Google’s DeepMind Health has announced plans to use Blockchain-like technology to track patients’ data in realtime with their latest project “Verifiable Data Audit”.
Co-founder Mustafa Suleyman and Ben Laurie (Head of Security and Transparency) describe it as:
“…[their] effort to provide the health service with technology that can help clinicians predict, diagnose and prevent serious illnesses”.
Over the course of 2017 they will be starting to build out a Verifiable Data Audit for DeepMind Health, their effort to provide the health service with technology that can help clinicians predict, diagnose and prevent serious illnesses – a key part of DeepMind’s mission to deploy technology for social benefit.
Given the sensitivity of health data, they say they have always believed that they should aim to be as innovative with governance as we are with the technology itself.
We’ve already invited additional oversight of DeepMind Health by appointing a panel of unpaid Independent Reviewers who are charged with scrutinising our healthcare work, commissioning audits, and publishing an annual report with their findings.
We see Verifiable Data Audit as a powerful complement to this scrutiny, giving our partner hospitals an additional real-time and fully proven mechanism to check how we’re processing data. We think this approach will be particularly useful in health, given the sensitivity of personal medical data and the need for each interaction with data to be appropriately authorised and consistent with rules around patient consent. For example, an organisation holding health data can’t simply decide to start carrying out research on patient records being used to provide care, or repurpose a research dataset for some other unapproved use. In other words: it’s not just where the data is stored, it’s what’s being done with it that counts. We want to make that verifiable and auditable, in real-time, for the first time.
With Verifiable Data Audit each time there’s any interaction with data, they begin to add an entry to a special digital ledger. That entry will record the fact that a particular piece of data has been used, and also the reason why – for example, that blood test data was checked against the NHS national algorithm to detect possible acute kidney injury.
The ledger and the entries within share some of the properties of Blockchain technology – the ledger will be append-only, so once a record of data use is added, it can’t later be erased. And like Blockchain, the ledger will make it possible for third parties to verify that nobody has tampered with any of the entries.
But it’ll also differ from Blockchain in a few important ways. Blockchain is decentralised, and so the verification of any ledger is decided by consensus amongst a wide set of participants. To prevent abuse, most Blockchains require participants to repeatedly carry out complex calculations, with huge associated costs (according to some estimates, the total energy usage of Blockchain participants could be as much as the power consumption of Cyprus). This isn’t necessary when it comes to the health service, because we already have trusted institutions like hospitals or national bodies who can be relied on to verify the integrity of ledgers, avoiding some of the wastefulness of Blockchain.
We can also make this more efficient by replacing the chain part of Blockchain, and using a tree-like structure instead (if you’d like to understand more about Merkle trees, a good place to start would be this blog from the UK’s Government Digital Service). The overall effect is much the same. Every time we add an entry to the ledger, we’ll generate a value known as a “cryptographic hash”. This hash process is special because it summarises not only the latest entry, but all of the previous values in the ledger too. This makes it effectively impossible for someone to go back and quietly alter one of the entries, since that will not only change the hash value of that entry but also that of the whole tree.
In simple terms, you can think of it as a bit like the last move of a game of Jenga. You might try to gently take or move one of the pieces – but due to the overall structure, that’s going to end up making a big noise!
So, now we have an improved version of the humble audit log: a fully trustworthy, efficient ledger that we know captures all interactions with data, and which can be validated by a reputable third party in the healthcare community. What do we do with that?
The short answer is: massively improve the way in which these records can be audited. We’ll build a dedicated online interface that authorised staff at our partner hospitals can use to examine the audit trail of DeepMind Health’s data use in real-time. It will allow continuous verification that our systems are working as they should, and enable our partners to easily query the ledger to check for particular types of data use. We’d also like to enable our partners to run automated queries, effectively setting alarms that would be triggered if anything unusual took place. And, in time, we could even give our partners the option of allowing others to check our data processing, such as individual patients or patient groups.
Read more here.
