Applied Clinical Trials
Assessing the benefits of using blockchain technology as a notary service in the network sharing of clinical data.
Blockchain technology may the biggest achievement of cryptography of the last decade-and there are few industries craving its core ability to provide guarantees about data safety and authenticity as much as the clinical trials enterprise. Source data verification (SDV), which today often accounts for 20%–30% of the clinical trial budget, becomes unnecessary when blockchain disrupts pharma.
However, let’s start from the very beginning of that story. Hashing is the cornerstone technology of the blockchain. The algorithm takes a stride of arbitrary data of any size and produces a “hash,” which is a big number from a selected range with two main properties:
a) It is very unlikely that different data would have the same hash.
b) That calculation is reproducible by anyone knowing the algorithm.
The blockchain is used for storing hashes of a combination of important data with an exact time of saving (timestamp). It can then be used as evidence that the data existed at a certain moment and was not forged or altered.
These evidences cannot be erased because the blockchain protects them. That allows their use in clinical trials by keeping track of every step and saving a timestamp; e.g., when source data is entered at a clinical site and transferred into the electronic data capturing system of a clinical trial, there is no need to check the correctness of the transfer anymore. Blockchain does it for us.
For pharma, it is vital to make clinical trials more reproducible, ensuring data for each step is not falsified. For that, every document prepared before a start of a study (informed consent, study protocol, study plans, regulatory documents, etc.) should be timestamped to create a proof that it existed in that exact form before the start of the trial. It is especially important for pre-planned endpoints. In addition, when the study starts, ongoing reports are treated the same (i.e., monitoring visit reports). Each measurement in a trial can be notarized to be safe from forgery and corrections that violate a protocol, good clinical practice (GCP), or even the law. This technology would increase the credibility of clinical trial results. The notarized data exists outside of the blockchain boundary in safe storage and only digital thumbprints of it are inside. Such a permanent catalog of documents significantly reduces the costs for audits, file reviews, lost documents, post-closing, and litigation. Blockchain can also help with pharmaceutical supply chain management, tracking drugs for better accountability and the supply chain integrity.
Thus, blockchain is used as a notary service and has the potential to reduce systemic risk, increase data quality, and decrease risk of fraud by a notarized process because of the programs open and decentralized nature.
Data safety guarantees
What does it mean that a blockchain is decentralized? It is a network (so-called peer-to-peer), where data is broadcasted by one peer and received by another, which confirms that fact by broadcasting a hash of the data. Then the hash is received by a third peer and it treats the hash itself as the data and then issues the hash of the hash, etc., effectively forming a chain of hashes. However, each of the peers, before hashing, can combine the received data with other information (timestamp, data from third parties) and that combination is named a “block.” It happens because computing a hash is computationally costly; it is cheaper to compute a hash for a larger bunch of data. A chain of hashes can be looked at as a chain of hashed blocks-which is why it is called blockchain. That chain is kept in a distributed database called a ledger, which is a permanent memory of all peers.
In a classic blockchain (e.g., Bitcoin), computational costs are intentionally high and even increasing by design if the number of peers grows. In that way, the blockchain controls the creation of new blocks, making it impossible to tamper with the system and trick other users by lying about a true value of the existing block. To do that, an attacker needs to outperform in computing power all peers who produced that block and every block in a chain after it. That algorithm is named proof-of-work (because a new block existence proves that a significant work was done to produce it) and it is a “consensus algorithm” in the sense that it allows reaching agreement about recognizing new blocks.
As a result, immutability of data is guaranteed by computing power or hundreds of megawatts of energy spent by miners of new blocks. In other approaches, guarantee is an amount of memory or disk space. So such systems are most credible in terms of data authenticity, especially Bitcoin.
The other side of the equation is that you cannot send data to such a blockchain for free. Any transaction costs money, so in practice, for example, electronic signature services using Bitcoin blockchain for notarizing document signatures accumulate many signatures and send them in large bunchs or otherwise pay a fee for sending each signature as a transaction. In the first case, the wait is hours for finalizing a signature; in the second, it’s tens of minutes.
These fees occur because the blockchain is paired with cryptocurrency. It is needed to reward system participants, do that proportionally to contribution of their power, and allow to exchange that reward for real money. Actually, a peer needs to pay because they are not trusted by other peers because of his or her anonymity.
