BlockChain in Clinical Trials—the Ultimate Data Notary

March 13, 2018
Artem Andrianov, PhD

,
Boris Kaganov, PhD

Applied Clinical Trials

The clinical trials industry craves blockchain technology to provide data safety and authenticity.

The blockchain technology is the biggest achievement of cryptography of the last decade. There are few industries craving its core ability to provide guarantees about data safety and authenticity as much as the industry of clinical trials. Source Data Verification (SDV), which demands nowadays 20–30% of the clinical trial budget, becomes unneeded when blockchain disrupts the pharma.

However, let us start from the very beginning of that story. Hashing is the cornerstone technology of the blockchain. The algorithm takes a stride of arbitrary data of any size and produces a ‘hash’ which is a big number from a selected range with two main properties:

a) It is very unlikely that different data would have the same hash and

b) That calculation is reproducible by anyone knowing the algorithm.

The blockchain is used for storing hashes of a combination of important data with an exact time of saving (timestamp). It can then be used as evidence that the data existed at a certain moment and was not forged or altered.

These evidences cannot be erased because the blockchain protects them. That allows their use in clinical trials by keeping track of every step and saving a timestamp; e.g., when source data is entered at a clinical site and transferred into Electronic Data Capturing system of a clinical trial, there is no need to check the correctness of the transfer anymore. Blockchain does it for us.

For pharma, it is vital to make clinical trials more reproducible, ensuring data for each step is not falsified. For that, every document prepared before a start of a study (informed consent, study protocol, study plans, regulatory documents, etc.) should be timestamped to create a proof that it existed in that exact form before the start of the trial. It is especially important for pre-planned endpoints. In addition, when the trial starts, ongoing reports are treated the same, for example every monitoring visit report. Each measurement in a trial can be notarized to be safe from forgery and corrections that violate a protocol, good clinical practice, or even the law. This technology would increase the credibility of clinical trial results. The notarized data exists outside of the blockchain boundary in safe storage and only digital thumbprints of it are inside. Such a permanent catalog of documents significantly reduces the costs for audits, file reviews, lost documents, post-closing, and litigation. Blockchain can also help with pharmaceutical supply chain management tracking drugs for better accountability and the supply chain integrity.

Thus blockchain is used as a notary service and has the potential to reduce systemic risk, increase data quality, and decrease risk of fraud by a notarized process because of the programs open and decentralized nature.

Data safety guarantees

What does it mean that a blockchain is decentralized? It is a network (so-called peer-to-peer), where data is broadcasted by one peer in his will and received by another, which confirms that fact by broadcasting a hash of the data. Then the hash is received by a third peer and it treats the hash itself as the data and then issues the hash of the hash etc., effectively forming a chain of hashes. However, each of peers, before hashing, can combine the received data with other information (timestamp, data from third parties) and that combination is named a block. It happens because computing a hash is computationally costly and it is cheaper to compute a hash for a bigger bunch of data. A chain of hashes can be looked at as a chain of hashed blocks-which is why it is called blockchain. That chain is kept in a distributed database called ledger, which is just a permanent memory of all peers.

In a classic blockchain (e.g., Bitcoin) computational costs are intentionally high and even increasing by design if a number of peers grows. In that way the blockchain controls the creation of new blocks making it impossible to tamper with the system and trick other users by lying about a true value of the existing block. For that, an attacker needs to outperform in computing power all peers who produced that block and every block in a chain after it. That algorithm is named proof-of-work (because a new block existence proves that a big work was done to produce it) and it is a ‘consensus algorithm’ in the sense that it allows reaching agreement about recognizing new blocks.

As a result, immutability of data is guaranteed by computing power or hundreds of megawatts of energy spent by miners of new blocks. In other approaches, guarantee is an amount of memory or disk space. So such systems are most credible in terms of data authenticity, especially Bitcoin.

The other side of the coin is that you cannot send data to such a blockchain for free. Any transaction costs money, so in practice, for example, electronic signature services using Bitcoin blockchain for notarizing document signatures whether firstly accumulate many signatures and send them in a big bunch or otherwise pay a fee for sending each signature as a transaction. In the first case, you wait for hours, in the second for tens of minutes for finalizing your signature.

These fees occur because the blockchain is paired with cryptocurrency. It is needed to reward system participants, do that proportionally to contribution of their power and allow to exchange that reward for real money. Actually, a peer needs to pay because it is not trusted by other peers because of his anonymity and they require money or work to trust him.

