Improving how patients’ information is shared

Sharing protected health information (PHI) is required to deliver good patient care. It “significantly enhances patient care quality and coordination, contributing to more accurate diagnoses, efficient treatment plans, and a comprehensive understanding of patient history,” as evidenced by Cornell University’s research article on Balancing Patient Privacy and Health Data Security.

Additionally, electronic health record (EHR) systems have “significantly improved healthcare services, such as enhanced collaboration among healthcare professionals, more accurate diagnoses, faster treatment, and convenient access to patient-protected health information.”

EHRs and health information exchanges (HIEs) allow healthcare providers to share patient data between different institutions, facilitating collaboration among specialists, more accurate diagnoses, and improved continuity of care when patients move between providers.

For example, when a patient is referred from a general practitioner to a specialist, their medical history, lab results, and imaging can be shared instantly, allowing the specialist to make informed decisions.

PHI is also used in research and marketing, provided strict requirements are met. However, regardless of the use case, “ensuring health data security and patient privacy is mandatory.”

Compliance and patient consent

According to Cornell University, “Acquiring patient consent for healthcare information sharing is paramount for adhering to policy compliance.” Moreover, HIPAA regulations require organizations to guarantee that patients understand and approve how their data is used.

More importantly, patient consent gives individuals “control over their health data and its dissemination.” It also has multiple purposes in terms of legal compliance, transparency, and how data is handled, and it improves trust between patients and providers. From a broader perspective, “proper patient consent acquisition is a legal requirement and a trust-building measure.”

For instance, if a hospital wants to share patient data with a research institution, it must clearly define what data will be shared, who will receive it, and for what purpose. Without explicit consent, such sharing would violate regulatory requirements and diminish patient trust.

The challenges in PHI security and compliance

Despite strict regulations, unauthorized access and healthcare data breaches remain common. The primary causes include “impermissible uses and disclosures of PHI,” “lack of safeguards of PHI,” and “lack of patient access to their PHI.” In addition, weak administrative controls and excessive data sharing compound these issues.

Research shows that “the root of many unauthorized EHR access and sharing lies in inadequate policy adoption, implementation, and enforcement.”

In practice, this might mean that hospital staff are given overly broad access to patient records, allowing individuals to view information that is not relevant to their role. In other cases, consent policies may exist on paper but are not enforced consistently across systems.

Additionally, “the centralized hospital system serves as a singular source of truth and a potential single point of failure.” So, if one system is compromised, it can expose large volumes of PHI at once.

Furthermore, “Patient-level policies or consents are often not properly or timely enforced.” This creates situations where data is shared without fully respecting patient preferences. Patients also lack assurance that their consent is being followed in practice, especially when data moves between different organizations.

Another concern is that commonly used data-sharing tools are often insecure. As identified in the research, data shared via email may not be properly encrypted, increasing the risk of exposure. At the same time, audit trails in centralized systems can be altered or incomplete, leading to “the absence of a verifiable, unaltered record for consent execution.”

How blockchain technology can help

Blockchain technology is described as “a decentralized and tamper-evident ledger system” that maintains the authenticity and integrity of data, like PHI. It distributes data across a network, reducing the risk of a single point of failure. Once data is recorded, it cannot be altered, creating a permanent record of events.

For example, when a patient’s data is shared with a specialist, the transaction is logged in a way that cannot be changed or deleted.

Smart contracts and automated consent management

Blockchain uses smart contracts as self-executing programs that automatically enforce predefined rules. It creates “an automated, transparent system that upholds the integrity and accountability of the consent for sharing PHI.”

It also eliminates manual consent processing, where staff would have to check whether the data can be shared. Instead, the system automatically verifies whether the request supports the patient’s consent.

For example, if a doctor tries to share patient data for research purposes, the smart contract checks whether the patient has granted consent for that specific purpose. If consent exists, the request is approved; if not, it is denied.

The research article suggests that healthcare organizations implement a patient–provider agreement (PPA) that defines the responsibilities of both parties and establishes clear consent mechanisms. The PPA may include patient details, provider roles, treatment consent, data sharing permissions, and compliance with regulatory requirements.

Additionally, the article recommends using informed consent for data sharing, which specifies who is authorized to access patient data, what information can be shared, the recipients of the data, and the intended purpose of sharing.

For instance, a patient may allow their lab results to be shared with a specialist for diagnosis but not for marketing purposes. The system then enforces these distinctions automatically.

Introducing an honest broker

Cornell University suggests an additional layer of security through an honest broker. The entity verifies that appropriate data protection mechanisms are applied before PHI is shared.

As described, the broker “evaluates the encryption algorithm, key size, and data anonymity status” and certifies compliance. It also acts as a “blind entity,” so the broker does not access the actual content of the data.

For example, before PHI is shared for research, the broker verifies that identifying information has been removed, upholding privacy requirements.

Immutable audit trails and provenance

Blockchain allows immutable audit trails that record every action related to PHI sharing. These records include consent execution, data-sharing events, and security validations, maintaining “a detailed and unalterable history of policy enforcement actions.” Therefore, organizations can trace exactly how data was used/accessed, and whether the actions were compliant. If a breach occurs, the organization can identify the source and take corrective action.

Proof of compliance

The research also introduces Proof of Compliance (PoC), a mechanism for verifying whether data-sharing activities adhere to policies and consent. Each transaction is evaluated and classified as compliant, non-compliant, or not determined.

For example, if data is shared without proper consent, the system flags the transaction as non-compliant, allowing immediate corrective action.

Benefits of blockchain-based PHI management

Blockchain-based PHI management gives patients control and visibility into how their data is used. It also decreases reliance on centralized systems and introduces transparency through verifiable audit trails. Additionally, automates compliance, reducing the risk of human error.

Possible challenges

Despite its benefits, using blockchain technology increases costs associated with transactions, infrastructure requirements, and integration with existing systems. There are also concerns about storing sensitive data on public blockchains. The study therefore suggests using a hybrid approach, storing PHI on private blockchains and recording integrity markers on public networks.

As the research notes, “Using smart contracts to manage patient consent is a promising way to securely and privately share health data.” However, consent management systems must be paired with secure communication channels, especially since “providers also share PHI through email or other electronic mediums.”

Healthcare providers must use a HIPAA compliant email solution that offers advanced encryption, audit trails, and access controls. These security mechanisms secure PHI during transmission and at rest. One such solution is Paubox email. It allows providers to share PHI between patients and providers for better collaboration and improved patient care outcomes.

Paubox email can also be integrated with existing electronic health record systems, making it a convenient and efficient choice for healthcare organizations.

In combination with blockchain technologies, it maintains “the authenticity and integrity of PHI while facilitating patient consent management.”

Learn more: A HIPAA consent form template that's easy to share

FAQs

What is informed consent?

Informed consent is a formal process in which a patient voluntarily agrees to a medical treatment or the sharing of their health information after receiving comprehensive information. It includes an understanding of the purpose, potential risks and benefits, available alternatives, and the possible consequences of refusing consent, so they can make an educated decision about their care and data.

Who can access patient data?

Only authorized individuals or organizations that are explicitly identified in the patient’s consent agreement, like healthcare providers, specialists, or approved third parties involved in the patient’s care or related services. Access is typically controlled through security measures such as authentication, role-based permissions, and audit logs for approved purposes.

Can a patient refuse to share their data?

Yes, patients have the right to refuse or limit the sharing of their health information. They can specify which data may be shared, with whom, and for what purpose. However, there may be exceptions where disclosure is required by law, such as for public health reporting or legal obligations. Patients also have the right to withdraw or modify their consent at any time, subject to applicable regulations.