PharmaLedger: A Digital Trust Ecosystem for Healthcare

A Digital Trust
Ecosystem for Healthcare
Created and governed by the healthcare ecosystem, for the healthcare ecosystem.
https://creativecommons.org/licenses/by-sa/4.0/

Marco Cuomo
Director Tech Products & Innovation
Novartis
Daniel Fritz
Executive Director
PharmaLedger Association

1. Empower global SSI
communities
2. Open to everyone interested
in SSI
3. All content is shared with CC
BY SA
Alex Preukschat @SSIMeetup
@AlexPreukschat
James Monaghan
@james_monaghan
Coordinating Nodes
SSIMeetup.org
SSIMeetup objectives

THE PROBLEM
Systems are not patient centric:
identities and data are monetized
Data silos limit secure and
trusted data exchange and
require reconciliation
Counterfeit (falsified) medicines
impact health and economies
Lack of data provenance,
visibility and transparency
Inefficiencies and
waste amplified
across the
value chain
Increasing risk of cyber attacks
and concerns with data privacy
Intermediaries add cost,
time and complexity
WHY
PHARMALEDGER

Business Use Only
5
IMI Operational
Inefficient processes, silo
thinking, internal focus.
«Trust Country»
External
Internal
DID RFS
IMI
Governance
Third Party Risk Mgmt (TPRM) PoC
Drug Sample Management PoC
Clinical Supply PoC
Productive Pilot TPRM
Clinical trials PoC:
Informed Consent
TPRM Production
IMI Project
Launch
2019
2
0
2
0
2022
Internal Blockchain Platform
Supply Chain, Quality, Data
Integrity production pilots
Awareness &
Training
Novartis Blockchain
Journey
Quality and Data
Integrity Productive
Pilots
Blockchain Enabled
Healthcare
Identity Access Mgmt
2018
Other use cases
Hyped
Expectations
Consortium
«Fatigue»
Privacy
Adoption
Innovative
Medicines
Initiative
(IMI)Submission
IDENTITY
THEFT
BEHIND
IMI Applicant
Consortium
2021
✔
On
going
✔
✔
External PoCs:
- Trusted Release
- FDA/Trace
Histories
✔
✔

The Problem
• Sourcing policy adherence in a multi-tier
network is not transparent
• Managing risk assessment and audits with
thousands of suppliers is costly and lengthy
impacting supplier onboarding lead time
• Data privacy and confidentiality is hard to
guarantee
• Buyers struggle to manage time-bound data or
corrective action plans
Public
6
Tier 1
?
✔
• Costly management of standardized and
non-standardized risk assessments for Pharma
customers.
• High re-work rate with the same content provided in
customer specific submission method (email, excel,
webforms etc)
• High lead time for first time procurement
onboarding and for requalification potentially
impacting business flow
Pharma Companies Suppliers

How is it done today?
Questionnaires, audits, certifications, licenses, etc.
– Health, Safety and Environment
– Information Security
– Anti-bribery
– Animal Welfare
– Labor Rights
– Data Privacy
– Quality (GMP)
– ...
Public
7

Decentralized Identity for TPRM
🙷Tiered Trust🙷
Public
8
(1) Credentials are registered on the blockchain by Trusted Entities and issued to the Identity Holder
(2) Identity Holder releases credentials to a potential customer, the requester
(3) Credentials are verified against the underlying blockchain network to verify and qualify the supplier
1 2
3
Supplier
(Identity Holder)
Trusted Entities
(Issuers)
Issue /
Accept
Present /
Request
Certified Supplier
Other
Pharma
Trust Fabric - Blockchain
Blockchain Enabled TPRM
🗹
Manufacturer
(Verifier)

Blockchain TPRM Pilot in Production
Business Use Only
9

A Vision for Digital Dossier (Micro-Certiﬁcations)
No more audits!
Performance and integrity of supply chain and manufacturing processes verified in a blockchain ledger

Copyrigh
t © 2022
Pharma
Ledger -
All
Rights
THE PHARMALEDGER
CONSORTIUM
30 Members – 10 EU
Member States, Switzerland,
Israel and USA
3-year, public-private project
to advance blockchain in
healthcare, 2020-2022
Created the PharmaLedger
Association!! (PLA)

