Dr. R S Sharma: How Blockchain Can Unify India's Health Data And Improve Research
In this week’s The Core Report: Weekend Edition, former Chairman of TRAI and former CEO of National Health Authority R S Sharma talks about how blockchain can secure health data sharing, trace drug authenticity, and leverage Aadhaar for digital identity.
NOTE: This transcript contains the host's monologue and includes interview transcripts by a machine. Human eyes have gone through the script but there might still be errors in some of the text, so please refer to the audio in case you need to clarify any part. If you want to get in touch regarding any feedback, you can drop us a message on [email protected].
Dr. Sharma, thank you so much for joining me. So we are going to talk about blockchain and how it could be used and will find application in India across the digital public infrastructure architecture. But before I come to that, what is your understanding of blockchain and if you were to explain it to someone who does not really understand how it works, how could you do it and maybe I can request you to do it in more than one language.
I will, that's fine. Thank you so much Govind for having me and I think it's wonderful to connect with you after such a long time. I have been working with the blockchain for some time now and before that I was working with the digital public infrastructure starting with Aadhaar and then of course UPI and then ONDC and then CoWin and other stuff.
I find that, today's world, what is required is essentially having a system where you can have an immutable record of transactions which happen across the value chain and which are not happening only in one organisation but which are happening across the ecosystem. Multiple parties are actually recording the transactions and how can you ensure that there is a trust, there is immutability and there is complete transparency in these transactions and that the blockchain technology enables that to happen. And I think that's very important in today's world, for example, take health.
Now in health, what happens that you have various hospitals generating data of the patients and somehow if the patient has to be in control of that data, then it is important that the data or the records are put on a blockchain so that A, they become immutable, they cannot be changed subsequently and thereafter, you are able to provide an access to the patient so that patient is able to share his or her own data with any service provider, the doctor or the pharmacy or the diagnostic lab, etc.
So I think that's what is very, very important in this context and I think we are at a stage where we can significantly use the blockchain technologies to achieve this kind of transparency. One example was when you had COVID during the period of COVID, as I was the chief of COVID and what we did was that we basically created what is called the certificate, you could download the certificate, which was again, digitally credentialed data and that whole thing could be put on a blockchain because ultimately, once you are vaccinated, thereafter, you can't change the record.
So an event which has happened and where there is no question of modifying or editing that particular record and in case you need subsequent change in the event, you can create another record which could be interleaved with the earlier record. So that way, it becomes a very credible kind of infrastructure on which you could put this whole thing.
I'll come back to health in a moment. But when you're saying that we were downloading that certificate, which we were, that was already blockchain in operation or in action?
No, it was not blockchain in operation. I was talking about what is called immutable vaccine record, IVER as we were saying it. So those are certainly the kind of certificates which could be put on the blockchain.
You don't need to put the data itself on the blockchain. You can hash the certificates and that you can put on the blockchain and which can be accessed from anywhere, anytime. So this is the architecture.
Architecture-wise, you don't have to do a username, password and stuff like that. You can just access that data anytime, anywhere. And that's very, very important in this context.
So we were not putting it in the blockchain, but this is a potential application of blockchain in the health space.
And how would that change? I mean, I understand the security and the access part. What else would that change? Let's say assuming that same certificate was sitting on blockchain today, what else would change in the consumer's interaction with that data set? Or how would it become easier?
What is going to happen is that then it becomes a publicly available database. So just the consumer just gives the credentials, his own credentials in terms of his digital identity or the consent token. So not only is he or she able to download that data, he or she is also able to share that data with anyone whom he or she likes to share just by giving the consent token to that person.
So in a way, it will change. Currently, what you can do, you can just download your own data, keep it on your mobile and then, share it. There you could do a remote sharing of the data with anybody who wants to see.
And therefore, for example, in a health space, when you are having, let's say, an interaction with a doctor or teleconsultation, what you could do, you can just send a consent token to the blockchain, which could enable access of your data and making it visible on the doctor's device. That way, you could remotely share your data with a doctor.
