ABSTRACT
BACKGROUND: Many patients with rare diseases are still lacking a timely diagnosis and approved therapies for their condition despite the tremendous efforts of the research community, biopharmaceutical, medical device industries, and patient support groups. The development of clinical research networks for rare diseases offers a tremendous opportunity for patients and multi-disciplinary teams to collaborate, share expertise, gain better understanding on specific rare diseases, and accelerate clinical research and innovation. Clinical Research Networks have been developed at a national or continental level, but global collaborative efforts to connect them are still lacking. The International Rare Diseases Research Consortium set a Task Force on Clinical Research Networks for Rare Diseases with the objective to analyse the structure and attributes of these networks and to identify the barriers and needs preventing their international collaboration. The Task Force created a survey and sent it to pre-identified clinical research networks located worldwide. RESULTS: A total of 34 responses were received. The survey analysis demonstrated that clinical research networks are diverse in their membership composition and emphasize community partnerships including patient groups, health care providers and researchers. The sustainability of the networks is mostly supported by public funding. Activities and research carried out at the networks span the research continuum from basic to clinical to translational research studies. Key elements and infrastructures conducive to collaboration are well adopted by the networks, but barriers to international interoperability are clearly identified. These hurdles can be grouped into five categories: funding limitation; lack of harmonization in regulatory and contracting process; need for common tools and data standards; need for a governance framework and coordination structures; and lack of awareness and robust interactions between networks. CONCLUSIONS: Through this analysis, the Task Force identified key elements that should support both developing and established clinical research networks for rare diseases in implementing the appropriate structures to achieve international interoperability worldwide. A global roadmap of actions and a specific research agenda, as suggested by this group, provides a platform to identify common goals between these networks.
Subject(s)
Biological Products , Rare Diseases , Humans , Advisory Committees , Health Personnel , Translational Research, BiomedicalABSTRACT
The capacity to link records associated with the same individual across data sets is a key challenge for data-driven research. The challenge is exacerbated by the potential inclusion of both genomic and clinical data in data sets that may span multiple legal jurisdictions, and by the need to enable re-identification in limited circumstances. Privacy-Preserving Record Linkage (PPRL) methods address these challenges. In 2016, the Interdisciplinary Committee of the International Rare Diseases Research Consortium (IRDiRC) launched a task team to explore approaches to PPRL. The task team is a collaboration with the Global Alliance for Genomics and Health (GA4GH) Regulatory and Ethics and Data Security Work Streams, and aims to prepare policy and technology standards to enable highly reliable linking of records associated with the same individual without disclosing their identity except under conditions in which the use of the data has led to information of importance to the individual's safety or health, and applicable law allows or requires the return of results. The PPRL Task Force has examined the ethico-legal requirements, constraints, and implications of PPRL, and has applied this knowledge to the exploration of technology methods and approaches to PPRL. This paper reports and justifies the findings and recommendations thus far.
Subject(s)
Computer Security , Confidentiality , Genomics , Medical Informatics/methods , Big Data , Databases, Factual , Europe , Genetic Linkage , Genome, Human , Humans , Interdisciplinary Communication , Medical Informatics/standards , Rare Diseases/genetics , United StatesABSTRACT
The Global Alliance for Genomics and Health (GA4GH) proposes a data access policy model-"registered access"-to increase and improve access to data requiring an agreement to basic terms and conditions, such as the use of DNA sequence and health data in research. A registered access policy would enable a range of categories of users to gain access, starting with researchers and clinical care professionals. It would also facilitate general use and reuse of data but within the bounds of consent restrictions and other ethical obligations. In piloting registered access with the Scientific Demonstration data sharing projects of GA4GH, we provide additional ethics, policy and technical guidance to facilitate the implementation of this access model in an international setting.
Subject(s)
Access to Information , Genetics, Medical/standards , Genomics/standards , Information Dissemination , Genetics, Medical/ethics , Genetics, Medical/legislation & jurisprudence , Genomics/ethics , Genomics/legislation & jurisprudence , Humans , Licensure , Practice Guidelines as TopicABSTRACT
The Global Alliance for Genomics and Health (GA4GH) created the Beacon Project as a means of testing the willingness of data holders to share genetic data in the simplest technical context-a query for the presence of a specified nucleotide at a given position within a chromosome. Each participating site (or "beacon") is responsible for assuring that genomic data are exposed through the Beacon service only with the permission of the individual to whom the data pertains and in accordance with the GA4GH policy and standards.While recognizing the inference risks associated with large-scale data aggregation, and the fact that some beacons contain sensitive phenotypic associations that increase privacy risk, the GA4GH adjudged the risk of re-identification based on the binary yes/no allele-presence query responses as acceptable. However, recent work demonstrated that, given a beacon with specific characteristics (including relatively small sample size and an adversary who possesses an individual's whole genome sequence), the individual's membership in a beacon can be inferred through repeated queries for variants present in the individual's genome.In this paper, we propose three practical strategies for reducing re-identification risks in beacons. The first two strategies manipulate the beacon such that the presence of rare alleles is obscured; the third strategy budgets the number of accesses per user for each individual genome. Using a beacon containing data from the 1000 Genomes Project, we demonstrate that the proposed strategies can effectively reduce re-identification risk in beacon-like datasets.
