Home MedRec: Decentralized Electronic Health Records on the Ethereum Blockchain

MedRec: Decentralized Electronic Health Records on the Ethereum Blockchain

Mar 01, 2018 08:00 CST Updated 08:00

Data acquisition is a major bottleneck restricting the development of modern healthcare. High data costs and patient privacy concerns have significantly increased the cost and difficulty of obtaining relevant information. However, big data is a key driver for the sustained growth of emerging technologies. This contradiction has thus emerged, presenting a highly compelling challenge.

 

Today, it is easier than ever to access health information. Fitbit and Apple Watch provide real-time health monitoring, 23andMe enables at-home genetic testing, and a growing array of new services offers real-time access to and storage of comprehensive medical data.

 

However, the most fundamental and traditional medical information (typically recorded by physicians) remains centrally managed by hospitals, with patients having very limited access rights and virtually no ability to personally update their own medical records. Meanwhile, an increasing number of hospitals have fallen victim to cyberattacks and data ransomware incidents in recent years, rendering patients’ medical records more insecure than ever before.

 

MedRec: Electronic Medical Records on the Blockchain


MIT graduate researchers Ariel Ekblaw, Asaf Azaria, and Thiago Vieira, along with Senior Research Scientist Andrew Lippman, are developing cryptocurrency-enabled technologies to address these issues. They are creating a system called MedRec to manage medical records using the Ethereum blockchain.


The team believes that years of regulatory constraints have stifled technological advancements in the field of medical data management, while a series of incompatible backend systems and fragmented data trails have limited patients’ ability to engage with their medical histories. The key to innovation lies in addressing these issues at a granular level, leveraging personalized services and medical data to scientifically drive patient engagement in their healthcare.


Therefore, the teamCreating a Decentralized Content Management System for Cross-Institutional Healthcare Data Using Novel Blockchain Smart Contracts, to meet the needs of patients, the treatment community, and medical researchers.


16971486428085210.png

MedRec Prototype: Patient View

(Patients can select multiple records for review and sharing, or add their own records to report symptoms and other health conditions)


The MedRec system provides users with a novel, decentralized record management system that leverages blockchain technology to store and manage electronic medical records. All logs stored in this system are comprehensive and immutable:


1. Users can easily access their own information through the system;

2. Leveraging the unique properties of blockchain, along with its built-in authentication, confidentiality, and accountability systems, provides users with robust privacy-preserving technologies when handling sensitive information;

3. The modular system design enables seamless integration with local databases, thereby achieving interoperability and making the overall system operation more rational and convenient.


Smart Contract Structure of the MedRec System

 

The system includes three smart contracts: the Registration Clerk Contract (RC), the Patient-Physician Relationship Contract (PPR), and the Settlement Contract (SC).


图片1.png


The registration clerk contract places the patient’s identity string onto a blockchain address, which serves as the public key.


The doctor-patient relationship contract defines a set of data pointers and associated access permissions for identifying records held by healthcare providers. Each pointer consists of a query string that, when executed on the physician’s database, returns a subset of patient data. Throughout the system, this contract serves to publish new contract information on the blockchain; specifically, a physician node submits a record upload request to the blockchain.


Summary contracts are used by patients to access the database and retrieve their medical history. They contain a reference list of Patient-Provider Relationship (PPR) contracts, representing all prior and current interactions among participants with other nodes in the system. When a patient accesses the database through their node, they must first submit a request to the physician’s node. The Database Gatekeeper within the physician’s node verifies the legitimacy of the request, and then uses smart contracts (SCs) to locate and access the data addresses.



16981486428084093.png


This is an example of a physician adding a new record via the MedRec Physician App. The record information is stored in the physician’s existing database system, and a hash reference to the data (with appropriate viewing permissions) is published to the blockchain through the MedRec Ethereum client and backend API library.


After the database gatekeeper verifies access and ownership by inspecting the blockchain, patients can retrieve and download this data from the provider’s database.


The MedRec smart contract architecture serves as a model for “medical directory and resource location,” utilizing public-key cryptography and enabling key attributes of provenance and data integrity. This blockchain-based directory model supports the capability to “scale significantly and evolve throughout its lifecycle, adding new participants and modifying organizational relationships” through stateful updates to smart contracts.


An Innovative Business Model—Mining


Another key feature of the MedRec project is that it enables the medical research community to play an indispensable role in its protocol. MedRecEncourage healthcare stakeholders (researchers, public health departments, etc.) to participate in the network as blockchain “miners,” enabling them to secure and maintain authentication logs on a private Ethereum network. In return, they can receive anonymized medical data as mining rewards.


Thus, MedRec fosters the emergence of data economics by empowering researchers through big data, while enabling patients and physicians to selectively publish medical metadata.


Like the familiar Bitcoin, Ethereum is an open-source underlying system capable of implementing smart contracts on the blockchain.MedRec aims to establish a public blockchain in the healthcare sector, encouraging patients to store their medical records on the chain. This creates a decentralized electronic health record system for research by medical researchers and healthcare stakeholders, while also enabling patients to access their data at any time, empowering them to take charge of their own health.


