastic adopters of blockchain technology, but—with some exceptions—they shy away from open ledgers and build closed ones that admit only the incumbents.
Limiting the ability to edit to a medical records blockchain to doctors is unlikely to raise the same hackles, but some of the objections to private blockchains are practical. Bitcoin's resistance to tampering comes from the difficulty of assembling a large enough contingent of network participants—most of whom are strangers to each other—to force the ledger to register false transactions or refuse the legitimate kind. When the network is limited to a smaller number of permissioned nodes, and these nodes share professional or other bonds, there is more opportunity for collusion.
To critics, these blockchains defeat the purpose by inserting trust back into the equation.
Tayeb told me via email, "clearly the more nodes we have, the more secure the blockchain will be." But the Medicalchain team is confident that Hyperledger Fabric provides sufficient security, even for data as sensitive and valuable as medical records: "They are supplying us with everything we need," Albeyatti told me. "It's not been hacked, there's no cases or incidents where there's been problems with it."
MedTokens
While the use of permissioned blockchain marks a departure from bitcoin's approach, another aspect of the Medicalchain ledger is familiar: the token.
MedTokens, as they are called, are designed to be the financial lubricant that keeps the blockchain running. They will be used to compensate the nodes who validate the ledger; these will take a percentage of the commissions Medicalchain itself earns from MedToken transfers. Patients will use the tokens to pay doctors for telemedicine consultations, and these doctors can then exchange them for fiat currency, or use them to pay their own or their family members' doctors. When pharmaceutical companies want to amass reams of patient data for study or to collect data from ongoing trials, they might opt to pay patients directly using MedTokens. Currently they obtain the data through hospitals, cutting patients out of the transaction.
The choice to introduce a new currency into the mix might raise eyebrows. Albeyatti points out that, since the plan is for Medicalchain to be used across continents, having a consistent medium of exchange eliminates the hassle of converting between currencies. There are, however, already a number of perfectly good cryptocurrencies available, ether and bitcoin being the most prominent examples.
I asked Tayeb if patients—the ones who weren't enrolled in lucrative drug trials, at least—wouldn't be chronically short of MedTokens, while doctors would have a surplus they'd end up selling back to patients, one way or the other. "We don't want this to be a burden on the patient," he wrote in an email, "so we will put an exchange interface" accepting credit cards, bitcoin and ether.
These questions aside, MedToken has played a crucial role as Medicalchain's sole source of funding up till now. A pre-sale that began in September has raised over $3 million. "We don't have any VCs," Albeyatti explains. "We don't have any other source of financing. We're very bootstrapped." An initial coin offering is scheduled for February.
The views and opinions expressed herein are the views and opinions of the author and do not necessarily reflect those of Nasdaq, Inc.