Your browser is unable to display this site correctly. Please try an up-to-date version of Chrome or Firefox instead.

< Back to all posts

Why Blockchain for Healthcare?

Donghui Li

By Donghui Li

Senior Vice President, Solution Delivery (Alumnum)

Benny Cheung

By Benny Cheung

Senior Technical Architect

View bio
Andy Yang

By Andy Yang

Project Director

View bio
February 27, 2019

Why Blockchain for Healthcare?

In addition to high administration costs and inefficiency long attributed to health care systems, traditional electronic health records (EHR) implemented using legacy database systems suffer intrinsically from issues around:

  • Ownership & Accessibility – Patients have no control over where their records reside and who is allowed to access them.
  • Data Governance – With multiple copies of the records residing in multiple databases, there lacks one consistent version of the truth.
  • Interoperability – Traditional EHR data is trapped in different record-keeping systems that may or may not be compatible with each other.
  • Compliance – Not all EHR formats meet all compliance regulations in different jurisdictions.
  • Security – Traditional database and access security issues are compounded by the distribution of EHR across multiple platforms.

The immutability and transparency of blockchain technology makes it the natural enabler of revolutionary innovations in health tech. The technology is uniquely suited to power a patient-centric, peer-managed, secured and accessible chronological database across multiple devices, enabling patient service models previously deemed impossible.

Jonah's MediBlock - EHR Blockchain PoC

From ambitious projects like establishing a dedicated chain to house its citizens’ health records in Estonia, to startups tackling specific challenges in the healthcare industry with blockchain, these initiatives showcase one common attribute of the technology. They demonstrate how the immutable nature of blockchain could be leveraged to establish transactional trust across multiple parties, share data and transact business. These initiatives aim at elevating the quality of care to the patients and improving overall accountability and efficiency of health management systems – all the while establishing the relevance of blockchain in the healthcare sector.

With Jonah’s long-standing history in the health insurance and health management verticals, we see a unique role in this technological revolution for us. We help our customers apply blockchain solutions to solve business challenges where appropriate while remaining agnostic to the technology stack. We examine each challenge from a business perspective and gauge the merits of technological components accordingly on a case-by-case basis.

Medical Blockchain - Proof of Concept

Empowering patients with granular and decentralized control of their EHR (Electronic Health Record) remains one of the most prominent challenges in the field of healthcare. With EHR’s scattered across disparate databases in multiple hospitals, laboratories and clinics, not only is it difficult for patients to control who has access to which portions of their records, the lack of data governance often makes it difficult to establish one common version of the truth.

Immutability, non-repudiation, integrity, transparency and equal-rights, the five properties of the blockchain technology allow the healthcare blockchain participants to rely on the technology to facilitate the transactions, severing their dependence on third-party organizations. As such, instead of automatically ceding control of their entire medical history to healthcare providers through implicit trust, the patients can retain full control and selectively grant access to specific parts of their records.

This POC (Proof of Concept) examines one specific challenge: how to enable patient and practitioner access to EHR's in a decentralized solution. For the purpose of this POC, patient information was considered available through a FHIR (Fast Healthcare Information Resource) interface, imposing no requirement that the data live either on- or off-chain. This arrangement allows us to focus on our main objective without delving into the issue of data availability and format.

MediBlock Model

To address patient privacy issues, not only does every user need to be registered, each access must be identified. As such, a "permissioned" blockchain was used - implemented on Hyperledger technologies. However, this POC is technology agnostic. Other permissioned (or "private") blockchain platforms could potentially be used instead.

Furthermore, we adopted the Hyperledger Composer development thought process - defining a blockchain business model first, before diving into the technical details.

Hyperledger Composer, built on Hyperledger Fabric, accelerates the process of turning business models into software. Composer provides a DSL (Domain Specific Language) to model business assets, define access control and build a business network. By using Composer, the business model can be validated through a browser without setting up any infrastructure. However, the Composer itself isn’t a blockchain — there is still the need to deploy Composer applications onto a Fabric instance.

