Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data

BACKGROUND: Distributed ledger technology (DLT) holds great potential to improve health information exchange. However, the immutable and transparent character of this technology may conflict with data privacy regulations and data processing best practices. OBJECTIVE: The aim of this paper is to deve...

Descripción completa

Detalles Bibliográficos
Autores principales: Hawig, David, Zhou, Chao, Fuhrhop, Sebastian, Fialho, Andre S, Ramachandran, Navin
Formato: Online Artículo Texto
Lenguaje:English
Publicado: JMIR Publications 2019
Materias:
Original Paper
Acceso en línea:https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6595943/
https://www.ncbi.nlm.nih.gov/pubmed/31199293
http://dx.doi.org/10.2196/13665
_version_ 1783430484188987392
author Hawig, David
Zhou, Chao
Fuhrhop, Sebastian
Fialho, Andre S
Ramachandran, Navin
author_facet Hawig, David
Zhou, Chao
Fuhrhop, Sebastian
Fialho, Andre S
Ramachandran, Navin
author_sort Hawig, David
collection PubMed
description BACKGROUND: Distributed ledger technology (DLT) holds great potential to improve health information exchange. However, the immutable and transparent character of this technology may conflict with data privacy regulations and data processing best practices. OBJECTIVE: The aim of this paper is to develop a proof-of-concept system for immutable, interoperable, and General Data Protection Regulation (GDPR)–compliant exchange of blood glucose data. METHODS: Given that there is no ideal design for a DLT-based patient-provider data exchange solution, we proposed two different variations for our proof-of-concept system. One design was based purely on the public IOTA distributed ledger (a directed acyclic graph-based DLT) and the second used the same public IOTA ledger in combination with a private InterPlanetary File System (IPFS) cluster. Both designs were assessed according to (1) data reversal risk, (2) data linkability risks, (3) processing time, (4) file size compatibility, and (5) overall system complexity. RESULTS: The public IOTA design slightly increased the risk of personal data linkability, had an overall low processing time (requiring mean 6.1, SD 1.9 seconds to upload one blood glucose data sample into the DLT), and was relatively simple to implement. The combination of the public IOTA with a private IPFS cluster minimized both reversal and linkability risks, allowed for the exchange of large files (3 months of blood glucose data were uploaded into the DLT in mean 38.1, SD 13.4 seconds), but involved a relatively higher setup complexity. CONCLUSIONS: For the specific use case of blood glucose explored in this study, both designs presented a suitable performance in enabling the interoperable exchange of data between patients and providers. Additionally, both systems were designed considering the latest guidelines on personal data processing, thereby maximizing the alignment with recent GDPR requirements. For future works, these results suggest that the conflict between DLT and data privacy regulations can be addressed if careful considerations are made regarding the use case and the design of the data exchange system.
format Online
Article
Text
id pubmed-6595943
institution National Center for Biotechnology Information
language English
publishDate 2019
publisher JMIR Publications
record_format MEDLINE/PubMed
spelling pubmed-65959432019-07-17 Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data Hawig, David Zhou, Chao Fuhrhop, Sebastian Fialho, Andre S Ramachandran, Navin J Med Internet Res Original Paper BACKGROUND: Distributed ledger technology (DLT) holds great potential to improve health information exchange. However, the immutable and transparent character of this technology may conflict with data privacy regulations and data processing best practices. OBJECTIVE: The aim of this paper is to develop a proof-of-concept system for immutable, interoperable, and General Data Protection Regulation (GDPR)–compliant exchange of blood glucose data. METHODS: Given that there is no ideal design for a DLT-based patient-provider data exchange solution, we proposed two different variations for our proof-of-concept system. One design was based purely on the public IOTA distributed ledger (a directed acyclic graph-based DLT) and the second used the same public IOTA ledger in combination with a private InterPlanetary File System (IPFS) cluster. Both designs were assessed according to (1) data reversal risk, (2) data linkability risks, (3) processing time, (4) file size compatibility, and (5) overall system complexity. RESULTS: The public IOTA design slightly increased the risk of personal data linkability, had an overall low processing time (requiring mean 6.1, SD 1.9 seconds to upload one blood glucose data sample into the DLT), and was relatively simple to implement. The combination of the public IOTA with a private IPFS cluster minimized both reversal and linkability risks, allowed for the exchange of large files (3 months of blood glucose data were uploaded into the DLT in mean 38.1, SD 13.4 seconds), but involved a relatively higher setup complexity. CONCLUSIONS: For the specific use case of blood glucose explored in this study, both designs presented a suitable performance in enabling the interoperable exchange of data between patients and providers. Additionally, both systems were designed considering the latest guidelines on personal data processing, thereby maximizing the alignment with recent GDPR requirements. For future works, these results suggest that the conflict between DLT and data privacy regulations can be addressed if careful considerations are made regarding the use case and the design of the data exchange system. JMIR Publications 2019-06-14 /pmc/articles/PMC6595943/ /pubmed/31199293 http://dx.doi.org/10.2196/13665 Text en ©David Hawig, Chao Zhou, Sebastian Fuhrhop, Andre S Fialho, Navin Ramachandran. Originally published in the Journal of Medical Internet Research (http://www.jmir.org), 14.06.2019. https://creativecommons.org/licenses/by/4.0/This is an open-access article distributed under the terms of the Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided the original work, first published in the Journal of Medical Internet Research, is properly cited. The complete bibliographic information, a link to the original publication on http://www.jmir.org/, as well as this copyright and license information must be included.
spellingShingle Original Paper
Hawig, David
Zhou, Chao
Fuhrhop, Sebastian
Fialho, Andre S
Ramachandran, Navin
Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data
title Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data
title_full Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data
title_fullStr Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data
title_full_unstemmed Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data
title_short Designing a Distributed Ledger Technology System for Interoperable and General Data Protection Regulation–Compliant Health Data Exchange: A Use Case in Blood Glucose Data
title_sort designing a distributed ledger technology system for interoperable and general data protection regulation–compliant health data exchange: a use case in blood glucose data
topic Original Paper
url https://www.ncbi.nlm.nih.gov/pmc/articles/PMC6595943/
https://www.ncbi.nlm.nih.gov/pubmed/31199293
http://dx.doi.org/10.2196/13665
work_keys_str_mv AT hawigdavid designingadistributedledgertechnologysystemforinteroperableandgeneraldataprotectionregulationcomplianthealthdataexchangeausecaseinbloodglucosedata
AT zhouchao designingadistributedledgertechnologysystemforinteroperableandgeneraldataprotectionregulationcomplianthealthdataexchangeausecaseinbloodglucosedata
AT fuhrhopsebastian designingadistributedledgertechnologysystemforinteroperableandgeneraldataprotectionregulationcomplianthealthdataexchangeausecaseinbloodglucosedata
AT fialhoandres designingadistributedledgertechnologysystemforinteroperableandgeneraldataprotectionregulationcomplianthealthdataexchangeausecaseinbloodglucosedata
AT ramachandrannavin designingadistributedledgertechnologysystemforinteroperableandgeneraldataprotectionregulationcomplianthealthdataexchangeausecaseinbloodglucosedata

Ejemplares similares