Blockchain in Healthcare: Opportunities and Challenges

November 2021

1. Introduction

In 2008 Satoshi Nakamoto, a pseudonym, released the legendary white paper[1] on a peer-to-peer electronic cash system supported by a secure, decentralized, immutable technology. The advent of blockchain was, in essence, a rebellion of technology against the established societal norms and rules, that have served as the foundational institutions of society. While it was created with the singular objective of supporting a virtual currency, the revolutionary system behind the technology has enabled its application across multifarious sectors.  

One such sector that merits attention is healthcare for a variety of reasons. Firstly, the burgeoning global population and Covid-19 have imposed a massive burden on health service providers with respect to the enormous amount of data to be recorded, maintained and transferred every minute. The ongoing global vaccination drive for Covid-19 coupled with travel restrictions linked with the vaccination status of travellers has propelled a need for creation of a reservoir of vaccination data. Secondly, circulation of counterfeit drugs is a huge problem.[2] Thirdly, medical supply chain management has assumed a position of enormous importance since the start of Covid-19. Earlier this year, the second wave in India saw a massive shortage accompanied with black marketing of medical devices. Consider how effortless the system would have been if there would have been a national data reservoir consisting live, traceable data for medical device supply chains.

This newsletter examines the uses of blockchain in healthcare and the potential challenges.

2. Blockchain for the layman

Premised on trust, blockchain is essentially a chain of blocks serving as ledgers of specific data or transactions. The system is supported by an interconnected network of nodes and miners. The nodes have two simple tasks. The first is to serve as a decentralized reservoir of the data over the network. Each node holds a record of the data or transactions added in the form of a block.[3] Miners are nodes but entrusted with a more complicated task, i.e., they have to perform certain functions[4] over the data in order to validate it. Before the validated data can be added in the form of a block, it has to be verified by a majority of nodes over the network. This is the second task which is performed by the nodes.

Further, each block added to the blockchain network has its own unique hash generated through mining. The hash number serves as an identification tool for that block in the network. Each block also carries the hash number of the previous one which ensures that the data in the blocks cannot be modified.

3. Intersectionality of Blockchain and Healthcare  

Healthcare can adopt blockchain effectively in four key areas, outlined below:

3.1        Management of Medical Records: Healthcare services are inundated with issues of absence or improper maintenance of medical records and security and privacy concerns for the data. Even the available data is fragmented and isolated in nature. The absence of an established system for management of medical data may have far reaching consequences. Ensuring the highest level of protection to healthcare data is critical. This is where blockchain carries huge potential. Firstly, the decentralized network that characterizes blockchain ensures the integrity of the data over the system. The absence of a centralized server makes the system much more difficult to hack. Secondly, since the data is immune to change, the possibility of data preservation in its original form is higher.

Presently, various countries are also planning to shift towards blockchain. In its National Strategy on Blockchain released in 2021, India has proposed the creation of a national level blockchain framework with a domain specific chain for healthcare. The chain would function as a shared ledger and would be controlled by a system of smart contracts.[5] The small nation of Estonia has been a pioneer in blockchain demonstrating an expansive use of the technology for governance purposes including healthcare.[6] A blockchain enabled system may also be used to record data with respect to births and deaths. In India, the state of West Bengal has been the first to build a platform for issuing birth certificates and has already issued its first such certificate to a baby boy. Blockchain technology may also aid in future pandemic situations to track patient status, availability of beds, medicines, pharma devices, vaccination status, etc.

3.2       Tracking Pharmaceutical Products and Medical Equipment: Counterfeit pharmaceutical products are a challenge everywhere and India is not an exception. When used, they may lead to loss of human lives. As a consequence, having a top-notch system of tracing the chain of custody from the manufacturer to the patient assumes immense importance. Blockchain may eliminate, to a large extent, the possibility of external parties tampering with the supply chain of authentic products. If a unique identification number for each batch of manufactured drug is fed into the network and real time updates are added by every stakeholder it could create a more secure system of tracing end-to-end delivery of pharma products.

3.3       Clinical Trials: A blockchain carrying record of consent by trial subjects for clinical trials is another potential area. A properly updated ledger shall ensure that there is no possibility to tamper with the consent. This network shall also provide base for a readily available set of trial subjects for researchers as and when required. There are several other opportunities in this space, which we shall focus upon in the future.