Public and private blockchains
To that point, we were discussing public blockchains, where anybody can anonymously become a member of the system. The pricing component gives unparalleled confidence that the data was not manipulated. nevertheless, this confidence is limited, too, because any blockchain is not as decentralized as it is claimed. They have an unspoken dependency on developers, which can change system rules whether by releasing a new version of a software commonly used for a blockchain or even sometimes directly. This is often an open source code, but, in practice, users understand that without a skillful team, the system quickly becomes outdated, which is why the developer’s authority is weighed so much. At times, unhappy users refuse to follow, and blockchain splits. Such an event is referred to as a “hard fork.” These can become a threat if researchers want to conduct a study lasting several years, because during a longer period, the study data may unwillingly face an urge to select a partition to follow.
However, there are also private blockchains without transaction costs and such a dependency on third parties. In addition, currently, a key question about applying blockchain to clinical trials is whether to use a private or a public blockchain.
In a private, or “permissioned,” blockchain, there is an administration controlling membership. It is important
because it controls membership of participants validating transactions. A permissioned blockchain cannot guarantee data immutability because controlling authority can become flawed by an attacker, then establish a coup of flawed validators and then cancel or create arbitrary transactions. Due to regulatory pressure, even if a private blockchain is semi-decentralized, it is impossible to build a censorship-resistant system on the base of it.
Data manipulation becomes even easier as long as private blockchains do not use proof-of-work consensus. It is impractical because it cannot be expected that third parties not controlling blockchains such as administration (and, thus, trusting it less than public blockchains) would spend their computing power on a big scale for verifying transactions. As for internal resources belonging to the administration, they do not spend their computing power. In these cases, the system may lose the competition to other private blockchains that are more cost-effective. Instead, private blockchains use proof-of-stake or consortium consensus algorithms.
In proof-of-stake, a new block is proven if a producer has a certain amount of cryptocurrency. So less work is needed for a proof and as a result, transactions happen much faster. You do not need to wait for hours until the blockchain approves a transaction by a new block; it is ready in seconds. That is critical if one is waiting for a sign-off of a regulatory document in a clinical trial that has many signatures and needs to immediately make sure all signatures are stored safely in the blockchain. The industry has a large population of trial participants that will need to have their data validated in a timely manner, so both a quick consensus algorithm and a large number of peers in a blockchain are necessary.
There is an ongoing debate on how to organize that network. One of the most probable ways is the consortium or Byzantine consensus algorithm that implies peers know each other in advance, and when a new block is produced, they vote for it and are able to establish consensus based on recognized votes of others. This approach involves significant trust in participants and it is natural for associations consisting of well-known and authoritative health organizations. If a private blockchain is controlled by a consortium of organizations, it may be the best fit for clinical trials, if controlling parties include authoritative medical institutions. A legal authority potentially would take part, too. For example, FDA is currently conducting research in that direction with IBM.
Global network of medical records
It is difficult to overestimate the potential positive impact of such a network allowing the transparent sharing of clinical data between all industry stakeholders. It is anticipated by many that the system would finally become a common industry electronic health record (EHR) format, which the sector needs because one of the biggest problems is the lack of visibility. It will increase transparency and cross-institutional visibility of the process of unfinished trials because it will be much easier to share information that is not confidential (for example, the overall number of participants), especially with smart contracts which are discussed ahead. Recent attempts to build a prototype of such a network are MedRec and Gem Health blockchain initiatives.
Being a consortium blockchain, the network can still avoid complete dependence on a particular blockchain implementation or community. It is possible to have the best of both worlds by using private consortium blockchain as an agile instrument for ongoing operations but, in addition, leisurely send data for storing it in a public blockchain to produce better guarantees. Most advanced digital asset management solutions are saving hashes of the same data in several blockchains at a time, achieving multiplication of safety guarantees.
Of course, a potential EHR system is not limited to clinical trials. The most important use of it is a media for sharing medical information, health data banks, and research commons, while keeping information about patients and making it available securely for authorized doctors and clinical researchers. With blockchain, each medication prescription is like a deposit, and when a doctor discontinues a treatment, it is a withdrawal. So it is possible for another doctor to see the balance without looking through every deposit operation. Also important for patient privacy is that institutions will not need to send data back and forth; they just use the common ledger. Hence, blockchain increases confidence in patient privacy.
