Blockchain enabled data privacy by RomSoft

For the healthcare sector, ensuring the security of patient data is a sensitive issue. RomSoft proposes a proprietary solution based on blockchain technology that can be tested by the beneficiaries of the EDIH-DIZ project. Blockchain is a technology that allows peer-to-peer transactions, recorded in a unique and transparent way, without requiring validation by an intermediary. Starting from the benefits of blockchain and analyzing the limitations of the technology, RomSoft has come up with a blockchain enabled data privacy solution that brings together “the best of both worlds”.

blockchain enabled data privacy

Blockchain technology enables transactions to be traced and recorded in a decentralized manner, eliminating the need for third-party validation. However, despite its advantages, blockchain does have some limitations, including issues with data security and the right to be forgotten, as well as concerns surrounding speed and storage capacity. As a result, you can’t just put any data in a blockchain. In response to these challenges, we developed a new technology called Open DSU, that provides several significant benefits:

No. 1: Data ownership

The patient remains the owner of their data and manages it through a digital wallet. Rather than being transferred, the data is encrypted using a unique key. If the patient wishes to grant a doctor access to the data, for example, the doctor is provided with only the key required to access and read the data. This method eliminates the risk of data vulnerability during transfer.

No. 2: Using data bricks

The second layer of security is that the data is stored in bricks, i.e. divided into chunks, each chunk being encrypted. Even if you find the key to such a brick, you can’t decipher the information.

No. 3: Off-chain data storage

Most importantly, the encrypted data is stored off-chain and only anchored in the blockchain, which solves the most stringent data privacy requirements while ensuring the scalability of the system. Specifically, only the encryption keys (hashes) are anchored in the blockchain, the data itself can be stored in the cloud, own server, etc.

No. 4: Technology is agnostic

The technology offered by RomSoft is agnostic – it can be applied to any blockchain, public or private, and to any data storage solution, cloud, dedicated server, etc. Therefore, the technology fits the solutions already on the market, it does not compete against them.

Potential beneficiaries are representatives of any industry, in particular healthcare and pharma, where two conditions must be ensured simultaneously: traceability and transparency in the production and distribution chains, and, at the same time, maximum security of patients’ data and ensuring the right to be forgotten (the patient can decide to permanently delete his/her data). This technology provides the necessary layer of trust between all actors in the system: the medical profession, pharmacists, drug companies, research and clinical trial institutions, patient associations, regulators, etc.

The technology can be implemented either on the production and distribution chain of a single company, such as pharma companies, on the clinical trial process, or at the healthcare ecosystem level (physicians, patients, caregivers, pharmacists).

Beneficiaries of the EDIH project can test pilot applications using Open DSU technology for various use cases, such as eConsent or Clinical Supply Chain, which we will discuss in more detail in following articles.

The Open DSU technology was validated in the PharmaLedger project, where RomSoft acted as technical coordinator of the PharmaLedger blockchain, together with Novartis.