The Modex Blockchain Database (BCDB) solution has been recently featured in “PatientDataChain: A Blockchain-Based Approach to Integrate Personal Health Records”, an academic article that showcases how the technology developed by Modex can act as a foundation for PatientDataChain, an interoperable personal health record (PHR) system, that puts patients in control of a unitary version of their medical records.
The academic paper was initially published in Sensors, a leading international peer-reviewed open access journal on the science and technology of sensors. The article is the result of the collaboration between Modex and its partner, the University Politechnica of Bucharest, and Setrio, a healthcare and logistics software provider.
All credits go to its authors: Alexandra Cernian University Lecturer at the Faculty of Automatic Control and Computers, University Politehnica of Bucharest, Bogdan Tiganoaia, University Lecturer at the Faculty of Entrepreneurship, Business Engineering and Management, University Politehnica of Bucharest, Adrian Pavel, Executive Director at Setrio Soft and Alin Iftemi, Modex Co-founder.
The publication of the “PatientDataChain: A Blockchain-Based Approach to Integrate Personal Health Records” in an important international academic journal is proof of validation and recognition of the value of the Modex technology from the global academic community.
By leveraging its blockchain component, the Modex BCDB solution has the potential to address several pain points from the current health system. Immutable data storage, data distribution, and complex permission-based access mechanisms constitute a powerful combination of features, functionalities, and benefits that guarantee the protection, security, and ownership of patient records. A healthcare solution built on top of Modex BCDB like PatientDataChain can facilitate the transition towards a patient-centered interoperability model, where patients are the true owners of their medical records and the ones who can decide who has access to their information.
Identifying the problem
The paper begins by outlining a series of questions and problems related to the collection and management of health records, and the high degree of fragmentation generated by the fact that each healthcare provider holds its own medical health record trail. In most cases, this means that doctors do not have access during medical appointments to a patient’s full medical history. The rapid expansion of digitalization can also be felt in the healthcare sector, where efforts are made to facilitate and increase the accessibility of patients’ data and reduce the incidence of medical errors and the potential damages generated by them by relying on electronic health records (EHR) and personal health records (PHR).
EHRs function under a standardized model for medical data and are operated by medical institutions. This means that patients have no access or control over their medical records, taking on the role of a passive actor. Although EHRs facilitates the integration of data between healthcare providers and have contributed to a significant decrease in the number of medical errors, they are accompanied by a series of drawbacks concerning a lack of interoperability, as well as a number of data security vulnerabilities and rigid exchange mechanism between health organizations. Furthermore, EHRs seem to neglect all the data collected by wearable health-tracking devices that generate an impressive amount of real-time health-related metrics of the wearer. The paper points out that the latest trends in wearable devices combine AI and machine learning to make predictions and detect medical emergencies in a timely fashion. The lack of interoperability with wearable devices means that EHRs provide only an incomplete representation of a health record.
Personal health records (PHR) are the exact opposite of EHRs from an ownership standpoint, as the patient is the one in charge of introducing and maintaining the medical data. Although this represents its main advantage over EHRs, it also acts as one of its main barriers to adoption due to its difficult usability. Other challenges that plague PHRs are the lack of interoperability with EHRs used by medical institutions as well as a series of issues related to data protection and third party access permissions to operate on data.
The academic paper goes on to identify four longstanding problems related to patient health data:
1. The absence of interoperability and the presence of friction points in healthcare data exchange. The lack of interoperability means that medical records are highly fragmented which makes them difficult to exchange. Patients often end up having their medical records spread across multiple health organizations that do not collaborate with each other, making the retrieval and sharing of patient medical data difficult. This is a symptom that suggests the fact that the current healthcare system is lacking a common standard for integrating and exchanging patient records from different sources.
2. Difficulties in guaranteeing confidentiality and privacy while maintaining secure access to patient records. Confidential medical records are characterized by inadequate security that often leads to data breaches. To achieve interoperability, medical records need to be shared between healthcare stakeholders while also protecting sensitive information. Private data should only be accessible by authorized parties. While secure data sharing represents a cornerstone towards achieving interoperability, it also poses a series of privacy-related challenges.
3. Data ownership. A major issue of the current healthcare system is represented by the fact that patients aren’t in control of their medical data.
4. Patient data overload. With the advent of wearable medical devices that collect in real-time a large amount of health-related metrics, questions emerge related to how is this data processed, analyzed, and stored.
PatientDataChain, a healthcare solution built on Modex BCDB
PatientDataChain is a personal health record system that utilizes a decentralized, blockchain-based architecture to integrate patient medical record systems by gathering and connecting all the stakeholders in the healthcare value chain. The idea behind PatienDataChain is to create a patient-centered model where patients are the true owners of their health records.
Due to the permission-based mechanism facilitated by the Modex BCDB layer, patients are able to grant healthcare organizations, physicians, and other medical personnel access to their data for a limited time frame. Based on this functionality, PatientDataChain enables an integrated and interoperable approach, capable of collecting and combining medical data from a diverse pool of sources: EHR systems, different healthcare providers as well as from a multitude of wearable sensor-based healthcare and fitness devices.
Through the decentralization facilitated by the Modex BCDB component, PatientDataChain introduces an enhanced data sharing and exchange system capable of ensuring an optimal level of privacy and confidentiality combined with secure access to patient health records.
