Daniel Fritz, Executive Director of the PharmaLedger Association and Marco Cuomo, Director of Tech Products & Innovation at Novartis, will present their SSI journey from the initial ideas, through realization of several Proof of Concepts with DIDs and VCs, to the PharmaLedger initiative. PharmaLedger was a 29 member, 3-year, €22 million project under the EU and EFPIA Innovative Medicine Initiative pursued DIDs with external partners such as the global standards organization GS1 and the Global Legal Identifier Foundation (GLEIF). The project also resulted in the creation of the PharmaLedger Association in 2022, a non-profit Swiss association mandated to launch the first open-source product, electronic Product Information (eLeaflet). The webinar will review some of the use cases and dive a little into the technical architecture adopted in the project.
Dehradun Call Girls 8854095900 Call Girl in Dehradun Uttrakhand
PharmaLedger: A Digital Trust Ecosystem for Healthcare
1. A Digital Trust
Ecosystem for Healthcare
Created and governed by the healthcare ecosystem, for the healthcare ecosystem.
https://creativecommons.org/licenses/by-sa/4.0/
2. Marco Cuomo
Director Tech Products & Innovation
Novartis
Daniel Fritz
Executive Director
PharmaLedger Association
https://creativecommons.org/licenses/by-sa/4.0/
3. 1. Empower global SSI
communities
2. Open to everyone interested
in SSI
3. All content is shared with CC
BY SA
Alex Preukschat @SSIMeetup
@AlexPreukschat
James Monaghan
@james_monaghan
Coordinating Nodes
SSIMeetup.org
SSIMeetup objectives
4. THE PROBLEM
Systems are not patient centric:
identities and data are monetized
Data silos limit secure and
trusted data exchange and
require reconciliation
Counterfeit (falsified) medicines
impact health and economies
Lack of data provenance,
visibility and transparency
Inefficiencies and
waste amplified
across the
value chain
Increasing risk of cyber attacks
and concerns with data privacy
Intermediaries add cost,
time and complexity
WHY
PHARMALEDGER
https://creativecommons.org/licenses/by-sa/4.0/
5. Business Use Only
5
IMI Operational
Inefficient processes, silo
thinking, internal focus.
«Trust Country»
External
Internal
DID RFS
IMI
Governance
Third Party Risk Mgmt (TPRM) PoC
Drug Sample Management PoC
Clinical Supply PoC
Productive Pilot TPRM
Clinical trials PoC:
Informed Consent
TPRM Production
IMI Project
Launch
2019
2
0
2
0
2022
Internal Blockchain Platform
Supply Chain, Quality, Data
Integrity production pilots
Awareness &
Training
Novartis Blockchain
Journey
Quality and Data
Integrity Productive
Pilots
Blockchain Enabled
Healthcare
Identity Access Mgmt
2018
Other use cases
Hyped
Expectations
Consortium
«Fatigue»
Privacy
Adoption
Innovative
Medicines
Initiative
(IMI)Submission
IDENTITY
THEFT
BEHIND
IMI Applicant
Consortium
2021
✔
On
going
✔
✔
External PoCs:
- Trusted Release
- FDA/Trace
Histories
✔
✔
https://creativecommons.org/licenses/by-sa/4.0/
6. The Problem
• Sourcing policy adherence in a multi-tier
network is not transparent
• Managing risk assessment and audits with
thousands of suppliers is costly and lengthy
impacting supplier onboarding lead time
• Data privacy and confidentiality is hard to
guarantee
• Buyers struggle to manage time-bound data or
corrective action plans
Public
6
Tier 1
?
✔
• Costly management of standardized and
non-standardized risk assessments for Pharma
customers.
• High re-work rate with the same content provided in
customer specific submission method (email, excel,
webforms etc)
• High lead time for first time procurement
onboarding and for requalification potentially
impacting business flow
Pharma Companies Suppliers
https://creativecommons.org/licenses/by-sa/4.0/
7. How is it done today?
Questionnaires, audits, certifications, licenses, etc.
– Health, Safety and Environment
– Information Security
– Anti-bribery
– Animal Welfare
– Labor Rights
– Data Privacy
– Quality (GMP)
– ...
