Healthcare blockchain startup Iryo hopes to disrupt medical data ownership by giving full control to patients.
Iryo proposes to create a participatory healthcare network with a modern electronic health record system. Refugee camps in the Middle East is its first real-world use case.
By adopting openEHR medical standards and being open-source, Iryo hopes to address the issue of medical record interoperability as well as offer an improved user experience for patients, healthcare workers, managers and researchers.
The problem Iryo faces
Across the world, patients have little or no control regarding how they interact with their medical records. For example, in the UK, GPs and hospitals own medical records – not patients. The same applies in the US. In effect the majority of medical data scatters across different institutions and amongst different healthcare providers – all struggling with a lack of interoperability.
To complicate matters further, many patients may have to see multiple specialists. This obliges them to carry around copies of their records (if they are even provided by their doctors or specialists) as they travel from one healthcare provider to the next.
From a medical perspective, doctors often have little option but to work with incomplete medical histories. This runs the risk of hindering the level and relevance of medical care provided.
The Iryo proposition
By providing ownership of the medical record to the patient, and using a consistent medical standard known as openEHR, Iryo wishes to redefine the value of medical data across the healthcare industry. To do this, Iryo is partnering with an NGO called Walk With Me to provide the IT infrastructure needed to improve the quality of healthcare provided within camps managed by the organisation.
These camps exist throughout the Middle East. The objective is that Iryo will enable patients and their families to store their medical records, securely, within their own mobile devices. Medical records in this form become ‘a bearer instrument’ – independent of identity and always controlled by the holder, the patient. Secure access to medical data exploit blockchain and modern encryption protocols.
Patients will be able to choose how they interact with their medical history. They can:
- share medical histories with hospitals, specialists and researchers – and anywhere in the world
- selectively reveal what the patients consider to be the relevant parts of a medical record, and with a predefined time limit.
The Iryo Network will become a global repository of openEHR data. Since few people are prepared to provide their medical data to a ‘GoogleEHR’-type of capture, with ‘Google-like’ reaping of users’ data for commercial purposes, Iryo has committed to surrender its own access to the data.
Its solution to mitigating this risk is zero-knowledge data storage resistant to all attacks, including state-actors or ‘inside jobs’. This works by users encrypting their data on their mobile device(s) with a public key. A private decryption key remains on the patient’s device. Whenever someone wants to access patient data (a doctor or researcher, for example) the patient must approve access. This occurs by the patient clicking ‘yes’ in their IryoEHR app which will provide a re-encryption key to the doctor’s public key.
What increases believability is that patient has the data securely backed up. This happens on two geographically and managerially redundant storage nodes plus the patient’s device:
- one encrypted backup copy stays on IRYO cloud node; this is the default backup location (it can be changed by a clinic or end-user to point to another storage API) with the Iryo-offering being centralized in a cloud with tight and audited provisioning controls
- a second encrypted copy will stay in the home clinic storage node; with this local copy, a clinic does not need to rely on an internet connection and it is distributed
- end user devices (most likely mobile phones) are already all over the world; they are decentralized (not centrally controlled) and protected by their owners (though there must be concern about enough storage for raw data as well as infected or stolen devices).
What does this mean
Patient health records are one of the most sensitive kinds of personal information. Should personal health data leak, it could defame an individual’s reputation, jeopardize employment options, influence insurance premiums, or end up as a marketing tool. All potentially exploit an individual’s health status.
What is interesting is Iryo’s attitude. It perceives the holding of medical data as being a ‘toxic asset’. Too much data in one place presents too large a liability risk.
One challenge will be patient acceptance. The issue here is whether utility will overrule skepticism, especially when mobile devices are so easy to steal. A different challenge will be the medical profession – from doctors to medical staff to the institutions which employ them. Which of these will be most resistant is an open question. In this context the Iryo challenge is immense.
Nevertheless, the Iryo concept, at its most fundamental – patients owning their own medical data, makes sense. The data travels with the problem – the patient. But this does presume that the need for healthcare cybersecurity works.