That system enables organizations to better coordinate compliance or any type of audits, across multiple sources, ensuring a fully complete file every time. Additionally, the global medical records network can support a registry of medical devices being a basement for Internet of Medical Things (IoMT).
The blockchain can help decentralize clinical studies because of its own decentralized nature. Currently, clinical trials depend on having consistent reporting locations to ensure proper collection of data. But it can be problematic in terms of retention because they are not likely to be convenient for every patient. As the level of inconvenience increases, the odds of a trial completion fall. But blockchain technology allows clinical trials to be monitored from a wider variety of locations, use a wider base of staf,f and have higher patient privacy and information security at the same time, thereby increasing completion rates.
Smart contracts help with privacy and automation
There are different approaches to address the need for privacy in clinical research. Enigma project (under construction) is a public computation blockchain platform that allows privacy to be kept about data by sending bits of it to some random subset of the system instead of to every participant, like other public blockchains do. Therefore, the full case data is never disclosed. When implemented, it will allow, for example, scanning of genomic databases for candidates taking part in clinical trials, simplifying the process tremendously.
That scan will be done by smart contracts, the programs starting to work fully inside blockchain automatically when some event happens in it. A smart contract can only be fulfilled or canceled; it is impossible to hang in the middle of a contract. They provide failover because computations can be executed on any machine and are started again if a machine fails. It is similar to a cloud service but not bound to a datacenter. Though authorization and identity remain open issues for smart contracts executed on blockchain-enabled networks, there is promising ongoing work. Many use cases mentioned above can be improved by moving validation logic inside a blockchain as smart contracts. Smart contracts make possible complete automation of some operations, for example, to enroll a patient completely automatically, if a contract gets evidence of consent. It may be a digital thumbprint of a consent form automatically sent to blockchain by a interactive voice/web response system (IWRS) web server. In the health records (EHR) network, informed consent can exist as a form of broader concept-a permission given by a patient and implemented as a smart contract for certain actions with his or her private medical data. These permissions can be fine-grained and allow reading or writing a certain part of a patient’s data.
It is also possible to conduct much more complex preparations for a clinical trial, for example, transparently pairing donors of organs easier and more reliably than current methods. From a patient viewpoint, using this technology would make it easy to know exactly where you stand in line-and trust that you will stay there. That is why these systems could help drive collaboration between participants and researchers around medical innovation, for example, in population health management.
The smart contract can also be very useful at the step of closing a clinical trial database, doing that automatically when conditions are met. Some outcomes can be calculated and reported completely automatically. Regulators and contract research organizations (CROs) can have their own contracts automating what is possible to automate and make their work easier. Smart contracts are not legal contracts but can be used for validation of them, effectively replacing an arbiter or custody. They are also useful for claims adjudication and billing management, economizing money by eliminating the need for intermediaries and cutting administrative costs. It is known that 50% of clinical trials go unreported and often fail to share study results. Blockchain with smart contracts can significantly improve that situation and address the issues of outcome switching and selective reporting.
Procuring clinical data privacy with blockchain storage
We already discussed a case of storing trial data out of blockchain (the so-called off-chain solution), but it is also possible to protect confidential clinical trial data by using a distributed storage on top of a blockchain. It avoids having two sets of permissions-one for reading off-chain data and another for conducting operations committing to the blockchain, thus simplifying the process and making it more secure. Pieces of kept data are encrypted and distributed between blockchain peers and no one besides the owner can decrypt it. In this case, they are file servers competing in a storage marketplace for storage users’ money. So as an alternative to cloud storage, it claims better privacy and even better benefit-cost ratio. That approach also facilitates decentralized clinical research projects that can query big data in a scalable manner.
Also in the area of big data, a perspective use of blockchain for clinical trials is genomic data management. In this approach, versioning of documents is not something external to the blockchain; so not only is each version notarized, it is also a succession of versions.
Artem Andrianov, PhD, is CEO of Cyntegrity; Boris Kaganov, PhD, is Senior Research, Cyntegrity