Guest Column | July 6, 2017

Blockchain And Healthcare

Capitalize On Your Merger/Acquisition: 4 Tips To Consolidate Your CMO Network

By John Nye, vice president of cybersecurity strategy, CynergisTek

I am not a millennial; I was a teenager in the 1990’s and my love affair with technology started off with a healthy bit of paranoia. My distrust of technology fueled a few years of minimal interaction with it, but the influence of entertainment such as War Games, Duck Tales, X-Files, and — more recently — Mr. Robot drove me to embrace my desire to work in the technology field. I naturally never lost that sense of distrust, hence I became a professional penetration tester.

So far, that healthy paranoia has helped me excel at what I do and to figure out better ways to secure computers. However, I keep hearing about blockchains which are based on some really cool cryptography (bet you never thought you would see crypto and cool in the same sentence).

Anything that uses cryptography in a clever way to protect data intrigues me. I have been encrypting my hard drives for a long time. I also encrypt my phone and its MicroSD card, important files, portable media, and anything else I can.

It is apparent anyone that even cares marginally about technology has realized blockchain is a big deal right now. But, as with most technological security solutions that have the potential to make a major impact on security and privacy, it can’t be considered a panacea. I often say it is objectively impossible to vendors that try to explain how their ominous network box will solve every problem in the world. However, that does not mean blockchain doesn’t have the potential to drastically change the current paradigm of network security, especially in regard to the privacy-centric industry of healthcare.


Blockchain is a decentralized database capable of keeping secure and validated records of digital transactions. When new transactions take place, they are grouped together with other transactions that occurred within a short time window, called a block, and sent out to that ledger’s network. Once the transaction block has been validated by adding a timestamp and adding it to the chain (containing every transaction up to that point), the chain can then be used by any member to prove what they own at any given time.

Blockchain is attributed to the anonymous 2008 white paper author Satoshi Nakamoto. This white paper details the Bitcoin electronic cash system that enables online payments to be transferred immediately without an intermediary. The tech industry quickly realized, after the release of this paper, the most important aspect of the technology wasn’t the digital currency, but the blockchain technology that makes Bitcoin work.

Blockchain Is Bigger Than Bitcoin

Today, blockchain has begun to emerge as an important technology already built into several hundred applications. The ability to have transactions tracked and validated in a decentralized manner allows for more transparency without sacrificing security. Blockchain has the potential to cause major disruptions to many major industries that rely on centralized intermediaries or databases such as banking, finance, education, real estate, insurance, legal, the public sector, and — most importantly to our readers — healthcare. This biggest revolution the adoption of blockchains will bring is the elimination of intermediaries, such as government, that notoriously delay progress and transactions with bureaucratic red-tape.

How Can Blockchain Impact Healthcare?

There are a few key uses currently in the works for the healthcare industry as a whole that range from payments and payer contracts to population health. Using a blockchain solution for payment and payer contracts can eliminate the need to reach out to the insurance companies, lowering administrative costs and increasing the speed that claims are dealt with and paid out.

For population health, blockchain is a solution to a problem health officials have been struggling with for decades. Currently, reliance on health information exchanges (HIEs) and other data aggregation methods is the primary method of gathering health data on a population scale. The blockchain promises to allow a decentralized standardized method to ensure trust is in place. This is accomplished by linking a patient’s entire history of clinical and financial outcomes to a single verifiable source (further information is available here).

Finally, one of the biggest changes blockchain has to offer to healthcare is described in detail in a Wired article, Moving Patient Data Is Messy, But Blockchain Is Here To Help. It explains how technology has become more crucial to the machinery of healthcare doctors and nurses now spending more time typing than talking to patients, according to this Mayo Clinic Study.

However, blockchain might very well be the solution as it offers a secure, standardized method of sharing and validating a patient’s entire medical record. This will help as patients go to different primary care doctors or even specialists that do not necessarily have access to the EHR system other physicians might use. It would also help to eliminate additional lab work, keep medications in check, and provide vaccination history.

No Need To Trust Technology

As earlier stated, the biggest reason I have been successful in the information security field is my distrust of technology. Fortunately, for those of us not so quick to adopt a new technology like blockchain, we can safely put our trust in technology to keep us from human error and confusing systems that don’t communicate well. So, next time you hear a millennial say blockchains are the answer to our woes, you might be more willing to listen to their explanation and maybe put in your own two cents as well.

About The Author
John Nye, vice president of cybersecurity strategy for CynergisTek, has spent nearly a decade in information security including time with the U.S. Army, CSG International, Peter Kiewit and Sons, First Data Corp, and KPMG LLP before joining CynergisTek. John has been working exclusively as a professional penetration tester for the last four years and has presented at numerous local conferences for developers and other IT professionals.