On 13-11-17 14:02, Thomas Beale wrote:
On 13/11/2017 12:32, Grahame Grieve wrote:
I am sceptical of most use cases of block chain outside payments
witnessing in some limited trading schemes. There are 2 inter-related
problems.
- block chain is a very inefficient solution to a problem that
largely does not exist in healthcare: untamperable evidence that
something happened, in the context of not having any trustable
governor. In almost all cases, we actually want to be able to tamper
with the record - except the audit trail. And/or suppress data from
being visible except to a few authorised parties. For the audit
trail, the average institution generates more data per day than block
chain presently holds - we are talking vast amounts of data
- the inefficiency is considerable - full block chain requires some
benefit to the miners - and in any volume of data, the price is
considerable (e.g. blockchain consumes more power than nigeria, I
read this week); that is not evident in any scheme I've seen, but
schemes that have restricted mining loads require restricted attack
surfaces, and I don't believe that there's a sweet spot there in
healthcare
There are some interesting use cases around selective sharing data
for research using active blockchains (e.g. ethereum) but by and
large these seem outside the scope of records and EHRs to me
This is more or less my opinion at the moment as well.
What openEHR has as an underlying data management paradigm is
distributed version control - each EHR is like a little git repo. This
is no longer new or interesting (in fact, I was exposed to it from
1988, so really not new), but it's just as applicable today as it was
then. Re-doing all that in blockchain seems sort of pointless. Yes,
health systems can be hacked, but mainly to break privacy, not to fake
transactions. Not what blockchain was designed for (and it's more or
less the opposite regarding privacy).
It is not about hacking why blockchain is interesting, although, that
can happen too. But it is about having trustworthy computing without a
trusted third party. Not only protecting against bad intentions but also
against errors, for example, system which not run synchronous or have
date/time(zone) not well configured. Not a trusted party ensures
delivery and time of delivery and contents of delivery, but blockchain
as a mechanism does.
I have given already a few examples.
Remember, computers make no errors, but people do, and it are people
which configure computers and use them, and their responsibility must be
able to transparently replayed afterwards.
Bert
_______________________________________________
openEHR-technical mailing list
[email protected]
http://lists.openehr.org/mailman/listinfo/openehr-technical_lists.openehr.org