And, you argued in an Indian Express article piece recently on the edit page that basically, we have three sets of data. We have private hospital data. We have government data.
And then we have private consultations, which are in millions across the country, which never get recorded. And as patients, whether they are mobile or otherwise, data is essentially lost. So therefore, would this be one of the big business cases for application of blockchain?
Certainly, it will be a very big business case. And it also will basically enable the patients to share their data. Today, I'm a patient. And now what happens, either my data is locked up in the hospital, where I have had consultations and this is locked up in various kinds of hospitals. So there is a mechanism. Fortunately, ABDM, Ayushman Bharat Digital Mission provides that mechanism to essentially link the exchange, which is called Health Information Exchange and Consent Manager, where I can give my consent.
And then the URLs of that storage are stored. And therefore, you can do so. That sharing, fortunately, is currently being enabled.
But what happens is that once you have it in the blockchain part, then you will also be able to utilise that, monetise that data, because you can give consent to share your data with any person who basically, pays you or gives you some incentives. So patients could be incentivised to share their data. And that will be very useful for those people with whom the data is being shared, because they could use that for clinical research for other kinds of purposes.
So what is happening is that we have a treasure trove of data, which is currently not being shared with the researchers or with and you could anonymise the data. That's another interesting part of the blockchain, whereby you could simply anonymise the data and then, = share this in bulk with the, researchers or any other communities.
And if we have to action this again, specifically in the context of health data, because we are obviously losing time in this, what would we need to do first?
Well, I mean, there has to be one is the policy, guidelines that this is the way it has to be done. And the edit page, which you were talking about, we are argued that we need to create a clear policy guidelines as to why, how patients could monetise their data, how could they share their data, and how can they provide consent. Fortunately, in India, we have the consent artefact, which was, which is based on the digital identity, about Aadhaar.
So that already exists. So the basic what is called the building blocks of the entire enabling the blockchain to enable such thing exists already, what is required is essentially a policy prescription saying that this is something which could be enabled, and patient could share their data, and the data repositories must enable such sharing to take place.
You mentioned Aadhaar. So can you expand on that a little? You're saying that Aadhaar is or will act like a key to digital data?
What I'm saying is as follows is that ultimately, when I share my data, what is the guarantee that it is I who is sharing my data and nobody else is proxying on my behalf? So, the strong digital foundational digital identity is a prerequisite for any other consent or any other authorisation to be given to anybody. So what I'm saying is that Aadhaar is one such, structure, something which has been done in this country, which essentially ties up individuals with their consent.
And that's very important. Otherwise you will have a situation where I could give consent on behalf of you and you will never come to know of it. So therefore, because that basic identity problem has been solved and therefore the application of blockchain is suddenly, suddenly it can explode and suddenly it can happen in multiple ways.
And health is just one example. There are multiple examples in which this could be done. And as one of the basic problems or one of the basic advantages of blockchain data, transaction data on blockchain is that the transaction becomes traceable.
So therefore, for example, if I have created some object here in Noida in my factory, suppose I own the factory and then I created an object and that object moves as the transactions move, then, it basically you are able to say that, yes, this object was produced in Noida. Recently, I had chaired a meeting on use of blockchain or use of technology to ensure spurious and fake drugs. This was, commissioned by the Pradhan Mantri Janosadi Yojana.
And what they are worried about is that there are many drugs which are fake and spurious drugs which are taking place, which are happening in this country. How can we ensure that we actually put all that transaction data starting from the manufacturing to the wholesaler, to the retailer, to the final person and enabling the citizens to verify whether this particular drug has come through that supply chain or not. And the blockchain is one very, very beautiful way of ensuring that because once you scan this and that QR code goes to the blockchain and then, it can immediately figure out whether this particular drug or this particular strip of drug was indeed produced by that factory or not or whether it has come from outside.
