Who has a patient’s medical images? Will they be usable when they’re needed? A proposal at the 2017 Yale Healthcare Hackathon would put control in the patient’s hands. A blockchain-based system called RadBit aims at letting patients maintain medical images in a permissioned blockchain. A team of researchers from several educational institutions presented the proposal.
Currently, healthcare providers retain images, and patients can sometimes get their own copies. This is a fragile system for several reasons:
- Patients may not know or remember who has the images.
- Providing authorization to obtain the images can be time-consuming when the information is urgently needed.
- Patients may lose image files. They may receive them on a CD, not copy it onto their computer, and lose track of the CD. (Many modern computers don’t even have CD drives.)
- File format compatibility issues can get in the way. Medical images are stored in many different formats, including ones requiring specialized software.
The RadBit presentation included a prototype and proof-of-concept code, using an example blockchain.
RadBit image management
Peter Nichol of Quinnipiac authored the article describing RadBit. A bit immodestly, he declared that his team’s work “stood out for creativity, practicability and commercial viability.” The presentation addressed uploading, storage, and retrieval and promised “patient-generated, patient-owned” portability for images.
He is the co-author of a paper, “Co-Creation of Trust for Healthcare: The Cryptocitizen Framework for Interoperability with Blockchain.” A study of it gives more insight than the brief sketch of RadBit. The paper clarifies that the blockchain wouldn’t store the actual patient data but would hold cryptographic hashes for identifying and authenticating records.
A permissioned blockchain is one where only authorized parties can update it or participate in validation. Bitcoin, the best-known blockchain example, is unpermissioned; anyone can attempt to update it, and updates are validated by consensus based on cryptographic signatures. Unpermissioned blockchains work well where participants are anonymous and only transactions matter. Permissions ones have advantages for establishing the identity of people and organizations.
Like many blockchain use cases that involve restricted access to confidential data, RadBit will have to address two issues to become a viable solution. One is the establishment of immutable, authenticated, readily available records. Blockchain technology accomplishes this. The other is storing the data in a way that’s available through the blockchain, with acceptable security and long-term viability. The RadBit proposal glosses over this, but it’s an equally important issue.
The blockchain can’t hold medical image data for several reasons. It’s huge, and the blockchain would quickly become unmanageably large. It would need to be encrypted to prevent unauthorized viewing. Assuming that today’s encryption methods will never be breakable is a large leap of faith, so putting permanent encrypted records in public view is a bad idea. The images need a secure repository, and that brings us back to the problem of proprietary storage which blockchains try to overcome.
Any archive needs to address certain issues to be useful. It needs a policy on acceptable file types. It won’t do a healthcare provider much good to get image files, if they’re in a format so obscure that it can’t open them.
It needs a metadata policy. Most archives require a certain amount of metadata, so the contents are identifiable and useful. Perhaps this archive should require stripping metadata instead. If all the metadata is only in the blockchain, then the image files are less useful to thieves. At the root the question is: Who will control the archive and set its policy?
Healthcare blockchain solutions need to provide not just an answer to the issues of authentication and access, but a way of dealing with the data records that doesn’t undermine the blockchain’s advantages. The latter part isn’t as glamorous. It involves traditional issues of large-scale data storage and security. Without it, the solution is incomplete.
The report on RadBit provides a fascinating glimpse into one approach to blockchain health data management. Hopefully its creators will provide more detailed information soon.