Using Blockchain For a More Secure Medical Records System

ONC Published a New Patient Guidebook to Encourage Patient Health Record Access

Blockchain is probably most recognized for maintaining the security of cryptocurrency transactions, however can blockchain be used with medical records? Can blockchain improve medical data security?

Using blockchain for healthcare records is still relatively new, however there are obvious security advantages that could aid to cut down healthcare data breaches at the same time making it easy to share health data between healthcare providers and with patients.

Presently, there’s still much to improve with the way health data are kept and shared. The system isn’t efficient, a lot of roadblocks prevent data sharing and patients’ medical data is not just stored by one healthcare provider – rather a patients’ complete medical histories are divided and distributed among several providers’ systems.

This does not only make it hard to compile the health data, it additionally makes the data prone to theft. If information is split among several providers and their business associates, the potential for a data breach is higher. The Health Insurance Portability and Accountability Act (HIPAA) necessitate all HIPAA covered entities and business associates to use technical safety measures to secure protected health information. But, every entity decides to deploy its own security controls.

If more entities are accessing the health data, the potential for errors to occur that end up in the data exposure is greater. As the Department of Health and Human Services’ Office for Civil Rights Breach portal plainly shows the lack of care of HIPAA-covered entities and business associates when storing or transmitting information, and even if they are careful, most often breaches still occur. Nevertheless, blockchain for healthcare records can considerably boost data security.

Blockchain is a sequence of data blocks that have information on transactions, every one of which is encrypted to guarantee privacy. Instead of storing information in one location, blockchain stores information in an encrypted ledger that is spread across coordinated, replicated databases. Every block is connected to the past block by way of a unique public key that give access to carefully controlled data.


Simple Guidelines
Immediate PDF Download

Immediate Access

Privacy Policy

As is shown in the huge Anthem and Equifax data breaches, individual entities can’t be entrusted with large volumes of data and secure it within a centralized system. Keeping data in a decentralized platform may be a workable option. If using blockchain, every data block in the chain could be encrypted using a public key cryptography that may be unlocked by using a private key or password held by a patient, for example.

If using blockchain for health data, instead of several healthcare providers keeping their own patient data copies, the patient could allow each healthcare provider to access their data using a key. Without the key, it’s impossible to access the data kept in the blockchain. Hacking just one block of data is not possible without all together hacking the other blocks. It would likewise be impossible to change the data in the blocks and hide those changes.

With health records, the blockchains would be consultation services with doctors, blood test results or X-ray images, prescription medications, or surgical treatments. Every time data is inputted, validation by a trusted entity with access key is necessary. As soon as validated, it will be included as a block in the chain in order of date, with the blockchain composed of a patient’s complete medical history.

Using a blockchain for healthcare records can be very good for providers and patients. Not just for securing medical records, but compiling together separate healthcare records kept by a number of healthcare providers.

This will allow all healthcare records to be quickly distributed among providers. There’s no need to transmit healthcare records electronically among providers. Providers will only be instructed to access the data using the access key.

Blockchain can make it easier for patients to view their healthcare data. There’s no need to request copies of their health records from various healthcare providers. Just one request need to be submitted and they can access their complete healthcare records. At the moment, that process may be complex, time-consuming, and possibly expensive for the patient, because each healthcare provider is allowed under HIPAA to demand a fee for giving copies of patient data.

If data is made available on patient web portals, the process of gathering health information may be a lot more complex, as when sharing the data. Blockchain may help fix the problems that exist with several patient identifiers.

Blockchain evidently works for financial transactions. But can it work with medical records? Is it viable in practice? Studies using Blockchain and healthcare data have demonstrated very encouraging results.  One test performed by MIT Media Lab and Beth Israel Deaconess Medical Center indicated that blockchain works well for monitoring test results, patient treatments, and prescription drugs for inpatients and outpatients in a period of 6 months. In that trial, data exchange involving two bodies was simulated using two varied databases at Beth Israel. Now plans are ongoing to broaden the pilot test.

There are still problems that need to be fixed. Blockchain is not anonymous but pseudonymous. There is additionally the problem of how to be sure records are kept private, for example psychotherapy records, to stop patients from accessing that info.

It will likewise be needed for blockchain to be thoroughly tested with medical data and healthcare providers need be persuaded to use the blockchain medical records systems. The good news is earlier this year, IBM performed a survey participated by 200 healthcare companies. 16% said they are looking forward to having a commercial blockchain solution this year.

About Liam Johnson
Liam Johnson has produced articles about HIPAA for several years. He has extensive experience in healthcare privacy and security. With a deep understanding of the complex legal and regulatory landscape surrounding patient data protection, Liam has dedicated his career to helping organizations navigate the intricacies of HIPAA compliance. Liam focusses on the challenges faced by healthcare providers, insurance companies, and business associates in complying with HIPAA regulations. Liam has been published in leading healthcare publications, including The HIPAA Journal. Liam was appointed Editor-in-Chief of The HIPAA Guide in 2023. Contact Liam via LinkedIn: