The Internet has enabled the creation of highly centralised platforms, such as those used for social networks, search engines or clouds. However this centralisation exposes people’s personal data to potential commercial or political misuse by the owners of these platforms.
Blockchain (also called distributed ledger) technologies support decentralised methods for sharing, storing and securing data securely without intermediaries across a distributed network such as the Internet. Secure decentralisation mechanisms based on blockchains can enable citizens to retain full control over their own personal data.
At Dovetail Lab, we are passionate about using blockchains to help solve real world problems where it is the technology of choice, and not just the trendy one. Our vision is to facilitate secure sharing of patient data across boundaries to make the world healthier.
Like all innovation, our work sees further because it stands on the shoulders of giants.
We love developing our own solutions from scratch but we also love using good open source as the foundation.
Sharing patient data means sharing an audit trail. We use a Hyperledger Fabric blockchain (originally developed by IBM) to store data from our network.
All we store is a record of consent given to share specific data, the identity of the sender and receiver, the time sent and the time received.
This ensures that our data is always available, always being added to, and always up-to-date.
Everyone loves the data standard they work with, and we’re no exception. But we think that Fast Healthcare Interoperability Resource (FHIR) has something special to offer. It’s an open source and international standard for medical data.
Other standards have their advantages, and interoperability means no one has to choose, but FHIR directly exposes specific information which allows faster and more sophisticated analysis.
Our platform is about keeping the best of the old, and adding the new. We use traditional high-encryption channels with sophisticated data interpolation to transmit patient data.
Alongside this, our cutting-edge blockchain technology is used to store patient consent for data sharing, and to make sure that that consent is respected by everyone in the process.
We absolutely don’t put medical records on a blockchain, and we never will. Our distributed ledger technology is only used to store the audit trail, protect patient consent and trigger the sharing process.
When it comes to the security of data transfers, we go above and beyond what is required. Information is always encrypted in flight, and when the transfer is confirmed, we delete it from our servers – leaving only the blockchain audit trail.
We use AuthO for our users to log in to the platform. It’s HIPAA and GDPR compliant, works with OpenID, and keeps passwords encrypted (hashed and salted).
When it comes to patient identity, you need to get it right the first time, every time. That’s why we use the same technology as banks and border control to check a patient’s identity as they sign up to our system.
Because we use encryption and digital signatures, we take key control seriously. Keys never leave the mobile device and are encrypted with a PIN – this means every key is protected by two factor authentication by default.