Public and private blockchains

To that point we were discussing public blockchains where anybody can anonymously become a member of the system. It gives unparalleled confidence that the data was not manipulated but, as you see, for a certain price. Still, this confidence is yet limited too because any blockchain is not as decentralized as it is claimed. They have an unspoken dependency on developers which can change system rules whether by releasing a new version of a software commonly used for a blockchain or even directly sometimes. This is often an open source code but in practice users understand that without a skillful team the system quickly becomes outdated, which is why developer’s authority weighs so much. Sometimes, unhappy users refuse to follow and blockchain splits. The name for such event is ‘hard fork’ and it becomes a threat if you want to conduct a study lasting for years because during a longer period the study data may unwillingly face an urge to select a partition to follow.

However, there are also private blockchains without transaction costs and such a dependency on third parties. In addition, currently, a question about applying blockchain to clinical trials is whether to use a private or a public blockchain.

In a private (also named ‘permissioned’) blockchain, there is an administration controlling membership. It is important because it controls membership of participants validating transactions. A permissioned blockchain cannot guarantee data immutability because controlling authority can become flawed by an attacker, then establish a coup of flawed validators and then cancel or create arbitrary transactions. Due to regulatory pressure, even if a private blockchain is semi-decentralized it is impossible to build a censorship-resistant system on the base of it.

Data manipulation becomes even easier as long as private blockchains do not use proof-of-work consensus. It is impractical because it cannot be expected that third parties not controlling blockchain like administration (and so trusting it less than public blockchains) would spend their computing power on a big scale for verifying transactions. As for internal resources belonging to the administration, they do not spend their computing power because in this case, the system may lose the competition to other private blockchains that are more cost effective. Instead, private blockchains use proof-of-stake or consortium consensus algorithms.

In proof-of-stake, a new block is proven if a producer has a certain amount of cryptocurrency. So less work is needed for a proof and as a result, transactions happen much faster. You do not need to wait for hours until the blockchain approves your transaction by a new block, it is ready in seconds. It is very important if you are waiting for signing off a regulatory document for a clinical trial with many signatures and need to immediately make sure all signatures are stored safely in the blockchain. The industry has a big population of participants that will need to have their data validated in a timely manner, so both a quick consensus algorithm and a big number of peers in a blockchain are needed for that.

There is an ongoing debate on how to organize that network. One of the most probable ways is the consortium or Byzantine consensus algorithm that implies peers know each other in advance and when a new block is produced, they vote for it and are able to establish consensus based on recognized votes of others. This approach involves significant trust in participants and it is natural for associations consisting of well-known and authoritative health organizations. If a private blockchain is controlled by a consortium of organizations, it may be the best fit for clinical trials if controlling parties include authoritative medical institutions. A legal authority potentially would take part too, for example, FDA is currently conducting research in that direction together with IBM.

 

Global network of medical records

It is difficult to overestimate the potential positive impact of such a network allowing to transparently share clinical data between all participants of the industry. It is anticipated by many that system would finally become a common industry Electronic Health Records (EHR) format which industry needs so badly because one of biggest problems is the lack of visibility. It will increase transparency and cross-institutional visibility of the process of unfinished trials because it will be much easier to share information that is not confidential (for example, the overall number of participants), especially with smart contracts which are discussed below. Recent attempts to build a prototype of such a network are MedRec and Gem Health blockchain initiatives.

Being a consortium blockchain, the network can still avoid complete dependence on a particular blockchain implementation or community. It is possible to have the best of both worlds by using private consortium blockchain as an agile instrument for ongoing operations but additionally leisurely send data for storing it in a public blockchain to have better guarantees. Most advanced digital asset management solutions are saving hashes of the same data in several blockchains at a time achieving multiplication of safety guarantees.

Of course, a potential EHR system is not limited to clinical trials. The most important use of it is a media for sharing medical information, health data banks, and research commons, while keeping information about patients and making it available securely for authorized doctors and clinical researchers. With blockchain, each medication prescription is like a deposit, and when a doctor discontinues a medication, it is a withdrawal. So it is possible for another doctor to see the balance without looking through every deposit operation. Also important for patient privacy is that institutions will not need to send data back and forth, they just use the common ledger. So blockchain increases confidence in patient privacy.

That system enables organizations to better coordinate compliance or any type of audits, across multiple sources ensuring a fully complete file every time.

Additionally, the global medical records network can support a registry of medical devices being a basement for Internet of Medical Things (IoMT).

The blockchain can help decentralize clinical studies because of its own decentralized nature. Currently, clinical trials depend on having consistent reporting locations to ensure proper collection of data. But it can be problematic in terms of retention because they are not likely to be convenient for every patient. As the level of inconvenience increase, the odds of a trial completion fall. But blockchain technology allows clinical trials to be monitored from a wider variety of locations, use a wider base of staff and have higher patient privacy and information security at the same time, thereby increasing completion rates.

Smart contracts are helping with privacy and automation

There are different approaches to address the need for privacy in clinical research. Enigma project (under construction) is a public computation blockchain platform that allows privacy to be kept about data by sending bits of it to some random subset of the system instead of sending it to every participant like other public blockchains. So the full case data is never disclosed. When implemented, it will allow, for example, scanning of genomic databases for candidates taking part in clinical trials, simplifying the process tremendously.

That scan will be done by smart contracts, the programs starting to work inside blockchain fully automatically when some event happens in it. A smart contract can only be fulfilled or canceled, it is impossible to hang in the middle of a contract. So they provide failover because computations can be executed on any machine and are started again if a machine fails. It is like a cloud service but not bound to a datacenter. Though authorization and identity remain open issues for smart contracts executed on blockchain-enabled networks, there is promising ongoing work. Many use cases mentioned above can be improved by moving validation logic inside a blockchain as smart contracts. Smart contracts make possible complete automation of some operations, for example, to enroll a patient completely automatically if a contract gets evidence of consent. It may be a digital thumbprint of a consent form automatically sent to blockchain by Interactive Voice/Web Response System (IWRS) web server. In the health records (EHR) network informed consent can exist as a form of broader concept - a permission given by a patient and implemented as a smart contract for certain actions with his private medical data. These permissions can be fine grained and allow reading or writing a certain part of patient’s data.

It is also possible to conduct much more complex preparations for a clinical trial, for example, transparently pairing donors of organs easier and more reliably than current methods. From a patient viewpoint, using this technology would be easy to know exactly where you stand in line and trust that you will stay there. That is why these systems could help drive collaboration between participants and researchers around medical innovation, for example, in population health management.

The smart contract can also be very useful at the step of closing a clinical trial database, doing that automatically when conditions are met. Some outcomes can be calculated and reported completely automatically. Regulators and Contract Research Organizations (CROs) can have their own contracts automating what is possible to automate and making their work easier. Smart contracts are not legal contracts but can be used for validation of them, effectively replacing an arbiter or custody. They are also useful for claims adjudication and billing management, economizing money by eliminating the need for intermediaries and cutting administrative costs. It is known that 50% of clinical trials go unreported and often fail to share study results. Blockchain with smart contracts can significantly improve that situation and address the issues of outcome switching and selective reporting.

Procuring clinical data privacy with blockchain storage

We already discussed a case of storing trial data out of blockchain (the so called off-chain solution) but it is also possible to protect confidential clinical trial data by using a distributed storage on top of a blockchain. It avoids having two sets of permissions - one for reading off-chain data and another for conducting operations committing to the blockchain, thus simplifying the process and making it more secure. Pieces of kept data are encrypted and distributed between blockchain peers and no one besides the owner can decrypt it. In this case they are file servers competing in a storage marketplace for storage users’ money. So as an alternative to cloud storage, it claims better privacy and even better benefit-cost ratio. That approach also facilitates decentralized clinical research projects that can query big data in scalable manner. Speaking about big data, a perspective use of blockchain for clinical trials is genomic data management.

In this approach, versioning of documents is not something external to the blockchain, so not only is each version notarized, it is also a succession of versions.

 

Artem Andrianov, PhD, Boris Kaganov, PhD.

References

1. Manning, Jim. “Blockchain Can Revolutionize Every Aspect Of Healthcare.” ETHNews.Com, n.d. https://www.ethnews.com/blockchain-can-revolutionize-every-aspect-of-healthcare.

2. Das, Reenita. “Does Blockchain Have A Place In Healthcare?” Accessed August 7, 2017. https://www.forbes.com/sites/reenitadas/2017/05/08/does-blockchain-have-a-place-in-healthcare/

3. Benchoufi, Mehdi, and Philippe Ravaud. “Blockchain Technology for Improving Clinical Research Quality.” Trials 18, no. 1 (July 19, 2017): 335. doi:10.1186/s13063-017-2035-z.

4. Nugent, Timothy, David Upton, and Mihai Cimpoesu. “Improving Data Transparency in Clinical Trials Using Blockchain Smart Contracts.” F1000Research 5 (2016): 2541. doi:10.12688/f1000research.9756.1.

5. Melendez, Steven. “MIT’s New Blockchain Project Enigma Wants To Let You Share Your Data On Your Terms.” Fast Company, December 23, 2015. https://www.fastcompany.com/3054976/mits-new-blockchain-project-enigma-wants-to-let-you-share-your-data-on-your-terms

 

Related Content:

Online Extras