Private blockchain, explained: What it is, what it isn't and how to manage your HIPAA expectations

For many healthcare executives, blockchain is more than just hype.

Data silos and interoperability challenges abound in healthcare, and blockchain technology appears to provide a solution, theoretically allowing distinct sources of data to update each other in a decentralized way—without the considerable administrative burden of maintaining up-to-date centralized databases.

But for a blockchain to function this way, the data stored on it must be made public by default—this is how updates spread through the chain. And that's a problem for the healthcare industry, where many potential use cases involve protected information that cannot be shared without a patient's consent.

To get around this conundrum, a group of companies called the Synaptic Health Alliance has been developing what it calls a "private," or "permissioned," blockchain system.

This take on the tech would restrict the pool of sources that can update and receive information from the blockchain to a select group of trusted healthcare stakeholders, improving data integrity in the short term and creating the possibility for permissioned sharing of health information.

RELATED: Blockchain in healthcare: 3 promising use cases in a sea of skepticism

At least, that's what executives hope.

But for a variety of reasons, even a private blockchain arrangement may not be able to tackle the biggest interoperability pain points in healthcare: protected health information (PHI) and electronic health records (EHR).

This information is usually reserved for providers who directly interact with the patient, in which case, even a trusted pool of healthcare sources would be too broad to comply with HIPAA. Furthermore, despite all their promise in connecting data sources, blockchains are not at all well-suited to holding large amounts of data. As a result, the complexities of EHRs and the data they contain may exceed the capacity of a blockchain system.

That's not to say private blockchains can't play a role in EHRs; far from it.

But before writing the technology into your mission statement, it's worth developing an understanding of what the technology can do and how it can realistically handle PHI.

Private vs. permissioned blockchains: What's the difference?

It's important to recognize that when people discuss private blockchains, they aren't always talking about the same thing. In a true private blockchain arrangement, the system only recognizes one entity: a hospital, for example.

This may be handy in a very large health system that has acquired a number of entities, but it isn't the ideal use case for blockchain. As Mike Jacobs, senior engineer at UnitedHealth's Optum division, noted, such entities wouldn't see much added value with a blockchain over other data architecture arrangements.

"It's not a great use case when a blockchain is held entirely in the context of a single enterprise," Jacobs told FierceHealthcare in an interview. "You know who you're dealing with, you have complete control, there's a single entity employing data formatting and who has access—you might as well use a regular database if you're entirely housed within a single entity."

Instead, most of the discussion about private blockchains is really referring to what Jacobs calls a "permissioned" blockchain. This functions much like a normal blockchain, but before an end user can send or receive updates to and from the chain, the user must be authorized by the system.

This addresses what you might call the "Wikipedia problem," where any actor can make changes to information on-chain regardless of their status and can cause problems if they edit critical information.

Take the Synaptic Health Alliance's first prospective use case for permissioned blockchain: a peer-to-peer "golden record" of provider information that wouldn't easily go out of date.

RELATED: Humana, UnitedHealthcare launch blockchain pilot focused on provider directories

Current provider databases, hosted mostly by insurance companies, are routinely incorrect, riddled with old phone numbers and names of retired doctors. Within 18 months of a provider database being created, 47% of it will be out of date, according to Lidia Fonseca, CIO at Quest Diagnostics. Quest is one of the groups in the Synaptic Health Alliance, along with Humana, Multiplan, UnitedHealthcare and Optum (the latter two being units of UnitedHealth).

A blockchain can address that pain point: When one practice updates their information, it would cascade to other users on the chain, eliminating the need for humans to correct their database. But if anyone could make such an update, it would open the door for malevolent or unthinking actors to create mistakes in this now-universal provider record.

"It needs to be permissioned because you want to avoid the possibility of someone falsely reporting an address or phone number change—either just to be mischievous, or falsely claiming or masquerading with credentials that they actually don't have," Jacobs said.

The alliance is trying to prove the technology, enabling future applications of permissioned blockchains.

"I think that when you get to patient information, claims processing—those are the more complex use cases from the perspective of data sensitivity," Dave Murtagh, MultiPlan's VP of operations for provider data management, told FierceHealthcare in an interview.

