Patientory, an Atlanta healthcare technology startup, wants to make it easier for patients to share and access their electronic medical records using blockchain—which is the same technology behind virtual currency, Bitcoin.
Today, many hospitals store information on one central server. With blockchain, data is sliced into many pieces and distributed worldwide on multiple servers.
“Blockchain is distributed over multiple networks so the information doesn’t just sit in one location, so it’s not easily accessed by data thieves,” said Chrissa McFarlane, CEO of Patientory to WABE news. “It’s based off of cryptography and it uses complex algorithms to distribute information over a wide range of locations so it’s really impossible to breach.”
In Estonia, 95 percent of health records are stored using blockchain technology. The country has been using blockchain for over a decade and McFarlane said she wants to duplicate this in the United States. “I think 2016 was really the year we introduced blockchain in health care,” said McFarlane. “To tell you the truth, I don’t know why it took this long.”
Patientory is in beta mode, but aims to help hospitals move away from fax machines—which is currently the industry standard for secure communications.
According to McFarlane, in addition to blockchain, Patientory uses another technology that would make patient portals and databases compatible to enable patients to securely share and transfer data across several hospital systems. The technology would also use artificial intelligence to give physicians a customizable templated care plan for their patients based on symptoms and diagnoses.
Attorney Roy Hadley, co-chair of the privacy & cybersecurity team at Thompson Hine and chair of the information security society for the Technology Association of Georgia, said Atlanta companies beyond the financial services industry are starting to use blockchain and Bitcoin.
“Blockchain is becoming the hot new thing for sharing, transferring and securing data,” Hadley said. “It’s going to be incumbent on us to keep an open mind around these technologies and embrace them as they come into the marketplace.”
Hadley helps companies ensure that they are in compliance with the Health Insurance Portability and Accountability Act (HIPAA) of 1996, which provides privacy and security provisions for safeguarding medical information. He adds that there is some debate about whether or not blockchain technology and other encryption methods are in compliance with HIPAA because they are based on mathematical models—which is prohibited by HIPAA.
“What you’re going to have to see is regulators better understanding these relatively new technologies and then evolve the regulations themselves,” Hadley said. “Because if it’s not blockchain, it’s going to be something else later down the road.”
Jason Cronk, president of Microdesic, a company that makes Bitcoins available offline, said there is a lot of hype around blockchain, which helps track small pieces of data on third-party database servers.
“Just because you do something on the blockchain doesn’t make it instantly better,” said Cronk. “The problem is blockchain is not good for storing large amounts of data. You don’t actually need the patient records on the blockchain.”
Cronk said that blockchain can store small pieces of data such as digital signatures to ensure that those signatures and data are not modified. Another advantage is access to a full log of when the information was accessed and by whom.
Hadley said that while there might be fewer cyber attacks on hospitals, hackers could turn their attention to blockchain-based information record systems.
“Bitcoin has had its ups and downs over time. Some of the Bitcoin exchanges have been breached and it’s not clear if it’s the Bitcoin itself or underlying blocking technology that’s been compromised,” said Hadley. “Once you start to see these medical records exchanges come online then you’re going to see more and more attacks on them, because that’s where the data is.”
Patientory has several layers of encryption to deter hackers. The company is currently working with StartUp Health and Kaiser Permanente-Colorado Permanente Medical Group at three hospitals in Colorado and Georgia.