SCIENCE science.orgILLUSTRATION: SEBAS.IANHR/SHUTTERSTOCK
4 FEBRUARY 2022 • VOL 375 ISSUE 6580 501Transparency and effi ciency
By automating data-sharing agreements,
smart contracts can address long-standing
inefficiencies and the lack of transparency
in HIE ( 6 ) and may give rise to a market-
place of third-party user platforms that
allow patients to consult an intuitive pub-
lic ledger of transactions involving their
PHI. With the right safeguards in place,
patient-oriented industries might emerge
for tracking and aggregating a patient’s au-
thenticated data and for providing proxy
management of smart contracts on their
behalf. Other types of new marketplaces
might emerge as well. Advanced data-
sharing agreements and contracts might
enable the securitization of multiple NFTs
into derivatives, which might lead to in-
novative markets. Experiences from the
financial sector and the particular sensi-
tivity of health applications
point out the need for robust
and proactive regulatory safe-
guards of such innovation.
Conversely, data requesters
could benefit from easy verifi-
cation of the authenticity and
provenance of health data, as
well as automated and stream-
lined data procurement. Each
user, for instance, a prespeci-
fied set of research institutes,
would be granted a particular
access level according to the
smart contract terms, and re-
quests for data access could
be made transparent. A PHI-
specific blockchain (or set of
interoperable blockchains)
could ensure accountability by
making available a patient-ac-
cessible index of requester identities while
maintaining the pseudonymity of patients’
IDs. This incorporation of “privacy by de-
sign” automation and pseudonyms lends
NFT-type technologies their capacity to
deidentify patient data and allows patients
to participate in data-sharing decisions
while making it easier for companies and
institutions to access information about a
subject without strongly increasing risk of
reidentification. At least some of the in-
formation could be contained in metadata
to flag certain PHI with substantial mar-
ket value (e.g., genomic information from
patients with rare diseases, patients on a
newly approved medication, participants
in particular clinical trials).CHALLENGES
Data security and privacy
Blockchain technology upon which NFTs
are built does not necessarily prevent data
breaches because digital information itselfis not stored “on-chain.” This leaves only
the metadata (the NFTs) on-chain, protect-
ing information integrity regarding data
provenance, terms of data exchange, and
transaction history. The underlying data
pointed to by NFTs—the PHI—are only as
secure as the practices and procedures of
the myriad online platforms that provide
health-data storage and access. Without
proper digital security and data encryption
infrastructure or technological advance-
ments to counter the gradual accumulation
of noncritical failures in data storage (i.e.,
“bit rot”), a NFT could eventually amount
to nothing more than a defunct URL.
High-stakes NFTs are thus increasingly
stored in decentralized and highly redun-
dant networks like the InterPlanetary File
System (IPFS). These systems reduce server
resources and costs and provide multiplesources of backup. Already, the NFT mar-
ket has led to the emergence of third-party
“pinning” platforms that afford digital
content greater longevity, along with other
data safekeeping solutions that are likely to
affect digital security more broadly and to
relieve high processing costs. Additionally,
new blockchain protocols (notably Solana
and Fantom at the time of writing) are rap-
idly evolving to accommodate scalable on-
chain storage with high throughput while
also keeping energy costs down. Likewise,
Arweave has introduced “blockweaves” (as
opposed to “chains”) to incentivize nodes
to ensure data replicability and permanent
storage. These advancements improve data
security, permanence, and scalability and
potentially enable “a multichain future”
where chains can specialize and interop-
erate to support high-performance smart
contract platforms. However, they also
carry other legal and ethical concerns re-
lated to the right to erase or to rectify inac-curacies in personal data ( 7 ), which the im-
mutable nature of blockchain technology
and decentralized storage might render
functionally difficult to exercise.
Another challenge is that the privacy-
by-design feature of pseudonymity, which
is so central to NFTs and blockchain, may
be limited when pseudonyms are attached
to health data. Many health data are be-
coming so granular as to constitute digital
“fingerprints” for which only a few data
elements could allow for patient reiden-
tification ( 8 ). For NFTs to truly maintain
pseudonymity, they must be supported
with advancements in data encryption, for
example, helping “hash” data before they
reach human eyes (if they ever do).
In addition to technological advance-
ments, NFT data security and protection
concerns need to be addressed on a global
stage and through regulatory
means. The European Union
(EU) General Data Protection
Regulation (GDPR), for in-
stance, imposes strict obliga-
tions for processing personal
data and requires procedural
safeguards to avoid and re-
spond to data breaches and
misuses ( 9 ). Although progress
is being made in the United
States (e.g., the California
Consumer Privacy Act) and
federal-level reforms are being
debated ( 10 ), the US “patch-
work” regulatory approach
varies widely by state and cir-
cumstance and continues to
lag behind the GDPR ( 11 ).
The EU-US Privacy Shield
arrangement for cross-border
flow of PHI was invalidated ( 12 ) in large
part because of the fact that US regula-
tion offers limited opportunities for legal
redress for noncitizens. NFTs could help
repair these agreements by helping to fill
gaps in the capacity of individuals to seek
legal redress in at least two ways. The first
and most straightforward way is by con-
cretizing a set of terms by which an indi-
vidual (dis)agrees to contractually share
PHI with certain other entities. Like other
legally binding private contracts between
individuals and entities, if those terms are
clearly stated and thoroughly cover a wide
range of possible data-sharing scenarios
(including definitions of breach), and if the
terms of NFT smart contracts are mutually
recognized by governing bodies relevant
to the jurisdictions in which PHI is being
exchanged, then smart contracts should
constitute a legally binding mechanism
for seeking redress in cases where PHI ex-
changes break the terms of the contract.