During the construction of public blockchains, medical researchers and stakeholders act as miners, recording and storing patient data on the blockchain, while receiving the data they need in return for research or trading purposes.


On the other hand, patients proactively providing data can not only serve as part of the treatment costs but also help them create a comprehensive medical record, offering more information for their decision-making.


How MedRec Impacts Healthcare Data Management


First and foremost, the MedRec model can transform existing medical information management mechanisms by transcending individual physicians and hospitals to provide patients with the data they need to make informed decisions during treatment.

 

The MedRec system enables individuals to access and contribute to electronic health information by providing patients with long-term, reliable information records and built-in data sharing capabilities.

 

Patient records on MedRec will reflect many aspects of health data, including not only data provided by physicians but also data from patients’ Fitbit, Apple HealthKit, 23andMe, and other sources.Patients can establish a comprehensive medical data record and authorize others, such as physicians providing second opinions, family members, and caregivers, to access it.

 

Data on MedRec can also be leveraged for emerging predictive analytics technologies, enabling patients to learn from their family medical history and past disease treatments to better prepare for future healthcare needs.


Secondly, by adopting open APIs such as MedRec, machine learning and data analytics layers can be integrated into medical databases to achieve true “Learning Healthcare System”. Meanwhile, the interoperability among provider databases within the MedRec network enables more unified data access, facilitating the identification of broader trends.

 

Third, the modularity of MedRec can support an additional analytical layer for disease surveillance and epidemiological monitoring, issuing alerts to physicians when patients repeatedly report or misuse prescription medications (such as narcotics). In this regard, MedRec employs a Service-Oriented Architecture (SOA).

 

Fourth, in MedRec’s community model, medical researchers (and potentially other regulated stakeholders in the healthcare industry) can access nationwide medical data, providing unprecedented opportunities to achieve the goals of precision medicine and evidence-based research.

 

Such a system will advance the goals of comparative clinical effectiveness research within patient-centered outcomes research by linking patients in specific clinical cohorts to their longitudinal medical histories, thereby enabling a better understanding of treatment outcomes across different treatment groups and time periods. Moreover, compared with traditional research trials, leveraging the MedRec system for research can significantly reduce costs.


At its core, the MedRec project is dedicated to advancing precision medicine and achieving a comprehensive understanding of patients’ medical conditions without the need to create a centralized database. After all, in an era marked by cyberattacks and data breaches, centrally stored data is akin to a ticking time bomb.


Therefore, MedRec leverages a decentralized blockchain architecture to enable local, independent storage while coordinating data access from the patient’s perspective. MedRec aligns precisely with the objectives of the White House Office of the National Coordinator for Health Information Technology (ONC).“Support the development of interoperability standards and requirements, address privacy concerns, and enable secure cross-system data exchange.”


More Safety, More Sharing


Medical records are critical to research. The ONC report emphasizes that biomedical and public health researchers “need to be able to analyze information from multiple sources in order to identify public health risks, develop new solutions, and make treatments more effective.” By observing data flows, the MedRec team noted that healthcare institutions and regulatory agencies intend to share more data to better serve patients.


The integration of medical data may not bring about earth-shattering changes in the short term; rather, it is a gradual process of accumulation. In particular, patients may strongly resist the anonymous “public disclosure” involved in uploading personal information to an internet environment that lacks full trust, preferring to forgo treatment rather than engage in comprehensive and honest information disclosure. However, as the lawyer told the defendant in *The Invisible Guest*, “If you do not open your heart, no one can help you.” Information sharing is an inevitable trend.


The MedRec system is akin to a natural network of cellars, where you store your information in one of them for self-management. It remains secure unless someone locates your cellar and steals its key. However, MedRec inevitably has inherent flaws. Storing data on a blockchain necessarily entails multiple redundancies of information—an unavoidable price paid for freedom. Without such extensive replication, how can security be guaranteed?


“As with all new technologies, pitfalls always accompany hope.” From the perspective of information asymmetry, joining a blockchain is akin to creating a digital profile of one’s health status. When individuals purchase insurance from insurers or are asked by employers to provide medical records, those not participating in the blockchain have ample grounds to refuse disclosure. However, if participants in the blockchain refuse to share their medical records, does this imply they are hiding unknown secrets?


Even Bitcoin has experienced incidents of internal theft. MedRec does not claim to resolve the security issues of individual provider databases—this remains the responsibility of local IT system administrators to manage properly. While it is impossible not to question the security of the MedRec project, such skepticism also serves as a driving force for technological advancement. With its far-reaching potential, MedRec can go even further.


Join the blockchain exchange group to access more blockchain resources, corporate information, project whitepapers, and offline event updates. Please scan the QR code to add VCBeat’s Membership Assistant on WeChat (WeChat ID: vcbeat_m; please note “Blockchain”). Companies involved in medical blockchain business may also contact Yang Juan at VCBeat (WeChat ID: sukcrieel) for media coverage.


小助手.jpg