blockchain for health data (LeoWolfert/

Harnessing blockchain for electronic health records

Researchers with the Centers for Disease Control and Prevention's National Center for Health Statistics are looking to use distributed ledger technology to securely collect data from electronic health records to use in the hundreds of reports and surveys they publish each year tracking the state of public health.


Lessons from a government blockchain pilot

The Bureau of Fiscal Service shares what it learned when it used a distributed ledger to track employee equipment. Read more.

The next link in the (block)chain

The Blockchain Playbook can help agencies move forward with development and deployment of the distributed-ledger technology for their specific use cases. Read more.

The new building block(chain) of health care records management

A scalable, secure data exchange ecosystem can support high-quality research while safeguarding against breaches of sensitive patient data. Read more.

“If you look at EHRs and medical data records as a supply chain management problem, blockchain is an ideal fit,” Christopher Lynberg, lead research and development scientist at the CDC, told GCN.  “We decided to create a single, isolated, cloud-only prototype using synthetic data to educate ourselves on how to use blockchain technology.”

The proof of concept uses IBM’s blockchain platform. The EHR data itself is stored off the chain in the IBM cloud, and references to the data from the distributed ledger are accessible only to select CDC employees.

The synthetic environment allowed researchers to experiment. They used the blockchain to change ownership of EHR data, access the information and authorize others with access to use the data for their NCHS reports. 

“We used best practices to create off-the-chain data storage" and a cryptographic hash or pointer to reference where the data resides in the distributed ledger, IBM Blockchain Tech Lead David McElroy said.  “The hashes provide a consistency between systems so researchers can have access to the information that they need.”

Due to HIPAA regulations, no personal public health information is kept on the blockchain. The only data found in the EHRs is anonymized medical histories, treatments and doctor visit summaries.  However, the information used in this proof of concept is synthetic – not actual CDC data.

“We’ve set up this prototype as separate entity from the currently operating data collection system,” Askari Rizvi, chief of the CDC’s technical services branch, said.  “We see this project giving us the ability to provide another layer of consent, traceability, reportability into the EHR collection process.”

The blockchain test also helped CDC address questions related to identity access management. “We get additional control through creating permissions and found the trackability and immutable record of transactions worked as expected,” said Tom Savage, a blockchain researcher at the CDC.

After the test with the synthetic data is complete, a larger test of an EHR system could  occur before turning the system  into a real-time production environment. 

Besides helping CDC better manage and secure its data, the distributed ledger technology will also allow outside researchers to get access to CDC data.

“We want to engage with proofs of concept outside the CDC that will help research institutions find solutions for things like food traceability,” Lynberg said.  “In order to this, we must first understand this technology and find ways to match the right blockchain platform to the right issue to solve supply management problems.”

“The CDC is responsible for about 1,500 different science topics, and every one of them has a database behind them,” Savage said. “In the future, it is not hard to imagine that there could be blockchain technology addressing every one of those scientific topics.”

Editor's note: This article was changed June 21 to correct the spelling of Askari Rizvi's last name. 

About the Author

Sara Friedman is a reporter/producer for GCN, covering cloud, cybersecurity and a wide range of other public-sector IT topics.

Before joining GCN, Friedman was a reporter for Gambling Compliance, where she covered state issues related to casinos, lotteries and fantasy sports. She has also written for Communications Daily and Washington Internet Daily on state telecom and cloud computing. Friedman is a graduate of Ithaca College, where she studied journalism, politics and international communications.

Friedman can be contacted at or follow her on Twitter @SaraEFriedman.

Click here for previous articles by Friedman.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.