Latest Technology Blogs, News and Trends – Walkwel Blog

HIPAA and Blockchain

You searched it, you got it.

Take it as a rule of thumb that any healthcare technology solution that has anything to do with Protected Health Information (PHI) in the United States of America, must comply with HIPAA (Health Insurance Portability Accountability Act (HIPAA).

This act enforces and protects the patient’s right to privacy. HIPAA aims at safeguarding the patients’ sensitive health-related information, keeping it from unauthorized disclosure. It necessitates a broad set of technical safety checks to be embedded within the solution itself as well as certain administrative steps which must be included by the provider in the process.

Blockchain

Blockchain​ ​is​ ​a​ public (often) ledger of ​shared,​ ​trusted​ ​transactions. There is no single control, entries cannot be changed by anyone without consensus.

Blockchain possesses the potential​ ​to​ ​become​ the changemaker, the disruptive technology ​that will usher in​ ​the​ ​next​ ​generation Internet. This nex-gen Internet is ​also​ called​​ ​to​ ​the​ ​Decentralized​ ​Web,​ ​or​ ​Web3,​ ​Blockchain​, evidently, serves as a is​ ​a​ ​novel​ ​and innovative solution​ ​to​ ​the perpetual problem of​ ​trust among humans.​ Blockchain offers us​ ​an​ ​architecture​ that’s trustless, not because there is no trust involved, but because you can ​trust​ i.e,​ ​to trust​ ​the​ ​output​ ​of​ ​the​ ​system​ ​without​ ​having to trust​ ​any​ ​actor/doer​/block ​within​ ​it.

​​We must understand blockchain as​ ​a​ ​distributed​ ​database​ ​that​ stores and keeps adding to​​ ​a​​ ​list​ ​of​ ​transaction​ ​records,​ ​in an encrypted form that is resistant to tampering​ ​and​/or editing.

Blockchain for HIPAA

The digital ledger technology that blockchain offers has promise, but from a privacy perspective, it matters whether the data that is stored can be considered protected health information and therefore regulated.

Blockchain​ in ​itself​ is ​a​ ​​file​— a​ ​shared​ ​and​ often ​public​ ​ledger​ ​of transactions​ ​that​ ​records​ ​all​ ​transactions​ ​from​ ​the​ ​genesis​ ​block​ ​(first​ ​block)​ ​until​ ​today.

IPFS

IPFS (Interplanetary File System) and the Blockchain are a perfect match! IPFS allows you to address large volumes of data, and it then places these immutable (not open to mutilation), IPFS links into a given blockchain transaction. It does two wonderful things—timestamp the transactions and secure the data, while eviting the need to place the data itself onto the chain.

However, If the information is stored unencrypted to IPFS and the generated hash value is updated to blockchain then someone with the same hash can retrieve all the information. Therefore, the solution developer needs to ensure the privacy of the message by making it unreadable by malicious users.

There are numerous ways available to encrypt and decrypt information. For example, a simple PGP encryption can help you as follows:

Once the information is encrypted and stored in IPFS a hash is generated. This hash can be used to retrieve the encrypted content. And recipient can use the private key to decrypt the encrypted message. Hence, only those can see the message content who are actually assigned to view the message.

Blockchain can also be helpful for Section 164.308(a)(1)(ii)(D), “Implement procedures to regularly review records of information system activity, such as audit logs, access reports, and security incident tracking reports.” Blockchain offers immortal, immutable recording of information, for comprehensive and tamper proof audit-trail of who wrote and accessed every record.

Conclusion

HIPAA requires the PHI to be protected and audit trail to be visible, whereas Blockchain has a reputation for being open. While these two point-of-view contradict, the limitations to blockchain in terms of data are few and if carefully developed, HIPAA is not an achievement that is impossible.

Need help with your next big idea?

Author

Recent Blogs

Million Dollar App Idea Million Dollar App Idea
Every now and then, we receive walk-ins at our offices, from wannabe entrepreneurs. They are young people, passionate about making ... Read moreIT Myths Debunked…
building startup tips building startup tips
All over the world, people have glorified taking risks. They say entrepreneur jumps off a cliff and builds a plane ... Read moreAlways go with…
Thanks to the advent of tools for eCommerce development, more & more people are selling online. It’s not too difficult ... Read moreMost Anticipated eCommerce…

Leave a Comment