Can Distributed Ledger Technology Support Auditability of Patient Data in Electronic Health Records? A Comparative Legal Study

James Scheibner, Marcello Ienca, Effy Vayena

Research output: Contribution to journalArticlepeer-review

Abstract

After both national governments and healthcare institutions have attempted moving towards using electronic health records (‘EHRs’), access control, transparency, and auditability have emerged as important success factors. Distributed ledger technology (‘DLT’) has been proposed as a mechanism to allow patients to control their electronic health records. Underpinning ‘smart contracts’, DLT might help automate and streamline the consent and healthcare management process. However, the degree to which DLT can remain compatible with auditability requirements imposed by current data privacy regulations remains an ongoing implementation challenge. In this paper, we present a comparison of auditability requirements for EHRs in five jurisdictions: United States, Australia, Switzerland, the European Union, and the Council of Europe. Further, we examine the extent to which DLT can help satisfy these auditability requirements. Following our comparative doctrinal analysis, we identify similarities but conclude there is no universal granular definition for auditability in the five jurisdictions we examine. Therefore, we argue that DLT and smart contracts cannot oust the role of legal regulation with respect to patient data. Nevertheless, in concert with regulation, further encryption mechanisms, and patient education, this technology can provide a mechanism to satisfy the need for patients, physicians, and researchers to access auditable EHRs. We then use these three case studies to demonstrate the potential of DLT in an ethically and legally integrated implementation approach.
Original languageEnglish
Pages (from-to)173-201
Number of pages29
JournalJournal of Law, Information & Science
Volume26
Issue number1
Publication statusPublished - 2021

Keywords

  • distributed ledger technology
  • privacy
  • electronic health records
  • patient data

Fingerprint

Dive into the research topics of 'Can Distributed Ledger Technology Support Auditability of Patient Data in Electronic Health Records? A Comparative Legal Study'. Together they form a unique fingerprint.

Cite this