Where are your medical records?
Abstract The world of medicine is changing rapidly. We are at the beginning of an era where we treat a patient for their particular condition and not just a general condition. Personalised Precision Medicine (PPM) will combine the unique attributes of an individual, their environment and lifestyle as well as their genomic data, to enable a deeper understanding of the impact of these attributes on the personalised clinical treatment of an individual. The effective development of personalised precision medicine requires the collection and analysis of large volumes of data that can be subject to deep machine learning. The aggregation of large volumes of complete longitudinal clinical health records of an individual, together with their unique genomic data in an accessible database, requires bulletproof privacy, security and access control for the individual clinical records. Only then should the database be searched to discover insights that may lead to breakthrough diagnostic and clinical treatment developments. At E-Nome we are applying state-of-the-art distributed ledger blockchain and encrypted database technologies to enable secure consumer controlled sharing of medical record information for personal or medical research purposes. Currently, creating databases with large volumes of individual medical histories is heavily constrained. These constraints include restrictive one-time consent processes, lack of a bullet proof security framework, lack of a controlled privacy and sharing approval process and limited interoperability of clinical information between Electronic Medical Record (EMR) systems. Different EMRs exist at all levels of the healthcare system using different software and different coding schemes or ontologies. Much of the data recorded in these systems is free text, which makes it more difficult for machine matching and learning.
ALLIED HEALTH OUTPATIENT CLINIC EMERGENCY DOCTORS SURGERY HOSPITAL Most importantly, the current individual privacy requirements constrain the ability to aggregate records for medical research and keep them updated. Consent requirements are usually complex and sometimes cumbersome. The medical record is often not in the hands of individual consumers and cannot be easily accessed even if they are willing to share that data for medical research purposes. E-Nome was created to solve these problems; it empowers consumers to take control of their health records through delivering them access and total control over the use of their medical data in a secure and anonymised process. QR Code Scanning E-Nome s paradigm shift in health records management is to enable the consumer to have full responsibility for sharing their health information whilst maintaining anonymity. In taking responsibility for their health information, the consumer is empowered to choose to contribute anonymously to the most accurate and up to date database, which will be mined by researchers to inform best practice treatments in the event of illness. E-Nome s vision is to be a widely used consumer driven platform that aggregates consumers health data. In doing so it will give the consumer the choice to allow their de-identified medical data to contribute to a large repository of medical data to support breakthrough research in precision medicine. The consumer s anonymity is maintained by the use of blockchain technology. The blockchain uses advanced cryptography techniques to anonymise each piece of data from the customer while giving the customer total control over the release and use of their data without being identified.
The System is designed to enable consumers to retrieve, aggregate, and securely store their medical data on a mobile device, whilst ensuring no personally identifiable data exists. This also enables secure portability of data through consumer-controlled access of their personal health records to doctors and other health service providers or to other parties such as researchers. The System operates as follows: A consumer downloads the E-Nome app to their smartphone. The consumer visits their health service provider and after the consultation asks for their medical record to be uploaded to their E-Nome account. The consumer s smartphone generates two encryption keys, a public encryption key used to encrypt the medical data and a private decryption key that never leaves the smartphone. The public key generates a QR code on the smartphone that is scanned in the medical practice and linked to the consumer s medical record in the health service providers clinical record system. The corresponding private decryption key is stored securely only on the consumers smart phone in a secure key store. Upon scanning, the consumer s health record is de-identified by deleting any identifying information, a random unique record identifier is inserted and the data is encrypted with their public key. The encrypted data is then sent to the consumer s mobile phone where it is decrypted by their private decryption key and displayed to verify the accuracy of the information. The customer can then choose whether their anonymised encrypted data stored in the E-Nome Data Warehouse (EDW) is available to researchers to access The public key and the corresponding EDW health record identifier is then stored onto a distributed blockchain. The blockchain technology guarantees that any new blockchain entry cannot be changed. It does this by including a unique cryptographic fingerprint of all previous blockchain entries.
Only the consumer using their private decryption key can decrypt the blockchain entries to reveal the record number of the clinical record in the EDW. The full set of identifying keys held by the consumer on their smart device gives access to the full set of health records of the individual. The consumer can also permission other parties to access any one or all of their records when appropriate. While no personally identifiable data exists in the encrypted E-Nome data warehouse, the E-Nome data warehouse may be queried by subscribing research organisations looking for specific clinical data matches. If a data match is found and the record is of interest, then the consumer can be anonymously requested to give consent for the related data to be released for research purposes including appropriate subsets of genomic data. The Enome system provides a simple anonymous consent process to release any or all clinical data that is controlled by the customer. John Smith John Smith Blockchain Private key Public key Health Service Provider (HSP) New record Anonymised record + public key + unique identifier Consumer consent E-Nome Electronic Data Warehouse (EDW) Importantly, no clinical workflows in the practice need changing. The interaction of the E-Nome system with the HSP s EMR system is limited to an approved industry standard interface. Activation of the E-Nome application is via the scan of a QR code between the E-Nome application and the consumer s mobile device. All encryption, de-identification and uploading of the data is performed automatically by the E-Nome application. The collection of the data in the E-Nome EDW has the potential to create an extremely large deidentified (anonymous) medical research data set. The consolidated data of isolated, individual, anonymised episodes serves as an initial database for a medical researcher. Should the medical
researcher wish to obtain more information relevant to that record, for example all of the individuals associated health records (including genomic linked data), the E-Nome service will allow the researcher to leave a message with the relevant request for related health records on the consumer s smart phone. When the individual re-opens their E-Nome app they will be notified that a message is waiting to consent to sharing their information. The message could also be a request for the consumer s participation in a particular clinical trial. Paid Pharmaceutical Clinical Trial Unlocked records Consent Query E-Nome EDW E-Nome App Locked records Academic Research Group Unlocked records This empowers the individual to decide whether to take part in the medical research request through the E-Nome platform. They can transmit their Identifier Keys to the requester without any personal identification information being transmitted, allowing the researcher to build up a medical history of the consumer without the identity of that consumer being revealed. This unique attribute allows the individual to benefit from contributing to medical research without compromising their own privacy. E-Nome is focused on developing a transparent market based platform that allows consumers to be in control of the use and benefits, economic or philanthropic, of their health and genomic data. Please click here to view a video that explains how E-Nome works.