Frequently Asked Questions
Rich healthcare information exists today, but it is all too often inaccessible. This impedes healthcare delivery and results in a lack of personalized care, excessive medical costs and suboptimal patient outcomes. Coral Health was founded in early 2017, with a vision to build a more connected future in healthcare by advancing security, transparency and personalized patient care with distributed database and blockchain-powered technology.
Our team is based in beautiful Vancouver, British Columbia. Our team and advisors are luminaries in academia, biotechnology and finance. Two thirds of our team have advanced degrees from renowned universities in Vancouver, Toronto, and Boston. For more information on our team, check out “Who we are.”
We’re starting by helping patients reclaim ownership over their medical records. With our app, patients can view medical records from all of the various places they receive care conveniently on their phones. We then incentivize patients to securely share those records with other entities in the Coral Health ecosystem to personalize patient care and lower healthcare costs.
No we’re not another EHR, but one of the services that our patient app provides is the ability to easily access all of your records from across your different providers all on your mobile device. All you have to do is login to the places you’ve received care once and we’ll maintain a persistent connection so that all of your existing health records, as well as new records, will be instantly available via our mobile app.
1. Highly accessible. Decentralized storage ensures that a file (e.g., a patient record) continues to be accessible and removes reliance on a particular entity (e.g., a large hospital) to either continue hosting that data or continue allowing access to that data.
2. Shared access. Permissioned entities can write to their own copy of the database and everyone else’s copy of that database will automatically stay in sync. This ensures people are working off of the same information which makes care coordination a lot easier and avoids common issues like record fragmentation and record redundancy.
3. Immutable referent. Underlying data can't be altered after it's posted to the blockchain, so entities using the data can be confident that it's accurate. This gets around the trust issues inherent in using patient data that comes from outside your own organization, such as from a hospital or patient.
Many of the benefits of our system stem from features of our distributed approach rather than from the blockchain. The classic double spend problem that the blockchain was designed to solve is not an issue when it comes to patient medical records. Blockchain technology, however, does nicely complement our distributed data architecture. Similar to the benefits that the national health system of Estonia achieved by storing immutable referents to data on the blockchain, we can ensure that data being shared distributedly by numerous entities is never altered and data provenance is easy to trace.
Many of the blockchain healthcare companies we have researched require widespread adoption before they can add value for participants. However, without immediate benefits, key stakeholders such as patients and physicians often resist adopting new technologies. In the past, this obstacle has led many healthcare IT companies to fail to attract sufficient participants to realize the potential of their solutions.
Coral Health is approaching commercialization differently: We’re developing a suite of business applications to immediately deliver value to healthcare organizations. As more entities participate in the Coral Health ecosystem, we will drive additional value by facilitating efficient data exchange between these entities and providing applications to automate cross-party administrative processes (e.g., prior authorizations, claims processing, prescription refills).
Yes, you can view it here.
One of our major partners is Principle Health Systems in Houston, who has provided us with a Letter of Intent (LOI) to conduct a pilot. We also have a LOI from the British Columbia Centre for Disease Control as well as a LOI from a large Canadian public health authority and a hospital chain in Latin America. We can't announce those last two quite yet, though.
Coral Health is working to create a seamless connection between your providers’ EHR systems and our patient app. This connection supports most of the commonly used data types from an EHR system, including medications, allergies, procedures, conditions, clinical vitals, and labs. We also allow users to manually enter results, so even if a particular provider’s EHR system is not integrated with Coral Health, our users can still benefit from using our system.
By encrypting all information and never storing personal data on the blockchain, our system is fully HIPAA and GDPR-compliant by default. Learn more about our encryption method below, or in Section 6 of our whitepaper.
No, your personal information is fully encrypted and only you have the key. You can securely share your information with anyone you choose, such as friends, family and care providers.
- Before data is sent from a provider to a patient, the data is first automatically encrypted with a public key that is linked to the unique private key that each patient has stored on their mobile device.
- Because the patient’s private key only resides on their device, only the patient is able to access their medical data.
- The patient can also securely share access to this file by decrypting the file and then recrypting it with their own key and a recipient’s key. Now, both parties have access.
- The beauty of this architecture is that while the system is incredibly secure, the patient and the provider don’t need to know anything about encryption or managing keys. The security features are handled on the backend and the end user never has to interact with them.
