A Universal Patient-Centric Electronic Health Record System: The Ethical Implications
Originally submitted for a Global Bioethics class with Dr. Allen Keller at New York University.
Abstract: While patients legally own their health record information, patients are not currently privy to nor in control of their health records. With the advent of Blockchain technology, the elusive goal of a universal patient-centric Electronic Health Record (EHR) system can soon be a reality. Blockchain, the technology underpinning the cryptocurrency Bitcoin, enables multiple stakeholders to securely share data on a distributed ledger in real-time. The ethical impacts of Blockchain technology applications are an emerging area of research. The ethical implications of this technological advancement are analyzed using a patient-centric EHR prototype, MIT’s MedRec, and traditional bioethical principles, found in UNESCO’s Universal Declaration on Bioethics and Human Rights, as well as the latest Blockchain research and health IT ethical analysis. The design of a universal patient-centric EHR system is an ethical solution that strikes a fine balance between collective principles (solidarity, sharing of benefits, etc.) and individualistic principles (human dignity, autonomy, consent, etc.). Patient inclusion in the design process, stakeholder collaboration, and consistent deference to ethical solutions will be essential as patient-centric EHRs go from prototype to production.
The ability to share a patient’s health records across multiple healthcare providers has been an elusive goal. Currently, technology’s inability to share data while preserving privacy in accordance with law limits the design of Electronic Health Records (EHRs), forcing EHRs to be institution-centric. Siloed health records do not do justice to the interconnected physical, psychological, and social dimensions 0f health. Simultaneous data privacy and sharing are made possible with the invention of Blockchain technology. Blockchain is equivalent to how the collaboration tool Google Docs solved the frustrating email exchange of conflicting versions of Microsoft Word documents. But there is one crucial difference with Blockchain. Data ownership is retained and not given to a third party like Google. Blockchain has the potential to allow the multi-stakeholder healthcare industry to implement a universal patient-centric EHR system. Assessing the ethical implications of a technological advancement is an essential step on the path to adoption. Given that universal patient-centric EHRs will impact healthcare delivery systems, the analysis must take on a bioethical dimension. Universal patient-centric EHRs have global bioethical implications because they have the potential to impact the world and the human species in a unified and comprehensive manner. Using MIT’s MedRec prototype, the ethical implications of a universal patient-centric EHR system will be analyzed using the principles outlined in UNESCO’s Universal Declaration on Bioethics and Human Rights. A universal patient-centric Electronic Health Records system that leverages Blockchain technology is a promising ethical solution due to its ability to balance patient autonomy, privacy, and data ownership with unprecedented research access to population health data that can expedite the creation of cures for humanity’s ailments.
Electronic Health Records (EHRs) signal a broader innovation than just the transfer of a doctor’s handwritten notes to a computer. Medical encounters and the resulting payments are the design inspiration for current EHRs, instead of a patient’s care and health outcomes. Current EHR solutions are vertically integrated and meet the required privacy and security standards by utilizing siloed walled-data-gardens that inhibit collaborative industry-wide sharing of medical data. EHRs are inspired by the previous paper-based system, limiting their ability to be innovative and create solutions that could improve health outcomes. The current state of institution-centric EHRs is a product of limited technological capabilities and restrictive policies intended to preserve a patient’s right to privacy. Currently, the patient experience is inefficient due to siloed information; patients lack a comprehensive record of their health history, and when they go to a new healthcare provider it is inconvenient to repeat their health status over their lifetime let alone reconcile the fragmented information. Fragmented, inefficient design of institution-centric EHRs makes evident that ease of payment, not patient experience, is a top design priority. Current EHRs systems serve institutions more than patients.
