This idea cannot be sent to Jira
COVID-19 Immutable Test Results Submission and Visualization
Accurate COVID-19 test results tracking is necessary for health surveillance and pandemic mitigation efforts, including directing testing resources, targeting therapeutics and vaccine distribution, and focusing pandemic control measures. Test data reporting by various labs, agencies, and test manufacturers, who enable results collection, is done through various means today – subject to omissions caused by human and network errors, risks to data integrity, etc. This lowers the trust in the completeness, integrity, and accuracy of the reported data, and the mitigation efforts that rely on it. As testing moves beyond the controlled environment of medical labs to work places, colleges and universities, airports, sports venues, etc. these challenges become even stronger – introducing additional risks of identity fraud, data tampering, improper PII handling, etc.
COVID-19 immutable test results submission and visualization solution using Oracle Blockchain Platform and Oracle Analytics in Oracle Cloud Infrastructure solves issues in the current results submission methods and mitigates the challenges and risks of At-Anywhere diagnostics.
Our solution design utilizes a distributed ledger technology based on open source Hyperledger Fabric deployed in FedRAMP-certified Oracle Gov Cloud. It enables real-time reporting of individual and batched results in a trackable manner with confidentiality, integrity of identity and data, and immutability of the distributed ledger technology.
5 min Video of Capstone Project
Elevator Pitch
COVID-19 immutable test results submission and visualization using Oracle Blockchain Platform, Analytics and Oracle Cloud Infrastructure
Challenge Goals
As testing moves out of the labs to work places, etc. there’s greater risk of human & network errors, identity and results tampering, and improper PII handling. Our solution is a test device-agnostic means of automated reporting with confidentiality, integrity of identity/data, and immutability. The organization’s identity (e.g., test venue, test manufacturer) is registered on a blockchain, submission is digitally signed via private key (enabling authentication, integrity checking, and non-repudiation), PII data is encoded in one-way hashes, and fields are validated by smart contracts before the results are added to an immutable ledger across multiple nodes. Any device or app can use it via REST with HHS-required data fields as payload.
Feasibility
Our solution leverages public cloud services and a minimum viable product could be developed in 2-4 weeks. The solution leverages an HHS pilot infrastructure already running in FedRAMP-certified Oracle Government Cloud: Oracle Blockchain Platform, Database, and Analytics. The additional permissioned blockchain nodes can be deployed in 3rd party clouds or on-premises, and can interoperate with non-Oracle nodes from other Hyperledger members. This solution provides extensible easy-to-use REST APIs and a web app for alternate file-based submission, does field validations in smart contracts, and integrates rich data analysis and visualization. It can be extended with mobile device registration, 3rd party authentication, and user management.
Design
- Test devices/apps register a blockchain identity (X509 cert) for a testing venue or manufacturer
- User/admin App reports scans or CSV/HL7 files via REST API over TLS-encrypted Internet connections with PKI-signed transactions for authentication, integrity and non-repudiation
- Blockchain nodes dedicated or shared for zero-infrastructure clients
- PII anonymized (salted SHA2 hash), user matching by consent with blockchain audit trail
- Non-PII data - test details, results, demographics, etc. are stored on blockchain with access control and at-rest encryption
- HHS uses an internal search application and Oracle DB/Analytics for rich visualizations & reports
- Other orgs, e.g., CDC, states, etc. can get access via own nodes or, if authorized, shared HHS nodes
Innovation
Permissioned blockchain is an innovative open source technology that provides an immutable, single source of truth for test results. It enables non-repudiation, data integrity, confidentiality, and protects the data from tampering in a way that previous technologies could not, thereby enabling trust and transparency in open data and open government. Combining government-required reporting of test results & demographics with self-sovereign PII access control meets health surveillance needs while protecting privacy. Open source-derived solution is interoperable among multiple vendors & clouds for provider diversity. Cloud-based deployment of pre-integrated solution enables rapid time-to-value and dynamic scalability with on-demand expansion.
Flexibility & Scalability
Oracle Blockchain Platform combines the Linux Foundation open source Hyperledger Fabric project with enterprise-grade security, resilience, scalability, and integrations. It’s interoperable with other vendors' Hyperledger Fabric nodes and supports REST API-based reporting for maximum flexibility and integration of diverse devices and apps. It is extensible in breadth of the APIs and is dynamically scalable as our Cloud services can scale up or ramp down as per HHS needs. It can also be extended through 3rd party integration for other advanced capabilities. And its decentralized nature means that any organization can integrate with the blockchain nodes as needed without having to depend on HHS implementation of the future requirements.
Sustainability & Extensibility
Our initial design provides a front-end Web application and REST APIs to enable submission of the test results directly from mobile apps or test manufacturer or administrator network. Additional integrations can include adapters, APIs that batch multiple records, queries, analytics dashboards, visualizations, and direct integrations for mobile user management. Future options include data feeds into supply chain systems for distribution of testing supplies, therapeutics, vaccines, etc. This can also be extended for self-sovereign user access control to PII. The goal: real-time health monitoring capabilities using a modern, cryptographically-secured, decentralized, and automated framework to help support modernization of healthcare delivery.
Team & Collaboration
The Oracle team members included: Mark Rakhmilevich, Gindy Feeser, Bala Vellanki, Tom Plunkett, Ashar Hussain, Clarke Colombo, Steve Prescott, Jay Smith, Brian Leonard, Dan O'Malley, Nick Cabrera, Lauren Farese, and David Knox, drawing blockchain specialists, API integration experts, Cloud engineers, and others with diverse experience in creating secure, scalable, and sustainable solutions.
Additional Comments
What Team(s) contributed to this Capstone Project?
The Oracle team members included: Mark Rakhmilevich, Gindy Feeser, Bala Vellanki, Tom Plunkett, Ashar Hussain, Clarke Colombo, Steve Prescott, Jay Smith, Brian Leonard, Dan O'Malley, Nick Cabrera, Lauren Farese, and David Knox.
If you are using patient data, are you using real patient data or mock data? Please use MOCK patient data only
MOCK data
Sophia B Liu 2 months ago
This idea has been advanced to the current phase
People's Choice Voting Extended
Reply 0
Sophia B Liu 2 months ago
This idea has been advanced to the next phase
People's Choice Voting Extended
Reply 0
Andrea Pitkus 2 months ago
Trying to understand if there are preconditions met by other software. (In general) 1. How to collect AOEs, from ordering provider/patient/specimen collector 2. Integrate into app/LIS or other information source for patient to be married to results of IVD test device/system 3. All transmitted to public health (ELR) 4. All transmitted to HHS (may be met by 3).
Will your approach support all 4 or only portions of above for "tracking lab results"?
Looks like your application is EHR specific. Do you support LIS based reporting of ELR in HL7 v2.51 (per the MU IG)? For patient performed results are they routed to the physician who is required to report via electronic Case Reporting (eCR) by law? Is only CDA supported or other messaging formats like FHIR and V2.51 depending on where the reporting occurs. How would your approach support LISs or labs that don't have API functionality?
How/where are LOINC, SNOMED CT and other codes systems supported in your messaging to meet requirements?
How are CLIA testing requirements met in your system?
Reply 0