Fraudsters produce insane amounts of fake medicines and steal large volumes of patients’ personal data. What makes it possible is a too intricate drugs distribution chain and fragmentation of medical records. How to prevent counterfeit in healthcare, secure patients’ data and make it available in medical purposes at the same time – read in this article.
Epidemic of counterfeit medicines is a worldwide issue
Healthcare, just as any other industry involving big money, is extremely attractive for criminals. Especially profitable for them is the business of counterfeit medicines. According to The World Health Organization, the annual turnover of counterfeit drugs is $73 million. More than 30% of all medicines in some African, Asian and South American countries are counterfeit. In some places in Eastern Europe its share can reach 20%. However, it’s not the problem of developing countries only. Counterfeit drugs make it to developed countries as well. And it’s very hard to prevent: e.g., around 40% of medicines in the US are produced abroad and approximately 80% of active ingredients are imported. Online pharmacies hiding their actual location also deliver worldwide. It’s also hard to spot a fake – the drugs distribution network is so complicated and intricate that criminals manage to penetrate the legitimized supply chain. At the same time, in many countries the risk to be caught and prosecuted for counterfeit is extremely low which makes counterfeit of medicines more attractive than selling illegal drugs.
It’s obviously not just an issue of fraudsters stealing money out of patients’ wallets. Counterfeit medicines they produce are often very dangerous for one’s health. Criminals very little care about the quality and effectiveness of the drug until it resembles the original. In a better scenario it’s just useless and doesn’t affect your body in any way, which is actually also dangerous for someone who’s seriously ill – the treatment would be useless and can force doctors (e.g. in a situation when antibiotics do not work) to get to stronger drugs. In the worst scenario the counterfeit can contain ingredients that are dangerous for one’s health and life. Even in the US there have been quite a few serious cases of patients suffering from counterfeits. One of the biggest was related to the counterfeit copies of Avastin, medicine for cancer treatment. The fake version contained salt and starch instead of the active ingredient. There was also a case of blood‐thinning Heparin: the active ingredient was replaced with a cheaper substance which caused dangerous side‐effects among patients. The whole batch had to be taken off sale. The medication, the counterfeit ingredient of which was produced in China, supposedly caused 81 death. The consequences for patients are clear: counterfeit drugs can be fatal.
Medical information is more attractive for hackers than credit cards data
But drugs’ counterfeit is not the only goldmine for criminals in healthcare. According to the Ponemon Institute study, medical organizations experience cyberattacks every month. According to Breach Barometer Report, at least one cyberattack per day was registered in the US in 2016 and more than 27 million patients’ health records got hacked. Ponemon study also showed that hackers are interested in stealing patients’ personal data in the first place, not their credit cards’ details. At the black market it’s 10 times more valuable. Criminals sell names, dates of birth, insurance numbers. Fraudsters use this data to create fake IDs to buy medical equipment they would later resell or use patients’ numbers for making insurance claims. The medical profile theft is hard to identify for both provider and patient, which gives criminals the opportunity of taking money out of it for years. This is exactly why medical data is more valuable than credit cards’ details which are usually getting blocked as soon as a suspicious activity is registered by the bank.
According to US laws, healthcare providers and insurers must make public announcements when there are breaches involving more than 500 people. But there’s no law requiring criminal prosecution. That’s why it’s difficult to identify financial damage caused by a breach. Insurance professionals say these costs result into the higher insurance bills for patients, which makes them losers here twice.
How to ensure patients’ data security and make it possible to share health records at the same time?
The amount of cyberattacks and data breaches has risen in geometric progression over the last 10 years due to implementation of the electronic health records’ (EHR) system. However, it modernized the industry and made it easier to store and share patients’ data. But still its architecture has a few considerable flaws. One of them – fragmentation. All the providers in healthcare use different electronic systems which makes the process of data sharing between them, as well as keeping the patients’ medical history as comprehensive as possible, too complicated. Here lies the insoluble contradiction of the current EHRs system: how to share information between all the providers and the consumer, – patient, clinics, pharmacies, insurers – but at the same time maintain the integrity and security of patients’ personal data?
This is why many medical organizations today are looking for a more effective way to coördinate data – something that would allow all the providers to access data, manage and share it. Despite the current systems having made data more accessible, most clinics cannot easily and safely share it, because all the laws prioritize patients’ privacy. It seems that the best way out of this situation is to create a system where patients themselves will decide when to share their identity, when to stay pseudonymous and which information to share.
