BlockchainandHealthIT:Algorithms,Privacy,andDataAugust8,2016Preparedfor:OfficeoftheNationalCoordinatorforHealthInformationTechnologyU.S.DepartmentofHealthandHumanServicesPreparedby:AllisonAckermanShrier,AnneChang,NadiaDiakun-thibault,LucaForni,FernandoLanda,JerryMayo,RaulvanRiezenProjectPharmOrchardTMofMIT'sExperimentalLearning"MITFintech:FutureCommerce"&ThomasHardjonoMITConnectionScienceCorrespondence:AllisonAckermanShrieraackerman26@gmail.com617-971-6915WHITEPAPERiiSummaryThePresident’sPrecisionMedicineInitiative(PMI)is“enablinganeweraofclinicalcarethroughresearch,technology,andpoliciesthatempowerpatients,researchers,andproviderstoworktogethertowardthedevelopmentofindividualizedcare”.1Itscommitmenttoprivacyandsecurityinthesettingofresponsibledatasharingandtransparencyisarticulatedinthe“PrivacyandTrustPrinciples”1andthe“DataSecurityPolicyPrinciplesandFramework”2,developedbyaninteragencyworkinggroupsincludingtheOfficeoftheNationalCoordinatorforHealthInformationTechnologyinconjunctionwithmultiplestakeholders.Inthispaper,wereviewthethreatstothesecurity,confidentiality,integrity,andavailabilityofPMIdata.PMIorganizationscanmitigatethesechallengesthroughanewsystemarchitectureindevelopmentatMIT--theOPAL/Enigmaproject3--whichcreatesapeer-to-peernetworkthatenablespartiestojointlystoreandanalyzedatawithcompleteprivacy,basedonhighlyoptimizedversionofmulti-partycomputationwithasecret-sharing.Anauditable,tamper-proofdistributedledger(apermissionedblockchain)recordsandcontrolsaccessthroughsmartcontractsanddigitalidentities.WeconcludewithaninitialusecaseofOPAL/Enigmathatcouldempowerprecisionmedicineclinicaltrialsandresearch.MIT’sOPAL/Enigmachallengestraditionaldatasecurityparadigms.Centralizeddatabasescannotassuresecurityanddataintegrity,regardlessde-identificationandcontrolledaccessrequirements.Safe,vettedqueriesthataredistributedtoprivate,encrypteddatabasesassurethatorganizationsandparticipantscansharehealthcaredatawithcryptographicguaranteesofprivacywithvariousstake...