Robert Greenes, a leader in the Biomedical Informatics field, thinks that the healthcare industry is in the midst of philosophical shifts, from institution to patient-centric design, from competition to collaboration, and from decision-making based on incomplete information to comprehensive data, which are well timed with technological advancement to re-design EHRs. Greenes predicts “there will be an expanding effort to develop standards for interoperability, integration, and management of the data, and business models for providing these capabilities on a broad basis to the public. Concomitant with that will be the evolution of methods to integrate such data with providers as needed.” Regarding security and privacy protection, Greenes foresees “using role-based authentication and authorization controlled by the user (consumer or patient).” Greenes views data management as key to the shift of power from institutions to patients, “these future data management capabilities will clearly be one of the more impactful trends if and when it occurs, since it will change the primacy of data for health and healthcare from the enterprise-focused EHR to the patient-centric continuous (and greatly enhanced) lifetime record.” With the shift to patient owned data, so will the patient’s role in informed decision making about their care shift, correcting for the previously lopsided exchange with physicians. Greenes concludes with his prediction that, “the shifts, e.g., in locus of control from provider to patient-centric, degree of integration of data from multiple sources, and the power of innovation, unleashed through apps and interoperable infrastructure, will be far-reaching – eventually – and the system that results will be quite different. Actually, I do think that 10 years may be a conservative estimate, because the trends are well underway. The future is ours to shape.” O’Brien and Mattison summarize, “we have finally arrived at the perfect storm for fundamental changes, many of which will be driven by consumers and technology.” O’Brien and Mattison describe the ideal outcome, “Seamless and secure availability of interoperable longitudinal health data, reliable automation of identity management, and robust health information exchange will ensure that individuals’ decisions are grounded in a comprehensive understanding of their health over time.” The next iteration of EHRs will reflect the industry’s focus on patient-centric, collaboration, and data-driven care.
The U.S.’s Office of the National Coordinator for Health IT (ONC) is attuned to industry trends and is leading industry-wide efforts to advance EHRs technology. This office serves as the government’s Health IT innovation hub, facilitating public-private partnerships to adopt new technology. In 2016, the ONC issued a “Use of Blockchain in Health IT and Health-Related Research” Ideation Challenge, requesting white papers regarding the ability of Blockchain technology to address privacy, security, and scalability challenges of managing EHRs. Blockchain’s unique properties are well suited to meet the challenges associated with EHRs.  Information privacy takes on a whole new meaning, Accenture’s Brodersen et al. explain, “a blockchain environment protects information at the data element level rather than in aggregate, and appropriate parties can only access data using appropriate permissions.” Once data is added to the ledger, it can only be appended, not edited, and all parties have access to the version history. Burniske et al. describe the influence of this infrastructure technology, “because each stakeholder has the same view of the complete ledger, blockchains could become the basis of trust that underpins information exchange between related and unrelated parties.” The ONC selected 15 winners from 70 white paper submissions. The question is not if Blockchain will be used for EHRs, but how and when.
One of the most promising papers submitted to the ONC’s challenge was MIT’s MedRec Blockchain EHR prototype because it dualistically addressed data privacy and data sharing. Ekblaw et al. cited the current landscape and industry trends as the impetus for their design, “a long-standing focus on compliance has traditionally constrained development of fundamental design changes for Electronic Health Records (EHRs). We now face a critical need for such innovation, as personalization and data science prompt patients to engage in the details of their healthcare and restore agency over their medical data.” Ekblaw et al. summarize their MedRec prototype:
A novel, decentralized record management system to handle EHRs, using blockchain technology. Our system gives patients a comprehensive, immutable log and easy access to their medical information across providers and treatment sites. Leveraging unique blockchain properties, MedRec manages authentication, confidentiality, accountability and data sharing—crucial considerations when handling sensitive information. A modular design integrates with providers’ existing, local data storage solutions, facilitating interoperability and making our system convenient and adaptable. We incentivize medical stakeholders (researchers, public health authorities, etc.) to participate in the network as blockchain “miners.” This provides them with access to aggregate, anonymized data as mining rewards, in return for sustaining and securing the network via Proof of Work. MedRec thus enables the emergence of data economics, supplying big data to empower researchers while engaging patients and providers in the choice to release metadata.
MedRec is an innovative solution addressing many of the current EHR issues with its design and utilization of Blockchain. MedRec’s design fulfills the future state goal of Mayo Clinic’s Peterson et al., “We believe that a patient’s record should be consistent and available across institutional boundaries, and the terms of its access strictly dictated by the patient. As a secondary goal, this data should not only be shared, but shared in such a way that all interested parties can understand the structure and meaning, ultimately leading to improved data utility and patient care.” While MedRec is a promising path forward, assessing the ethical implications of such a technological innovation is a prerequisite to industry adoption.
