Pharmaceutical supply chains are complex structures including various actors, and blockchains are seen as a promising solution to increase effectiveness and overcome some of the main challenges in these supply chains, especially the lack of trust. However, the European Union has set strict rules in the domain of pharmaceutical supply chains in order to protect patient safety and public health, and using blockchains brings further legal requirements to comply. Among these requirements, personal data protection is of utmost importance because it has been argued, for years, that blockchains and the EU data protection regime are in conflict by their natures. However, it is also claimed that when rightly designed and combined with other technological solutions, blockchains can offer great opportunities to enhance data protection. Nevertheless, blockchains’ potential in pharmaceutical supply chains has not yet been realized as most use cases are in the Proof of Concept or pilot stages.
This paper will examine the debates around blockchains and data protection with the objective of drawing constructive conclusions on whether blockchains solutions can be designed in data protection-enhancing ways and whether this can help realize blockchains’ potential in pharmaceutical supply chains, particularly by creating trust. For this purpose, this paper takes the example of an ongoing EU-funded innovative research project called PharmaLedger as a case study to concretize its theoretical examinations. This project is chosen since it gathers together a wide variety of stakeholders representing different interests and aims to create a digital trust ecosystem in healthcare, by providing a widely trusted platform that supports the design and adoption of blockchain-enabled healthcare solutions while accelerating the delivery of innovation that benefits the entire ecosystem from manufacturers to patients.
Clauson KA, Breeden EA, Davidson C, Mackey TK. Leveraging Blockchain Technology to Enhance Supply Chain Management in Healthcare: Blockchain in Healthcare Today. 2018;
2.
Georgiev N, Yaşar B, Castella I, S. PharmaLedger deliverable 5.2: in-depth ethical and legal study. 2021;
3.
Finck M. Blockchains and Data Protection in the European Union. European Data Protection Law Review. 2018;4(1):17–35.
4.
Livitckaia K, Charles W, Piedra L, Niemerg U, Hasselgren M, Papadopoulou A, et al. Blockchain application in healthcare sector. EU Blockchain Observatory and Forum. 2022;
5.
Pharmaledger. 2022;
6.
Schöner M, Kourouklis D, Sandner P, Gonzalez E, Förster J. Blockchain technology in the pharmaceutical industry. 2017;
7.
Arviem A. Quick guide to pharma supply chain visibility. Arviem AG. 2017;
8.
Hurley J. Creating a transparent supply chain for prescription drugs-InsideSources. 2017;
9.
Pharmaceutical strategy for Europe. 2020;
10.
Bagozzi D, Lindmeier C. 1 in 10 medical products in developing countries is substandard or falsified. 2017;
11.
Mccauley A. Why big pharma is betting on blockchain. Harvard Business Review. 2020;
12.
Georgiev N, Van Der Eycken D, Castella S. PharmaLedger deliverable 5.1: ethical and legal inventory. 2020;
13.
Directive 2001/83/EC of the European Parliament and of the Council on the Community code relating to medicinal products for human use.
14.
Directive 2003/94/EC laying down the principles and guidelines of good manufacturing practice in respect of medicinal products for human use and investigational medicinal products for human use.
15.
Directive 2011/62/EU of the European Parliament and of the Council amending Directive 2001/83/EC on the Community code relating to medicinal products for human use, as regards the prevention of the entry into the legal supply chain of falsified medicinal products.
16.
Council of Europe Convention on the counterfeiting of medical products and similar crimes involving threats to public health (CETS. 2011;(211).
17.
Kayhan H.
18.
/EC of the European Parliament and of the Council by laying down detailed rules for the safety features appearing on the packaging of medicinal products for human use. Commission Delegated Regulation.
19.
20.
European Parliament and of the Council of 31 March 2004 laying down Community procedures for the authorisation and supervision of medicinal products for human and veterinary use and establishing a European Medicines Agency. Regulation. 2004;(726).
21.
Ciapponi A, Donato M, Gülmezoglu AM, Alconada T, Bardach A. Mobile apps for detecting falsified and substandard drugs: A systematic review. PLOS ONE. 2021;16(2):e0246061.
22.
Regulation 2016/679/EU on the protection of natural persons with regard to the processing of personal data and on the free movement of such data. 2016;
23.
Parliament E. Directorate-General for Parliamentary Research Services, Finck M. Blockchain and the general data protection regulation: can distributed ledgers be squared with European data protection law? Publications Office. 2019;
24.
European Court of Human Rights, European Data Protection Supervisor, European Union Agency for Fundamental Rights. Handbook on European data protection law. 2018;
25.
Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data (Data Protection Directive).
26.
Center G, Enterprise, Slaughter, May, Cravath, Swaine &, et al. March of the blocks-GDPR and the blockchain. Digital Supply Chain. 2019;
27.
Gaur V, Gaiha A. Building a transparent supply chain. Harvard Business Review. 2020;
28.
Article 29 Data Protection Working Party (WP29). 2017;
29.
Mainelli M. Blockchain could help us reclaim control of our personal data. Harvard Business Review. 2017;
30.
Lyons T, Courcelas L, Timsit K. Blockchain and digital identity. EU Blockchain Observatory and Forum. 2019;
31.
Zyskind G, Nathan O, Pentland A “Sandy.” Decentralizing Privacy: Using Blockchain to Protect Personal Data. 2015 IEEE Security and Privacy Workshops. IEEE; 2015. p. 180–4.
32.
Article 29 Data Protection Working Party (WP29). 2014;
33.
Lyons T, Courcelas L, Timsit K. Blockchain and the GDPR. EU Blockchain Observatory and Forum. 2018;
34.
Moerel L. Blockchain & Data Protection and Why They Are Not on a Collision Course. European Review of Private Law. 2018;26(Issue 6):825–51.
35.
Moerel L, Storm M. Blockchain can both enhance and undermine compliance but is not inherently at odds with EU privacy laws. Journal of Investment Compliance. 2021;22(2):122–32.
36.
Solutions for a responsible use of the blockchain in the context of personal data. 2018;
37.
Schrems I. 2020;
38.
Recommendations 01/2020 on measures that supplement transfer tools to ensure compliance with the EU level of protection of personal data. 2021;
39.
Standard contractual clauses (SCC). 2022;
40.
Zetoony D. What exactly is a “transfer impact assessment” (TIA), and where the heck did it come from? Data Privacy Dish. 2022;
41.
Neuburger J, Choy W. 2019;
42.
Bacon J, Michels J, Millard C, Singh J. 2017;
43.
Berberich M, Steiner M. Practitioner’s Corner ∙ Blockchain Technology and the GDPR – How to Reconcile Privacy and Distributed Ledgers? European Data Protection Law Review. 2016;2(3):422–6.
44.
Deleting personal data.
45.
Section 35 of the Gesetz zur Anpassung des Datenschutzrechts an die Verordnung (EU) 2016/679 und zur Umsetzung der Richtlinie (EU) 2016/680. 20AD;
46.
Guidelines 4/2019 on article 25 data protection by design and by default. 2019;
47.
Software development with data protection by design and by default. 2022;
Citation
Copyright
This is an open access article distributed under the Creative Commons Attribution License which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
The statements, opinions and data contained in the journal are solely those of the individual authors and contributors and not of the publisher and the editor(s). We stay neutral with regard to jurisdictional claims in published maps and institutional affiliations.