Subject(s)
Data Anonymization , Genetic Privacy , Information Dissemination , Genomics , HumansABSTRACT
INTRODUCTION: Individuals have a moral claim to be involved in the governance of their personal data. Individuals' rights include privacy, autonomy, and the ability to choose for themselves how they want to manage risk, consistent with their own personal values and life situations. The Fair Information Practices principles (FIPPs) offer a framework for governance. Privacy-enhancing technology that complies with applicable law and FIPPs offers a dynamic governance tool for enabling the fair and open use of individual's personal data. PERCEPTIONS OF RISK: Any governance model must protect against the risks posed by data misuse. Individual perceptions of risks are a subjective function involving individuals' values toward self, family, and society, their perceptions of trust, and their cognitive decision-making skills. THE HIPAA PRIVACY RULE PUTS SOME GOVERNANCE IN THE HANDS OF INDIVIDUALS: Individual privacy protections and individuals' right to choose are codified in the HIPAA Privacy Rule, which attempts to strike a balance between the dual goals of information flow and privacy protection. The choices most commonly given individuals regarding the use of their health information are binary ("yes" or "no") and immutable. Recent federal recommendations and law recognize the need for granular, dynamic choices. BUILDING A GOVERNANCE FRAMEWORK BASED IN TRUST AVOIDING SURPRISES: Individuals expect that they will govern the use of their own health and genomic data. Failure to build and maintain individuals' trust increases the likelihood that they will refuse to grant permission to access or use their data. The "no surprises principle" asserts that an individual's personal information should never be collected, used, transmitted, or disclosed in a way that would surprise the individual were she to learn about it. FAIR INFORMATION PRACTICES PRINCIPLES: The FIPPs provide a powerful framework for enabling data sharing and use, while maintaining trust. We introduce the eight FIPPs adopted by the Department of Health and Human Services, and provide examples of their interpretation and implementation. REDUCING RISK THROUGH CONSUMER ENGAGEMENT: Privacy risk and health risk can be reduced by giving consumers control, autonomy, and transparency, and by engaging them in managing their own health. Explicit "consent" may not always be necessary - the FIPPs offer multiple ways to engender trust and avoid surprises.
ABSTRACT
The American Recovery and Reinvestment Act (ARRA) of 2009 clearly articulated the central role that health information technology (HIT) standards would play in improving healthcare quality, safety, and efficiency through the meaningful use of certified, standards based, electronic health record (EHR) technology. In 2012, the Office of the National Coordinator (ONC) asked the Nationwide Health Information Network (NwHIN) Power Team of the Health Information Technology Standards Committee (HITSC) to develop comprehensive, objective, and, to the extent practical, quantitative criteria for evaluating technical standards and implementation specifications and classifying their readiness for national adoption. The Power Team defined criteria, attributes, and metrics for evaluating and classifying technical standards and specifications as 'emerging,' 'pilot,' or 'ready for national standardization' based on their maturity and adoptability. The ONC and the HITSC are now using these metrics for assessing the readiness of technical standards for national adoption.
Subject(s)
Meaningful Use , Medical Informatics/standards , American Recovery and Reinvestment Act , Certification , Government Agencies , Medical Informatics/legislation & jurisprudence , United StatesSubject(s)
Computer Security , Electronic Mail/standards , Medical Records Systems, Computerized , Physician-Patient Relations , Communication , Computer Security/legislation & jurisprudence , Confidentiality , Education, Continuing , Electronic Mail/legislation & jurisprudence , Health Insurance Portability and Accountability Act , Humans , Liability, Legal , Medical Records Systems, Computerized/legislation & jurisprudence , Quality of Health Care , Risk Management , Security Measures , Software , United StatesSubject(s)
Computer Security , Information Systems/organization & administration , Internet , Security Measures/organization & administration , Technology , Administrative Personnel , Computer Security/economics , Computers, Handheld , Personnel Selection , Risk Management , Software , United StatesABSTRACT
OBJECTIVE: The Patient-Centered Access to Secure Systems Online (PCASSO) project is designed to apply state-of-the-art-security to the communication of clinical information over the Internet. DESIGN: The authors report the legal and regulatory issues associated with deploying the system, and results of its use by providers and patients. Human subject protection concerns raised by the Institutional Review Board focused on three areas-unauthorized access to information by persons other than the patient; the effect of startling or poorly understood information; and the effect of patient access to records on the record-keeping behavior of providers. MEASUREMENTS: Objective and subjective measures of security and usability were obtained. RESULTS: During its initial deployment phase, the project enrolled 216 physicians and 41 patients; of these, 68 physicians and 26 patients used the system one or more times. The system performed as designed, with no unauthorized information access or intrusions detected. Providers rated the usability of the system low because of the complexity of the secure login and other security features and restrictions limiting their access to those patients with whom they had a professional relationship. In contrast, patients rated the usability and functionality of the system favorably. CONCLUSION: High-assurance systems that serve both patients and providers will need to address differing expectations regarding security and ease of use.
