Securing, controlling and monetising genomic data with blockchain technology
Blockchain and other Web3 tech...
Revisiting existing network topologies in order to lay the foundations for a more secure future for individuals’ data.
Blockchain and other Web3 technologies, particularly in the past two years, have risen to prominence as solutions for a myriad of long-standing issues. Indeed, innovators in the burgeoning industry have already begun to apply the technology so as to streamline, secure and render a number of processes more transparent. Where are these the most significant? In the realm of data security.
We’re contributing to an infrastructure that, sooner rather than later, will yield potentially catastrophic consequences. On one hand, we’re constantly developing new software and devices designed to handle and analyse data points pertaining to a myriad of a given individual’s activities – from financial and identity information to health and shopping preferences. On the other, we’re storing and processing this data in incredibly unsafe environments.
If there’s one thing that’s certain, it’s that the model of standalone centralised databases that’s been the standard for decades is problematic, and requires a significant overhaul. All too often, convenience is prioritised at the expense of security. Even if an individual has no qualms with regards to the lack of privacy caused by the asymmetry of total trust in data custodians, they should absolutely be concerned with the security risks that this creates.
The threat of data breaches shouldn’t be underestimated. It’s time to accept the reality that no wholly centralised data silo is safe. One need only look at recent events – companies such as Facebook and Google+ suffered from critical breaches that left user data exposed. It’s by no means an anomaly, but rather an addition to the ever-growing string of data leaks occurring (whether by malice or incompetence on the custodian’s part). It’s critical, in moving forward, that these databases are phased out, or at least strengthened with robust encryption or hybridised models that incorporate decentralised protocols to ensure greater security.
With the rising popularity of mHealth applications, biometrics and online genetic testing, it’s more important than ever that vastly more secure systems are adopted, lest we wish to see another event on par with the recent Aadhaar one, where hackers were able to spoof login credentials to gain access to a wealth of personal information. This should also raise questions surrounding the custodian’s ability to sell such data to third parties.
- The Amazon-Berkshire-JPM team makes a new appointment
- Hospitals can benefit from a streamlined system for issuing credentials to contractors
- Boston Scientific announces its acquisition of BTG for $4.2bn
Fortunately, we have the technology to undo years of flawed database architecture – blockchain. Where a regular database takes information from many and stores it in a single instance, which is overseen by one party, a blockchain (or distributed ledger) leverages cryptography and a distributed network topology to instead connect peers directly with each other. Each participant keeps a copy of the ledger, synchronising it with peers as new entries are appended.
Not only does this robust protocol preserve the integrity of the data kept on it (no one party controls the ledger), but it also allows for users to remain entirely self-sovereign over the information they store in the digital realm, with heavy encryption clearly defining ownership. Of course, inbuilt mechanisms allow for granular control, so granting permissions to certain parties or upon the adherence to set parameters is possible.
In the realm of precision medicine, the blockchain offering is highly valuable. Big Data is predicted to turbocharge efforts in the field, and is already making strides in training machine learning algorithms that can analyse genomic information and return results. Of course, the more data made available, the more accurate the insights generated will be.
Ingrained into the functionality of a blockchain network is the possibility for issuing tokens providing utility. Combined with a distributed storage medium anchored in the blockchain, this presents some interesting options for users to control and monetise their genomic and other healthcare data, all whilst contributing to research in various fields of medicine – whether for clinical testing, pharmaceutical development or training any number of algorithms. Smart contracts (trustless and self-executing bits of code) can be established to automatically grant access to pieces of anonymized genomic data once an interested institution pays a requisite amount of data into it.
Large data sets are key to medical breakthroughs. With an ecosystem of interoperable blockchain-based platforms and incentivised sharing, researchers, healthcare providers, and businesses gain access to troves of region-specific genetic information they would not otherwise be privy to, assisting them in their pursuits to deliver cutting-edge precision medicines and improving the quality of predictive techniques for identifying diseases early on, while simultaneously rewarding donors.
