The need for a COVID-19 vaccination “passport” has prompted some to suggest using blockchain technology as a means of reliably verifying an individual’s status at an international level. There are precedents: for example, until smallpox was eradicated, all international travelers were obliged to carry an immunization record for that disease on a standard paper form to gain entrance to a country. With the likelihood that COVID-19 will remain endemic for many years, a reliable digital record with universal accessibility would be a boon to everyone, especially to international travelers. Vaccination records are just one part of the broader topic of using blockchain technology for medical identity management.
The advantage of a decentralized yet permissioned blockchain ledger for medical records is that it can be immutable and transparent. It is superior for maintaining privacy because access can require some combination of a private key, authorized biometrics and multi-factor authentication. Trust in the authenticity of the entry on the blockchain comes from its decentralized structure: any change to a single node on the blockchain must be accepted and duplicated by all the other nodes simultaneously so hacking a single system would be futile. Unlike unpermissioned blockchains for cryptocurrencies, a permissioned blockchain promotes trust when the public has faith in its members to preserve the integrity of the system.
The case for using blockchains for medical records is persuasive but such systems face significant data-management challenges inherent with medical records. Despite the trend toward digitizing patient records, in most developed economies the data is a mess. An individual’s health-related information is spread out and stored in multiple silos with inconsistent data related to their identity. Some systems may have a unique government-issued identifier that could help unify such records but it’s unclear to what degree this can produce a set of reliable data for multiple purposes. Moreover, the rise of consumer health in the form of wearables, home monitoring devices and direct-to-consumer products and services multiplies sources of potentially critical data. Blockchain technology can be useful in medicine and healthcare, but its use is likely to arrive piecemeal because of the data aggregation issues.
Moreover, a reliable, unified set of patient data is a daunting target because errors in recording patient data are common. Trust in the authenticity of the underlying data is not assured if the blockchain entry is a pointer to information held in an external data store and the substance of that record can be altered without a trace. To be sure, in such cases, security measures can be in place to assure the record’s authenticity, but the real danger is that should that faith be undermined, the value of the records would be seriously diminished. In some countries, fraudulent vaccination records are a menu item on social media. A potentially larger issue is the persistence of external records because this is not automatically guaranteed, as I’ve noted.
How the World Health Organization and governments deal with the need for reliable evidence of COVID vaccination will be a useful gauge of the potential for progress in using technology for medical identity management. Technology adoption is fastest when individuals make decisions, while the wheels of large organizations and government bureaucracies grind exceedingly slow. For example, the phylloxera scourge that devastated French vineyards in the mid-19th century led to rampant fraud in wine labeling, but it then took a half century for that country to implement its “appellation d'origine contrôlée” (AOC) system to promote trust in its wines. Blockchain technology is well suited to making medicine and healthcare less expensive, more reliable, and safer, but I’m skeptical that’s enough to accelerate its adoption.
Regards,
Robert Kugel