The bioethical principles outlined in UNESCO’s Universal Declaration on Bioethics and Human Rights provide a framework to analyze the ethical merits of MedRec, as a case study for universal patient-centric EHRs more generally. While each UNESCO bioethical principle is independently important, the principles combine to create synergies as well as complex dynamics regarding the role of the individual and society. An ethical solution strikes a balance between the collective principles (solidarity and cooperation, social responsibility and health, sharing of benefits) and the individualistic principles (human dignity and human rights, autonomy and individual responsibility, consent and persons without the capacity to consent, respect for human vulnerability and personal integrity, and privacy and confidentiality). MedRec’s altruistic ethical design aligns with the principles analyzed below; an ethical implementation will be the real challenge for a universal patient-centric EHR solution, like MedRec.
MedRec gives patients, the rightful owners of their health data, control of who accesses their information; MedRec’s patient-centric design appropriately addresses the principles of human dignity, human rights, autonomy, and individual responsibility. MedRec author Andrew Lippman summarized the implications of the patient-centric design in an interview, “Medrec is designed to give people control of the distribution of their medical records…the tip of an iceberg that changes the notion of ownership of those records.” MedRec authors Ekblaw and Azaria summarize the patient experience, “MedRec restores patient agency by empowering users with a focal point for access and review of their medical history, and an easy mechanism for sharing their data across medical jurisdictions. Patients can authorize a new doctor to review their record and obtain a second opinion, or grant viewership rights to a guardian they trust.” MedRec’s patient access controls preserve human dignity and human rights, prioritizing the interests and welfare of the individual over the sole interest of science or society, and the institutions that currently control access to patient’s EHRs. The patient-data-ownership model present in MedRec aspires to implement the intent of HIPAA, the U.S.’s Health Insurance Portability and Accountability Act; Kiel, Ciamacco, and Steines explain, “the physical medical record belongs to the provider, but what is not known by many, is that the information contained within belongs to the individual.” By having the EHR be digitally native, eliminating its physical form, the patient can truly own and control access to his or her information. Ekblaw et al. describe patient access controls, “the MedRec model restores comprehensive patient agency over healthcare information—across providers and treatment sites, empowering citizens with the data they need to make informed decisions around their care.” With access to their own information, patients can become true partners with their providers. Now that patients can access their health information, they will need proper education to interpret the information, as Duqenoy, Mekawie, and Springett note, “medical terminology and patients understanding of it can also raise challenges for the patient.” Yet, on certain sensitive topics, patients should not have access to all of their own health record information. Ekblaw et al. cite psychotherapy notes and physician intellectual property, acknowledging that “MedRec does not presume to be an automatic content-management system for all of a Physician’s output.” Specifically, Kiel, Ciamacco, and Steines outline the HIPAA exceptions to patient access to their heath records: “psychotherapy notes, information to be used in legal proceedings or for forensic matters, information that could cause harm to oneself or another especially when inmates are involved, research information when a patient is in the sample, and if the requestor is judged that they may be further harmed by having seen the information.” There is some health information that could harm patients if they had access to it, so the design should be shaped accordingly. While MedRec does not address the patient’s ability to share information selectively, there could be negative ethical implications if this functionality existed. For example, it would be unethical for a patient who is taking opioids to hide their prescription list from a new doctor, while seeking another prescription. The ability for patients to have access and control access to their health records is a great achievement, but must be responsibly implemented.
It is imperative to create an alternative method for those who are unable to exercise their autonomy and manage their health records. There is an obvious limitation for children, those who either do not have online access and those who don’t possess the skills required to manage access controls of their EHR. An alternative solution will need to be provided for them to preserve individual choice. Perhaps a service or a designated confidant can manage their EHRs for patients in need. Yasnoff concludes,
While there are legitimate concerns that some patients may not be sufficiently informed to make such decisions and could make access choices that may be harmful, delegating this decision-making to anyone other than the patient will likely have a much larger (and more certain) negative impact. As an analogy, we as a society agree that individuals should retain the right to decide how their financial resources are allocated, even though this clearly leads to negative consequences when consumers act unwisely.
Ideally, outsourcing of patient EHR management will be kept to a minimum, perhaps following the norms around personal finance. Overall, a patient is ethically the best person to handle their health record information; an ethical EHR solution would include an alternative approach for a patient who is unable to fulfill the responsibility of managing his or her EHR.