Each time new data is created a symmetric key is also generated. That symmetric key is used to encrypt the data. The symmetric key is then encrypted using a patient’s public key. The encrypted symmetric key is then posted to the blockchain while the underlying encrypted data is stored off-chain using IPFS. The patient can then decrypt the symmetric key using their public key and use that decrypted key to decrypt the underlying data. Here’s a basic example:
- Say we want to add data on a patient like "BRCA-1 Test Positive". That would get hashed to something like "123456.
- In the block that contains this "123456" it will store the hash of the previous block that might be "abcdef.
- Those blocks get broadcast to all the other nodes and the nodes check the block that contains "123456" and sees that it contains a previous hash of "abcdef."
- Then the nodes check the previous block to make sure the hash of that previous block is indeed "abcdef."
- When a patient requests data from their provider, the information is immediately encrypted using the patient’s public key
- A hash referent to the encrypted file is generated
- This referent is stored on the blockchain while the encrypted file itself is stored in IPFS
- It is standard practice nowadays to store data off-chain. IPFS is getting pretty well known for distributed data storage and anyone who wants to run a node can. This ensures democratization - however, we'll probably need to seed the nodes ourselves at the beginning while more entities become interested in hosting their own.
Yes, all of our code is open source and available in our GitHub:
Coral Health will only collect data from other sources when users connect them through your Coral Health Records App. As you connect your data sources (like mobile apps, web portals, and wearables), your Personal Data and Protected Health Information will be collected and accessible to you through the Coral Health Records App. All information collected is encrypted and securely stored on your mobile device. None of the information will ever be accessed or stored by Coral Health unless you explicitly choose to share your information or make your information available for commercial purposes.
We believe that you, the data owner, should always be in control of your information AND choose whether or not you want to share it. As a default we will ensure that data sharing is turned off so you can activate it at your discretion.
Coral Health will NEVER share or use your data for any commercial purpose without your permission. Even when you opt to monetize your data, we never share your name, address, phone, or any personally identifiable information that reveals who you are specifically. What we sell is a contextual picture of your health that helps other organizations in the healthcare industry better improve their products, services and overall work to advance healthcare. This contextual picture provides information about your health, but does not give anyone the ability to send you notifications outside of those you opt-in to receive through Coral Health Platform.
Both. Coral's ultimate goal is to drive efficiencies in health records aggregation and exchange to simplify healthcare operations and better personalize patient care. We’re not satisfied with where personalized medicine is today - we need a method to provide secure, real-time access to validated health records so that providers can coordinate care and deliver truly customized treatments to their patients. All the applications we're building play to the day to day motivations of various healthcare players such as labs and insurance companies. Our ultimate vision is to build a more connected future in healthcare in order to improve public health outcomes. To do that, we need to reconfigure the balance of power in data storage from insurance companies and labs, back to the patient. To get there, we are building, discrete, incremental use cases for each player in our healthcare system. We discuss these uses cases in our whitepaper linked above.
The differentiating factor of the Coral Health model is that we're going ground up, playing to the individual incentives of healthcare companies - like automating prior authorizations so a payer can save on manual review costs - with data accumulation just a byproduct of this process. High level mandates for healthcare companies to share the data they've worked to accumulate have largely been unsuccessful. The US government tried to do this with the Affordable Care Act. We've been very thorough in designing our workflow to ensure we're not asking or compelling companies to share existing data but rather have the data flow in naturally through various operational use cases. These use cases are highlighted in our whitepaper.
Coral Health revenue comes from its ongoing sale of tokens from its platform, which are replenished with a small transaction fee each time a service is used, as well as from subscription fees for setting up smart contracts for industry partners, such as payers that would like to use our system to automate their prior authorization reviews.
Please check out our detailed project roadmap on our Token page or in our whitepaper.
We definitely have. Transaction speeds are slowing and costs are increasing by the day. This is why Ethereum is likely moving to a Proof of Stake model via their Casper project. Within the Proof of Work model, companies like Tendermint are offering side chain solutions that must be implemented. Writing everything to the main net is going to become untenable very quickly. Building on top of Ethereum in its current state is fine to get our project started but we’re anticipating moving to a different platform or integrating side chains in the future.
Many of us have developed most recently in Go and are most productive with it.
