Dataísmo (de la salud), tecnología y privacidad / (Health) dataism, technology and privacy

El dataísmo puede privar al individuo de su privacidad. Las personas reflexionan sobre el coste de oportunidad que supone ceder sus datos y otorgan mayor importancia a la efectividad en la lucha contra enfermedades y pandemias frente a su uso ilícito, ilegal o poco ético. El big data es un bien común de la humanidad, y compartir datos puede salvar vidas, pero aprovechémoslo aplicando correctamente la ética de los datos, donde los gobiernos y organizaciones estén implicados y se respete el derecho fundamental de protección de datos. (AU)

Dataism can deprive the individuals of their privacy. People are reflecting on the opportunity cost of giving away their data and are placing greater importance on the effectiveness of fighting diseases and pandemics than on its illicit, illegal or unethical use. Big data is a common good of humanity, and sharing data can save lives, but let’s harness it with the right application of data ethics, where governments and organisations are involved and the fundamental right to data protection is respected. (AU)

Review of FDA Amendments Act Section 921 Experience in Posting Data-mining Results from the FAERS Database.

PURPOSE: Title IX, § 921 of the Food and Drug Administration (FDA) Amendments Act of 2007 requires the FDA to mine data on a regular basis, using its adverse events database, the FDA Adverse Event Reporting System, to identify potential signals of serious risks/new safety information. This review of the FDA's quarterly web-posted results is the first to document the contributions of the program to maintaining the continued safe use of approved pharmaceutical drugs/biologics and the lessons that have emerged from this rich experience. METHODS: Details on proprietary prescription drugs/biologics, generic prescription drugs, and over-the-counter drugs were downloaded from the quarterly posts that begin in first quarter of 2008. Key information was tabulated, including proprietary and generic names of products or classes of products, the identified potential signals of serious risks, the labeling-decision category (updated, no action is necessary at this time, or evaluating the need for regulatory action), the labeling section (Warnings and Precautions, Adverse Reactions, Drug Safety Communications, Contraindications, or Boxed Warnings), and estimated times to updated decisions. FINDINGS: Since the beginning of the FDAAA Section 921 posting requirement, the FDA has posted 555 potential signals of serious risk or new safety information. Of these, there have been 262 posts (47%) that resulted in decisions requiring updated product labeling, 75 posts (14%) that resulted in decisions that no action was necessary, and 218 posts (39%) indicating that the FDA was evaluating the need for regulatory action. Of the 262 posts that required updating one or more sections of a product label, there was a preponderance of Warnings and Precautions, with 172 (66%); followed by Adverse Reactions, with 114 (44%); Drug Safety Communications, 44 (18%); Contraindications, 27 (10%); and Boxed Warnings, 19 (7%). The median times to update decisions were 12 months for Warnings & Precautions, Adverse Reactions, and Boxed Warnings, and 11 months for Contraindications. IMPLICATIONS: Important themes from the present analysis include the following: (1) nearly 80% of posts resulted in updated product labeling; (2) 20% of decisions concerned classes of proprietary and generic drug/biologic products; (3) product-use errors, such as name confusion, continue to be important; (4) the safe use of pharmaceuticals in children is gaining attention but still has a long way to go; and (5) drug-drug interactions are of continuing concern. The FDA Amendments Act § 921 program will continue to have an important place in the future of pharmacovigilance practices.

An open-source GIS-enabled lookup service for Nagoya Protocol party information.

The Nagoya Protocol on Access and Benefit Sharing is a transparent legal framework, which governs the access to genetic resources and the fair and equitable sharing of benefits arising from their utilization. Complying with the Nagoya regulations ensures legal use and re-use of data from genetic resources. Providing detailed provenance information and clear re-usage conditions plays a key role in ensuring the re-usability of research data according to the FAIR (findable, accessible, interoperable and re-usable) Guiding Principles for scientific data management and stewardship. Even with the framework provided by the ABS (access and benefit sharing) Clearing House and the support of the National Focal Points, establishing a direct link between the research data from genetic resources and the relevant Nagoya information remains a challenge. This is particularly true for re-using publicly available data. The Nagoya Lookup Service was developed for stakeholders in biological sciences with the aim at facilitating the legal and FAIR data management, specifically for data publication and re-use. The service provides up-to-date information on the Nagoya party status for a geolocation provided by GPS coordinates, directing the user to the relevant local authorities for further information. It integrates open data from the ABS Clearing House, Marine Regions, GeoNames and Wikidata. The service is accessible through a REST API and a user-friendly web form. Stakeholders include data librarians, data brokers, scientists and data archivists who may use this service before, during and after data acquisition or publication to check whether legal documents need to be prepared, considered or verified. The service allows researchers to estimate whether genetic data they plan to produce or re-use might fall under Nagoya regulations or not, within the limits of the technology and without constituting legal advice. It is implemented using portable Docker containers and can easily be deployed locally or on a cloud infrastructure. The source code for building the service is available under an open-source license on GitHub, with a functional image on Docker Hub and can be used by anyone free of charge.

Perspectives of Australian policy-makers on the potential benefits and risks of technologically enhanced communicable disease surveillance - a modified Delphi survey.

