INSIGHTS | POLICY FORUM
502 4 FEBRUARY 2022 • VOL 375 ISSUE 6580 science.org SCIENCE
A second and more indirect way to ad-
dress the lack of legal redress is for NFT-
type smart contract terms to stipulate in
advance the approved entities with which
an individual agrees to share (or prohibit
access to) their PHI. By allowing patients to
prosent in such a way, smart contracts pro-
vide a preemptive and automated mecha-
nism for data exchange that is aligned with
individuals’ preferences. Unless PHI is ac-
cessed in a data breach (highly unlikely
by virtue of no longer being stored in a
centralized database and even less likely
if stored “on-chain”), those data
will be unavailable (i.e., “digitally
locked”) for access, purchase, or
theft without the NFT owner’s
consent. A preemptive and au-
tomatically executed smart con-
tract might, with the right legal
design, minimize the need for
individuals to seek legal redress.
Intellectual property rights
A major advantage of NFTs when
discussed in the art world is their
verification of authenticity and
originality. Originality may be less of a con-
cern for HIE. Many entities seeking to use
PHI may not care about the originality of
the data; they just care whether those data
are accurate representations of a patient’s
PHI. Storing a patient’s health data as an
NFT could help to verify its provenance and
accuracy. However, it also raises important
questions about who legally controls PHI
and has the right to share or sell it. The
answer is not straightforward. Intellectual
property rights (IPRs) over creative works
usually lie with an artist or, in certain cases,
with companies that curate digital informa-
tion. By contrast, PHI is often thought of as
collected or generated through the use of
technology, rather than created, thus lack-
ing the “originality” typically required for
copyright protection. Once collected or gen-
erated and organized by hospitals, device
manufacturers, or pharmaceutical compa-
nies, those data may become the property of
the data collector, not the patient. Entities
that eventually develop clinical follow-on
innovations based on data stored as NFTs
may also claim some form of IPR. Because
rights over health data remain complex and
contested ( 13 ), NFTs may be most useful for
specifying collaboratively agreed-upon con-
ditions for exchange and reciprocity, if not
direct ownership.
Equity, sustainability, and trust
Given the complexity of NFTs and the legal
structure, it is unclear whether average citi-
zens will be able to take advantage of them
in the health space. Most people will need
the aid of trusted intermediaries to mint
their data and manage private keys. They
will also need user-friendly interfaces to in-
terpret requester and transaction ledgers.
In addition, patients will need legal support
to create smart contracts that serve their in-
terests. Ironically, this need for intermedi-
aries could be the slippery slope back to the
centralization of PHI. If these intermediar-
ies are costly, socioeconomic factors will act
as gatekeepers for “digital ledger citizen-
ship,” exacerbating existing digital divides
and participation gaps.Another force winding back to central-
ization is that a widespread switch to PHI
stored as NFTs on a blockchain would re-
quire more computer power to verify a
growing amount of data and number of
transactions, resulting in greater energy
costs and necessitating more capital and
physical investment. These dynamics may
incentivize a return to powerful institutions
and constitute critical challenges to the rai-
son d’être of decentralized infrastructures.
However, certain blockchain support inno-
vations are emerging to address energy and
climate burdens, with implications for the
democratization of participation through
reduced processing costs.A PATH FORWARD
In addition to these challenges, attempts
to democratize data-sharing decisions are
likely to encounter resistance by key play-
ers who dominate the multi-billion-dollar
medical-industrial complex and benefit
from a status quo where the exchange of
patients’ digital health data remains un-
monitored and largely unregulated ( 1 ).
Their resistance against using NFTs to
automate patient preferences may further
strengthen if it is discovered that these
preferences entail widespread reluctance
to share personal data without express per-
mission or compensation, as some evidence
suggests ( 14 ). Any viable consideration of
NFTs for health may require the gradual
introduction of patient-focused control
and dynamic consent clauses into existing
data-sharing agreements, which currentlyallow for large-scale exchanges of EHR
data between health care organizations
and third parties without express patient
awareness or consent. Smart contracts
have advantages over existing approaches
to consent in that conditions for consent
may be more granular and data exchanges
can be tracked and verified by patients
and do not require that exchanges occur
through third-party custodians. As an im-
mediate step, NFTs could be explored in
experimental test cases that involve block-
chains and smart contracts. Such flexible
frameworks may offer opportuni-
ties for simultaneous “symbiotic”
development of technology and
regulation to accommodate new
digital ownership models like
NFTs and test their impacts in
real-world settings. Further, they
could offer empirical insights
into best practices for balancing
innovation with individual rights
and public interests ( 9 ). Accom-
panying qualitative research into
patient preferences and attitudes
toward NFT-like frameworks as
a means to exercise control over patients’
PHI will be critical to understanding util-
ity and acceptance, as well as to ensure
the accessibility and interpretability of
their PHI. jREFERENCES AND NOTES- K. D. Mandl, E. D. Perakslis, N. Engl. J. Med. 384 , 2171
(2021). - A. L. McGuire et al., J. Law Med. Ethics 47 , 12 (2019).
- K. D. Mandl, I. S. Kohane, N. Engl. J. Med. 382 , 1781
(2020). - S. Porsdam Mann, J. Savulescu, P. Ravaud, M. Benchoufi,
J. Med. Ethics 47 , 244 (2021). - N. Rieke et al., NPJ Digit. Med. 3 , 119 (2020).
- K. D. Mandl, I. S. Kohane, N. Engl. J. Med. 374 , 205 (2016).
- European Union, General Data Protection Regulation,
Articles 16 to 19: Regulation (EU) 2016/679 of the
European Parliament and of the Council of 27 April 2016
(2016). - L. Rocher, J. M. Hendrickx, Y.-A. de Montjoye, Nat.
Commun. 10 , 3069 (2019). - W. N. Price 2nd, M. E. Kaminski, T. Minssen, K. Spector-
Bagdady, Science 363 , 448 (2019). - M. Fazlioglu, in Data Protection Around the World
(Springer, 2021), pp. 231–248. - Council on Foreign Relations, “Reforming the U.S.
approach to data protection and privacy” (2018). - M. Corrales Compagnucci, T. Minssen, C. Seitz, M. Aboy,
EPLR 4 , 153 (2020). - T. Minssen, J. Pierce, in Big Data, Health Law, and
Bioethics (Cambridge Univ. Press, 2018), pp. 311–323. - F. Briscoe, I. Ajunwa, A. Gaddis, J. McCormick, PLOS ONE
15 , e0229044 (2020).
ACKNOWLEDGMENTS
T.M. and I.G.C. were supported by the Novo Nordisk
Foundation (NNF17SA0027784). A.L.M. has received funding
from Info Commons, Sulston, and BRAINshare through
grants R01HG008918, R01CA237118, and R01MH126937,
respectively, and is on the board of the Greenwall Foundation
and on the science advisory board for Danaher, the Morgridge
Institute of Research, and Geisinger Research.
10.1126/science.abm2004“By automating data-sharing agreements,
smart contracts can address
long-standing inefficiencies and the
lack of transparency in
HIE [health information exchange]...”