David Houlding is Director of Healthcare Privacy & Security at Intel Health and Life Sciences (HLS), with experience in healthcare, privacy, security, compliance, blockchain, and Artificial Intelligence (AI) and Machine Learning (ML). He leads Intel’s HLS blockchain and security initiatives worldwide, including their Healthcare Security Readiness Program.
In the first of a two-part series, Blockchain Healthcare Review Senior Editor Jennifer Georgino talks with David Houlding about pressing cybersecurity threats he sees with his work at Intel, and how blockchain technology can help address the pressing demand for stronger digital safeguards around health data.
Georgino: Thank you for your time today David, I understand you are moderating a blockchain panel at the upcoming annual HIMSS 2018 convention (Blockchain Reset – “Seeing Through the Hype and Starting Down the Path”). Any other immediately speaking engagements in March?
Houlding: I am presenting a keynote in New York at the ISMG (ISMG Fraud Summit March 28th – “Blockchain as a Tool for Fraud Prevention”) conference on the use of blockchain for anti-fraud, across industries, which is a fascinating space, and blockchain has several key capabilities to help mitigate fraud.
Georgino: I appreciate your frequent in-depth and informative articles posted on LinkedIn. One comment in particular recently caught my eye is, “healthcare is intolerant to disruption”. Could you explain what you mean by that statement?
Houlding: This involved a discussion concerning ransomware, and there are many facets to the problem. Healthcare is not necessarily leading in cybersecurity defense, so they tend to be a softer target for threats, easier to infect than financial services. When a healthcare entity is infected with ransomware, they tend to be very intolerant to disruption, especially on the provider side where patient safety and the quality of care can be directly impacted by the in-availability of patient data. They tend to pay more quickly than a non-provider or non-health organization. The priority is to provide patient care. They are a lucrative target, pay relatively quickly and are relatively easy to infect, so unfortunately this problem is going to only proliferate. Perhaps rightly so, the healthcare industry tends to be more conservative in the adoption of new technology, as patient care is at stake – it cannot be on the edge of chaos with regard to technology.
Georgino: Can blockchain technology help ameliorate this problem inherent in the industry?
Houlding: One of the more interesting capabilities of blockchain is the availability advantage in that it is decentralized. No single point of failure. The blockchain network will endure if a node goes down, and when it comes back up, it will come up to speed in terms of consistency and validity of its copy of the decentralized ledger. A blockchain network is much less vulnerable than a typical single point of failure, as can be found in a centralized network. The ability of blockchain technology to enable collaboration across the network, augmenting existing enterprise systems and silos, is something I think we should seriously consider for production use beyond the multiple pilots that will take place in 2018, with availability as a key priority. In particular, healthcare organizations need to protect the availability of access to the blockchain network as they enter deployment and production use with mission critical systems that impact patient care.
Georgino: And how can that be realized?
Houlding: Protecting not only the availability of the overall blockchain network, but also the access of a particular healthcare organization to that blockchain network requires redundant network communications, having redundant blockchain nodes, such that if one goes down, you’ve still got another. One can also use load-balancing with automated failover, backup and restore, and business continuity and disaster recovery strategies to further protect access to the blockchain. In addition, cloud mitigation providers could be used to protect against Distributed Denial of Service (DDoS) attacks on specific blockchain nodes, for example, as the blockchain moves in to production.
Georgino: Can you explain for us how this would play out in the Healthcare environment?
Houlding: If you need to do a pre-authorization, eligibility check, or submit a claim, the blockchain network needs to be immediately available. This requires protecting the availability of the overall network, but also the availability of the particular blockchain node onramp to the network for each specific organization, which is the rationale for the measures I mentioned previously. The healthcare industry tends to be somewhat conservative about what they adopt, while always keeping their eyes on improving the quality of patient care, reducing the cost of healthcare and only using technology to the extent that it helps with those two things, not simply applying new technology for technology’s sake.
Georgino: Any disruption will clearly be difficult in the healthcare space in general, but for pharma, claims, medical devices, etc. blockchain is a key capability that can provide provenance, fight fraud and counterfeiting, enable auditing, unique personal identifiers, claims, payments, etc. one assumes?
Houlding: I think the Healthcare ecosystem stands to absolutely be disrupted. What we see is a lot of startups that are spearheading and blazing new trails with blockchain across a wide swath of use cases, from clearing houses to provider directory, provider credentialing, drug supply chains, medical device track & trace, clinical data-sharing, HIE, public health, and anti-fraud, and more. Established healthcare really needs to take note of all this because the change IS happening, and it is better to be a part of it.
In part 2 of Jennifer Georgino’s interview expands the conversation on securing patient data to include blockchain based healthcare consortiums and enterprise blockchain implementation.