Decentralized App use case for healthcare data sharing
Blockchain technology will disrupt current business models by making intermediary services obsolete. The term blockchain has become a buzzword worldwide. IT technologists are picking up blockchain concepts and start reading about it in the hope of mastering the basic concepts. People are motivated to become professional blockchain application developers. Here is an excellent article for learning about blockchain history and evolution and how blockchain technology works.
In this article, we look at one blockchain use case in more detail and talk about steps leading to the implementation of a Decentralized Application or DApp. The use case of healthcare data sharing will be examined further. Here, only ideas are discussed, which are not necessarily implementable. Most of the discussions focus on business and architectural considerations. Comprehensive Overview and Analysis of Blockchain Use Cases in Many Industries is an excellent article for learning more about blockchain use cases in other industries as well as blockchain use case feasibility studies.
The business problem
Before getting to implement a DApp, one should start with the business problem by asking questions such as What are the challenges or the pain points? In the case of healthcare data, examples of challenges are as follows:
- Digitization: Many patients' medical records are available only on paper. This is particularly true for family physician offices, which are usually small. When a patient visits a physician's office, it is still a common scene for a doctor's office receptionist to search the file cabinets and pull out a folder with the patient's medical history. The records are then handed over to the physician. The physician reads the records while talking to the patient. This approach is not scalable and risky. A natural disaster such as flooding or fire can easily destroy these records. When a patient changes physician, the old records are not transferred. The new physician's office will set up a new folder and start to accumulate the medical history for the patient. Due to the loss of old records, some medical tests may need to be redone, resulting in additional costs and inconvenience to the patient. More importantly, the loss of history could lead to losing precious time that could be used for curing a disease.
- Timeliness: Since a patient's medical records are physically maintained at multiple offices, sharing the records, for example between the patient's family physician and a specialist, is difficult and time-consuming. To facilitate sharing the records, the patient first gives his/her physician's contact information to the specialist's office. Then, a specialist's office receptionist contacts the physician's office. The physician's office makes an arrangement to send the information via fax or regular mail. This approach is slow, expensive, and insecure. A patient's medical information can potentially be seen by unauthorized parties during the information transfer and the stolen insurance information can be used for malicious purposes.
- Ownership: Medical records are the health history of a patient. The patient should be the owner of the medical data. A doctor's office is merely the custodian. In reality, this is rarely the case. Whoever maintains the medical records becomes the de facto owner and makes decisions on how the data is used or accessed.
- Transparency: Since medical records are on paper and scattered at doctors' offices, individual and institutional users such as medical researchers, government agencies, and insurance companies do not have a convenient way to access aggregated medical information for legislative and other purposes. Access to the aggregated medical information, which does not involve confidential information about individuals, can be beneficial for the advancement of medical research, prioritizing medicine development, or making government health policies.
A blockchain solution
After identifying a business problem and its pain points, the next step is to search for a proper solution. For the previous business problem, a general solution is needed to build a computer-based healthcare data sharing platform. The platform will allow authorized parties such as doctors, researchers, government agencies, insurance companies, and pharmaceutical firms to access the medical data. Developing such a platform requires a tremendous amount of work. Digitization of existing paper records alone is well beyond our capability and requires the involvement of many groups and organizations. Since this article focuses on blockchain technology, we will concentrate on the blockchain part of a solution without worrying too much about the feasibility of its actual implementation.
Blockchain technology combined with other technologies, such as big data platforms and data science, is proposed. The blockchain will be used for hosting transactions. The big data platform provides sufficient space for hosting the bulk of the healthcare data at the detailed and aggregation levels. The data science-based analytics component computes the aggregated medical data and derives the analytical summaries.
- Data repository: The size of patient healthcare data can easily be in terabytes. It is not feasible to host healthcare data on-chain only. It is logical to choose the approach of combining on- and off-chain records for saving detailed medical data. In fact, the Ethereum blockchain has already used the idea of maintaining state variables off-chain, while having transactions and smart contracts saved on the chain. The body of a patient's medical information can be saved off-chain and its hash is saved on the chain. The hash is used here to prevent medical records from being modified without authorization. Each patient's medical record will be assigned with an address. When a patient's medical record is updated, a transaction with the type update is generated on chain. A new hash corresponding to the updated medical records of a patient is generated and saved on the chain. The updated records will have a new address. Similarly, when a user accesses a patient's medical records, a transaction with the type access is saved on chain. The digital assets of these transactions are the medical records.
- Choice of blockchain platform: Choosing a proper blockchain platform is an important architectural decision. There are technical and non-technical factors to be considered. One key non-technical consideration is the legal implication if a DApp solution involves a cryptocurrency, as different countries have different laws on cryptocurrency trading. Trying to work out a coin-based DApp following these laws is a daunting task and is not worth the effort. The purpose of our DApp is to resolve a business problem, not to issue a digital coin. A generic public blockchain platform such as Ethereum involves a digital coin or token. An enterprise blockchain platform such as Hyperledger Fabric does not involves a cryptocurrency. Therefore, HF should be considered. Since HF is permission-based, its consensus algorithm does not require heavy and lengthy computations. Therefore, HF provides a higher TPS. It also contains an access entitlement and control component, which is required for managing medical information access.
