How to guard against such things got Greg Irving, a family doctor and a researcher at the University of Cambridge, thinking. He came up with a way to improve the reporting of clinical trials with the blockchain technology underlying bitcoin, a digital currency. The blockchain is a database that acts as a public ledger of all transactions with the currency, and is thought to be almost completely tamper-proof because it is validated and stored independently on thousands of different computers worldwide. This provides a way, Dr Irving reckons, to check that results have not been fudged.
Since 2007 America’s drugs regulator has required that all clinical trials are registered in ClinicalTrials.gov, a publicly accessible database. So, Dr Irving used a recent example to demonstrate how his idea might work. He saved a copy of the study protocol, including the planned analysis and clinical outcomes it was supposed to test, to a text file. He then fed that file into an algorithm called an SHA256, which boils the data down into a unique string of characters known in cryptography as a “hash”. Even a small change to the original file, such as the addition of a full stop, would result in a completely different hash. (Conversely, it is impossible to use the code to reconstruct the contents of the original file.) Such strings are also used in bitcoin transactions.
To add a record of the codified protocol to bitcoin’s public ledger, its hash must be used in a bitcoin transaction. To do that Dr Irving used the hash generated from the trial protocol as a “private key”—essentially a password that allows someone to spend bitcoins in his online wallet. Bitcoin users usually randomly generate a hash for the same purpose. He then transferred a small sum of money from his bitcoin wallet to a second bitcoin wallet. The transaction created a “public key”—a second string of characters that is time-stamped and entered in the blockchain’s ledger.
Anyone with a copy of the trial protocol should be able to reproduce the above steps to check if they resulted in the same public key. This would prove that the copy of the protocol matched the original. To show that this was the case, Dr Irving gave his protocol to John Holden, also a general practitioner, who used it successfully, the pair report in F1000Research. Though the process might seem to be convoluted, Dr Irving and Dr Holden say it took less than five minutes.
Dr Irving believes the method could prevent “hidden outcome switching”, the egregious and statistically flawed practice of secretly changing the focus of a clinical trial to fit the results. A study last year of 137 trials found 60 reported on outcomes they were not looking for, according to their original protocol. The COMPare project, which monitors clinical trials, found only nine out of 67 studies it has so far looked at had reported their results properly.
With about 20,000 studies registered each year on ClinicalTrails.gov alone, such problems are likely to be the tip of a very large iceberg, Dr Irving contends. Public keys for protocols should be uploaded to trial registries, he argues, and included in research papers. Researchers and medical journals could speedily check whether the right results were being reported. Ultimately, the process could be automated.
Another benefit, paradoxically, is that the protocol for studies could be hidden until completed. This might be useful for commercially sensitive trials of new therapies. As long as the public key was uploaded to a registry when the trial began, the protocol could be verified later without the worry that it had been changed during the study. Dr Irving would now like to test his ideas on a small number of trials. And, of course, to report the results properly.