Blockchain's role in the future of medical data

industry insights logo 4.jpg

Health and medical data is a resource which can deliver lots of value if shared and aggregated appropriately, whilst complying with individual privacy and patient confidentiality.

In early 2017 the North of England Connected Health Cities conducted a proof of concept project with the aim of sharing patient data but with granular patient permissions.

Such projects have the potential to enable patients to give fine-grained consent around which parties can use their data and for what purpose, across the NHS, research functions and pharmaceutical companies.

The project was based on a private blockchain used to store preferences and consent, rather than the actual patient data, and confirmed the technical feasibility of this approach.

Subsequently 2017 saw an explosion in blockchain innovation activity targeting healthcare applications. This spans such use cases as the Patient Health Record, device and pharmaceutical supply chain, care delivery, telemedicine, and into every corner of the $27Billion market for health IT solutions.

Much of this has been from start-up companies, evangelical about their technology and its disruptive and positive impact on the industry. Many such organisations have raised funding for software and solution development through Initial CryptoAsset Offerings (ICOs). This approach has driven rapid access to significant capital for idea and solution development, but is criticised by many as avoiding the governance and scrutiny of more traditional investment approaches.

By the beginning of 2018 we have found 42 Initial CryptoAsset Offerings (ICOs) had been conducted in the health care market, raising $100 of millions across US, UK, Russia, Hong Kong, Switzerland, and Estonia.

By any measure significant investment is being expended on building blockchain use cases in health.

Taking the widest possible view, the most concentrated efforts emerging in the blockchain healthcare application space are in patient health data governance, specifically in storage and integrity, record sharing and exchange, and the associated trust and permissioning of data.


One company, Guardtime, based in Tallinn Estonia, use DLT to record all updates to Estonian healthcare records. To citizens, this gives comfort that their data is being used appropriately.   They can see its use through the eHealth portal, which professionals are also accessing for their personal or their children’s health data, and their reasons for doing so. In this scheme, the actual data is stored in a conventional database. Guardtime's solution integrates at the database engine to create a cryptographic hash each time it is accessed or changed, to deliver a forensic-quality audit and integrity trail, based on a DLT patented by Guardtime (Keyless Signature Exchange). Guardtime are a start-up who partnered closely with the Estonian eHealth Foundation around this solution. The use of DLT in the Estonian model is specifically around audit of healthcare record access - storage, access control and any patient consent is delivered using conventional means.

Here in Scotland, the Digital Health and Care Institute (DHI) plans activity around using new technologies to give people easy access to and ownership over their health and care data through a “personal data store” or “personal health record". This work is underway, and a 'Connectathon' was held in March. At this event the DHI Demonstration and Simulation Environment was launched. We understand that this will provide a “sandbox” in which services and technology can be integrated to develop and demonstrate next generation infrastructure. The DHI has personal connections and ongoing knowledge-sharing exchanges and with Estonian Government and, in particular, its eHealth Foundation, including mutual interactions through Scotland and Estonia based Digital Health conferences, and a 2017 DHI-driven group fact-finding mission to Tallinn.

A workshop was conducted by the consultants on 27th November 2017 with a cross-disciplinary group led by Mr. Jonathan Cameron (Head of Service – Strategic Development) of NHS National Services Scotland. This group included clinicians, software professionals, and NSS Senior Management, with the objective of (a) sufficiently exploring the role, current application areas, and potential impact of DLT and (b) prioritising potential applications across Scottish NHS.

A shortlist of high-potential healthcare application areas were identified by attendees.

  • Asset lifecycle and transparency (Medical devices)

  • Visibility of prescription across health provision

  • Collaborative service provision (in crises management involving health, social care and police, and in cross-health-board scenarios)

  • Linking patient data for safety and efficiency, with appropriate confidentiality

Phil Couser, Director of NSS Strategic Business Unit, identified issues of information governance, data storage and access, as fundamental issues behind these application observations. He further suggested that the establishment of a new Scottish public health body would present both a growing challenge and opportunity in addressing these issues.

Several strands of DLT activity exist across Scotland within Health institutions which, based on the information available to us, could be considered as now entering the discovery phase.

Opportunities exist to better empower this discovery through:

  • increased involvement of stakeholders from across the Scottish Healthcare ecosystem and interested parties from academia and the technology industry

  • capitalising on the learnings from global investment in commercial and government sectors, who have moved beyond the discovery phase.

This blog was extracted from our Scottish Government research which is now available, sign up to receive it via email