Public
7
https://creativecommons.org/licenses/by-sa/4.0/
8. Decentralized Identity for TPRM
🙷Tiered Trust🙷
Public
8
(1) Credentials are registered on the blockchain by Trusted Entities and issued to the Identity Holder
(2) Identity Holder releases credentials to a potential customer, the requester
(3) Credentials are verified against the underlying blockchain network to verify and qualify the supplier
1 2
3
Supplier
(Identity Holder)
Trusted Entities
(Issuers)
Issue /
Accept
Present /
Request
Certified Supplier
Other
Pharma
Trust Fabric - Blockchain
Blockchain Enabled TPRM
🗹
Manufacturer
(Verifier)
https://creativecommons.org/licenses/by-sa/4.0/
9. Blockchain TPRM Pilot in Production
Business Use Only
9
https://creativecommons.org/licenses/by-sa/4.0/
10. A Vision for Digital Dossier (Micro-Certifications)
No more audits!
Performance and integrity of supply chain and manufacturing processes verified in a blockchain ledger
https://creativecommons.org/licenses/by-sa/4.0/
12. PHARMALEDGER PLATFORM OVERVIEW
OpenDSU
Middleware
Use Cases
Applications
• Legacy Systems, Systems of Records etc.
• Edge Devices (Mobile Apps, IoT, WebApps)
APIs, Adapters etc.
Integration
• Bridges between Application and Blockchain platform
• Abstraction layer for Applications
Data Sharing Units
DSU
• Encapsulates Data and Business Logic (code)
• Build-in Data Privacy and Confidentiality
• Enables secure sharing
Hashlinks, Versions
Anchor
• Link the DSU in Blockchain
• Guarantees integrity, traceability, provenance, immutability
Hierarchical Blockchains
Blockchain
• Use case specific Blockchain technologies
• All Blockchains are anchored in the Root
Blockchain
OpenDSU
APIs
Web
APIs
/
SDKs
(OpenDSU
SDK)
Root
UC1: ETH
UC2: HLF
Other Ledger
Company Ledger
Identities (DIDs) Validation Other..
ePI eConsent FGT More ...
Anchoring in Blockchain
Applications
(Digital
Wallets)
APIs/Adapters/Integrations
BDNS Bricking Other...
Anchoring Notifications
Off-chain Storage (Data Sharing Units)
Hierarchical
Blockchains
https://creativecommons.org/licenses/by-sa/4.0/
13. Clinical Trial
eRecruitment
Clinical Trial
eConsent Clinical Supply Finished Goods
Traceability
ePI
Electronic
Product
Information
Detecting
Falsified
Medicines
Medical Device
IoT &
Personalized
Medicines
WHAT
Anonymized
matching of
patients to clinical
trial inclusion and
exclusion criteria
Auditable,
version-controlle
d,
real-time and
immutable
Informed
Consent Form
Trusted Tracking of
investigational
medicine
distribution to the
patient
Visibility of
commercial
product inventory
for replenishment
and recall
notifications
Latest approved
product
information for all
manufacturers in
one app
Multi-factor
Packaging
Authentication and
data analytics
Dynamic
acquisition &
real-time data
processing for
patients
CTR Webinar
CTR explainer video
eConsent Webinar
eConsent explainer
video
Clinical Supply Webinar Finished Goods
Traceability
ePI explainer video
ePI Webinar #1
ePI Webinar #2
ePI Demo
Detecting Falsified
Medicines Webinar
Detecting Falsified
Medicines Explainer
Video
IoT Medical
Device Webinar
Personalized
Medicine Webinar
PHARMALEDGER PROJECTS
TRANSFERRED TO PLA
https://creativecommons.org/licenses/by-sa/4.0/
14. Enable the Digital Trust Ecosystem in Healthcare 4.0 (DTE-H) to
solve problems that can’t be solved by silos or single organizations.
PATIENTS
&
USERS
AWARENESS&
EDUCATION
MEMBERS &
SPONSORS
TECHNOLOGY
OVERSIGHT
PRODUCT
PORTFOLIO
GOVERNANCE
&
COMPLIANCE
INNOVATION LAB
R&D
To provide a global governance, compliance and operating model
that enables innovation and inspires collaboration among healthcare
stakeholders.
KEY FACTS
• Result of a 3-year, 30-member project completed in 2022
• Not-for-profit Swiss Association
• Pre-competition umbrella organization
• Patient focused, ecosystem-led, inclusive
• Technology agnostic, open-source solutions
• Innovation lab for new use cases
• Funded through membership fees and grants
• More at https://pharmaledger.org/
MISSION
VISION
https://creativecommons.org/licenses/by-sa/4.0/
15. ePI &
DETECTING FALSIFIED MEDICINES
1.
Scan QR Code
2.