Blockchain can conquer fraud
Mark Threshock of IBM calls blockchain technology a perfect business‐solution for the problem of tracking medicines distribution network, because the whole structure of a blockchain provides coherence, transparency and security. Trustworthy medical producers can register their products in a blockchain that guarantees authenticity and quality of drugs. As soon as the medicine is produced and goes from the manufacturer to retailer, the transaction is instantly recorded in the blockchain. It allows to easily track the medicine all the way through.
Blockchain can track manufacture and distribution of drugs inside the supply chain, ensure they’re stored and managed properly, and to prevent criminal attempts to penetrate the market. Blockverify is one of the startups working on tracking counterfeit in different industries, including healthcare, using blockchain technology. They also designed an app that can scan medications to ensure their authenticity.
Any unauthorized attempt to intervene is immediately identifiable because all the transactions on blockchain are traced in real‐time and are visible to anyone who has access. In the same way blockchain can protect EHRs from cyberattacks. And there is no need to abandon the current system – only to transfer it on to blockchain.
The blockchain structure itself provides the audit trail of data and it’s security. Instead of episodic inspections revealing breaches, system working on blockchain controls the integrity of the database every single second and prevents any suspicious activity.
To access a particular blockchain you have to use an electronic signature and an individual access key. With the usage of cryptographic keys the medical data and medical records travel safely across the network and available only to those who have keys to it.
Secure data sharing, and all the power goes to patients
Imagine how convenient it would be to have the whole individual health history in one place? Every single detail, every visit to a doctor, medications taken, diseases and operations could be immediately and accurately written in one database. The quality of healthcare would rise, coördination – improve, costs – drop, and number of mistakes (which happen quite often these days due to the fragmentation of medical records mentioned above) would very likely get lower. Any changes and transactions when written in a blockchain become a part of unified decentralized network and cannot be altered anymore.
If we transfer current EHRs onto blockchain, we’ll have a unified electronic database of our own health. Hospitals and other providers won’t need any special version of software to be able to access patients’ data. Instead of relying on intermediaries – state or private networks to share medical data between local providers – the decentralized architecture of blockchain will let all the authorized users to join the network. Thus, the data recorded on blockchain will be easy to share in real‐time between all the providers, payers and consumers.
Blockchain can ensure comprehensive and easy exchange of EHRs information between different organizations. And the owner of the record, the patient, will be the one to decide on who to give the access to.
So, the logic behind the blockchain technology kills two birds with one stone, and both – for patient’s benefit. It allows to give access to your data to doctors while securing the data from unauthorized users. Blockchain and EHRs together make a perfect comprehensive solution of the existing problems, allowing secure data sharing and overcoming all the incompatibilities between the systems among providers.
Blockchain in healthcare is already real
Blockchain technology is still very young, its implementation in healthcare on the global scale will take time. But medical organizations in general are very positive about it, and some of them are already using it. These are some of the companies working on implementing blockchain in healthcare:
Slovenia‐based ambitious startup Iryo solves all the problems related to medical data administration listed above. The company designed a platform for EHRs on blockchain that fights medical records’ fragmentation. Their goal is to unify medical records. Instead of storing information with different providers, Iryo suggests a system where patients themselves control their records and can share them with anyone they want across the globe. The company uses zero‐knowledge protocols that ensure complete security of sensitive data, preventing any cyberattacks including the state‐sponsored ones. All the data is stored on a mobile device with a backup on two other nodes.
London company has also developed a decentralized platform based on blockchain to securely store medical records that can easily be shared between providers if the patient provides them with access. Besides, Medicalchain has a distance appointments options: patients can have online‐sessions with doctors through the platform. The company announced partnership with The Groves Medical Group, organization with 30 thousand NHS patients registered. They will become the first UK practice using blockchain technology and cryptocurrencies payment.
Patientory does something similar – provides a platform for secure data exchange in real‐time. Technology helps patients easily track their doctor visits, medical bills, personal information, insurance and prescriptions.
After the unprecedented cyberattack on NHS in 2017, startup founder and CEO Chrissa McFarlane suggested the British government to transfer their national system on blockchain – in her opinion, it would take less than two years to implement it with the support from the government.
French startup uses blockchain technology to fight counterfeit drugs that, based on their data, annually kill around 800 thousand people. Blockpharma designed an app that helps to instantly track the origins of a medication. The more the app will be used, the more types of counterfeit drugs it will be able to detect.
Pharma and biotech companies spend billions of dollars each year on acquiring genomic information. Scientists need this information to determine what causes diseases and how to cure them. But there’s not enough of this information, it’s fragmented and there are no standards of data acquisition. This is what Nebula Genomics wants to change. They use blockchain technology to get rid of intermediaries and give people control of their own genomic data. It helps to cut the costs and ensure data security, which leads to the larger volumes of this data. It will allow buyers to easily acquire standardized information from both individuals and genomic databases.