The Astrix Blog
Expert news and insights for scientific & technology professionals.
The Life Science Industry Blog for R&D Professionals
Security and Blockchain’s Impact on a Digital Transformation of Life Sciences
It is critical that Life Sciences organizations protect patient information. The pharmaceutical industry is a popular target for hackers because of the access to sensitive information like R&D data, patents, and patient information. This unauthorized access to sensitive information leads to loss of public confidence, stolen intellectual property, and large income losses. The pharmaceuticals sector reported the third highest average cost of a data breach among all industries in 2021. This was after healthcare and financial services.
Cybersecurity breaches inflict huge costs on pharmaceutical companies. Estimates from 2020 place the average cost of an attack at US $5.06 million, which is 1.3 times the global average. 1
Security and Blockchain
Security relative to Information technology (IT) refers to the procedures, apparatus, and personnel employed to safeguard a company’s digital assets. IT security aims to prevent unauthorized users, also known as threat actors, from stealing, exploiting, or disrupting these assets, devices, and services.2
Enhanced metadata collection and tagging for security purposes is one technique being employed to strengthen security. Machine-readable tagging of data enables dynamic security models within and across enterprises. This tagging enables attribute-based security models and access enforcement.
Blockchain is another technology that can be used to enhance security. A blockchain is simply a digital ledger of transactions that is replicated and disseminated across the entire network of computer systems on the blockchain. Each block on the chain consists of several transactions, and each participant’s ledger receives a copy of each new transaction that takes place on the blockchain.
The digitization and dynamic real-time enforcement of security policies in trusted, secure environments, like blockchain, ensures data integrity and privacy compliance. Blockchain’s use of hashing proof of work mechanism, and distributed nature provides a mechanism to capture data securely, verifiably, and immutably within and outside of the sponsors’ environment of control.
Unfortunately, Life Sciences has been very slow to adopt blockchain compared to other industries as models are complex, difficult to scale, and a lack of blockchain SMEs with life science domain expertise.
Emerging and Deployed use Cases for Block chain
The following are ways in which blockchain is currently being used in the industry .
- Commercial platforms for secure exchange of genomic information, allowing different labs to contribute to an individual’s genomic blockchain record and for the individual to own and control access to the use of such data.
- Commercial drug serialization which allows a complete record of the chain of custody/condition and repackaging of drugs and supports supply chain management.
- Partnership collaboration platforms facilitate data sharing across organizations while still allowing each company to protect its intellectual property rights.
- Used as a Storage Architecture where block chain ensures the immutability and integrity of data.
Considerations with Security and Blockchain
Life Science organizations need to determine their strategy for accessing and protecting patient data in this evolving environment. We see this happening across the industry, including:
- GDPR legislation.
- The decision of 23andMe to block access to their genomic databases.
- Aggressive moves by Amgen, AZ, and Regeneron to launch genetic sequencing projects to build IP.
- Nebula Genomics’ plans for a blockchain-enabled genomics data sharing/analysis platform highlight the urgency to move now or risk being locked out of desirable options.
External pressures are driving the need for Pharma to lead the way in developing responsible security and privacy strategies to build public trust. The following are some considerations relative to securing data in the organization:
Trusted Execution Environments
- Complex collaborations will require dynamically formed, trusted execution environments to perform secure data exploration and analysis (e.g., genomics analysis). These environments will leverage technologies such as secure data enclaves (e.g., Intel’s Software Guard Extensions) and working through object fingerprints (e.g., chemical properties, signatures) to provide in memory protection of data, computations, and results.
- Use case-appropriate tooling will be automatically provisioned within each trusted environment, such as the dynamic provisioning of bioinformatics platforms for collaborative research and development.
Secure Data Sharing
- Permissioned (not public) distributed ledgers (e.g., blockchain) will be required to allow data generators (patients, collaborators) to share data in a trusted environment, releasing only that which has been appropriately permissioned for use by verified network participants.
Dynamic Policy Enforcement
- Rapidly evolving data protection regulations and cultural shifts require R&D to instantiate mechanisms to centrally enforce data access policies automatically. Data resources must be dynamically tagged upon creation/ingestion with sufficient metadata to describe their allowable uses. Central enforcement points combine this metadata with machine-readable policies and roles to determine who gets access to data resources.
Why It Matters to You
Protecting patient data is essential for life sciences firms because of the access to private data including R&D records, patents, and patient information. The pharmaceutical industry is a favorite target for hackers because of this.
In this blog, we discussed:
- What attribute-based security models and blockchain are and how they are used in life sciences.
- Key Security Focused Technologies.
- Emerging and Deployed use Cases for Block chain.
- Considerations with Security and Blockchain.
To learn more about other emerging technologies, watch our webinar replay on the topic – Emerging Technologies’ Impact on Digital Transformation in Life Science or download our white paper on the topic.
Astrix is the unrivaled market-leader in creating & delivering innovative strategies, solutions, and people to the life science community. Through world class people, process, and technology, Astrix works with clients to fundamentally improve business & scientific outcomes and the quality of life everywhere. Founded by scientists to solve the unique challenges of the life science community, Astrix offers a growing array of strategic, technical, and staffing services designed to deliver value to clients across their organizations