Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

20170620 MEETUP smart contracts proof of concept for prescriptions

208 views

Published on

In this second part Kristof V. explained an actual proof of concept developed in the Belgian government: a (permission) blockchain solution for medical prescriptions.

Link to the event follow-up page: https://www.meetup.com/Brussels-Legal-Hackers/messages/boards/thread/50920056

Legal hackers: https://www.meetup.com/Brussels-Legal-Hackers

Similar presentation (in Dutch): https://www.youtube.com/watch?v=oqRoBJ4gIHE&list=PLkOT_gtPps66Tr-Hs15scP1gw-hIftDeE&index=7

Published in: Technology
  • Be the first to comment

20170620 MEETUP smart contracts proof of concept for prescriptions

  1. 1. ² 1 Medical Prescriptions on a Public Blockchain Kristof Verslype, Smals Research20 June 2017
  2. 2. Recap: Smart Contracts 2 Contract Auction{ function bid(){…} function end(){…} HighestBid: € HighestBidder: Beneficiary: Charlie } bid(...), 20€ end(...) bid(...), 10€ 20€ 02010 Bob Alice Charlie Alice 10€ Bob bidEvent: 10€ bidEvent: 10€ bidEvent: 20€ bidEvent: 20€ Dave Contract code execution distributed Money can be temporarily blocked by contract Function calls in transactions on blockchain
  3. 3. Processing Medical Prescriptions 3 Doctor Pharmacist € € € € Mutuality Patient Tarification office Processing prescriptions s.t. reimbursement possible Real-time analysis RIZIV/INAMI Traditional money transfer Data flow Physical delivery
  4. 4. Processing Medical Prescriptions 4 Doctor € € € € Mutuality Patient Tarification office Complex information flowsTraditional money transfer Data flow Physical delivery Pharmacist
  5. 5. Processing Medical Prescriptions 5 Doctor Pharmacist Mutuality Patient Tarification office All other communication with blockchain Privacy & confidentiality enterprise data guaranteed Traditional money transfer Show on smartphone Physical delivery
  6. 6. 7a2 3b 3a 4 5 7b 8 9 10a 10b issue() fill() confirm()insure() assign() Contract function call Event observation Direct communication Doctor Patient Pharmacist Tar. officeMutuality Prescription Medicine Valid from Patient Tarification office Mutuality Pharmacist Doctor Delivered Id Reduced fee? Prescription Medicine Valid from Patient Tarification office Mutuality Pharmacist Doctor Delivered Id Reduced fee? Prescription Medicine Valid from Patient Tarification office Mutuality Pharmacist Doctor Delivered Id Reduced fee? 6a 1 6b function() Contract function The Smart Contract 6
  7. 7. Privacy with permanent pseudonyms 7 Prescription 158 Valid from Valid from Patient Tarification office Mutuality Pharmacist Doctor Reduced fee? Delivered Prescription 577 Medicine Valid from Patient Tarification office Mutuality Pharmacist Doctor Reduced fee? Delivered Prescription 804 Medicine Valid from Patient Tarification office Mutuality Pharmacist Doctor Reduced fee? Delivered Permanent pseudonyms offer insufficient protection of 1) citizen’s privacy and 2) confidentiality of enterprise data Id Id Id
  8. 8. 8 One-Time Pseudonyms Charlie Bob Alice Blockchain network Link Link Link Link 8
  9. 9. Different Views 9 One-time patient pseudonyms on the blockchain Rest of the world Similar for doctors, pharmacists, mutualities and tarification offices
  10. 10. Link Attack 1 10 Doctor: 02/04/17, 21h30 (A) Pharmacist: 28/04/17, 20h45 (B) A B Combining info real world & blockchain can leak sensitive data Attacker knows patient identity & observes him/her physically
  11. 11. 11 Doctor: 02/04/17, 21h30 (A) Pharmacist: 28/04/17, 20h45 (B) A B Prescription Medicine Valid from Patient Tarification office Mutuality Pharmacist Doctor Delivered Id Reduced fee? → Encryption of sensitive data in blockchain/smart contract Difficult attack, but one success enough to torpedo project Link Attack 1 Combining info real world & blockchain can leak sensitive data Attacker knows patient identity & observes him/her physically
  12. 12. Different Views Prescription Pantoprazol 20mg True … Prescription ??? ??? … Rest of the world My Prescription Pantoprazol 20mg ??? … My … => fine grained access control with encryption 12
  13. 13. Interface 13 Ontvang Consumeer Mijn voorschriften Oproep functie in contract Observatie event
  14. 14. 14 Toon QR-code aan Arts Interface Nieuwe code Arts Medicijn Geldig vanaf [Optioneel] Uitgeven Voorschrift Scan patient QR-code Geef voorschrift uit Etanercept 1mg
  15. 15. Interface 15 Ontvang Consumeer Nieuw Voorschrift Etanercept 1mg Mijn voorschriften
  16. 16. Interface 16 Ontvang Consumeer Mijn voorschriften
  17. 17. 17 Pantoprazol 20mg Etanercept 1mg Adalimumab 5mg Adalimumab 5mg Interface Mijn voorschriften
  18. 18. 18 Adalimumab 5mg << Front camera active >> Toon QR-code aan apotheker Interface - Dispense Apotheker OK
  19. 19. 19 Interface - Dispense Apotheker Adalimumab 5mg Pantoprazol 20mg Process RefundDrug Processed 15,30€ 9,13€
  20. 20. 20 Pantoprazol 20mg Etanercept 1mg Adalimumab 5mg Adalimumab 5mg Interface - Dispense Mijn voorschriften
  21. 21. The bigger picture Een Blockchain Ecosysteem 21 Arts Mutualiteit Werkgever Hospitaal Eén medische consultatie kan een hele set acties in gang zetten, met blockchain als centrale as. Voorschrift Bewijs verstrekte hulp Bewijs van arbeidsongeschiktheid Doorverwijzing naar hospitaal Rekening hospitaal voor mutualiteit …
  22. 22. Storage for 1 Year (Estimates) 22 ±270GB ±270GB Mutuality ±270GB Tar. office Only RIZIV/INAMI, mutualities and tarification offices need full copy of blockchain. If prescriptions max. 1 year valid, blockchain can be truncated s.t. old transactions are ‘forgotten’ Optimizations possible
  23. 23. Key Management Good protection of keys required Link → Link → Link → Link → Link → Link → LinkLink LinkLink →Link → Link → Link → Link Link Link Link Link Link 23
  24. 24. Prescription Blockchain Network 24 Full node Frequent light node Occasional light node Block creation By RIZIV/INAMI, mutualities, and/or tarification offices. Ex. Signatures by 5 of 7 mutualities
  25. 25. Evaluation 25 Privacy & confidentiality - Strong guarantees - No central, all-knowing, all-mighty big brother - RIZIV/INAMI analyses in real-time while respecting privacy Communication - No complex information flows - All information everywhere (almost) in real-time Challenges - More complex key management - Higher requirements for storage and communication Higher availability => interesting blockchain case / experience
  26. 26. 26 Smals www.smals.be @Smals_ICT www.smalsresearch.be @SmalsResearch Kristof Verslype @KristofVerslype 02 787 53 76 kristof.verslype@smals.be be.linkedin.com/in/verslype

×