- A partnership between Donor Concierge and ALTR will use blockchain technology to secure health data and patient privacy for FRTYL, a service that links fertility agencies and clinics with parents seeking infertility treatments.
ALTR’s data-security platform enables FRTYL to store and retrieve data, as well as anonymize it so that it can be used as a trusted resource that protects the identity and authenticity of all participants involved, the companies explained.
FRTYL’s centralized database brings a repository of surrogates and more than 15,000 egg donors together so they can be matched with intended parents. Sensitive information residing in the database includes family health history, sexual health history, drug and alcohol use, previous egg donation cycle history, and personal genetic carrier information.
“There is so much sensitive information about the donors and surrogates in the third-party fertility field that we believe security is extremely important. Beyond HIPAA compliance, we are interested in working with ALTR because it is the only company that offers blockchain technology for data,” Donor Concierge Founder Gail Sexton Anderson told HealthITSecurity.com.
She noted that only 2 of the 70 donor agencies that FRTYL has spoken with thought HIPAA compliance was important.
ALTR said its technology is the first commercial software package that applies blockchain to data security. The technology provides an interoperable network infrastructure that ensures control over how patient data is seen or used and by whom.
“We can create an immutable log or register of every activity that happens inside an enterprise application … That is a regulatory strength. If you ever want to know everything that has happened inside an application, we can deliver that from our platform,” explained ALTR CEO Dave Sikora.
“We will take data from a database, fragment that data, and scatter it around the blockchains. Then we can reassemble that data at scale and with low latency. If bad guys ever break into that database, what they will see is worthless to them because the data is extracted from the database and scattered around on the blockchain network,” he told HealthITSecurity.com.
“To meet HIPAA requirements, you have to be able to secure your data from inside and outside threats. Employees at FRTYL don’t have access to the very sensitive data but they can work on the application,” he said.
The Electronic Healthcare Network Accreditation Commission (EHNAC) has also taken note of the security implications of blockchain technology. EHNAC Executive Director Lee Barrett told HealthITSecurity.com that blockchain will play a key role in the ONC’s Trusted Exchange Framework and Common Agreement (TEFCA).
The draft agreement includes a common set of principles for trusted exchange and minimum terms and conditions for trusted exchange. This is designed to bridge the gap between providers’ and patients’ information systems and enable interoperability across disparate health information networks, explained ONC.
Blockchain will become a component technology of any trust exchange framework, and blockchain-based systems have the potential of reducing the cost and the friction of current intermediaries, Barrett said.
“Mission-wide interoperability, how it's being leveraged in these trust exchange frameworks, makes blockchain a really excellent technology to leverage as part of any trust exchange framework,” he said.
Blockchain is an important enabling technology for trust exchange for TEFCA, and ONC is likely to focus on blockchain to help support the 21st Century Cures Act, he said.
“As we start to look for common agreement as well, it becomes an enabling technology for doing all of that,” Barrett continued. “If you look at blockchain, it's really focusing on data integrity, the decentralization and disintermediation of trust and reduced transaction costs.”
“If you look at the definition of blockchain being a distributed system for recording, storing transaction records, it's basically an immutable record that really can't be changed,” Barrett explained.
“There are peer-to-peer transactions that are going through the various networks. All of those various exchanges, whether it's personal health records or HIE [health information exchange] records, are leveraging cryptographic techniques that are then implemented throughout that exchange,” he concluded.