Next, a realistic EHR model was developed, consisting of the Particpant roles of Patient, Practitioner and Third Party. Fundamental to this model, a Patient has the right to grant Practitioner and Third Party limited and temporary access to their EHR. The use case of Third Parties acting as a proxy for Patient to manage their EHR reflect real-world scenarios such as parents granting power of attorney to their children to manage their medical affairs. However, this POC remains focused on a direct Patient-Practitioner relationship, as the Third Party use case does not require much more technically.

Another component within the EHR model are the Asset classes: PatientInfo and PatientInfoAccess. PatientInfo represents protected resources: the focal point of the blockchain. This asset is designed to be a container of all patient's EHR data, which can be persisted with on-chain, off-chain storage, or a combination of both. The PatientInfoAccess asset is the contract between a Patient and a Practitioner, established for the duration of a discrete healthcare service. The EHR access enforces an expiry date on the granted access to protected EHR resources, such as visit, observation and medication records, etc.

This business model defines:

Figure 1. MediBlock PoC - modeling with the Hyperledger Composer business language

The EHR access has an expiry date. The Visit, Observation and Medication are stored on-chain in the PatientInfo as the protected resources. The patient has full-control over who and how these resources can be used. For the external system to interact with the blockchain, a set of transactions, e.g. UpdateMedication, are defined.

Patient and Practitioner Interaction Scenario

For the PoC, we have modeled the scenario for a Patient visiting a Practitioner. Initially, the Practitioner does not have access to the protected PatientInfo. To grant the Practitioner access, Patient scans the QR code of the Practitioner credential (left image below), toggles the access permissions on the screen, and commits a PatientInfoAccess transaction to establish a time-limited access to the PatientInfo (middle image below) for the Practitioner.

Figure 2. MediBlock PoC UI Screens - (left) UI shows the practitioner's QR code to be scanned by the patient. (middle) UI shows the practitioner’s access controlled by the patient. (right) UI shows the patient's EHR visible to the practitioner; only seeing Rx medications is granted in this scenario.

Subsequently, Practitioner can see the permitted PatientInfo for the current visit's diagnosis (right image above). After the visit, Practitioner submits a new Visit transaction to the PatientInfo to record the event. The Patient can view his/her PatientInfo anytime after the visit.

The following sequence diagram depicts the described scenario, illustrating the interaction with the blockchain.

Figure 3. MediBlock PoC Workflow - the UML sequence diagram shows the high-level interaction between the actors and the blockchain, interfacing with the patient EHR records.

To add realism to the interactions amongst the parties, a mobile UI was developed for both the Patient and Practitioner personas. This provided a practical demonstration of the effectiveness and granularity of access control. Transaction records of these interactions are permanently registered into the blockchain, for access at any time.

What We Learned

In our previous blockchain outings we have concluded that blockchain technology is at its most effective and impactful when its inherent characteristics uniquely address key business challenges. The MediBlock POC affirmed that judicious application of the blockchain technology could bring immense payoff in the healthcare vertical. In this case, the new immutable data capabilities of Hyperledger Fabric was used to enable a range of innovative solutions, validating how blockchain could be vital to the future of health-tech.

It is evident that the health-tech industry recognizes the unusual opportunities presented by the blockchain technology given the level of investment and activity. While the governing bodies are trying to navigate this revolution, the industry is taking the lead and making significant headway. At Jonah we will continue to apply our blockchain know-how to identity, privacy and other health-tech initiatives, contributing to the ever-expanding blockchain knowledge pool.

Blockchain is not a solution in search of a problem nor is it the panacea to all business challenges. Talk to us, let us help you determine if blockchain holds the key to your business solutions.


About Jonah Group

Jonah Group is a digital consultancy the designs and builds high-performance software applications for the enterprise. Our industry is constantly changing, so we help our clients keep pace by making them aware of the possibilities of digital technology as it relates to their business.

  • 24,465
    sq. ft office in downtown Toronto
  • 160
    team members in our close-knit group
  • 21
    years in business, and counting