The information flowing along a blockchain is like a river that knows no country borders, is as unregulated as nature, and forever carries upstream pollution. Everyone paddling on the water can agree on the river’s depth at any point along the journey, and the river does not run straight because there is no one in charge to advise it. Finally, the river of information can cut through rock not because of its power but its persistence.
Successive waves of technology and the decades of transformative change that come in their wake will shake something free. As the boundaries among industries continue to blur, blockchain explorers stand ready to rip them open. Blockchain explorers are charting a new direction in every sector.1
This paper focuses on how blockchain will impact dentistry in the areas of electronic health records (EHR), relationships with regulators and stakeholders, and clinical dental research disruption.
1. Blockchain-powered EHR in Dentistry
“Data are a precious thing and will last longer than the systems themselves.”
– Tim Berners-Lee
At its core, blockchain is a shared ledger that allows individuals in a network to transact assets where everyone has control, but no single person is in control. Data can be shared in real-time across a scalable group of participants and institutions. Every event or transaction is time-stamped and forms part of a long chain or permanent record that cannot be tampered with. On permissioned blockchains, privacy can be maintained by agreement about which participants can view which transactions and where desired by masking the party’s identity.2 Trust can be embedded into blockchain transactions. As it does, new transformative possibilities emerge. One such application is with EHR.
1.1 BENCHMARKING WITH MEDICINE
Once medicine moved from paper charting to EHR, there were leaps in efficiency and accuracy. However, protecting privacy, altering charts to hide errors, and inconsistent information recording remains challenging. The advantage of blockchain-powered EHR is that patient health information (PHI) is stored across many computers.3 Data cannot be changed retroactively without altering all subsequent blocks and collusion with the entire network, thus ensuring untampered data.
The concept of using distributed ledger technology to create an integrated, shared, and immutable record of interactions with health care providers is an exciting proposition for improving the accessibility to medical records for patients and clinicians alike.
A private blockchain, where approved clinicians and the patient have private digital keys to allow access to appropriate health information, could dramatically increase accessibility to the patient’s full past medical history. At the same time, this reduces repetitive investigations and improves knowledge translation resulting in reduced treatment time to definitive care.4 The permissioned blockchain, with a trusted consortium evaluating the potential candidates for participation, also ensures greater oversight.5 A blockchain-powered EHR platform would also allow patients access to their health information resulting in greater personal autonomy and ensuring they control their information. A patient could also provide their private digital key to a substitute decision-maker who could access the information on their behalf.
The Republic of Estonia has successfully implemented a blockchain-powered healthcare system.6 As a result, the medical data of its entire population has been secured in a private blockchain leading to incredible possibilities for society. For example, this allowed the pandemic tracking in real-time and having all the patient’s information at any time, including previous imaging studies and laboratory results. In an emergency, having this information available is invaluable to the emergency room physician, and the efficiency of retrieving accurate, sensitive data will save lives.6
In Estonia, it has also been proposed that an immediate application of blockchain to medicine would create a national registry of surgeons and surgical operations.6 EHR could be updated by every surgeon caring for the patient, including video recordings of the surgical procedures. The patient can allow access to data with the use of private keys. Registry data could be used across specialties and institutions without limitations in the patient’s best interest. Adding to the blockchain the biometric data generated before, during and after a surgical procedure from wearable technology worn by both the patient and the surgeon could radically change the medical model. Wearable biometric devices generate an incredible amount of sensitive data that requires proper protection.7 Blockchain technology would be the perfect solution for the purpose.8
Due to the COVID-19 pandemic, many countries have been confronted with the need to track and manage sensitive data, which triggers essential privacy issues. The implementation of a rapid, widespread testing and vaccination strategy, with the results powered by blockchain, allowed the creation of health and immunity certificates in several countries.9 The Government of South Korea was the first to develop a blockchain-based COVID-19 Vaccination Verification System (COOV).9 Unlike the European Union Digital COVID Certificate, which is based on verifiable credentials following the standard Public Key Infrastructure,6 the South Korean system does not need to handle the complex management of cryptographic keys. This avoids the risk of having some of these keys compromised or stolen. Blockchain technology was also used to implement digital health credentials in New York State’s Excelsior Pass, which allows individuals to access their COVID-19 vaccination record or negative test results through an integrated, secure platform.6 San Marino Digital Covid Certificates link information regarding the patient’s COVID-19 status to a Non-Fungible Token (NFT).6
Presently, EHR in medicine are fraught with data sharing limitations between platforms, counterintuitive user experiences, and regulatory barriers. Given that patients routinely lose their health cards, it is foreseeable that their private keys could be lost or stolen, undermining the security of the blockchain system. The speed at which transactions occur, or throughput, on the blockchain network is also presently limiting.10 Large amounts of energy are also required for a blockchain’s computing power, which raises concerns regarding the climate impact of a blockchain model. The distrust for a centralized information repository where the information cannot be erased would also prove troubling for many, and some patients would not consent to participate.11 This would lead to distinct information channels for patient information burdening the health care system with additional complexity.
The Information and Privacy Commissioner of Ontario (IPC) has issued an order (HO-004) warning health information custodians about the risks of storing personal health information on portable media.12 Given that the EHR will be stored on nodes across the planet, including smartphones, regulations will need to be changed to reflect the new storage paradigm.
The security of the blockchain is also at risk. It has been postulated that quantum computers would need to become about a million times larger than they are today to break the algorithm that secures blockchain, which would put the security of the system at risk from hackers. Quantum computing or zettascale computers are on the horizon, despite the assertion that Moores’ Law will probably end in 2025.2 As such, EHR, blockchain and cryptocurrency will be at risk from hackers due to the reinvention of computing power.13
1.3 APPLICATION TO DENTISTRY
Dentistry is tightly linked to historical technological advancements, including virtual surgery, 4K ultra-high-definition optics and 3D printing.14 However, the daily practice has also changed with the introduction of EHR, with the possibility of running big data analytics and artificial intelligence (AI) algorithms.3 AI will soon represent a significant turning point in dentistry.15 This transformation will be fundamental to managing the vast amount of digital data (e.g., patients’ data, operative audio and video footage) with serious attention to security and digital privacy.16 The benefit over the current EHR in dentistry is that once the information is on the blockchain, it becomes accessible to the entire network and cannot be altered or counterfeited, thus protecting it from fraud and cyberattacks, as every action leaves a trace.
1.4 BUSINESS MODEL
As opposed to the medical system, where there is an integrated provincial framework for health care delivery, dental offices in Ontario function as independent businesses. Dentistry is a regulated profession in Ontario under the Regulated Health Professions Act, 1991.17 Under this Act, it is the responsibility of the Royal College of Dental Surgeons of Ontario (RCDSO) to regulate Ontario dentists in the public’s interest. Ontario’s Personal Health Information Protection Act18 permits all health information custodians, including dentists, to collect, use and disclose personal health information to provide health care, or facilitate health care, to patients.18, 19 However, many offices still use paper charts to record this information.
At our office in Fonthill, Ontario we have approximately 15,000 patient visits per year. These visits create a relationship, and privacy is essential to human relationships.20 A medical history must be completed or updated for each visit, recorded and stored. Each of the visits to the clinic requires sending a report to the patient’s referring dentist. A communication coordinator is responsible for sending this personal information to another dental office via encrypted email or regular mail. Presently, the information exchange to other offices is governed by the referring offices’ ability to receive information. Some offices prefer a letter correspondence, others a faxed copy. Many offices are amenable to accepting email correspondence however are resistant to accepting an encrypted report due to the perceived complexity of opening the document.
The notion of a blockchain platform would be troubling to most dental offices today.21 The main reasons for this are an incomplete understanding of privacy regulations, a perceived lack of need, and the significant investment required in staff training.15 Moreover, giving up control of the access to the patient record would be troubling to many dentists as they are the custodians of the information in the current paradigm. Having the patient’s EHR available for scrutiny on a blockchain might lead to better record-keeping, but would likely be subject to strong resistance by dentists today.