Visual Instruction to
scan the 2D code
3.
Scan 2D Code
4.
Get eleaflets.
secure, latest and
direct
5.
Pop-up, optional
download of
App
APP
https://creativecommons.org/licenses/by-sa/4.0/
16. ✔ Global lookup Resolver for ePI
✔ No central server, enhanced security
✔ No single point of failure (high availability)
✔ Ensures patient data privacy
BLOCKCHAIN? FOR ePI!
e-leaflet versions
HEALTH AUTHORITIES
20+
MANUFACTURER
100+
HCP & PATIENTS
MILLIONS
Review and Approval Dissemination
Resolver
(Blockchain)
PC 9938251672557
SN 753328375613
Exp 07-2024
Lot AF4368
• GTIN
• Serial Number
• Batch Number
• Expiry Date
https://creativecommons.org/licenses/by-sa/4.0/
17. ePI chain of trust (Example)
MAH Wallet
(Governance)
GS1 MO
Or
GLEIF Partners
(LEI Issuers)
VC for MAH
MAH
DSU-Fabric
(Factory Wallet)
VC for Fabric
Product DSU
eLeaflet content
(XML, Images, video)
MAH-Signed eLeaflet VC
HA-Signed eLeaflet VC
Product attributes:
● GTIN
● Product Name
https://creativecommons.org/licenses/by-sa/4.0/
19. End-to-end Supply Chain Traceability Vision
N-tier Upstream Returns and Downstream
Clinical Trials API Production Packaging
Primary
Distribution
Distribution
Centers
Local
Distribution
Pharmacy
Hospital
Patient
Blockchain Trust Fabric | PharmaLedger
Decentralized
Identifiers (DIDs)
Risk &
Compliance
Digital
Certifications
Electronic
Product Info
Material
Traceability
Personal
Medicine
T&T Object
and Event
Cold Chain &
Location
Order-to-Cas
h
Security
features
https://creativecommons.org/licenses/by-sa/4.0/
21. :
:
:
:
: :
“type” “Ledger.Domain”
“Type Specific
Substring”
“Control
Substring”
ssi
Hint
Or Tag
“vn”
Diagram: Syntax of KeySSI Identifier
Examples:
ssi:seed:default:7PxHBdtYBVxzAQBsDAt9LneGQu5UKSndkg9ngf5d113E::v0
ssi:sza:default:e064764d4701ff563aa9be06c3b301ebdaa262a40c6ecc592254df75dbf097f6::v0
1. “ssi” just tells us it’s a SSI key
2. “type” defines complementary types of KeySSI
3. “Ledger.Domain” represent an ledger/blockchain domain
4. The “Type Specific Substrings” should contain enough random bits for good security.
5. The “Control Substring” used by the anchoring services to validate the requests for a new version of
the anchored DSU. The algorithm used for verification is type-specific.
6. The “vn” is a string reflecting the version number of the type. Not be confused with DSU versions.
7. The “hint” part is optional and subtype-specific.
21
KeySSI - Syntax
https://creativecommons.org/licenses/by-sa/4.0/
22. Product DSU
Product VC
Factory VC
KeySSI
Product
MAH DID
Factory owned by MAH
Factory DID
eLeaflet
Validations
1. Product VC belongs to the current DSU
2. The current eLeaflet (hashLink) is valid
3. Proof that MAH signed the DSU
4. Proof that MAH is valid pharma company
5. Check that MAH has authority on the GTIN
GTIN
Issuer
Subject
Claim
MAH VC
GS1 MO Credential for MAH
GS1 MO DID
MAH DID
GS1 Company
Prefix
MO VC
GS1 License Credential for MO
GS1 GO DID
GS1 MO DID
GS1 Prefix
Credential
Factory DID
HashLink of the eLeaflet
Factory Wallet
Factory Private Key
Product SeedSSI
Creates DSU
Creates Product VC
Factory VC
https://creativecommons.org/licenses/by-sa/4.0/
23. KeySSI - Why?
A KeySSI is both an access token (a key) and an identifier.
KeySSI is the acronym of “Key Self-Sovereign Identifiers”
● Resolved to DSUs: Identify and locate DSUs (URI)
● Used also for DSU Encryption (decentralised access control)
● DSU Validation and ownership proofs
● Identity and control of the DSU’s anchors ( zero access blockchain anchors)
● could be used to implement DID methods (DID documents obeying the
OpenDSU specific decentralised access control rules)
23
https://creativecommons.org/licenses/by-sa/4.0/