With patients owning and controlling access to their EHR comes a newfound management responsibility. MedRec author Andrew Lippman admitted in an interview that this new responsibility creates more work for the patient, or those who manage EHRs for those unable to manage their own records, “The main downside we worry about is that people don’t want to do this. It may involve work, like balancing your checkbook.” The scope of patient time and effort in managing their EHR is unclear, if one is healthy and not switching doctors frequently, the upkeep will hopefully be minimal. Patients controlling access to their EHRs is a positive ethical development, but with a monumental shift in responsibility from institutions to individuals; education will be needed, so individuals fully understand what their new responsibility entails and its implications. Yasnoff describes the scenario, “In a system where patients control access to their own medical information, education and assistance related to decisions about sharing that information would clearly be needed. Managing access to personal information is a new concept for most people, so some confusion about this new responsibility is inevitable.” Patient education regarding the short and long-term implications of sharing their EHR can prevent oversharing of health data. Also, patients must be trained to use the technology properly and be protected from phishing and the EHR equivalent of an accidental reply-all email. Blockchain is a nascent technology that has not solved the usability issue of key management and proper use of wallets that hold the keys to accessing information locked with those keys.  Mismanaged keys increase the likelihood of stolen or lost data. Proper key management is a Blockchain-wide issue and therefore the brightest minds in the space are researching a solution; it will be solved as the technology matures. A user-friendly key management solution is a prerequisite to adoption of a universal patient-centric EHR system. Patients must understand the implications of their new responsibility and be trained to use the proper tools to protect their own health data in their EHRs.
MedRec’s prioritization of privacy stems from the need to preserve the principle of respect for human vulnerability and personal integrity. MedRec’s designers understand their system handles sensitive information, and if this was inappropriately shared or leaked this could put the patient in a vulnerable position. The patient could be stigmatized or taken advantage of because of data housed in their EHR.  To minimize patient vulnerability, the ability to consistently keep the information associated with the correct person will be key; universal identity management solution is another Blockchain-wide area of development and a prerequisite for adoption that will be addressed as the technology matures. With patients responsible for access controls, the fate of their information is in their hands, minimizing patient vulnerability is yet another reason patients must be set up for success through education and user-friendly tools to manage their EHR.
MedRec’s use of patient access control and Blockchain’s innovative security paradigm addresses the principles of privacy and confidentiality. Privacy and confidentiality are commonly used interchangeably, yet the proper term to use is usually confidentiality; Yasnoff explains the distinction, “‘privacy’ strictly refers to prevention of information release while confidentiality covers the appropriate use of sensitive information after it is released.” With MedRec’s patient access controls, patients are in control of their confidential information and release it by choosing to share it with relevant stakeholders in their healthcare. Generally, MedRec’s security model is an improvement on current standards and is designed to withstand a current-day cyberattack on centralized systems given the distributed nature of the system, Ekblaw et al. explain, “our system does not create a central target for content attack—a crucial consideration in an age of cyberattacks and data leaks.” Yet, MedRec is not immune from security threats. An important vulnerability is patient key management, discussed above; patient access control holds the patient responsible for sharing information with only those providers who will keep their information confidential. Ekblaw et al. note another vulnerability, “MedRec does not claim to address the security of individual provider databases—this must still be managed properly by the local IT system admin.” Again, the nascent status of Blockchain technology leaves room for improvement, this time regarding the pseudonymous – not anonymous — status of information as this moves through the system. Ekblaw et al. acknowledge that the pseudonymous property currently allows for inferences to be made if network traffic is analyzed, even if no identifying information is shared. Anonymity is a pivotal area of Blockchain development; promising privacy solutions are beginning to emerge and continued innovation will solve this Blockchain-wide problem. Trusting that one’s information will be kept confidential is essential to the flow of information that is critical to maximizing benefit and minimizing harm, Duqenoy, Mekawie, and Springett explain, “If patients do not feel that the information that they give to a doctor is protected, in the sense of considering all such things to be private, and that their privacy is at risk, they might choose to be more selective about the information they provide to the doctor in the future. This can undermine the patient/doctor relationship and impede diagnosis and appropriate treatment.” As with all Blockchain solutions, data is secured at the element, not aggregate level; MedRec’s security integrated model is an improvement on the perimeter defenses of institution-centric EHRs. MedRec’s combination of patient access control and robust security solution will bring much-needed improvement to the healthcare industry’s data security.
