Blockchain in Healthcare — Webcast Q&A

Block.co’s third webcast ” Blockchain in Healthcare: Bridging Trust in response to COVID-19“ received amazing feedback! We gathered some of the best experts in the field, Georgina Kyriakoudes, Ahmed Abdulla, Dimitri Neocleous, Dr. Alice Loveys to share their experience in the industry and discuss with us the latest updates in the sphere of Healthcare! In its third series of webcasts, Block.co gathered 253 people watching the event from 59 different countries, for a 90-minute webcast where guests answered participants’ questions.

Below is a list of the questions that were made and were not answered due to time constraints during the Blockchain in Healthcare webcast. Please note that the below information is only for educational purposes!

Question 1: I like what Dimitrios was saying regarding ownership and transfer. Health and social care have invested much in Information Management systems and processes. Transfer between NHS and social care is a typical block. Can you elaborate on how the blockchain sits across that — leapfrogs yet goes with the grain of what is already there in terms of shared records protocols, the exponentially growing types of professionals, pharmacists, careers, etc. that need early access to these records for better decision making.

Block.co Team Answer: Blockchain technology has the potential to improve healthcare, placing the patient at the center of the health care ecosystem, while providing security, privacy, and interoperability of health data. Blockchain could provide a new model for health information exchanges and transform electronic medical records to be more efficient, disintermediated, and secure. While it is not a cure, this new, Blockchain in Healthcare’s rapidly evolving field provides a sandbox for experimentation, investment, and proof-of-concept testing.

Healthcare systems around the world are preparing road maps that define critical policy and technical components needed for nationwide interoperability, including:

  • Ubiquitous, secure network infrastructure
  • Verifiable identity and authentication of all participants
  • Consistent illustration of authorization to access electronic health data, and several other requirements.

However, current technologies don’t totally address these necessities, and as a result, they face limitations associated with security, privacy, and full ecosystem interoperability.

Blockchain technology creates distinctive opportunities to scale back complexity, improve trustless collaboration, and create secure and immutable data. National Healthcare Systems need to track this rapidly evolving field to identify trends and sense the areas where government support may be needed for the technology to realize its full potential in health care. To form blockchain’s future, they ought to take into account mapping and gathering the blockchain ecosystem, establishing a blockchain framework to coordinate early adopters, and supporting a pool for dialogue and discovery.

Question 2: What about the “compatibility” of blockchain solutions in healthcare with GDPR and/or other regulations about personal data protection.

Block.co Team Answer: The General Data Protection Regulation (GDPR), Europe’s new framework for data protection laws, has a vital impact on healthcare organizations. During this more and more patient-centric world where global healthcare organizations collect a large set of data on patients to produce improved health outcomes, this increased regulation has an even larger impact.

GDPR presents challenges across all industries and includes language that has a special impact on healthcare. The regulation defines “personal” data as “any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.” On top of this definition, GDPR contains three extra, important definitions that pertain to health data:

  1. “Data concerning health” is defined by the GDPR as “personal data related to the physical or mental health of a natural person, including the provision of health care services, which reveal information about his or her health status.”
  2. “Genetic data” is outlined by the GDPR as “personal data relating to inherited or acquired genetic characteristics of a natural person which give unique information about the physiology or the health of that natural person and which result, in particular, from an analysis of a biological sample from the natural person in question.”
  3. “Biometric data” is “personal data resulting from specific technical processing relating to the physical, physiological, or behavioral characteristics of a natural person, which allows or confirms the unique identification of that natural person, such as facial images or dactyloscopy data.”

As described in Article 6 of GDPR, processing of personal data is considered lawful if: (1) the data subject has given consent; (2) it is necessary for the performance of a contract to which the data subject is a party; (3) it is necessary for compliance with a legal obligation; (4) it is necessary to protect the vital interest of the data subject or another natural person; (5) it is necessary for the performance of a task carried out in the public interest; (6) it is necessary for the purposes of the legitimate interests pursued by the controller or third party.

However, healthcare organizations that usually manage health data, have an added responsibility to take care of “data concerning health,” “genetic data,” and “biometric data” to a higher standard of protection than personal data, in general. GDPR prohibits the processing of these forms of health data unless one of the three conditions below would apply as per Article 9.

a. The data subject must have given “explicit consent.”

b. “Processing is necessary for the purposes of preventive or occupational medicine, for the assessment of the working capacity of the employee, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services …”

c. “Processing is necessary for reasons of public interest in the area of public health, such as protecting against serious cross-border threats to health or ensuring high standards of quality and safety of health care and of medicinal products or medical devices …”

Consent VS Explicit Consent — If one pays attention, there’s a difference in the GDPR’s health data use conditions (calls for “explicit consent”) and the general definition (calls for “consent”). Thus, there’s an ongoing debate as to what constitutes the difference between “unambiguous” and “explicit” consent. Despite the debate and the final legal clarifications, there is no doubt that in the purposes of healthcare the “explicit consent” must have the strongest agreement form listing in detail the use(s) of data and covering the cases of data transfers and storage.