Patients moving between provinces or to other countries also happens frequently. The challenge is that the information sent to another country may be accessed by the courts, law enforcement and national security authorities differently than how the information is accessed in Canada.22 How this information would be regulated in a borderless blockchain is unknown.
2. Relationships with Stakeholders
“When it comes to privacy and accountability, people always demand the former for themselves and the latter for anyone else.”- David Brin
Attempts to introduce a blockchain EHR in dentistry will encounter resistance from key players who dominate the multi-billion-dollar dental-industrial complex and benefit from a status quo where the exchange of PHI remains mostly unmonitored and largely unregulated.23 In addition, the relationships between dentists, regulators, insurers and current EHR providers will change due to the new sources of value through blockchain.
2.1 PRIVACY COMMISSIONER
The Office of the Privacy Commissioner of Canada has outlined an organization’s responsibilities regarding personal data using ten fair information principles.24 This framework empowers individuals to control how the private sector handles their personal information. The concept governs these principles that an individual’s personal information “must only be used for purposes that a reasonable person would consider appropriate in the circumstances.”25 Patients must reveal extensive and sensitive information in a healthcare setting to receive precision medical care. Moreover, their information is often accessed by clinicians from different regulated health care professions, insurance providers and financing institutions. A healthcare organization’s responsibility to abide by the fair principles of the Personal Information Protection and Electronic Documents Act (PIPEDA) is critical in protecting an individual’s privacy.24 With the patient’s permission, their information could be accessed globally in a blockchain environment, and international privacy legislation would be required.
All personal information held by an organization, including the information transferred to a third party, must be protected, and the organization must develop and implement a personal information policy.26 The responsibility of Principle 7 is to protect personal information in a way that is appropriate to how sensitive it is.27 Furthermore, all personal information should be protected against loss, theft, disclosure, copying, use, modification or unauthorized access. PIPEDA does not explicitly outline which security safeguards are required but pushes that responsibility onto the organization with the information in its care. As new technologies and social norms towards digital information accelerate, as it does with blockchain, these safeguards become a moving target.28
Given the gaps the government of Ontario perceives in today’s privacy legislation framework, a White Paper entitled “Modernizing Privacy in Ontario: Empowering Ontarians and Enabling the Digital Economy” was undertaken. This paper sets out seven key areas of reform, including enhanced safeguards.29 This may result in a new privacy statute governing the Regulated Health Professionals among many groups. Interestingly, blockchain is not mentioned in the document.
2.2 ROYAL COLLEGE OF DENTAL SURGEONS OF ONTARIO (RCDSO)
The strategic, logistic, spatial and temporal use of the private information is the responsibility of the information custodian under Principle 5 of PIPEDA.30 Blockchain creates a problem with patient data retention as the information is permanently recorded.
The current RCDSO guidelines stipulate that the timeline to keep personal information is generally only as long as it is needed to serve the identified purposes.19 There must be clarity on what personal information is collected and where it is stored, and the purpose of collecting it in the first place. The collecting, use and disclosure of the personal information should only be for the purposes a reasonable person would consider strategic and appropriate in the context of the collection.30 Moreover, there should be guidelines and mechanisms for retaining and destroying personal information. Organizational policies and procedures should address minimum and maximum retention periods.22
Once treatment is completed, dentists must retain patient records for at least ten years after the last chart entry in the file.19,31 However, the Limitations Act states that legal proceedings against dentists can be brought fifteen years after the act or omission on which the claim occurred, so extending the retention to 15 years may be advisable.32
According to the RCDSO guidelines on EHR, adequate disposal of electronic patient records requires that they be permanently deleted or irreversibly erased, including any backup copies (e.g. copies created by the EHR).19 “The deletion must be performed by the dentist and an audit trail should maintain a record of the name of the patient….the time period to which the information relates, and the person responsible for authorizing the disposal.”19 The ability to delete patient data from a blockchain is not possible. However, locking the information with a private key might be the best alternative.33 A patient’s request to be forgotten or deleted from the blockchain is also impossible.
Processing electronic dental claims for patients is a time-consuming task for dental administrative staff. For example, simply substituting the abbreviation “Dr” for “Drive” is sometimes enough to reject a claim. As such, the procedure codes and patient information must be accurate when communicating with third-party providers to ensure timely reimbursement for the patient. If the insurance claim became part of the blockchain EHR, the accuracy would significantly improve.34 It would also benefit the insurer by quickly identifying fraudulent or duplicate claims. In addition, smart contracts would simplify insurance claims.
Smart contracts have advantages over existing approaches. Conditions for executing the contract are more detailed, and data exchanges can be tracked and verified by patients and do not require that exchanges occur through third-party custodians.35 Blockchain oracles would be needed to enable smart contracts based on inputs and outputs from the real world. Further, oracles would allow the blockchain connection to external systems.
SecondOpinion software is an AI-driven computer-aided clinical radiology assessment tool that can assist in detecting dental caries, similar to how AI technology is used to identify lung nodule detection in medicine.36 Given how subjective dental radiology is, having an AI-powered system assist the dentist in interpreting is of enormous value to the patient. To prevent fraud in dentistry, the insurer often asks for pre-treatment radiographs to evaluate pre-determination requests and ensure the treatment delivered was necessary. With software such as SecondOpinion, every pre-treatment radiograph could be analyzed and verified electronically by the insurer and tied to the smart contract execution.
2.4 CURRENT ELECTRONIC DENTAL DATABASE PROVIDERS.
Even though when dentists have access to complete and accurate records, patients receive better care; the reality is that only 67% of dental practices use EHRs.37 Of those that do, no standard exists among software platforms in dentistry.
When seeing a new patient in a referral practice, it would be beneficial to have their complete medical and dental history; however, there is no mechanism to share this information. In most EHR systems, the details of past treatment, billing information and treatment outcomes are not easily shared, and this would not be the case with blockchain EHR.38
Current limitations that blockchain EHRs need to address include scalability, privacy, and usability limitations.39 A significant security issue is ensuring verifiable user authentication and patients losing their private keys. Access through biometrics or an emergency bracelet that can be scanned, giving access to essential health information, has been suggested for unconscious patients or those unable to communicate their private keys.5,4
The ideal blockchain EHR would feature decentralization, security, anonymity, immutability, tamper-proof features, private verification, and a user-friendly interface allowing efficient search capability.39,41,42 In addition, the system would use an interplanetary file system (IPFS) and cloud computing to store patients’ data and files.40
The incumbent EHR management providers will likely resist a blockchain-powered system as it would require expensive investment in development and a reimagination of their service offerings. However, the perpetual reimagination of the future is always required to stay relevant, and it is likely that in the blockchain-powered EHR space, a winner-take-all scenario is imminent.
2.5. NEW ENTRANTS
In early 2017, dentistry received its first blockchain solution in “Dentacoin”, which uses blockchain-based solutions for secure transactions among market participants, and between patients and dentists. Patients pay a subscription to Dentacoin via a smart contract for ongoing treatment from a participating dentist. The dentist receives payments in the form of ongoing basic income. In addition, the patients are incentivized to take good care of their teeth, receiving tokens using a Dentacoin app. The platform, which is being used to share market research and patient feedback, seeks to become a dental insurance model.
This blockchain application in dentistry offers efficiency benefits to the patient and provider, negating the need to fill in new patient forms with each new provider. Nevertheless, the shared information is limited by the prior clinician’s clinical expertise and record-keeping ability. Also, medical histories need to be updated at every visit, so filling out forms is not eliminated. However, due to the unalterable quality of a blockchain, there would presumably be a decrease in the number of false claims filed. If the payment method shifts to using Dentacoin or other cryptocurrencies, accounting records should be easier to audit and less prone to fraud. However, given the volatility of the value of cryptocurrencies, most businesses, including dentists, would be hesitant to use this approach.5
Finally, most third-party dental financing occurs through companies like Care Credit or Lending Club, with the intermediary taking the risk in dentistry. With blockchain payment, the possibility of peer-peer lending is created.1
“Fast is fine, but accuracy is everything.” – Wyatt Earp
Advances in information technology have culminated in a global explosion of data generation. Accumulated big data is now estimated to be 4.4 zettabytes in the digital universe.43 Trends predict an exponential increase due to the widespread utilization of mobile devices, ubiquitous sensors, and cameras.7 PHI can be gathered from traditional professional interactions and other expanded sources, including social media, posts by patients on internet forums, surveys and questionnaires from patient support groups. The Internet of Medical Things (IoMT), trends in biomedical research and NFTs are part of the new advances.44
3.1. INTERNET OF MEDICAL THINGS
With digital transformation and the IoMT, it has become essential to digitize medical records completely. EHRs provide several advantages, such as ease of accessibility from a myriad of devices at any time. EHRs also enable stakeholders to adopt IoMT technologies, which can help monitor patients remotely and in real-time resulting in improved patient care.3,9 For example, the Oral-B IO powered toothbrush can send biometric information revealing areas of the mouth the patient did not brush effectively. However, EHR systems face multiple challenges, including security, privacy, and technical issues.
PHI is most useful when data collection systems are integrated into the wider IoMT. The systematic collection and increased availability of PHI will be most valuable when its applications are known, sources are searchable, and users are better able to undertake self-discovery of the data. (Fig. 1)45 The lack of trust between data custodians and data users, and the numerous obstacles with data sharing that have restricted the potential utility and value thus far, could be improved through a coordinated IoMT.46 Improving patients’ trust in the security of data and facts emerges as a global and political objective.47 Dentistry has lagged behind medicine in embracing PHI, but the extensive adoption of blockchain-powered EHRs is the first step in a more structured, digitalized direction.39,41
Fig. 1 – Blockchain-Powered Patient Health Information Profile.
3.2. BIOMEDICAL RESEARCH
Biomedical research has recently evolved through three stages in digital dentistry: (1) data collection, (2) data sharing, and (3) data analytics.43 With the explosion of stored PHI, dental medicine is cresting into its fourth stage of digitization, using AI for discoveries.
The basis of successful management of PHI is the establishment of a generally accepted data standard that will guide its integration within EHR and IoMT.21 Cryptographic methods in blockchain can enable safer, more efficient and effective dental care within a global eco-system. The interoperability of PHI with accessible digital health technologies is key to delivering value-based, precision dental care and exploiting the tremendous potential of AI.15
Collecting high-quality PHI is most efficiently performed when systematically extracted from harmonized and linked data sets. However, most databases are not compatible with each other, and as a result, automated data collection and interpretation are still clumsy.48 The use of EHRs, unlike paper-based systems, fosters compliance with standardized documentation, forcing clinicians across the network to enter data in a structured format, allowing the rapid comparison of PHI. This promotes the sharing of information between various healthcare team members in an organized framework.49 A significant problem facing data collection in healthcare is poor data quality, characterized by missing and incomplete data. This occurs when there is no standardized format for entering data or when specific population cohorts do not have their data recorded accurately.50 Creating avenues whereby PHI can be easily collected on the front-end by clinicians or medical auxiliaries in a structured manner and cleanly extracted or aggregated on the back-end will increase our understanding of risk factors, trend patterns, and treatment outcomes.35 IoMT could further augment such data registries using biometric data from wearable devices collected on a routine basis.7,11
As traditional methods for collecting patient data, such as clinical trials, have become more complex due to rigorous planning and registration, high costs, time expenditures, and challenging patient recruitment, linkages between PHI collection platforms and the EHR are a promising channel in biomedical research.51 However, data sharing becomes increasingly complicated as more potential identifying elements are identified.4 One example of this is from our practice. There are several ongoing research studies at the clinic in conjunction with Brock University, where we prospectively follow patients’ periodontal health over time.52-54 This created a new use for the patient information and required a review by the Ethics Research Board at Brock University and a new consent form to authorize the new use of the same information. Another challenge with this clinical research is that public release of health data, for example, for publication purposes, requires among the most stringent de-identification procedures.55
Data anonymization is information sanitization with the primary intent of privacy protection. Anonymization methods include encryption, hashing, pseudonymization and perturbation. The potential for re-identifying individual patients from anonymized data poses unique challenges to biomedical research, as protecting patients’ privacy is paramount. The complex legal landscape around health privacy, e.g., sharing data across ¬national borders, creates obstacles for patients trying to access their personal information and hurdles for biomedical researchers attempting to establish clinical trials.28,55 In this context, the careful handling of dental biobanks with sensitive biological material, such as saliva, blood and teeth, must be clarified, as these samples could be used to extract the patient’s entire genome without their consent.42,56,57If biomedical researchers want to take advantage of today’s technical interoperability solutions, international regulatory bodies need to address privacy, ethics, security, and intellectual property issues.15,41
The secure sharing of PHI provides novel opportunities for research when this data is integrated into EHR systems that are part of a larger IoMT. For example, establishing huge international population-based cohorts will help identify unknown correlations of symptoms and diseases, novel prognostic factors, innovative treatment concepts, and benchmark healthcare systems.16,45 In addition, the linkage of patient-level information to population-based cohorts and biobanks could detect new biomarkers through personalized health research.15
Falling costs (per record) of storing digital data and the availability of low-cost and powerful tools to extract patterns, correlations, and interactions make data analytics more usable and valuable in dental medicine.58 Nonetheless, the personnel costs of maintaining PHI and the need for IT experts and scientists are climbing rapidly. Therefore, an open digital eco-system that will accelerate efficient and cost-effective biomedical research is the most economical way to enhance oral health on a global scale.59
The IoMT of the future will combine PHI to allow clinicians to make decisions, ranging from individual care decisions with the help of a chair-side clinical decision support system to population-based policy decisions.
To abide by the accuracy principle of PIPEDA, PHI must be kept as accurate, complete, and up to date as necessary while considering the individual’s best interests.26 However, given patient autonomy, the option for the patient to share their personal information in research has primarily been to consent to a study.
Given that PHI is highly valued and will only become more important as big data and machine learning emerge to the forefront of health care and translational research, there is a monetary value to PHI.51 Today’s health information exchange (HIE) market is geared to commercial and, to a minor amount, not-for-profit entities.60 The HIE could create opportunistic incentives for sharing data.60 Patients have limited ability to sell their data, but within the HIE, new forms of digital ownership can ignite a digital marketplace for patient-controlled health data. NFT or NFT-like frameworks can help incentivize a more transparent and efficient system for HIE in which patients choose how and with whom they share their PHI.6
A powerful feature of NFTs are smart contract terms which stipulate in advance the approved entities with which an individual agrees to share (or prohibit access to) their PHI. By allowing patients to prosent in such a way, smart contracts provide a preemptive and automated mechanism for data exchange that is aligned with individuals’ preferences. For example, the patient could restrict their information from being used by tobacco companies or researchers based in certain countries.
As in the art world, a significant advantage of NFTs is their verification of authenticity and originality. Many entities interested in acquiring PHI are mainly concerned that the data are accurate and represent the patient’s PHI. Storing a patient’s health data as an NFT could help to verify its history and accuracy. However, it also raises important questions about who legally controls PHI and has the right to share or sell it.
Given the complexity of NFTs, it is likely that average citizens will not be able to take advantage of them in the health space without much help. Most people will need the aid of trusted intermediaries to mint their data and manage private keys. They will also need user-friendly interfaces to interpret requests and facilitate transaction ledgers. In addition, patients will need specialized legal support to design smart contracts that serve their interests.60
Although very promising, blockchain technology is just in its early stages of adoption in dentistry. The lack of confidence in the ever-evolving digital world and the fragmentation and lack of intercommunication of the existing electronic databases are just some reasons why the use of blockchain technology in dentistry is untapped. To be relevant in the future, dentists should not stay at the side watching the technological river flow by. As a river flows, the surprise of its unfolding carries it. Like the information in a blockchain, a river seems to be a magical thing. A magical, moving, living part of the very earth itself.
Oral Health welcomes this original article.
About the Author
Peter Fritz is a periodontist, scientist, mentor, and adjunct professor at three universities. He has recently completed a law degree focusing on blockchain, cybersecurity, innovation law and technology. Peter lives by his academic mission: “Never stop learning because the world around you never stops teaching.”
This content was originally published here.