MedRec properly addresses the principle of consent because each time a patient shares their EHR with a health care provider they are giving consent. MedRec’s ability to track who has access to patient EHRs acts as a record of consent. While not discussed directly by MedRec’s authors, there will need to be a consent alternative for emergencies when patients are unable to provide consent. Yasnoff suggests a solution, a preemptive consent functionality so patients could grant access in advance for emergency situations for a limited amount of time, yet this backdoor option does pose a security threat. Another principle is preserving the rights of persons without the capacity to consent, which is related to the discussion above about preserving the autonomy of those who cannot manage their own EHRs. As with patients who are unable to bear the responsibility of access controls and the consent that entails, patients could deem a family member or confidant to provide consent on their behalf. Today, there are a few cases where the need for society to know one’s health status overrides one’s ability to consent, and a MedRec-like solution would need to preserve those procedures. Yasnoff cites exceptions of communicable diseases and controlled substance prescription information, concluding, “with medical information access controlled by patients, it seems likely that a limited number of additional public policies, such as access control policies for minors, will be needed to ensure that, when it is appropriate, essential community interests supersede individual rights.” The individual will be in control of who can access their EHR, yet the rights of the individual need to be balanced with the rights of society.
Ekblaw et al.’s mechanism of population-level data sharing is MedRec’s novel feat and appropriately addresses the principles of solidarity, cooperation, social responsibility and health, and sharing of benefits. Preserving individual autonomy, MedRec gives patients a choice in how much metadata to share with researchers who earn census level data as they work to sustain the network. Researchers could include academics, pharmaceutical companies, the CDC, regulated healthcare NGOs, insurance companies; since the network would be closed, patients and providers would govern which researchers could join. An ethical conflict of interest could arise if a patient is providing data that facilitates a research breakthrough resulting in a new medication, which a pharmaceutical company could then sell for a profit. While it may not be ethical to have patients sell their data, similar to how it considered unethical to sell organs, this will be a murky unexplored bioethical territory. Compensating research participants for their time and effort is a norm, so why could we not expand that norm to include their data? Anonymized longitudinal research data allows for ethical data sharing that will benefit society. Ekblaw et al. note, “By leveraging a data orchestration system like MedRec where the records would already be gathered, organized and available for analysis, this type of research can be achieved with significantly less overhead than traditional research trials, which often require expensive recruitment procedures and in-person access to patients.” Blockchain technology lowers the cost of secure information sharing; research will no doubt benefit from the unprecedented data access. The possibilities of medical research will improve thanks to increased access to population health data, aiding society’s fight against the threats to the survival of humanity.
Ekblaw et al.’s design appropriately addresses the principle of benefit and harm for both the individual and society. By allowing patients to share their complete health history with any healthcare provider they deem needs access, health outcomes will improve from the added context of a patient’s longitudinal EHR. In addition to traditional health record information, MedRec can incorporate health data, like sleep patterns and heart rates, from fitness trackers to add further context to a patient’s health history. Mayo Clinic’s Peterson et al. concludes, “Ultimately, better and more available data leads to better care for the patient.” Duqenoy, Mekawie, and Springett describe the importance of trust and sharing of complete information, “On the patient’s side, this involves trust that the doctor will act in the best interests of the patient and, from the doctor’s side, trust that patients are transparent with regard to offering details about the precise status of their health condition.” Preserving privacy and confidentiality is foundational to form a trusted patient-physician relationship Yasnoff notes, “perhaps more importantly, failing to assure the privacy of medical records will make patients much less willing to divulge critical personal details to their providers – and perhaps even avoid seeking medical care at all.” With MedRec, there will no longer be data silos that segment information, impeding doctors from having a patient’s longitudinal health data to use for decision making. Society will benefit from population health tracking features, such as tracking communicable disease in real time to limit their spread. MedRec allows for more than just access to a comprehensive log of a patient’s health history; the design could be expanded to include automated suggestions based on analysis of the information. Ekblaw et al. explain that on an individual level, “MedRec data can also feed into emerging technologies for predictive analytics, allowing patients to learn from their family histories, past care and conditions to better prepare for healthcare needs in the future.” On a collective level, Ekblaw et al. elaborate, “due to the linked interoperability between provider databases in a MedRec network, better-unified access to data could facilitate a wide range of trend discovery. MedRec’s modularity could support an additional analytics layer for disease surveillance and epidemiological monitoring, physician alerts if patients repeatedly fill and abuse prescription access.” Sharing anonymized data on an unprecedented scale has unquestionable benefits for research, but potentially harmful outcomes await if research results are not used in an ethical manner. Kohli and Tan note that research outcomes should not be applied as cure-alls for the whole population in a purely utilitarian manner, but instead multiple solutions should coexist, “At the aggregate-level, patients are concerned that consolidation of EHRs may lead to changes in medication or therapy that works for them if national authorities found such medicines and therapies to be generally less effective for other patients.” Stanton-Jean et al. note the importance of preserving the balance of needs between the individual and society; if the balance is too weighted to the individual, it would lead to the displacement of health system costs.  MedRec appropriately addresses the need to maximize beneficence and minimize maleficence on both the individual and societal level with its anonymized data sharing that requires patient consent.
