Jim Nasr, is the CEO of Acoer, a software development company whose vision, and work is all about building useful, usable, real time technologies that are fundamentally targeted at the healthcare industry. Jim was the former chief software architect at the Centre for Disease Control and Prevention (CDC) in the United States. In this podcast we discuss how NFTs and blockchain can be used to empower individual’s consent.

 What is blockchain?Blockchain is a public infrastructure that should be used within the public context. Blockchain provides transparency, auditability and accountability. Blockchain is a layer of trust that can be used to impute trust between parties who don’t trust each other.

Jim is keen for blockchain to move past the world of cryptocurrencies and proof of concepts. He wants to make blockchain as practical as possible with real practical solutions.

 Challenges of consentConsent is an element of compliance.

In the healthcare industry, when you go see your GP, you fill out paperwork to essentially give them consent to your medical health information for all time. For Jim there are a number of issues with that. It’s wrong that the patient doesn’t always fully comprehend what they’re signing, the process is complicated, it has to be done multiple time and the patient has no rights to say they’ve changed their mind. Jim gives the example that “if you're my orthopaedic surgeon, you should not have access to my mental health information”.

There is a double challenge with regards consent. On one side individuals who sign consent forms have no idea what they have exactly signed, what data is shared and where that agreement is. On the other side organisations have limited idea on who signed what agreements, what data was covered and where the agreements are stored. This creates repetition of the process where the individual is repeatedly asked to sign new consent forms.

Dynamic consent is the recognition that consent is not a and done concept, it is more dynamic with potential multiple phases for providing consent with the ability to revoke the consent, where the consent may expire after a certain amount of time and where it could be renewed.

Dynamic consent is digital which gives it properties to be tracked and monitored.

 Data dignityData has creators like individuals on Facebook, Instagram and Twitter to name a few who create data on those platforms. Essentially, we are implicitly giving those platforms the ability to use this data and along the way we become the product for the “free usage” of that platform. Consumer of those platform are creating content for the platform to leverage in a manner that creates a financial windfall for themselves. The issue is that we as consumers have no say in how that data is marketed and no say on whether firms like Cambridge Analytica use our data and create secondary data markets for themselves.

 Regulation: GDPR & CCPARegulation such as GDPR (General Data Protection Regulation) and CCPA (California Consumer Privacy Act) provide an important opportunity for regulators to help regulate consent. GDPR gives EU citizens the right to grant access to their information to third parties, including consent and gives them the right to be forgotten. Crucially this regulation carries some serious teeth where the financial penalties for firms who breach GDPR regulation is up to 4% of gross revenue.

For example Google has received a fine of €50m, British Airways of €22m and Marriott International of €20m.

CCPA is very similar to GDPR in terms of the protection it provides to consumers, in terms of consent and in terms of being fined if firms don’t comply.

In the healthcare industry there is the Cures Act which gives patients the legal right to get access to their health data from their electronic health record irrespective of the type of app they’re using.

 Components of consentThere are multiple components to a consent.