Question 3: How can we use blockchain technology by the government in African flavored government, say by Ministry of health to have patient autonomy of medical records that can be accessed by any government hospital irrespective of the ailment and record printed by the previous hospital and doctor, such as referral cases without having to open a new file in the referred hospital.

Block.co Team Answer: Perhaps that would be an ideal implementation of the Block.co solution issuing a digital certificate of medical examination on an Open Public Blockchain such as the Bitcoin blockchain, that would be decentralized in nature, easy to validate online without any special wallets, and would be provided by the patient on-demand, to refer to treatments received in other hospitals or areas. But this would require that the practitioner is aware and can use the open-source code or use Block.co services to issue these certificates. Alternatively, there could be the use of a wallet to store these medical credentials to be submitted on demand to health practitioners. Moreover, there would need to be an alignment of regulation in the matter as decentralized repositories are not recognized at the moment.

Question 4: Is there any data breach threat in the blockchain using a poorly protected private key at communication?

Block.co Team Answer: Millions of health care records have already been breached, and in attempts to combat this issue, solutions often result in the inaccessibility of health records. Health providers often send information to other providers, and this often ends up in mishandling of data, losing records, or passing on inaccurate and old data. In some cases, only one copy of an updated health record exists, and this may result in the loss of information. Health records often contain personal information such as names, social security numbers, and home addresses. When it comes to Blockchain in Healthcare, a poorly protected private key is always a factor to consider. A private key allows us to sign a transaction and spend funds residing in an address (public key) by providing ownership with the signature. It is a unique string of information that represents proof of identification inside the blockchain, which includes the right to access and control the participant’s wallet. It must be kept secret, as it is effectively a personal password. In the case that that private key is poorly protected, there is always a data breach threat.

Question 5: The medical record of a patient is owned by the patient. What happens if a doctor accesses the record without the consent of the patient? Using the smart contract, could there be a governing body, say a legal system that can call the doctor to order?

Block.co Team Answer: Rather than having physical and electronic copies of records, blockchains may enable the shift to electronic health records (EHR). When looking at Blockchain in Healthcare, medical records on the blockchain would be within the management of the patient rather than a third party, through the patients’ private and public keys. Patients may then control access to their health records, making transferring information less cumbersome. Because blockchain ledgers are immutable, health information may not be deleted or tampered with. Blockchain transactions would be accompanied by a timestamp, permitting those with access to maintain updated information. The doctor would not be able to access the record without the consent of the patient. A patient would need to sign the transaction in a smart contract in order to transfer patient details to the doctor.

Question 6: So, how are private data protected when the patient is simply notified that unauthorized access just took place on her medical record? and, how are the negative results of this breach rectified towards the patient?

Block.co Team Answer: The patient would be notified to sign a transaction enabling access to the party requesting access to the specific medical record. In other cases, there could be a multi-signature wallet requiring multiple transactions in the cases where the patient may need assistance, for example, when underage or when not in a healthy state of mind, or being non-responsive or in critical condition. The patient needs to be responsible for his own data and be empowered through awareness and know-how of this technology. With great power, comes also a great responsibility, although it is yet a challenge to enable computer illiterate people to interact with this technology.

Question 7: Can the same record of a patient still be shared with private hospitals and say another government/private hospital abroad on the same blockchain?

Block.co Team Answer: Depending on whether the information is on a public blockchain or a private blockchain. When on a private blockchain, they will need to be granted permission to access the blockchain accordingly.

Question 8: No one has directly spoken about ownership where a large research institution/ consortium is working with the data — it is not solely the person who has said so…

Block.co Team Answer: Indeed, it is solely not the person who has a say so. Technology may be used in both evil and good ways and it is still the obligation and responsibility of people within governments to ensure human liberties and rights are preserved when utilizing such powerful technologies such as blockchain and sometimes the combination of blockchain with AI, IoT, and biometrics. Blockchain in Healthcare, in the same way, that it can empower individuals and increase their standard of living and prosperity, at the same time, it can also empower corrupt governments with alternative agendas and totalitarian states. BLOCK.CO believes it is most important for people to be educated around the matter and be able to form a voice and movement to safeguard their human liberties and rights, hence our continuous effort on discussing these matters with our community and providing education, powered by the pioneers in the space, the University of Nicosia.

We would like to thank everyone for attending our webcast and hope to interact with you in future webinars. If you would like to watch the webinar again, then click here!

To stay up to date with Block.co updates, make sure to follow us on our social media channels.


If your brand is ready to take the step into web 3.0 and NFT marketing, to optimize engagement with your audience in innovative ways, then click the button below to get your Free Trial, a limited number of Free NFTs, and a Free Consultation call from our team!

For more info, contact Block.co directly or email at enquiries@block.co.

Tel +357 70007828

Get the latest from Block.co, like and follow us on social media: