Increasing amounts of health data are recorded in health registries, with the strategic initiatives of data sharing and fusion across different registries in Norway. This forms an excellent opportunity for world-class medical research as few countries have such a high-quality infrastructure. However, it also constitutes a very high privacy risk should a security breach occur.
Publicized incidents of leaked medical records pose a major challenge for the digital trust in eHealth where storing, accessing and exchanging sensitive patient-related data must comply with several regulations, while remaining accessible to authorized health practitioners. Governmental legislations regarding data privacy, such as the EU's GDPR, present an additional source of concern for healthcare registries which are now faced with severe legal and financial consequences in case data confidentiality is breached.
Our principal approach is to facilitate solutions for health registries by using Smart Contracts and the emerging Blockchain Paradigm. From the data safety, authenticity, and nonrepudiation standpoint, blockchain is a perfect fit for sharing medical records since it provides an easily accessible, immutable, and transparent history of all contract-related data, adequate for building applications with trust and accountability. Use of smart contracts brings a number of additional advantages for sharing medical data by healthcare registries: consent management, fine-grain privacy control, transparency, and reduced bureaucracy and expenses.
SmartMed is proposed in cooperation with the Cancer Registry of Norway (CRN), which will validate technological advances. CRN presently contains health information on over 1,4 million cancer patients. Managing and using the data for medical research in a secure way as to minimize any privacy concerns is paramount. Improving privacy control and transparency will bolster public's trust in the use of CRN data for vital research on preventive medicine.