Esmond Kane, Deputy CISO, Partners Healthcare. Credit: Tim Greene
Blockchain can help secure medical devices and improve patient privacy, but the key is proper implementation, according to a top security pro at Partners Healthcare.
The downsides would include mistrust of the technology because of blockchain’s potential performance problems, and its association with ransomware and use as payment for illegal items on the Dark Web, Partners’ Deputy CISO Esmond Kane told the SecureWorld audience this week in Boston.
On the other hand, the decentralized, encrypted public ledger could have a wealth of applications in healthcare, Kane says. These include streamlining the resolution of insurance claims, management of internet of things medical devices and providing granular privacy settings for personal medical data.
Partners Healthcare is interested in it for giving patients the ability to set different privacy settings on their medical information. The mechanics haven’t been worked out, but by breaking down records into components and granting access piece by piece, there would be less risk of over-privileging any potential recipient.
The blockchain would be able to control, for example, who can gain access to certain information such as whether an employee was being treated for a psychological disorder, he says. That information could be designated off limits to the employer, but accessible to the patient’s insurer.
The technology could be used to speed up resolution of insurance claims by having records posted to a private blockchain that would allow accessing updated data by all parties, reducing the need for transmitting the data and building the infrastructure for sending it, he says. This could also cut costs.
Medical devices could be given unique identifiers and information about them could be stored in a shared ledger accessible by other systems to automate maintenance and management, he says.
Public vs private blockchains
Use of public blockchains can have scaling problems particularly when it’s used for encryption. Delays can be significant, he says. Private blockchain services from IBM, Amazon and Microsoft, give much better service levels, he says.
Blockchain can’t be undertaken lightly. Financial technology pros say its use calls for extra key management infrastructure, Kane says.
He notes that several public blockchains have run into security problems, not necessarily because the blockchain itself was faulty but because of how it was implemented.
Since blockchain is decentralized, public blockchains with nodes in other countries may present problems if they don’t move to new code bases as revisions become available.
Sign up for Computerworld eNewsletters.