So that's one way of ensuring the genuineness of a product.
And I'm going to come to that in a second. But before that, health is obviously a big use case. Finance is the other use case. And there are so many linked, I guess, solutions and problems to solve. What according to you in the finance ecosystem, whether it's KYC or others, is, let's say, a problem that we need to, where we could apply a blockchain solution?
Yeah, because basically what can happen is that the credentialing, the data credentialing is one important issue. So therefore, what I can do, I can basically put my data credential part on the blockchain and then easily, seamlessly share that. I mean, it's not, I don't depend on an institution to enable doing that, but I can myself, once this public blockchain is allowed, thereafter, I'm allowed to put my data onto that blockchain and that data can be seamlessly, I can share it.
So now this can happen in electronic KYC because KYC is a very important topic. What is happening is that every bank is asking me to do KYC and, this whole very fractured way of doing KYC, despite the fact that India has had a digital KYC being done since last about 10-11 years. Despite that, we have been the mutual funds have different KYCs, the banks have different KYCs.
There is an attempt to make the central KYC and KRA, as they say, the common KYC. But still, it is still not in a great way. Blockchain could actually facilitate that, whereby I don't have to depend on any institution.
I can just simply enable that access of KYC. So some banks ask me, all right, Mr. Sharma, we want your KYC. I could just give them a consent token saying that fetch my KYC from this place.
And he is able to, he or she, the bank is able to do that. So this is one of the, another application of blockchain.
And now to come to Aadhaar, the Aadhaar is a foundational, let's say, service is already well defined, understood. But as we keep applying it to more and more use cases or keep linking it to more and more services, there are sometimes challenges of fraud, of question marks, of authentication and so on. So is that, again, an area where you see blockchain playing a role?
I'm not very sure because ultimately Aadhaar authority also, how they implement the backend, I'm not sure. But basically, you are able to get your KYC done quickly. And then you are able to share it.
You have a digital locker in a way which actually enables you to sharing your data, even digitally sign the data. So that is possible. But I think the credentialing part, putting the credentials on the blockchain could basically make it, make the process much more faster, so to say, and less dependent on the overall, sort of institutions, so to say.
So if I were to ask the question from the other side, what else do you think we need to do to make the Aadhaar ecosystem stronger than what it is, if that is the case?
Well, I mean, there I would say, less of a blockchain, more of applying Aadhaar or enabling Aadhaar uses to many other private sector applications. Because what has happened is that after Supreme Court judgement in the Puttuswamy case, somehow Aadhaar has been limited to maybe the government services, telecom services, banking services and stuff like that. There are a large number of private sector applications which require authentication of identities.
For example, take the case of a gold loan. People take gold loan and they take gold and then the agency gives the loan. And suppose somebody impersonated and some stolen gold is given to that entity and the loan is obtained.
Then we are, it is a crime to basically sell the stolen gold and then it's a crime for that other part also who accepts that gold loan. Now, if there was a mechanism for the person who is given the loan to authenticate the identity of the person who is basically approaching him for the loan, it will make things much more safe and much more hassle free. So therefore, my case in that particular case is not so much the underlying, technology, whether it is blockchain or a database or other kinds of things, but the fact that it must be used more and more in many private sector applications which require identity authentication, which requires electronic KYC and stuff like that.
And if you were to think about an ecosystem where let's say blockchain works more closely with Aadhaar, what do you feel are the challenges as well as the opportunities?
Well, as I said, blockchain makes it very easy for, data being, transactions being more sort of. So I would say that the Aadhaar related transactions, if they are put on the blockchain, of course, this is not connected with Aadhaar because Aadhaar is not really looking into the transactions per se, Aadhaar is looking only for, authentication logs and stuff like that. But then, once you have the, once you can put the transactions of various kinds of the blockchain, it will actually help in accessing those transactions, verifying the validity of the transactions, for example, land registration systems.
