One of the biggest debates of the last several years, is whether blockchain technology is compatible with new privacy regulations either in the U.S. (known as HIPAA) or those being implemented across Europe. The latter are loosely known as General Data Privacy Regulations (or GDPR).
We here at MedPayRx know that such technology is compatible with the same and are moving to pilot next year to prove it.
But in a nutshell, what are the big issues, and why all the hoopla?
Why the debate?
Under the requirements of GDPR, patients must have the right to control, including deleting and amending, their personal medical records. And in a blockchain, each record kept on the DLT (or distributed ledger) is put there forever. Thus it’s use as a “trustless” form of interaction in other verticals (like banking).
Now, according to a new study by researchers from Queen Mary University of London, and the University of Cambridge, published in the Richmond Journal of Law, it appears that there are yet another set of academics who concur that blockchain in and of itself is not incompatible with GDPR and medical applications.
They concluded, in fact, that it would be possible to engineer bespoke solutions that took GDPR concerns into their design from the start. These include off-chain storage models and of course the kind of cryptography and encryption used and how. Techniques also suggested include the use of non-public, private blockchains.
All of these findings of course, are nothing new to the team here at MedPayRx.
The concept and basic engineered structure behind it all was formulated at the Frankfurt School of Finance and Management during the winters of 2015 and 2016 as it was being crafted into a formal EMBA thesis and business plan. It has been further refined as MedPayRx moves closer to pilot, and as the regulatory environment itself has provided more clarity.
What Comes Next?
MedPayRx is using blockchain in a way that may be unfamiliar to those who know the technology via the world of cryptocurrency. Here are our major features if not USPs when it comes to the blockchain part of our construction:
- We intend to use a tested, energy efficient, blockchain.
- Our blockchain engineering is designed to create an automated processing and payments chain that is compliant with both the higher standard EU banking and privacy law as well as relevant insurance, medical data and cyber security requirements beyond that.
- Our blockchain will never store medical records but is rather a processing record of the dispensation and approval plus payment of a kind of contract called a prescription.
- Our blockchain is private. Each ecosystem partner has a different approvals process to obtain a system identity and transaction “wallet.”
- Our blockchain is not based on “proof of stake” – meaning there is no mining involved. Further, there is also no speculation on the “smart contract” or “prescription token” we will pass through the system. The “token payment” as cryptocurrency only makes the entire process more expensive and prone to market speculation.
- We do not plan to raise money via an ICO (initial coin offering). See our talk on blockchain at the ICBC in Berlin this year to understand why!
For more details about our pending go-to-market trial, sign up for our newsletter and stay tuned!