Data sharing is made possible by MedRec’s interoperable design. Ekblaw et al. explain, “we have developed MedRec not as a proprietary system, but as a set of open APIs to facilitate EHR review and exchange. MedRec is a layer that can be added to existing provider [systems].” MedRec is committed to being open source software, Ekblaw and Azaria state their goal as, “use of MedRec will not entail system ownership of the data. We believe this policy is key, especially for a medical record system that emphasizes patient agency.” Given the open source nature of MedRec, which allows for transparent review and improvement, the maleficent opaqueness of current proprietary institution-centric EHRs will be eliminated. Vendor contacts currently have “hold harmless” and “non-disclosure” clauses to ensure they are not responsible for faults in their software. If a vendor’s software glitch negatively impacts the provision of healthcare, the vendor is ‘held harmless,’ and users cannot publicly communicate the error due to ‘non-disclosure’ clauses. With an open source solution like MedRec, but there will be a transparent process to report and fix errors. MedRec’s open source nature would eliminate this issue because of its transparent design, plus its ability to publicly report errors and transparently apply fixes.
The implementation of MedRec will address the remaining principles outlined by UNESCO. Regarding equality, justice, and equity, an ethical implementation of MedRec would comprehensively provide system access to all patients and their healthcare stakeholders, as well as benefits from the research that results from MedRec’s data sharing. Regarding the principles of non-discrimination, non-stigmatization, respect for cultural diversity and pluralism, the research conclusions using MedRec’s data should strive to be non-discriminatory while preserving diversity. The ability for family members to share health history with each other addresses the principle of protecting future generations. Patients would be much better informed of their genetic health risks. Plus, all of the research stemming from MedRec’s data sharing would improve health outcomes going forward; conclusions of population-level data analysis could then inform patients regarding their likelihood of disease based on a variety of factors including family histories. MedRec’s elimination of paper records would have an obvious environmental impact, preserving the principle of protection of the environment, the biosphere and biodiversity. Yet, the current design is highly reliant on computer power to sustain the system; this is a Blockchain-wide problem, a scalable, sustainable solution will be found as this technology matures. If inspired by MedRec’s ethical design, it is a reasonable goal that implementation of a universal patient-centric EHR system will be ethical.
The altruistic ethical design of MedRec is impressive; the real test will be for healthcare’s many stakeholders to ensure ethical use once implemented. To uphold its status of a global bioethical solution that properly balances both the individualistic and collective principles, an implementation of a MedRec-like solution must allow for unified and comprehensive healthcare solutions that benefit all of humanity. MedRec could even enjoy expedited adoption, Ekblaw et al. note MedRec’s interoperable design “will ease adoption, lower integration costs and aid compliance with HIPAA regulations.” As MedRec, or a similar universal patient-centric EHR system, continues on a path to adoption co-current efforts from technology researchers, healthcare industry leaders, policymakers, and patients will remove the remaining roadblocks to production. These efforts will need to consistently analyze the ethical implications of their actions and adapt as needed. Blockchain technology must continue to mature, solving for key management, identity management, privacy, and sustainability features that are essential to wide-spread adoption. Academia will hopefully play a leading role in developing this nascent technology, Halamka, Lippman, and Ekblaw conclude, “One outcome we can all hope for is that Blockchain continues to be developed at a disinterested, nonprofit university so that the idea can mature before it’s optimized for commercial purposes.” Industry coordination and policymaker support will be key to support a MedRec-type solution from prototype to production. Areas for future study include how to align incentives among industry competitors to coordinate implementation of a universal EHR Solution. Blockchain is an industry infrastructure technology that will re-architect the competitive landscape; any industry adopting this innovative technology will need to solve the coordination problem, so all can benefit. The benefit to the healthcare industry would be substantial, IBM cites the Premier healthcare alliance, “sharing data across organizations could save hospitals USD 93 billion over five years in the U.S. alone.” In addition to cost savings, competitive dynamics will evolve. Once all stakeholders have access to the same information, healthcare providers can compete by providing the best care, and no longer will information hoarding equate to a competitive advantage in retaining patients. A universal patient-centric EHR system ideally avoids commoditizing care, but instead, improves patient choice of doctors and provides a solid foundation as new relationships begin. Some believe a Blockchain-based EHR system is a non-starter due to regulation. That is short-sighted. Instead, innovation must shape regulation, regulation must not stifle innovation. A universal EHR system will necessitate updates to HIPAA given the paradigm shift, as data ownership and control shifts from institutions to patients, proper patient protections will need to be updated accordingly. No longer elusive, as patients gain ownership and control of their health data, patients must be active, influential participants on the path to adoption of universal patient-centric EHRs.
