Blockchain and the Protection of Patient Information in Line with HIPAA

Blockchain and the Protection of Patient Information in Line with HIPAA

Colin DeLeon (Regent University, USA) and Young B. Choi (Regent University, USA)
Copyright: © 2019 |Pages: 6
DOI: 10.4018/IJCRE.2019010107


Blockchains used for the protection of patient information can serve as a way for hospitals and other medical facilities to secure patient records. With more information threats targeting hospitals and other medical facilities, it is becoming more important for these organizations to improve the information systems that are charged with protecting their patient records. HIPAA regulations are in place to try and protect patient records and information, but the hospitals do not allocate enough funds to information systems so they are put at risk of attack. Blockchains can offer the type of protection that these medical facilities need without them having to worry about upgrading the technology every year. The Blockchain is not without its faults, and that can be seen in the attacks that take place against Bitcoin. Even with these attacks, the use of Blockchain would be beneficial to the hospitals and medical facilities.
Article Preview


Medical records have become the target of more cyber-attacks. According to McLeod and Dolezel (2018) data breaches in hospitals have increased from only 18 incidents during the last quarter of 2009 to 351 in the first quarter of 2017 (p.57). In eight years that is an increase of 333 incidents. In any medical facility, the protection of patient information is of the utmost importance. In the United States, the laws that are in place are very strict about the protection of patient information. Loss of information can lead to many penalties towards a medical facility. Should a medical facility, such as a hospital or pharmacy be attacked and the information compromised, that will put the patients at risk. Organizations can face costly fines from the breach of patient information. Securing this information is very difficult as much of the information is in transit and that makes it vulnerable. What then is a solution that can be implemented to protect this information? Blockchain can be a help to the medical community when it comes to protecting patient information. With the problems that hospitals face a solution needs to be brought about that will help the protection of patient information. Blockchain can serve as the very real solution to these problems. But to understand why Blockchain is the solution, managers must first understand what Blockchain is. The Blockchain is the technology behind the cryptocurrency Bitcoin. The use of Blockchain in Bitcoin is able to monitor the transactions between users. Use of Blockchain in Bitcoin serves as a security solution but what is Blockchain? Authors Dylan Yaga, Peter Mell, Nik Roby, and Karen Scarfone (2018) discuss the technology of Blockchain they define Blockchain as:

…immutable digital ledger systems implemented in a distributed fashion (i.e. without a central repository) and usually without a central authority. At their most basic level, they enable a community of users to record transactions in a ledger that is public to that community, such that no transaction can be changed once published… (p. iv)

The technology behind Bitcoin would help to monitor the transactions that occur in the medical community. Looking into how the Blockchain technology has been able to ensure the security of Bitcoin will better protect the patient information. With the help of The Blockchain, the number of incidents that occur should reduce. Implementing Blockchain will be a new way to secure patient files and that will deter attackers.


Analysis Of The Problem

Hospitals and other medical facilities are becoming the target of many more attacks around the world. Patient information is a rich source of information. Without the information, hospitals are unable to function, and they can be closed down completely. HIPAA is the protection that the United States has implemented for patient information. According to the U.S. Department of Health and Human Services (2003), HIPAA was implemented 1996 with the Privacy Rule associated with it being revised and ready for implementation in August of 2002. This new law was to ensure that patients would have more control over their information, and that medical facilities would be held accountable for the information (pp.3). Should a hospital or medical facility be compromised they could face detrimental fines. McLeod and Dolezel (2018) mention one instance at the New York Presbyterian Hospital being fined 3.3 million dollars after 6800 patients’ information was disclosed over the Internet due to “improperly configured web servers” and “lax policies for granting database access,” (pp. 57). Here we can see the consequences of breaches of patient information in the United States and how rigorously this is monitored. In this particular case, the lack of updated protocols and technologies was the defining factor for this information being compromised.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 2: 2 Issues (2020): Forthcoming, Available for Pre-Order
Volume 1: 2 Issues (2019)
View Complete Journal Contents Listing