"And as an industry, we kind of have to together prove some of these less-sensitive use cases first to get people to feel confidence and trust in the technology before they're willing to take a further risk with it," he said.

And this is where the hype train really gets into gear.

The limits of permissions, and the limits of blockchains

Blockchain has quickly become the healthcare buzzword of the year for a reason.

Venture investments in blockchain-adjacent startups have more than tripled in the first half of 2018, compared to the first half of 2017, inspiring companies across the economy to begin wedging the term into their mission statements.

Permissioned blockchains have built up such a heady cloud of hype because they sound at first blush like something that could be controlled to be HIPAA-compliant. After all, if something can be restricted with permissions, it seems like health data could simply be restricted to the providers who are permitted to view them.

RELATED: 3 reasons blockchain is the answer to EHR interoperability and security

But according to Michael Smolenski, CEO of blockchain firm Lightstreams, this impression stems from a misunderstanding of how the technology works.

When an entity gets authorization to become an end user in a permissioned blockchain, it's not like administrative access levels on a CMS or IT system. The authorization just allows an entity to participate in the blockchain—all of it.

"This is traditionally what private blockchains mean, which is that as a network, so as a consortium or a company, we get together and say 'OK, so we're going to make our own network and only we can access this network.' So it's a private club, but that doesn't mean privacy of data," Smolenski told FierceHealthcare in an interview.

"What that means is like, well only once we're in the club we can see everything, but no one outside the club can see anything," he said. "Now that's obviously not valid for a use case for health records. You don't want your neighbors seeing your health records, right? So you need more granular control of access to the data."

This strictly limits the technology's applicability in EHRs. Health information stored on a blockchain could not, for example, be restricted to only one doctor or technician who had HIPAA clearance to view it. It would have to be visible to all entities that had authorization, regardless of their status relative to HIPAA regulations.

That means any PHI stored on-chain would immediately become viewable to anyone employed by all recognized entities in the blockchain.

This would be a clear HIPAA violation, experts say—even in a private blockchain arrangement containing just one healthcare entity. According to the law, PHI is restricted only to those involved in the patient-provider relationship, or those given permission by the patient. When a patient gives their health information to a doctor in a hospital, that information is not supposed to be immediately available to everyone in the hospital.

An approach that works

There's a more practical question of whether blockchains are even a good tool for storing PHI. And according to Smolenski, the answer is a resounding no.

Blockchains are not databases. Their role is to disseminate data, not store it. The structure of a blockchain actually makes it very expensive to keep information on-chain—a reason use cases so far have mostly used blockchains for provenance data, which are quite small.

EHRs, meanwhile, aren't exactly light on data. It's conceivable the health information of even a single individual would be too much to store on-chain, especially if it includes multiple large files like high-resolution images. There's no way any blockchain developed so far would be able to contain the data housed in a titanic EHR system.

"It's just too expensive, I mean that's a showstopper right there," Smolenski said. "You know, if you take a photo from a standard camera today, that's 8 MB. If you were going to store 1 MB on a shared network it would cost you about $7,000, so it's not even practical." 

Bottom line: you can't store data on a blockchain. You can only store small but also significant pieces of information.

Of course, that doesn't mean executives infected with the blockchain bug should give up all hope. It just means they have to be smart about considering what data should be put on a blockchain, and what should remain in a good old-fashioned database.

"Patient information could be stored in a HIPAA-compliant storage mechanism—it could be in an electronic health record system of sorts," Jacobs said. "And the blockchain could be or should be used as a means of tracking who's supposed to have access to a specific record—and when you might go to the doctor, certain metadata associated with that episode but not necessarily the details," Jacobs said.

That is the approach many companies are using to store PHI and personally identifiable data off-chain, Jacobs said: "Ultimately, with the improvements with encryption, encryption technologies may allow us to move more toward an on-chain data architecture, but that's several years away."

By tactically selecting nonprotected information to put on-chain and then using that blockchain in conjunction with a traditional EHR system, healthcare executives should be able to alleviate pain points in data integrity, according to both Jacobs and Smolenski.

They just shouldn't expect the technology to be a panacea for healthcare info sharing.