Article

Broaden human-rights focus for health data under GDPR

Authors:
To read the full-text of this research, you can request a copy directly from the author.

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the author.

... There is growing recognition that significant public benefits could be realised through increased health data sharing, linkage, and access [1][2][3][4][5]. Though privacy and data protection continue to be a strong focus of laws, policies and agreed best practices for health data, other considerations are being brought into the dialogue including: the human right to share in scientific advancement and its benefits under Article 27 of the Universal Declaration of Human Rights [6], the importance of self-determination and autonomy for people whose data are used [7][8][9], the implications for individuals and society when health data are underutilised [10,11], and the need to increase equity in health data collection and use [12][13][14][15][16][17]. ...
Article
Full-text available
The term "social licence" has been used to describe which uses and users of health data the public supports - and under what conditions. From November 2022 to January 2023, Health Data Research Network Canada was funded by the Public Health Agency of Canada to explore whether there was consensus among experienced public and patient advisors on: (i) uses of health data that all members supported or opposed and (ii) what constitutes an essential requirement for a health data use or user to be within social licence. The project was conducted in English and French in collaboration with the Interdisciplinary Research Group in Health Informatics (GRIIS) at the University of Sherbrooke. It involved 20 public/patient advisor "participants" and an additional 13 public/patient advisors who served as peer-reviewers, all of whom had prior experience working in a health-related field and/or with health data. The process followed inclusive design principles in that it captured views held by the majority and minority of participants, including views expressed by only one or two participants. After two 2-hour facilitated sessions, participants agreed that it is within social licence for health data to be used (i) by healthcare practitioners to improve patient care, (ii) by governments and administrators to improve the health system, and (iii) by university-based researchers to understand disease and well-being. There was consensus opposition to (i) an individual or organisation selling someone else's identified health data and (ii) health data being used for a purpose that has no public or societal benefit. There was no consensus about what constitutes an essential requirement for a use or users of health data to be with social licence. The results of the process have been published in a non-peer-reviewed report co-authored with participants. This paper has been co-authored with a subset of the participants and peer-reviewers to present a high-level summary of the findings, methodological details, and templates to enable other groups to adapt the process to their own settings. It also presents the results of an anonymous evaluation of the process using the Public and Patient Engagement Evaluation Tool (PPEET), which were mostly positive and identified some areas for improvement.
... Nevertheless, this approach presents its own pitfalls. Increasing legal and privacy laws may limit the inter-institutional flow of patient information (52). Moreover, a lack of data standardization between EMRs poses further challenges in efficiently combining data, and would require significant coordination and collaboration between participating centers in order to produce data that would be homogenous enough to analyze as a single data set. ...
Article
Full-text available
The surgical management of diffuse low-grade gliomas (DLGGs) has undergone a paradigm shift toward striving for maximal safe resection when feasible. While extensive observational data supports this transition, unbiased evidence in the form of high quality randomized-controlled trials (RCTs) is lacking. Furthermore, despite a high volume of molecular, genetic, and imaging data, the field of neuro-oncology lacks personalized care algorithms for individuals with DLGGs based on a robust foundation of evidence. In this manuscript, we (1) discuss the logistical and philosophical challenges hindering the development of surgical RCTs for DLGGs, (2) highlight the potential impact of well-designed international prospective observational registries, (3) discuss ways in which cutting-edge computational techniques can be harnessed to generate maximal insight from high volumes of multi-faceted data, and (4) outline a comprehensive plan of action that will enable a multi-disciplinary approach to future DLGG management, integrating advances in clinical medicine, basic molecular research and large-scale data mining.
... If genomics researchers are instead left in the dark about how to properly address data protection and sharing, they could either be excessively cautious and fail to share as consents allow, or fail to provide participants with appropriate protection 15 . In other words, further regulatory uncertainty risks stalling new genomic analyses and undermining people's faith in scientific collaboration for the public good. ...
Article
Efforts to protect people’s privacy in a massive international cancer project offer lessons for data sharing. Efforts to protect people’s privacy in a massive international cancer project offer lessons for data sharing. Coloured scanning electron micrograph of a migrating breast cancer cell
... Since May 2018, the situation has become more stringent as the General European Data Protection Regulation now applies and all general national provisions on processing personal data are being overruled by European Law. Directive 2002/58/EC [15], as amended by Directive 2009/136/EC [17], is currently being revised and will also be replaced by a Regulation. ...
Article
Full-text available
BACKGROUND: Collecting data on the localization of users is a key issue for the MASK (Mobile Airways Sentinel networK: the Allergy Diary) App. Data anonymization is a method of sanitization for privacy. The European Commission's Article 29 Working Party stated that geolocation information is personal data.To assess geolocation using the MASK method and to compare two anonymization methods in the MASK database to find an optimal privacy method. METHODS: Geolocation was studied for all people who used the Allergy Diary App from December 2015 to November 2017 and who reported medical outcomes. Two different anonymization methods have been evaluated: Noise addition (randomization) and k-anonymity (generalization). RESULTS: Ninety-three thousand one hundred and sixteen days of VAS were collected from 8535 users and 54,500 (58.5%) were geolocalized, corresponding to 5428 users. Noise addition was found to be less accurate than k-anonymity using MASK data to protect the users' life privacy. DISCUSSION: k-anonymity is an acceptable method for the anonymization of MASK data and results can be used for other databases. KEYWORDS: Anonymization; App; Asthma; MASK; Rhinitis