 Electronic Health Record (EHR) is the chosen term for this paper because the proposed design discussed reflects the multi-dimensional, interconnected definition of health. EHR is sometimes used interchangeably with Electronic Medical Record (EMR). But EMR is not as relevant for this paper because an EMR is traditionally considered solely a record of one’s medical episodes. For more information: D.A. Ludwick and John Doucette, “Adopting electronic medical records in primary care: Lessons learned from health information systems implementation experience in seven countries,” International journal of medical informatics 78 (2009): 23-4.
 Allen Keller, “Global Bioethics,” (Presentation, NYU’s Global Bioethics Class, New York, NY, Spring 2017).
 Allen Keller defines Bioethics as, “the discussion and application of moral values and responsibilities in the biomedical sciences including clinical practice, healthcare delivery systems, and research.” For more information: Keller, “Global Bioethics.”
 Keller, “Global Bioethics.”
 Henk A. M. J. ten Have and Bert Gordijn, “Global Bioethics,” in Handbook of Global Bioethics, eds. Henk A. M. J. ten Have and Bert Gordijn (New York: Springer, 2014), 10.
 Thomas Payne, “Snapshot at Mid-stride: Current State of EHRs and Their Use by Clinicians from a CMIO’s Perspective,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 62.
 Chris Burniske et al., How Blockchain Technology can Enhance EHR operability (Gem, 2016), 3; Robert Greenes, “Health Information Systems 2025,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 580.
 Payne, 61.
 Burniske et al., 3.
 Payne, 62.
 Greenes, 579-600.
 Ibid, 587.
 Ibid, 598.
 Ann O’Brien and John E. Mattison, “Emerging Roles in Health and Healthcare,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 200.
 Ibid, 203.
 Margo Edmunds, Douglas Peddicord, and Mark E. Frisse, “The Evolution of Health Information Technology Policy in the United States,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 152.
 “Announcing the Blockchain Challenge,” HealthIT.gov, https://www.healthit.gov/newsroom/blockchain-challenge.
 Ariel Ekblaw et al. on page 3 illustrate Blockchain’s unique properties, “The blockchain uses public key cryptography to create an append-only, immutable, timestamped chain of content. Copies of the blockchain are distributed on each participating node in the network. The Proof of Work algorithm used to secure the content from tampering depends on a ‘trustless’ model, where individual nodes must compete to solve computationally-intensive ‘puzzles’ (hashing exercises) before the next block of content can be appended to the chain. These worker nodes are known as ‘miners,’ and the work required of miners to append blocks ensures that it is difficult to rewrite history on the blockchain.” The implications of Blockchain technology, not its technical underpinnings, are the focus of this paper. For more information on technical details, please read the following papers in full: Ekblaw et al. Brodersen et al., Burniske et al., Ekblaw and Azaria, and Peterson et al.
 C Brodersen et al., A. Blockchain: Securing a New Health Interoperability Experience (Accenture, 2016), 5.
 Burniske et al., 1.
 Ibid, 1.
 Mary Pratt, “Healthcare, retail industries give blockchain a try,” Computerworld, November 2016, http://www.computerworld.com/article/3137490/enterprise-applications/article.html.
 Ariel Ekblaw et al., A Case Study for Blockchain in Healthcare: “MedRec” prototype for electronic health records and medical research data (MIT, 2016), 2.
 Kevin Peterson et al., A Blockchain-Based Approach to Health Information Exchange Networks (Mayo Clinic, 2016), 2.