PHARMALEDGER PLATFORM OVERVIEW
OpenDSU
Middleware
Use Cases
Applications
• Legacy Systems, Systems of Records etc.
• Edge Devices (Mobile Apps, IoT, WebApps)
APIs, Adapters etc.
Integration
• Bridges between Application and Blockchain platform
• Abstraction layer for Applications
Data Sharing Units
DSU
• Encapsulates Data and Business Logic (code)
• Build-in Data Privacy and Confidentiality
• Enables secure sharing
Hashlinks, Versions
Anchor
• Link the DSU in Blockchain
• Guarantees integrity, traceability, provenance, immutability
Hierarchical Blockchains
Blockchain
• Use case specific Blockchain technologies
• All Blockchains are anchored in the Root
Blockchain
OpenDSU
APIs
Web
APIs
/
SDKs
(OpenDSU
SDK)
Root
UC1: ETH
UC2: HLF
Other Ledger
Company Ledger
Identities (DIDs) Validation Other..
ePI eConsent FGT More ...
Anchoring in Blockchain
Applications
(Digital
Wallets)
APIs/Adapters/Integrations
BDNS Bricking Other...
Anchoring Notifications
Off-chain Storage (Data Sharing Units)
Hierarchical
Blockchains

Clinical Trial
eRecruitment
Clinical Trial
eConsent Clinical Supply Finished Goods
Traceability
ePI
Electronic
Product
Information
Detecting
Falsified
Medicines
Medical Device
IoT &
Personalized
Medicines
WHAT
Anonymized
matching of
patients to clinical
trial inclusion and
exclusion criteria
Auditable,
version-controlle
d,
real-time and
immutable
Informed
Consent Form
Trusted Tracking of
investigational
medicine
distribution to the
patient
Visibility of
commercial
product inventory
for replenishment
and recall
notifications
Latest approved
product
information for all
manufacturers in
one app
Multi-factor
Packaging
Authentication and
data analytics
Dynamic
acquisition &
real-time data
processing for
patients
CTR Webinar
CTR explainer video
eConsent Webinar
eConsent explainer
video
Clinical Supply Webinar Finished Goods
Traceability
ePI explainer video
ePI Webinar #1
ePI Webinar #2
ePI Demo
Detecting Falsified
Medicines Webinar
Detecting Falsified
Medicines Explainer
Video
IoT Medical
Device Webinar
Personalized
Medicine Webinar
PHARMALEDGER PROJECTS
TRANSFERRED TO PLA

Enable the Digital Trust Ecosystem in Healthcare 4.0 (DTE-H) to
solve problems that can’t be solved by silos or single organizations.
PATIENTS
&
USERS
AWARENESS&
EDUCATION
MEMBERS &
SPONSORS
TECHNOLOGY
OVERSIGHT
PRODUCT
PORTFOLIO
GOVERNANCE
&
COMPLIANCE
INNOVATION LAB
R&D
To provide a global governance, compliance and operating model
that enables innovation and inspires collaboration among healthcare
stakeholders.
KEY FACTS
• Result of a 3-year, 30-member project completed in 2022
• Not-for-proﬁt Swiss Association
• Pre-competition umbrella organization
• Patient focused, ecosystem-led, inclusive
• Technology agnostic, open-source solutions
• Innovation lab for new use cases
• Funded through membership fees and grants
• More at https://pharmaledger.org/
MISSION
VISION

ePI &
DETECTING FALSIFIED MEDICINES
1.
Scan QR Code
2.
Visual Instruction to
scan the 2D code
3.
Scan 2D Code
4.
Get eleaﬂets.
secure, latest and
direct
5.
Pop-up, optional
download of
App
APP

✔ Global lookup Resolver for ePI
✔ No central server, enhanced security
✔ No single point of failure (high availability)
✔ Ensures patient data privacy
BLOCKCHAIN? FOR ePI!
e-leaﬂet versions
HEALTH AUTHORITIES
20+
MANUFACTURER
100+
HCP & PATIENTS
MILLIONS
Review and Approval Dissemination
Resolver
(Blockchain)
PC 9938251672557
SN 753328375613
Exp 07-2024
Lot AF4368
• GTIN
• Serial Number
• Batch Number
• Expiry Date

ePI chain of trust (Example)
MAH Wallet
(Governance)
GS1 MO
Or
GLEIF Partners
(LEI Issuers)
VC for MAH
MAH
DSU-Fabric
(Factory Wallet)
VC for Fabric
Product DSU
eLeaflet content
(XML, Images, video)
MAH-Signed eLeaflet VC
HA-Signed eLeaflet VC
Product attributes:
● GTIN
● Product Name

