All but the smallest laboratories use electronic lab notebooks (ELNs) and laboratory information management systems (LIMS) to conduct effective and compliant research and discovery. Chances are, if you work in a lab, you are using at least one of these systems to manage lab data. At first, users usually invest in ELN/LIMS for the standard user features: recording, organizing, and keeping track of research data. However, as ever-stricter security and compliance requirements challenge the capabilities of ELN/LIMS, the security of research data can become a key differentiator for these systems.
When security and compliance requirements approach the functional limits of the ELN/LIMS, the fundamental challenge is usually the difficulty of securely storing data in this centralized system, leading users to wonder:
- How can you trust that the data stored in the ELN/LIMS will not fall out of regulatory compliance due to unauthorized modification?
- How can you store data in their ELN/LIMS when that data cannot leave the institution due to regulatory restrictions?
- How can archived or exported data remain compliant?
These concerns are often addressed with in-house security mechanisms (like policies and monitoring software) and expensive, time-consuming security audits. But what if ELN/LIMS providers could build customer trust through provably correct data-storage properties?
One data-integrity solution is ripe for adoption in ELN/LIMS: The provable immutability of data stored in a public blockchain. The distributed consensus mechanism (the mechanism used in public blockchain systems to achieve the necessary agreement on a single datum) ensure that data, such as cryptocurrency transfers, cannot be retroactively modified after they are recorded on the blockchain. In other words, once the data is stored in the blockchain, it cannot be altered, removed, or replaced. Luckily, blockchains can store more than cryptocurrency transfers; they can secure ELN/LIMS data as well. In this article, we introduce potential use cases for blockchain-based immutability in ELN/LIMS.
Protecting data from unauthorized modifications
When you enter data into an ELN/LIMS system, the data is stored in either binary files or a database, and it shouldn’t surprise anyone that these data-storage methods are subject to both accidental, unauthorized modification by developers and intentional, malicious tampering by hackers. And though one of the primary benefits of ELN/LIMS systems is the ease of duplicating, backing up, and restoring data, it is not always clear when to restore replicated data or easy to prove that the data was properly restored.
Because data updates can be signed on a public blockchain, rendering the signature unchangeable, public blockchains can provide the immutability that will let you trust your shared data. With blockchain, as long as an ELN/LIMS retains a copy of the original data, it becomes possible to detect if the working copy of your data has been altered and, if so, to restore the original values. And since only the signatures of the data are in the blockchain, the data itself remains in the ELN/LIMS data store.
In other words, all of your data updates are logged in the blockchain, making the data unchangeable, while you maintain singular possession of the data, simplifying compliance requirements.
Including institutional data in ELN/LIMS
ELN/LIMS users may have data that must remain within the institution for regulatory reasons, and they may want the ELN/LIMS system to track the changes made to the data stored there. Many ELN/LIMS track changes made to the data if that data is changed through the user interface. However, if the data is accidentally or intentionally changed locally and not though the ELN/LIMS interface, the update will not be reflected in ELN/LIMS change logs and will bring data out of compliance.
In cases where a chain of custody must be maintained over institutional data, the immutability of can help if the ELN/LIMS signs the institutional data files on a blockchain every time a user modifies a file through the user interface. Then, the next time that a user initiates a data change, the ELN/LIMS can verify that the current data’s signature matches the most recent signature on the blockchain for that file. If the signatures do not match, then the file was modified outside of the user interface. An ELN/LIMS can detect this case and restore a previous version of the file to bring the data back into compliance.
Maintaining compliance with archived data
When users decide to upgrade an existing ELN/LIMS or change to a new one, the system may provide a method for exporting the data to a portable format, such as a CSV file. While the data remains in its exported form, it is vulnerable to unauthorized modification, which could result in the data being out of compliance. This introduced risk may be enough to prevent users from moving to another ELN/LIMS system.
However, if the data were signed on a public blockchain as a part of the export process, the immutability provided by the blockchain can help maintain its regulatory compliance. When ELN/LIMS signs exported data, it the data to be verified at at any time, within or without the ELN/LIMS. This ability to verify the immutability of exported data frees the user from assuming risk and makes it easier for users to try a new ELN/LIMS without worrying about getting locked in to their choice.
How can BLOCKY help?
At BLOCKY, our mission is to help people trust data. To help achieve this trust, we have developed an API that signs files on a blockchain and then verifies those signatures. By using our API, ELN/LIMS providers can sign and verify their customers’ data, building trust with their customers by ensuring the integrity of customer data, regardless of the storage location or format, and by making data integrity verifiable for compliance purposes.