In The Netherlands we have a interesting problem: in 2011, weeks before going live, the national electronic health record system got shut down by our senate. They decided not to interveine and let the market fix the problem. Now, 9 years later, the market has made a mess out of it: there is no uniform way of exchanging medical data in The Netherlands. Architects write countless of pages with solutions, the government pours millions into subsidised programs, but the problem is only getting bigger.

So, 2 years ago together with a group of other software vendors we started a foundation called Nuts. The goal is to end this impasse by building an open source decentralised infrastructure that nobody controls and can be used by everyone. It should be cheap to join, privacy by design, and use technology over lawyers.

Our infrastructure allows parties to exchange data "peer to peer", only helping them solve four generic problems: user identity, patient consent, discovery of endpoints and logging.

In this talk I would like to show our architecture, explain which choices we made, what we have learned while working with a distributed software and some anecdotes about what happens if you pitch such an idea to the establishment.

A little more background: I'm one of the main devs. The system is written mostly in Go and some parts in Java. Every software vendor can spin up a node and join the network. Patient Consents are distributed by a DLT (Corda) and are only stored on the nodes of vendors who already process the patient`s data. No medical data flows through the system, Nuts is only used to connect them and provide a level of trust. Identities are managed by a self-sovereign Identity system called IRMA (irma.app) which is based on IBM idemix.