Dr Axel Schumacher, Founder & Chief Scientific Officer of Shivom, has over 25 years of Research and Development leadership experience in genomics, epigenetics, biomarker discovery, Bio-IT, aging & longevity. He is the Author of the ‘Blockchain & Healthcare Strategy Guide’. Axel is also a Member of the Blockchain Research Institute in Toronto. He holds a Ph.D. in Human Genetics from the University of Cologne.
Getting ready for cloud data-driven healthcare
As healthcare continues to recognise the value of data and digital transformation, many organisations are relying on the cloud to make their future-forward and data-centric thinking a reality. In fact, the global healthcare cloud computing market was valued at approximately $18 billion and is expected to generate around $61 billion USD by 2025.
At the forefront of these changes is the rapid adoption of cloud-based, or software-as-a-service (SaaS), applications. These apps can be used to handle patient interactions, track prescriptions, care, billing and more, and the insights derived from this important data can vastly improve operations, procurement and courses of treatment. However, before healthcare organisations can begin to dream about a true data-driven future, they have to deal with a data-driven dilemma: compliance.
Meeting regulation requirements
It’s no secret that healthcare is a highly regulated industry when it comes to data and privacy – and rightfully so. Patient records contain extremely sensitive data that, if changed or erased, could cost someone their life. This is why healthcare systems rely on legacy technologies, like Cerner and Epic EHRs, to manage patient information – the industry knows the vendors put an emphasis on making them as secure as possible.
Yet when SaaS applications are introduced and data starts being moved into them, compliance gets complicated. For example, every time a new application is introduced into an organisation, that organisation must have the vendor complete a BAA (Business Associate Agreement). This agreement essentially puts the responsibility for the safety of patients’ information — maintaining appropriate safeguards and complying with regulations — on the vendor.
However, even with these agreements in place, healthcare systems still are at risk of failing to meet compliance requirements. To comply with HIPAA, U.S. Food and Drug Administration 21 CFR Part 11 and other regulations that stipulate the need to exercise best practices to keep electronic patient data safe, healthcare organisations must maintain comprehensive audit trails – something that gets increasingly difficult when data sits in an application that resides in the vendor’s infrastructure.
Additionally, data often does not stay in the applications – instead healthcare users download, save and copy it into other business intelligence tools, creating data sprawl across the organisation and exposing patient privacy to greater risk.
With so many of these tools that are meant to spur growth and more effective care creating compliance challenges, it begs the question: how can healthcare organisations take advantage of the data they have without risking non-compliance?
Yes, healthcare organisations can adhere to regulations while also getting valuable insights from the wealth of data they have available. However, to help do this, organisations must own their data. This means data must be backed up and stored in an environment that they have control over, rather than in the SaaS vendors’ applications.
Backing up historical SaaS application data directly from an app into an organisation’s own secure cloud infrastructure, such as AWS or Microsoft Azure, makes it easier, and less costly, to maintain a digital chain of custody – or a trail of the different touchpoints of data. This not only increases the visibility and auditability of that data, but organisations can then set appropriate controls around who can access the data.
Likewise, having data from these apps located in one central, easily accessible location can decrease the number of copies floating around an organisation, reducing the surface area of exposure while also making it easier for organisations to securely pull data into business intelligence tools.
When healthcare providers have unfettered access to all their historical data, the possibilities for growth and insights are endless. For example, having ownership and ready access to authorised data can help organisations further implement and support outcome-based care. Insights enabled by this data will help inform diagnoses, prescriptions, treatment plans and more, which benefits not only the patient, but the healthcare ecosystem as a whole.
To keep optimising and improving care, healthcare systems must take advantage of new tools like SaaS applications. By backing up and owning their historical SaaS application data, they can do so while minimising the risk to patient privacy or compliance requirements. Having this ownership and access can propel healthcare organisations to be more data-driven – creating better outcomes for everyone.