- Analytics component: An analytical component is needed to perform tasks such as aggregating detailed medical information and providing useful statistics. The aggregation is mandatory in order to mask confidential individual information and make the medical information usable by users such as medical researchers, government agencies, or insurance/pharmaceutical companies. A patient's detailed medical information should only be used by the patient's doctor with the patient's permission. The aggregated data should, as a minimum, make it impossible to reverse-engineer the information for any patient.
- Data protection: With any DApp implementation, protecting digital assets hosted on the platform is a key requirement. There are many examples of hackers attacking blockchain platforms, cryptocurrency exchanges, or wallets and stealing millions of USD in digital coins. Some well known incidents are Mt Gox and Bitfinex being hacked a few years ago. Attaching on Zaif is a more recent example. In addition, protection of a patient's privacy is legally required. Failure to comply with privacy laws will lead to the shutdown of a DApp application and result in costly legal suits. To protect a patient's medical information, we can encrypt off-chain data. When a patient grants permission to a doctor to access medical records, a temporary key will be provided. The doctor's office uses the temporary key to obtain a masked private key for decrypting the records. The private key should not be visible to the doctor's office afterward. Only the temporary key is visible and is valid for a short period of time. A new temporary key will be generated for the next access request. The aggregated information may not need to be encrypted. However, access to the information is strictly controlled based on a well defined authentication and entitlement model.
- Backend component: The backend component refers to smart contract development. Multiple contracts are needed to provide rules governing transactions, including uploading medical records, accessing detailed medical records, or querying the aggregated data. Since these transactions are on the chain, they provide an auditing trail of data being uploaded and how data is accessed. With these audit trails, a patient can easily monitor his/her medical information use and effectively protect his/her privacy and personal health information.
- Frontend component: To complete a DApp, a frontend component is needed. This component includes interfaces with users and interactions with the HF ledger or the analytics component. Interfaces with users allow a user such as a doctor's office receptionist to upload or update medical records. It also contains GUI tools for users to access both detailed and aggregated medical information. Any request to access medical information is first passed to an authorization verification module. After the request passes the permission check, it is then sent to the modules, which interact with a HF node to trigger the corresponding smart contracts and execute the request. These modules also interact with the blockchain network for data uploads.
The following chart displays how users interact with health data sharing platform components:
Users interaction with the health data sharing platform's components
The implementation of both frontend and backend components requires in-depth knowledge of blockchain and GUI development. IDE preparation and setup alone are not an easy task. Several startups step in to fill in the gaps and make these tasks easier. With these tools, a user no longer needs to write code to perform repetitive tasks such as environment setup, testing, and deployment. Instead, the user simply clicks on a few buttons. As a result, developers can focus on resolving a real business problem.
- Parties involved: The platform involves several parties. Doctor's offices are the primary data uploaders, as well as the users of the patient's detailed medical records. Medical researchers, government agencies, pharmaceutical companies, and insurance companies are users of the aggregated medical information.
- Architectural diagram: The following architectural diagram shows a layered design for implementing the healthcare data sharing platform. The top layer contains the frontend components. The middle layer is for off-chain data processing and analytics. The bottom layer is for backend components containing smart contracts, along with other HF components:
- Project funding: Sufficient funds need to be raised to support the healthcare data sharing project. One idea is to set up a blockchain startup and lobby potential investors to fund efforts. Nowadays, setting up and running a startup are much easier thanks to emerging technologies and online services. For example, cloud computing vendors such as Linode provide the affordable hardware supplies needed by a startup. Similarly, by utilizing WeChat members of a startup can have visual meetings worldwide without incurring any cost. Google Drive, Slides, Docs, and Sheets can serve as a virtual team's document collaboration and sharing software. GitHub is for software sharing and version control. For financial auditing, firms such as BitAudit (http://www.bitaudit.vip/) specialize in providing auditing services for blockchain technology firms. This is helpful given the fact that laws on cryptocurrency and blockchain technology have not matured yet and are still evolving.
As was the case for the internet in the nineties, blockchain is at the dawn of the Blockchain age. This technology will disrupt existing business models and give birth to new models. It will inspire the emergence of community economies built on a blockchain network, where every participant makes contributions to, and receives benefits from, the community. There is no longer a single entity that controls and receives dividends from the economy.
In this article, we talked about developing a complete DApp through an in- depth discussion on the healthcare data sharing use case. For next steps, you can read our blog for more technical articles on blockchain. Also, for those interested in doing blockchain development, below articles and tutorials are highly recommended:
Blockchain Developer Guide- Comprehensive Blockchain Ethereum Developer Guide from Beginner to Advance Level
Blockchain Developer Guide- Comprehensive Blockchain Hyperledger Developer Guide from Beginner to Advance Level