... Since May 2018, the situation has become more stringent as the General European Data Protection Regulation now applies and all general national provisions on processing personal data are being overruled by European Law. Directive 2002/58/EC [15], as amended by Directive 2009/136/EC [17], is currently being revised and will also be replaced by a Regulation. ...
Article
Full-text available
Background Collecting data on the localization of users is a key issue for the MASK (Mobile Airways Sentinel networK: the Allergy Diary) App. Data anonymization is a method of sanitization for privacy. The European Commission’s Article 29 Working Party stated that geolocation information is personal data. To assess geolocation using the MASK method and to compare two anonymization methods in the MASK database to find an optimal privacy method. Methods Geolocation was studied for all people who used the Allergy Diary App from December 2015 to November 2017 and who reported medical outcomes. Two different anonymization methods have been evaluated: Noise addition (randomization) and k-anonymity (generalization). Results Ninety-three thousand one hundred and sixteen days of VAS were collected from 8535 users and 54,500 (58.5%) were geolocalized, corresponding to 5428 users. Noise addition was found to be less accurate than k-anonymity using MASK data to protect the users’ life privacy. Discussion k-anonymity is an acceptable method for the anonymization of MASK data and results can be used for other databases.
Article
Full-text available
Striving to build an exhaustive guidebook of the types and properties of human cells, the Human Cell Atlas’ (HCA) success relies on the sampling of diverse populations, developmental stages, and tissue types. Its open science philosophy preconizes the rapid, seamless sharing of data – as openly as possible. In light of the scope and ambition of such an international initiative, the HCA Ethics Working Group (EWG) has been working to build a solid foundation to address the complexities of data collection and sharing as part of Atlas development. Indeed, a particular challenge of the HCA is the diversity of sampling scenarios (e.g., living participants, deceased donors, pediatric populations, culturally diverse backgrounds, tissues from various developmental stages, etc.), and associated ethical and legal norms, which vary across countries contributing to the effort. Hence, to the extent possible, the EWG set out to provide harmonised, international and interoperable policies and tools, to guide its research community. This paper provides a high-level overview of the types of challenges and approaches proposed by the EWG.
Article
Genomic data from millions of individuals have been generated worldwide to drive discovery and clinical impact in precision medicine. Lowering the barriers to using these data collectively is needed to equitably realize the benefits of the diversity and scale of population data. We examine the current landscape of global genomic data sharing, including the evolution of data sharing models from data aggregation through to data visiting, and for certain use cases, cross-cohort analysis using federated approaches across multiple environments. We highlight emerging examples of best practice relating to participant, patient and community engagement; evolution of technical standards, tools and infrastructure; and impact of research and health-care policy. We outline 12 actions we can all take together to scale up efforts to enable safe global data sharing and move beyond projects demonstrating feasibility to routinely cross-analysing research and clinical data sets, optimizing benefit.
Article
Full-text available
Genomic data sharing is becoming more important as scientists join forces across borders in biomedical research for the benefit of patients and society. The EU's General Data Protection Regulation (GDPR) helps simplify sharing of such data at the European and international level. However, initial optimism has dried up as EU member states go their own ways in implementing the GDPR into national laws, and as legal cases challenging data sharing reach courts. Codes of conduct could facilitate data sharing in Europe and better connect it to global health research. This commentary explains the potential of codes of conduct for addressees and drafters. Codes are no panacea though; other measures may be necessary to ensure that Europe remains collaborative and competitive in biomedical research. Nevertheless, codes of conduct would bring immediate benefits and, in the long term, could foster a true European ecosystem for joint biomedical research and easier international data sharing.
Article
The General Data Protection Regulation (GDPR) regulates the processing of personal data in the European Union. The legal context is adapted to follow the evolution of technologies and of society. This new European regulation became mandatory, especially for connected devices, on May 25, 2018. An app originally known as "The Allergy Diary" is available for Android phones and iPhones. Its name was recently changed to MASK-air. The downloading and use of this app are free of charge and there are no adverts. It enables users to record their symptoms and their medications to better track the progress of their allergic rhinitis and/or asthma. It has been developed by public (Foundation FMC VIA-LR, University of Montpellier) and private (KYomed INNOV) organizations based in France and therefore falls under French jurisdiction. This article summarizes the five main principles of personal data protection to be respected during the development of the app: purpose, proportionality and relevance, limited retention period, security and confidentiality, as well as the rights of the people who are involved in the management of the personal data (including withdrawal and modification). Copyright © 2019 SPLF. Published by Elsevier Masson SAS. All rights reserved.
ResearchGate has not been able to resolve any references for this publication.