Copyrigh
t ©
2020-20
22,
Pharma
Ledger
ePI CREDENTIALS CHAIN (GS1 Example)
Issuer Subject Assertion
MO VC
GS1 License Credential for MO
GS1 GO DID
GS1 MO DID
GS1 Preﬁx
MAH VC
GS1 MO Credential for MAH
GS1 MO DID
MAH DID
GS1 Company
Preﬁx
Factory VC
Factory Credential
MAH DID
Factory DID
Is MAH factory
Product VC
Product Credential
Factory DID
KeySSI Product
Is valid Product
Holder
MO MAH HQ DSU-Factory Product DSU
GS1 GO DID
GS1 HQ
Private Key
GS1 GO GS1 MO MAH Factory

End-to-end Supply Chain Traceability Vision
N-tier Upstream Returns and Downstream
Clinical Trials API Production Packaging
Primary
Distribution
Distribution
Centers
Local
Distribution
Pharmacy
Hospital
Patient
Blockchain Trust Fabric | PharmaLedger
Decentralized
Identifiers (DIDs)
Risk &
Compliance
Digital
Certifications
Electronic
Product Info
Material
Traceability
Personal
Medicine
T&T Object
and Event
Cold Chain &
Location
Order-to-Cas
h
Security
features

Thank You!
Questions and Answers

:
:
:
:
: :
“type” “Ledger.Domain”
“Type Specific
Substring”
“Control
Substring”
ssi
Hint
Or Tag
“vn”
Diagram: Syntax of KeySSI Identifier
Examples:
ssi:seed:default:7PxHBdtYBVxzAQBsDAt9LneGQu5UKSndkg9ngf5d113E::v0
ssi:sza:default:e064764d4701ff563aa9be06c3b301ebdaa262a40c6ecc592254df75dbf097f6::v0
1. “ssi” just tells us it’s a SSI key
2. “type” defines complementary types of KeySSI
3. “Ledger.Domain” represent an ledger/blockchain domain
4. The “Type Specific Substrings” should contain enough random bits for good security.
5. The “Control Substring” used by the anchoring services to validate the requests for a new version of
the anchored DSU. The algorithm used for verification is type-specific.
6. The “vn” is a string reflecting the version number of the type. Not be confused with DSU versions.
7. The “hint” part is optional and subtype-specific.
21
KeySSI - Syntax

Product DSU
Product VC
Factory VC
KeySSI
Product
MAH DID
Factory owned by MAH
Factory DID
eLeaflet
Validations
1. Product VC belongs to the current DSU
2. The current eLeaﬂet (hashLink) is valid
3. Proof that MAH signed the DSU
4. Proof that MAH is valid pharma company
5. Check that MAH has authority on the GTIN
GTIN
Issuer
Subject
Claim
MAH VC
GS1 MO Credential for MAH
GS1 MO DID
MAH DID
GS1 Company
Prefix
MO VC
GS1 License Credential for MO
GS1 GO DID
GS1 MO DID
GS1 Prefix
Credential
Factory DID
HashLink of the eLeaflet
Factory Wallet
Factory Private Key
Product SeedSSI
Creates DSU
Creates Product VC
Factory VC

KeySSI - Why?
A KeySSI is both an access token (a key) and an identifier.
KeySSI is the acronym of “Key Self-Sovereign Identifiers”
● Resolved to DSUs: Identify and locate DSUs (URI)
● Used also for DSU Encryption (decentralised access control)
● DSU Validation and ownership proofs
● Identity and control of the DSU’s anchors ( zero access blockchain anchors)
● could be used to implement DID methods (DID documents obeying the
OpenDSU specific decentralised access control rules)
23

PharmaLedger: A Digital Trust Ecosystem for Healthcare

Recommandé

Recommandé

Contenu connexe

Tendances

Tendances (20)

Similaire à PharmaLedger: A Digital Trust Ecosystem for Healthcare

Similaire à PharmaLedger: A Digital Trust Ecosystem for Healthcare (20)

Plus de SSIMeetup

Plus de SSIMeetup (20)

Dernier

Dernier (20)

PharmaLedger: A Digital Trust Ecosystem for Healthcare