Scrybe: A Secure Audit Trail for Clinical Trial Data Fusion

TL;DR

Scrybe introduces a permissioned blockchain solution to enhance the security and auditability of clinical trial data, especially from IoT devices, ensuring compliance with regulatory standards and tamper resistance.

Contribution

The paper presents Scrybe, a novel blockchain-based system tailored for secure, compliant, and tamper-evident management of clinical trial data from IoT devices.

Findings

Scrybe effectively stores proof of data provenance.

The system ensures compliance with regulatory audit requirements.

Tamper resistance is demonstrated through integration with REDCap.

Abstract

Clinical trials are a multi-billion dollar industry. One of the biggest challenges facing the clinical trial research community is satisfying Part 11 of Title 21 of the Code of Federal Regulations and ISO 27789. These controls provide audit requirements that guarantee the reliability of the data contained in the electronic records. Context-aware smart devices and wearable IoT devices have become increasingly common in clinical trials. Electronic Data Capture (EDC) and Clinical Data Management Systems (CDMS) do not currently address the new challenges introduced using these devices. The healthcare digital threat landscape is continually evolving, and the prevalence of sensor fusion and wearable devices compounds the growing attack surface. We propose Scrybe, a permissioned blockchain, to store proof of clinical trial data provenance. We illustrate how Scrybe addresses each control and the limitations of the Ethereum-based blockchains. Finally, we provide a proof-of-concept integration with REDCap to show tamper resistance.