Go interfaces are very powerful in healthcare app development and the blockchain. There are many different structs (e.g. blood test, genetic test, immunology test) that all have similar behaviors and need to be abstracted. In Go, interfaces are implicitly satisfied, unlike Java where you have to declare every time you want an object to be included in an interface allowing for rich abstractions.
The management of Go routines is a great fit with the blockchain since processes need to run asynchronously. As we look into developing our own blockchain in the future, Ethereum's Go implementation has many nice templates to benchmark and review.
1) User record values are encrypted and sent to the smart contract on private chain sitting on our servers and simultaneously written on main net or referenced to IPFS.
2) Function in the smart contract gets triggered.
3) Smart contract returns a boolean cover == true to payer.
With the blockchain, it is always immediately possible to tell if something is valid, as it must have come from a valid history, and everyone agrees completely on the sequence of valid history.
You don’t change it - you simply append a new event that supersedes the incorrect one.
That’s where we want to get to. We want a couple key use cases to show the power of our protocol, so we’re focusing on that right now. But we’re opening sourcing our work already - you can see how you can use IPFS to encrypt and work with health data here: https://github.com/mycoralhealth/corald
The name coral is a play on imagery. Under a microscope, corals look like interlocking hexagons. Relatedly, precision medicine is closely tied to genomics and DNA base pairs also look like interlocking hexagons. We think it’s pretty clever :)
So far our approach has been blockchain agnostic. We are doing most of our tests on Ethereum, so people can try out our platform easily but some of our use cases will require more of a permissioned approach. We speak to the Hyperledger folks pretty frequently and have also been developing some of our own hybrid solutions. Once we focus more development on a particular blockchain, we’ll update our community.
We need to preface our response first by saying that Coral Health Tokens have functional product uses and are not designed to be traded as securities. This is the fundamental property of a utility token. With that said, we want tokens to exchange hands often as that indicates a vibrant Coral Health ecosystem.
Here are 2 of several key reasons why we need a Coral Health Token to fuel our ecosystem:
1) Each of our use cases is very specific to the healthcare industry. For example, insurance companies use Coral Health Tokens to process automated prior authorizations. These tokens then get transferred to the patient who can spend them to get customized health tips from doctors. Because there is a rich system of earning and spending tokens and the system is self contained, we want to encourage ecosystem use of tokens rather than this medium of exchange to simply be fed outside the system (with ETH). In the same way that BTC/ETH incentivize hashing power, Coral Health incentivizes delegating and creating health data for automated Coral Health-specific use cases.
2) We have a small transaction fee of tokens each time they switch between corporate healthcare participants. Because Coral Health Tokens are required to fuel entity use cases (eg. for insurance companies and research companies) we need a steady, controlled method for them to purchase more tokens predictably. By having a small transaction fee Coral Health Tokens we ensure these entities can purchase through us to continue to activate the use cases (which is also a revenue driver for Coral Health).
Holding tokens only has value to the extent that healthcare participants want to spend them for various use cases in the future. This is not unlike any large (or small) corporation holding healthy cash reserves to be able to spend them on product expansion in the future. If a payer has a healthy supply of Coral Health Tokens, it doesn’t mean they aren’t spending them as well. Having a large supply of Coral Health Tokens and also spending them regularly is a good thing for healthcare entities and allows for concurrent system vibrancy and future use.
Store, access and share health data: This will always be a free feature for patients using our app.
Graphically track health trends: Patients who want to track trends in key health metrics, such as their blood pressure and heart rate to better manage their conditions, can spend tokens to unlock this premium feature.
Real-time eligibility checks: Patients who want to see what drugs and medical procedures they should qualify for, based on medical policies written by their insurance companies, can spend tokens to check their eligibility. Currently, this feature only supports hair transplant and laser hair removal eligibility checks for patients with BCBS MA, Aetna and Excellus health plans, but Coral Health is rapidly expanding the number of treatments and health plans included.
Health tips: Patients can spend tokens to receive customized health tips from a marketplace of healthcare professionals.
Targeted promotions: Healthcare professionals can spend tokens to provide unsolicited health tips to patients who have opted in.
- There is a fixed supply of 488,157,894 Coral Health Tokens
- Tokens never expire
- Coral Health will sell tokens on an ongoing basis from our platform
- Coral Health receives a small transaction fee (<5%) on all services and applications used on its platform, which we will then resell from our platform
People from China, the United States, and the Canadian province of Ontario will not be able to purchase tokens at this time.