Medical science has come a long way in the last fifty years. One simple but revolutionary improvement has been in the digitization of medical records.
By converting medical data from paper to digital, we’ve saved massive amounts of paper and ink, not to mention the time and physical storage space that can be dedicated to something else. It is not outlandish to say that digitizing medical records has saved lives. But we are still a long way away from where we could be when it comes to efficient medical data systems.
As a society, we are caught between two worlds. One side wants progress. We don’t have to fill out the same form every time we see a new doctor. We want to know if there has been a cancer outbreak in our area, or among those who use a particular product.
But there is another side of us that is impeding this kind of progress. It is the side that is rightly concerned with who has access to our data – especially when we didn’t give them permission.
And for that matter, what about those to whom we gave permission many years ago? How can we keep track of all these companies and how they use our data in five, ten, or twenty years?
Why Use Crypto for Identity Management?
Finding better ways to manage sensitive personal data is a problem that blockchain is uniquely qualified to solve. Crypto is built on a system for securing digital data in such a way that even if the attacker gets a hold of it, it is useless to him.
Attempts at solving these problems fall under the broad category of Identity Management – the ability to securely store and share my sensitive personal data online. While storing and sending the data securely is a tricky problem to solve, there is another problem. How does the recipient know the sender is who he claims to be?
So the the technology must also include ways to provide assurances that the data is real and not faked. This can sometimes be accomplished by trusted third-parties.
How Trusted Third-Parties Could Work
So maybe I go to the post office and show my ID to the clerk, and I also show my wallet address. They take a picture and run a KYC check on me. Everything checks out so they send an NFT to my wallet which affirms that I am who I say I am and that I passed a KYC check. Now whenever I need to prove my identity, I can use the Post Office as a trusted and impartial party who verified my identity.
What? You think the Post Office can be corrupted? You and me both, buddy.
So maybe they don’t accept just one verification. Maybe vendors require three different third-party verifications, and they all have to be on this list of accepted entities.
There are ways to structure this so that we can be highly certain of who a wallet’s owner is and whether that person has multiple accounts.
The Privacy Concern
All of this is terrifying of course. From a civil liberties perspective.
If the system gets hacked, then all your digitized secrets could be revealed. And who has more hacking resources than the US government?
Getting people to let go of that concern and trust that encrypted data is secure, even when the data is out in the open – it’s going to be difficult. Even though much of our data is already out there in encrypted form somewhere, there is a psychological barrier to purposefully putting it up on the immutable blockchain ledger.
Despite all this, I think the advantages are big enough to overcome that hurdle. Taking personal ownership and custody of our data is ultimately a way we can empower the individual. Users can share as much or as little of their data as they so please, so in some ways it is even superior to the older system when it comes to privacy.
But lets face it: most people are not all that concerned with their privacy. We give Facebook, and the government, and Google a treasure trove of our most personal details and conversations because the tradeoffs are deemed (by those who opt in to such things) as worth it.
Whether the market will see these tradeoffs as worth it remains to be seen. But if history is any indication, I think they will. Because the market tends to value convenience. And DID (Decentralized IDentification) will make some aspects of our digital life a heck of a lot more convenient. Lets talk about how.
Use Case: KYC
One of the most obvious uses of identity management for the crypto space is to simplify conformance with KYC or “Know Your Customer” laws.
KYC laws require businesses, especially in the financial sector, to verify the identity of their clients in order to prevent illegal activities such as money laundering and fraud. Have you ever had to hold up your ID and take a picture? It was probably KYC laws that caused you to do that.
Not only is that inconvenient, it also makes us less secure. Every time a new third-party gets a copy of that data, well there’s just another place where it can get hacked and exposed. That’s one more group of executives that we’re trusting to maintain good passwords.
Blockchain technology, with its decentralized and secure nature, can streamline and secure this process.
Imagine a system where your identity is verified once and stored securely on the blockchain. When you need to prove your identity to a new service or institution, you can simply grant them access to your blockchain-based identity, which they can then verify quickly and securely. This not only saves time but also reduces the risk of identity theft, as your sensitive information is not repeatedly transmitted and stored in multiple locations.
Use Case: Healthcare
KYC may be the lowest hanging fruit when it comes to identity management, but it is far from the most revolutionary. Consider what identity management can do for your health.
Blockchain’s transparency and immutability can enhance the integrity of medical records. Each time a medical record is accessed or modified, the blockchain can log this action, creating a transparent and tamper-proof history of interactions. This prevents tampering and can help identify and reverse erroneous changes. Rules can ensure that only authorized parties can access the data, and for only as long as you allow.
Blockchain can also facilitate the secure sharing of anonymized health data for research purposes. Imagine sending your last five years of medical scans to researchers and sending it anonymously. You get paid and you also help to solve a disease. And so long as the data is properly vague so as not to identify you – you don’t even have to sacrifice your privacy. Win-win.
Researchers could use this system to access a wealth of data without compromising individual privacy, leading to faster and more effective medical breakthroughs.
Regulatory Challenges
While the integration of blockchain with medical data management holds immense promise, it also faces challenges – especially on the regulatory front. Healthcare has always been a complicated morass of privacy and data laws. Most of these laws are written with the old paradigm in mind and can be quite a barrier to innovation.
This is the realm of lawyers and politicians. It gets complicated quickly and nothing turns out quite the way you expect. Identity management could be a catalyst for great advances in medicine or it could smoulder under the boot of excessive regulation. Only time will tell.
If identity management were only good for healthcare and KYC, the US government can simply kill it. Broad authority is given to law enforcement when it comes to enforcement of financial laws. If the government bans blockchain medical records and refuses to accept blockchain KYC, this could go nowhere. So the future of identity management is a regulatory coin flip.
But there are other uses for identity management which are not quite so vulnerable to regulation. And we’ll talk about those in Part 2.