 UNESCO’s Universal Declaration on Bioethics and Human Rights Principles are as follows: human dignity and human rights, benefit and harm, autonomy and individual responsibility, consent, persons without the capacity to consent, respect for human vulnerability and personal integrity, privacy and confidentiality, equality, justice and equity, non-discrimination and non-stigmatization, respect for cultural diversity and pluralism, solidarity and cooperation, social responsibility and health, sharing of benefits, protecting future generations, protection of the environment, the biosphere and biodiversity.
 Andrew B. Lippman, e-mail message to author, April 18, 2017.
 Ariel Ekblaw and Asaf Azaria, “MedRec: Medical Data Management on the Blockchain,” September 2016, https://www.pubpub.org/pub/medrec?version=f6785304b51890cc47492d8bae173f1dbbe105a5.
 UDBHR, article 3.
 Joan M. Kiel, Frances A. Ciamacco, and Bradley T. Steines, “Privacy and Data Security: HIPAA and HITECH,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 444.
 Ekblaw et al., 10.
 Penny Duqenoy, Nermeen Magdi Mekawie, and Mark Springett, “Patients, Trust and Ethics in Information Privacy in eHealth,” in eHealth: Legal, Ethical and Governance Challenges, eds. Carlisle George, Diane Whitehouse and Penny Duquenoy (Berlin: Springer, 2013), 285.
 Ekblaw and Azaria.
 Kiel, Ciamacco, and Steines, 444.
 William Yasnoff, “The Health Record Banking Model for Health Information Infrastructure,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 347.
 Duqenoy, Mekawie, and Springett, 285.
 Yasnoff, 337.
 Duqenoy, Mekawie, and Springett, 285.
 Yasnoff, 337.
 Lippman, e-mail.
 Yasnoff, 337.
 Tierion, Blockchain Healthcare 2016: Promise & Pitfalls, (2016), 7.
 Yasnoff, 336.
 IBM, Healthcare rallies for blockchains: keeping patients at the center (2017), 8 and 10.
 Yasnoff, 335.
 Ekblaw et al., 9.
 Disclosure: the author works for J.P. Morgan, who has open-sourced Quorum, a leading Blockchain data privacy solution.
 Duqenoy, Mekawie, and Springett, 281.
 Brodersen et al., 5.
 Yasnoff, 348; Tierion, 7.
 Duqenoy, Mekawie, and Springett, 285.
 Yasnoff, 347.
 Ekblaw and Azaria.
 Lippman, e-mail.
 Ekblaw et al., 10.
 Ekblaw et al., 10.; IBM, Healthcare rallies for blockchains: keeping patients at the center, 9-10.
 Kevin Peterson et al., 8.
 Duqenoy, Mekawie, and Springett, 292.
 Yasnoff, 336.
 IBM, Blockchain: The Chain of Trust and its Potential to Transform Healthcare – Our Point of View (2016), 2.
 Ibid, 5.
 Ekblaw et al., 10.
 Rajiv Kohli and Sharon Swee-Lin Tan, “Electronic Health Records: How can IS researchers contribute to transforming healthcare?” MIS Quarterly 40, no. 3 (2016): 557.
 Michele Stanton-Jean, Hubert Doucet, Therese Leroux, and Julie Cousineau, “Canada,” in Handbook of Global Bioethics, eds. Henk A. M. J. ten Have and Bert Gordijn (New York: Springer, 2014), 977.
 Ekblaw et al., 9.
 Ekblaw and Azaria.
 Ross Koppel, “Great Promises of Healthcare Information Technology Deliver Less,” in Healthcare Information Management Systems: Cases, Strategies, and Solutions, eds. Charlotte A. Weaver, Marion J. Ball, George R. Kim, and Joan M. Kiel (New York: Springer, 2016), 110-111.
 Ibid, 110.
 Ekblaw et al., 10.
 Ekblaw and Azaria.
 John D. Halamka, Andrew Lippman, and Ariel Ekblaw, “The Potential for Blockchain to Transform Electronic Health Records,” Harvard Business Review, March 03, 2017, https://hbr.org/2017/03/the-potential-for-blockchain-to-transform-electronic-health-records.
 Brodersen et al., 3.
 IBM, Healthcare rallies for blockchains: keeping patients at the center, 8.
 Peterson et al., 8.
 Mike Miliard, “Blockchain and healthcare privacy laws just don’t mix,” Healthcare IT News, May 3, 2017, http://www.healthcareitnews.com/news/blockchain-and-healthcare-privacy-laws-just-dont-mix.