back to article IBM: Hm, medical record security... security... Got it – we need blockchains

IBM says it will partner with the US Food and Drug Administration (FDA) on a study of whether blockchain technology could be used to securely transfer medical information. Big Blue says that its Watson Health unit will work with the FDA on a study aimed at pitching a framework for the use of blockchain technologies to make the …

  1. I Am Spartacus
    WTF?

    Blockchain is the solution, now what was your problem?

    I understand the concept and technology behind Blockchains. It is an interesting way to handle transactional data where the audit log has to be inviolate. It works very well where there is a contract of some sort (I sell you some medical records, you provide me with some money).

    But as a way to exchange sensitive information? I just don't get this. For a start, medical records are large. Huge. Especially if they have scans that need to be transferred. This is not a suitable use of a blockchain;

    Then there is the distributed nature of the information. Yes, it's great against failure provided you have enough participants. But it does mean that anyone who can join the chain can request to see anything that they want. So, the data needs to be encrypted against unauthorised access. So, now you have the issue of key management and key distribution. In the meantime, I can see the data, albeit encrypted, and I can start cracking it.

    Or is that what they are actually doing: making the encrypted data available, and then sending the key, itself encrypted, via blockchain. Now that might actually make some sense, as now we have a record of who has seen the keys. Using blockchain as an audit.

    Honestly, this all sounds as though IBM have a solution and now every problem they come up against needs a blockchain as a solution.

    It used to be that the solution was IMS; then it was DB2; then it was MQ-Series; now its blockchain.

    Or am I being overly cynical?

    1. Ian Michael Gumby Silver badge

      @Sparty ... Re: Blockchain is the solution, now what was your problem?

      Yes, here's a solution now lets find a problem... That's the IBM way of doing business.

      To your point...

      Yes, you should scratch your head.

      Not all block chain implementations will allow you to embed something within the chain. So if you use that implementation, you can share keys. However you will have to truncate the audit so you will lose access history over time.

      Then there's the issue of scale. Its a distributed ledger so it will make transferring data between organizations easier. So information from your insurance company to the hospital / doctor and vice-versa can be easier.

      Of course now IBM will have to push EPIC to partner in this.

      I definitely agree with your skepticism.

    2. Mark 85 Silver badge

      Re: Blockchain is the solution, now what was your problem?

      I think the problem is really more simple... IBM needs to sell Watsons. Any port in the storm and all that so blockchain is a "solution". Whether it's a viable solution will remain to be seen.

  2. Doctor Syntax Silver badge

    What improvement would this provide over PGP? Other than selling more IBM boxes, of course.

    1. Mark 65

      I was also thinking "aren't they confusing 'blockchain' with 'encryption'?"

      Then I realised it's just IBM in search of another gravy train.

  3. Mage Silver badge
    FAIL

    Blockchain?

    It's for distributed anonymous transactions.

    Regular security systems are more use for this. This is just IBM buzzword marketing.

    1. Ian Michael Gumby Silver badge

      Re: Blockchain?

      Actually there is more to it.

      It goes beyond regular systems, however, to your point, there are more than one way to solve a problem and this would mean buying more IBM kit.

      1. returnofthemus

        Re: Blockchain?

        "Actually there is more to it".

        That's right, IBM is focused on 'Blockchain' the underlying technology of Bitcoin', hence the emphasis is on permissioned networks for 'Trusted-transactions' among exiting trading entities, not anonymous ones, like enabling the purchase of drugs off the dark web.

        Furthermore, it doesn't involve purchasing IBM kit, Blockchain is platform agnostic and just like Watson it's a cloud-based service available on IBM Bluemix today!

        Existing mainframe customers benefit from being able to leverage the most reliable, most secure, and most performant commercial system available on the market!

        PS 'Blockchain for Dummies' out on May 26th ;-)

  4. Anonymous Coward
    Anonymous Coward

    Blockchain is a state machine

    So it can used to actually process information as well as store it.

    Benefits of having actually studied the "science" bit in Computer Science, as opposed to being "someone who saw someone use Dreamweaver once".

    If I have to explain my fist sentence, you shouldn't be discussing blockchain.

    1. Steve Aubrey

      Re: Blockchain is a state machine

      AC: If I have to explain my fist sentence

      Let's keep it light here, boys - no fighting. But AC, thanks for leading with your chin.

    2. JimmyPage Silver badge
      Stop

      Re: Blockchain is a state machine

      Not sure of the downvotes ? I've just worked on a project which has created a Hyperledger application which only releases information when predetermined criteria embedded in the blockchain are met, and which can revoke that permission at any time, if the right criteria are submitted.

      Already the Australian government is sniffing around, with an eye to using such ability to state-sanction (and by implication un-sanction) commercial contracts.

  5. John Smith 19 Gold badge
    Meh

    Actually I've been thinking about a ledger system that you can't just edit the files of.

    This might have it's uses.

    But correct me if I'm wrong but wasn't TCP/IP invent to allow large numbers of grossly incompatible computers to share data?

  6. David Pollard

    Some form of logging is also needed

    It's not enough just so make transmission of data secure. Many of those whose medical history is being used will want to know who is accessing it and for what purposes. This presents a more difficult problem.

  7. Anonymous Coward
    Anonymous Coward

    😁

    IBM securing anyone's data? LOL!!!!

  8. Sorry that handle is already taken. Silver badge
    Meh

    It won't

    Now where's my fat consultancy cheque?

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2020