What is BCHIE? The Blockchain Health Information Exchange (BCHIE) architecture is a revolutionary HIPAA compliant platform to handle health information across disparate systems.
What is the strategic business goal that this use case will support? The initial goal was to prove the possibility of both patient matching and interoperability as defined by guidance from The Office of the National Coordinator for Health Information Technology (ONC) with confidentiality, integrity, and availability in the transmission of data.
What other goals were there? The technology team aimed to build a user interface (UI) application to ensure data could be transferred through the most common mediums for passing medical records/health information: email, fax, discs (e.g., CDs and/or DVDs), and APIs. Note: With regard to APIs, the application built configured BCHIE to be compatible with the current Certified Health IT Product List and HealthIT.gov requirements (e.g., §170.315 (g)(7): Application Access – Patient Selection, §170.315 (g)(8): Application Access – Data Category, and §170.315 (g)(9): Application Access – All Data Request).
How was success measured?
- Patient matching and interoperability needs are defined by Centers for Medicare & Medicaid Services (CMS) and ONC which is outlined in document CMS-9115-P.
- Confidentiality and integrity would be proven if the patient information was secured and only accessible to users authorized by the patient.
- Once confidentiality and integrity were achieved, availability would be achieved by the technology team from One Med Chart (OMC) building the UI application for the Web, Play Store, and App Store on the Cloud.
What were the technology and infrastructure requirements for testing? The architecture was tested with about 1,000 records, more than 500 unique data attributes, and 200 users. All users were test users. Correspondingly, all data and files were anonymized.
Was testing successful?
- Patient matching and interoperability: Yes through the patient matching algorithm, which is only possible through the blockchain.
- Confidentiality and integrity: Yes. In testing, patient information was secured and only accessible to users authorized by the patient as demonstrated by unauthorized users not being able to access records. We also tested the security of the system, ensuring vulnerabilities were eliminated at all layers.
- Availability: Yes. The technology team successfully built a One Med Chart UI application for the Web, Play Store, and App Store.
- Transfer through common mediums: Yes. We successfully transferred data through email, fax, uploads, and APIs.
What are the implementation challenges? One learning from testing surrounds the antiquated technology used by health information companies to store their data. In order to make the transition to the BCHIE smoother, the OMC team built an API on top of the Blockchain, recognizing that there are limitations on the likelihood of every client being able to change their system altogether.
We acknowledge that security is not 100% as any system is vulnerable to brute force attacks. Additionally, availability is 99.99% due to the system having redundancy and load balancing on the cloud. Moreover, patient matching could be possible using SQL or NOSQL, but only in theory as every health IT company would have to share their database(s) schema, have the same SQL capabilities, especially with personnel, and, most importantly, treat the SQL database as a blockchain, which is a difficult concept to comprehend and even more difficult to implement.