3.4       Organ Donation and Transplant: This area requires coordination and live data inputs from various stakeholders, including the donor, the practitioner or the hospital where the donation is to occur, and a well-maintained and coordinated system of storage and transportation of the organ to the receiver. The system presently suffers from the lack of proper data leading to illegal supply of organs and non-efficient delivery. A blockchain connecting all the stakeholders can provide for a time-stamped record of the availability, status, and location of an organ thus creating a more efficient system which, in turn, shall eliminate the above issues while ensuring adequate security of the parties’ data.

4. Challenges to the Proposed System   

Efforts for implementing blockchain are still at a very nascent stage and there may be roadblocks to a complete overhaul of the existing system. Some key problems may be:

4.1        Compliance with Data Protection Laws: It is significant to note that health data is generally classified as sensitive personal data under data protection laws. The implementation of a blockchain system for healthcare could tangle with data protection laws since the inherent structure of a blockchain network defies any established form or rule. Firstly, it may prove difficult to delineate the position of a data fiduciary or a data controller[7] over a blockchain based network where every system has multiple functions as a node or a miner. This may become a significant challenge as data protection laws affix numerous compliance obligations over these entities. If a blockchain is to be utilized it may be ideal to affix roles beforehand, otherwise multiple parties may face liability for non-compliance with the law. For instance, Article 26 of the General Data Protection Regulation (“GDPR”) deems two or more controllers as joint controllers where they jointly determine the purpose and means of processing. Delineation of proper roles is also significant from the perspective of providing contact information of the data fiduciary/controller to the data principal as mandated under section 8 of the Personal Data Protection Bill, 2019 (“PDP”) of India and Article 13 of GDPR.

Secondly, most data protection laws provide a right to be forgotten and/or a right to erasure of the data. This becomes highly problematic over an immutable blockchain.  Thirdly, such laws also provide a right of correction of data which may prove problematic as this would require consensus by a majority of nodes to identify the block and re-hash the same. Fourthly, where the proposed blockchain spreads across territorial borders there may be major implications upon the transfer of data. For instance, Chapter VII of the PDP Bill permits transfer of sensitive personal data only where explicit consent has been provided by the data principal and the transfer is under a contract or an intra-group scheme approved by the data protection authority.

4.2       Miscellaneous: Amongst others, there may also be problems with respect to the access to digital resources, security, and scalability. A complete overhaul of the system will require changes at grass-root levels beginning with ensuring access to digital resources for all. Then, the technology while relatively safe is still not completely hack proof. Further, blockchain networks can only process a limited data in a fixed span of time. This may prove problematic, especially in healthcare, which generates enormous amount of data every minute.

5. Conclusion

It has been a little over a decade since blockchain technology made its appearance and in 2021 the world is at a digital crossroads. The success of the technology and its implementation in day-to-day applications shall remain largely dependent upon technological advancements, and bridging the gap between the technology and the law which essentially means that industry will need to drive this and the legislature will need to bring in appropriate legislation. This does not detract from the likelihood that blockchain technology may have a revolutionary impact upon the healthcare sector. However, in order to move forward, the technology and the law shall need to meet each other half way to create a safe and secure system benefiting all.


Sayantika Ganguly

[1] Satoshi Nakamoto, Bitcoin: A Peer-to-Peer Electronic Cash System (2008),, Last Accessed on November 23, 2021

[2] A report released by the Office of the USTR identified certain countries including India which served as the largest sources of counterfeit pharmaceuticals seized at the US border in 2020. See USTR, 2021 Special 301 Report (2021),, Last Accessed on November 23, 2021

[3] Primavera De Filipi, Aaron Wright, Blockchain and the Law (Harvard University Press, 2018), Chapter 2

[4] Mining is expensive and requires investment in specialized computer hardware and software. As an incentive for authenticating data, miners are rewarded with a block reward in the form of a virtual currency

[5] See –, Last Accessed on November 23, 2021

[6] In the technology utilized by Estonia, the data is not stored on the blockchain, rather only data hash is stored and transferred. The data is stored locally on servers linked through the government’s data platform known as X-Road. PWC, Estonia – The Digital Republic Secured by Blockchain, See, Last Accessed on November 23, 2021

[7] The two terms are synonymous and refer to persons who determine the purpose and means of processing of personal data