Modex BCDB is a middleware software solution that combines a blockchain engine with a traditional database system to augment the security and data privacy of existing software infrastructures. By adding a blockchain backend to a client’s existing database system, the newly created infrastructure becomes able to demonstrate zero-knowledge proof which means that data can be provided to third parties without revealing any additional information, apart from that data. These design features made Modex BCDB an ideal technological foundation for PatientDataChain because it enables the PHR solution to seamlessly integrate with existing EHR systems or other medical databases, including data collected by medical wearable devices and other types of healthcare sensors.
An essential component of the PatientDataChain system is the Patient Health Wallet app which represents the PHR element that unifies all the data related to a patient’s medical records. The Patient Health Wallet represents a single version of the truth that is owned and controlled entirely by the patient. The system is designed to grant patients full control over who can access their medical records. When a patient is programmed for a medical appointment, he will need to give read access to the physician, to enable her to access his medical records. Write access will also need to be granted to the physician to write a new medical record that will be added to the wallet after the consultation ends.
All the prescriptions written by doctors will be added to the Patient Health Wallet to provide traceability and an accurate representation of the treatment a patient followed. Future system functionalities will allow patients to grant pharmacies access to see the prescription to purchase medication, to search for prescribed drugs in the system and make reservations and receive notifications from the pharmacy when the patient can come and pick up his order.
The core element that facilitates the integration and aggregation of the diverse medical sources is the blockchain component facilitated by the Modex BCDB layer which is composed of an array of distributed nodes. Due to Modex BCDB’s agnostic take on database engines, the nodes that compose the blockchain network can be configured with different database connectivity parameters. Network nodes perform a wide range of functions, ranging from data processing, database connectivity, read/write operations to the blockchain, data synchronization, and permission granting. The business functionality component is provided by the software application client that integrates with the blockchain nodes.
PatientDataChain system flow and functionalities
Registration phase. Patients can register into the PatientDataChain platform through a mobile application. The Modex BCDB network stores the user after the email provided in the registration phase has been confirmed. Physicians can be registered into the PatientDataChain platform after they receive an invitation via email. After the registration, physicians are redirected to the doctor web platform login page. During their first login, the physician is required to complete his/her profile that includes fields like title, specialties, medical clinic, and contact details. The system generates authentication tokens for single sign-on based on the private key of the user.
Data fusion. The PatientDataChain system has a data fusion mechanism based on unique identifiers which helps ensure access to an integrated collection of medical data linked to each patient in a secure storage environment for medical records. To address the challenges posed by data integration in the blockchain, each user is assigned a unique identifier. Through the token mechanism set in place, patients can grant access to healthcare providers to view and insert new records in their medical files. When physicians are required to write a new record on behalf of the patient, they need to be granted access to the patient’s unique identifier which is created when the patient logs in for the first time. The blockchain component provided by Modex BCDB helps track and match each unique identifier to the right patient.
The current version of PatientDataChain aggregates and unifies data from the following sources:
- data entered by the patient: name, age, blood type, gender, height, weight, body mass index, allergies, chronic diseases, and previous surgeries
- data from EHR systems. The PatientDataChain connects to Setrio BizMedica, a healthcare software that manages the activity of medical clinics and professionals, integrated with the National Healthcare System in Romania. The system retrieves data from BizMedica and inserts it into the Modex BCDB framework. PatientDataChain utilizes the Tendermint blockchain provided by Modex BCDB to store the authenticity elements and the MongoDB database to store the encrypted medical records.
- physicians and healthcare institutions will continue to utilize their legacy EHR systems which are integrated with the PatientDataChain software.
- health metrics collected by wearable devices are also stored in the PHR component of PatientDataChain. At the moment of writing, PatientDataChain is integrated with Fitbit devices.
Data ownership. When a new user is created, the PatientDataChain system generates a unique set of public/private keys associated with the new user. From a functionality perspective, the public/private keys are utilized during user authentication, transaction signing, data encryption, and decryption. The keyset is stored on the blockchain network in a dedicated authorization and licensing node. The private key is what grants a patient ownership over his medical records.
Medical record permission control. As the true owner of his/her medical records, only the patients have unrestricted access to their healthcare data. Patients can extend permission rights to physicians or other healthcare providers for a period of seven days. Once a physician has been granted access to a patient’s medical records, the information becomes available for the physician on the web platform. The permission mechanism is based on the public/private key set of the patient. When a patient grants access to a physician, a token is generated based on the patient’s public key which will enable the doctor to view the medical files and to insert a new medical visit.
Proof of concept applied in the real world
The PatientDataChain solution has been validated through a PoC implemented in a medical clinic from Bucharest that reunites medical practitioners from a wide range of specializations. The clinic utilizes BizMedica as its EHR system, which facilitated the integration with PatientDataChain. The PoC relied on a data set sample from 100 patients and consisted of 1144 transactions over a period of three months. The PoC pilot project was run on a Modex BCDB network simulated on a single machine. The doctor web platform and admin interface were deployed on the same Modex BCDB network.
The PatienDataChain PoC managed to demonstrate that a PHR system built on top of the Modex BCDB framework enhances the decentralized storage of medical records and data exchanges between healthcare providers. More importantly, it demonstrates that a blockchain-based PHR solution that places the patient at its core is capable of moving control of patient health data from the healthcare providers back into the hands of the patients, all while overcoming some of the major interoperability, confidentiality, privacy, and security pain points that characterize the current healthcare system.