Now, land registration system could be put on a blockchain, which actually will make things very easy rather than, the name registration comes from the fact that, the document is put in register. Now, you don't really need to do that. You can always, put that data somewhere and the hash of that data on the blockchain, which means that the data itself becomes immutable.
Nobody can, nobody can make the registration document, nobody can play with it or nobody can edit it. And that makes it very, very robust and, powerful without creating many, these registration and other kinds of things. So what is required is essentially just make it more and more, many of these systems which require maintenance of the data in a particular office, those can be put on a public blockchain and they could become much more credible and robust and less costly and less more frugal.
And last few questions. I mean, how do you see DigiLocker in all of this?
DigiLocker, for example, if the documents themselves need not be registered in the DigiLocker, the stored in the DigiLocker, DigiLocker can become just the point where what could happen is that there are n number of documents, those hash value of those documents are actually put in the DigiLocker. Now, how they are stored in DigiLocker, whether it is a blockchain or whether it's a database in a DigiLocker of the hash values, this is something, an architectural issue and that can happen. But the basic principle of blockchain, which means that immutability can be achieved using the blockchain technology in the DigiLocker.
Yeah, I was thinking, for example, if it's my, let's say, college leaving certificate or, the, yeah, the degree certificate, you don't actually need to upload the degree certificate, which you have to now.
Right, right. Absolutely. Absolutely.
What you can do is essentially is that if there is a system of blockchain, then what you can do the DigiLocker, you can just create the hash value of that and put it on the blockchain and that becomes the place where you can share. So, for example, let me put it this way, in the health space again, hospitals are creating these records, right? Patient records.
Now, if they are somehow put it somewhere, wherever they want to put it, that's records is not really the issue. If they can just put the hash value of these records in a blockchain, on a blockchain, that itself becomes a very good way of data exchange of the certificate exchange. Similarly, the DigiLocker part, also the same thing can happen, whereby it becomes easy for anybody to just share the data.
Right. Last question. So, it's been, it will soon be about 15 years since Aadhaar and how are you thinking about identity and digital public infrastructure today in terms of the unfinished agenda?
Well, Govind, I just, I have just come back from a conference on DPI organised by the Ministry of External Affairs for our ambassadors in African continent. And essentially, I was saying is that now that we have solved the foundational problems, which is basically the identity and the payment. And now we have gone into the domain-specific DPIs, like the digital commerce or health or other, CoWin, for example, was another CoWin-specific, but also purpose-specific.
So, once having solved that, I think what we need to do is that these building blocks, which have been created, now they are enabling all kinds of transactions to take place. For example, let me give you one small example. When you do a teleconsultation in a health space, what you do, you essentially, you are able to connect with a doctor, you are able to authenticate the doctor from the health professional registry under the ABDM saying that this doctor is not a quack.
Similarly, the doctor is able to authenticate your identity, that this is not somebody who is proxying for somebody else, he is really R.S. Sharma. And then, of course, the doctor writes prescription. The doctor can digitally sign the prescription using e-sign, which is based on Aadhaar.
And then you are able to pay to the doctor using the UPI. So, basically, all the pieces of, which enable transactions have already been created. Now, what is required in the next generation of these reforms or these applications is essentially to use these building blocks to create more and more applications and create more and more applications which are following the principles of digital public infrastructure, which is interoperable, which is basically scalable, which actually is based on open source, open APIs, which is frugal in nature. All these attributes which are the attributes of Aadhaar and other DPIs which India has created, those can be incorporated and they can become the further building blocks, they can create further more and more solutions. So, I think now the time has come for us to branch off in agriculture, in irrigation, many other areas, specific civil aviation roles, etc., etc., to apply these principles, which we have sort of built over a period of last 15 years. And then efficiently apply them to improve the governance, to improve the service delivery and other kinds of things.
Dr. Sharma, it was a pleasure speaking with you. Thank you so much for joining me.
As always, thanks, Govind. Thanks for having me on this particular podcast
Thank you.