BACKGROUND: Event-based social media monitoring and pathogen whole genome sequencing (WGS) will enhance communicable disease surveillance research and systems. If linked electronically and scanned systematically, the information provided by these technologies could be mined to uncover new epidemiological patterns and associations much faster than traditional public health approaches. The benefits of earlier outbreak detection are significant, but implementation could be opposed in the absence of a social licence or if ethical and legal concerns are not addressed. METHODS: A three-phase mixed-method Delphi survey with Australian policy-makers, health practitioners and lawyers (n = 44) was conducted to explore areas of consensus and disagreement over (1) key policy and practical issues raised by the introduction of novel communicable disease surveillance programmes; and (2) the most significant and likely risks from using social media content and WGS technologies in epidemiological research and outbreak investigations. RESULTS: Panellists agreed that the integration of social media monitoring and WGS technologies into communicable disease surveillance systems raised significant issues, including impacts on personal privacy, medicolegal risks and the potential for unintended consequences. Notably, their concerns focused on how these technologies should be used, rather than how the data was collected. Panellists held that social media users should expect their posts to be monitored in the interests of public health, but using those platforms to contact identified individuals was controversial. The conditions of appropriate use of pathogen WGS in epidemiological research and investigations was also contentious. Key differences amongst participants included the necessity for consent before testing and data-linkage, thresholds for action, and the legal and ethical importance of harms to individuals and commercial entities. The erosion of public trust was seen as the most significant risk from the systematic use of these technologies. CONCLUSIONS: Enhancing communicable disease surveillance with social-media monitoring and pathogen WGS may cause controversy. The challenge is to determine and then codify how these technologies should be used such that the balance between individual risk and community benefit is widely accepted. Participants agreed that clear guidelines for appropriate use that address legal and ethical concerns need to be developed in consultation with relevant experts and the broader Australian public.

Los derechos sobre los datos utilizados con fines de investigación biomédica ante los nuevos escenarios tecnológicos y científicos / Rights over data used for biomedical research purposes in new technological and scientific scenarios

La utilización y combinación de grandes volúmenes de datos representan, también el ámbito de la biomedicina, oportunidades para la generación de conocimiento, para la solución de problemas y para mejorar las condiciones de vida de las personas. No obstante, reconocer las ventajas y las oportunidades que las nuevas tecnologías ofrecen ha de implicar, a la vez, una previsión y evaluación de las consecuencias que este nuevo escenario puede acarrear para los derechos de los individuos, si es que no se enmarca en unas garantías adecuadas. El RGPD Reglamento y la normativa española de desarrollo reconocen distintas bases jurídicas, junto con el consentimiento del sujeto, para tratar los datos de carácter personal relativos a la salud y los datos genéticos, en particular cuando se trata de finalidad científica. Es importante subrayar que estas otras bases jurídicas no podrán sustentar el tratamiento si suponen que las garantías para los derechos de los titulares quedan debilitadas. Esta condición exige que los derechos del titular sobre sus datos estén nítidamente definidos y protegidos, lo que puede incluso significar un mecanismo que otorgue un control más reforzado que la expresión de un consentimiento

The use and combination of large volumes of data represent, also in the field of biomedicine, opportunities for the generation of knowledge, for the solution of problems and to improve people's living conditions. However, recognising the advantages and opportunities offered by new technologies must involve both forecasting and evaluating the consequences that this new scenario may have for the rights of individuals, if it is not framed within adequate guarantees. The GDPR and the Spanish implementing legislation recognize different legal bases, together with the consent of the subject, for processing personal data relating to health and genetic data, particularly when it is for scientific purposes. It is important to underline that these other legal bases will not be able to sustain the treatment if they suppose that the guarantees for the rights of the holders are weakened. This condition requires that the rights of the data subject over his data are clearly defined and protected, which may even mean a mechanism that gives a stronger control than the expression of consent

Implicaciones jurídicas de la internalización de la tecnología del Big Data y Derecho Internacional Privado / Legal implications of the internalization of big data technology and private international law

Este trabajo tiene como objetivo explicar el concepto de Big Data y las consecuencias legales que, a nivel internacional, ha traído consigo el uso de esta tecnología. Somos conscientes que debido al avance tecnológico han irrumpido en el tejido empresarial una serie de organizaciones cuya actividad principal es la prestación de servicios de Big Data. Este estudio está dividido en tres grandes partes: en la primera de ellas, abordaremos el concepto de Big Data y las características que hacen tan singular esta tecnología, para así, entender el motivo por el cual se ha convertido en la herramienta fundamental de las empresas internacionales que se dedican a la prestación de servicios se tratamiento de datos; la segunda parte está dedicada a las implicaciones legales del Big Data susceptibles de problemas de Derecho internacional privado (la protección de datos, la protección legal del algoritmo y la base de datos, las relaciones contractuales y las relaciones laborales en las que se utiliza la tecnología Big Data); y, finalmente, la tercera parte, teniendo en cuenta la posible problemática que pueda surgir y la responsabilidad contractual y extracontractual que pueda generar el uso de la tecnología Big Data, consideramos de gran importancia abordar los temas relativos a la competencia judicial internacional y la determinación de la ley aplicable

This work aims to explain the concept of Big Data and the legal consequences that, at international level, has brought with it the use of this technology. We are aware that due to technological progress, a number of organizations whose main activity is the provision of Big Data services have entered the business fabric. This study is divided into three major parts: in the first of them, we will address the concept of Big Data and the characteristics that make this technology so unique, in order to understand the reason why it has become the fundamental tool of companies international that are dedicated to the provision of services are data processing; the second part is dedicated to the legal implications of Big Data susceptible to problems of private international law (data protection, legal protection of the algorithm and database, contractual relationships and labour relations in which technology is used Big Data); and, finally, the third part, taking into account the possible problems that may arise and the contractual and non-contractual responsibility that may be generated by the use of Big Data technology, we consider it of great importance to address issues related to international judicial competence and the determination of the applicable law

Regulación del tratamiento de los datos en proyectos de investigación sanitaria, en especial, en la aplicación de las tecnologías Bigdata / Regulation of data processing in health research projects, in particular in the application of Bigdata technologies

El presente trabajo tiene por finalidad aclarar el panorama dibujado por los nuevos instrumentos normativos europeos sobre protección de datos en orden a establecer unas rutas de control de los proyectos de investigación con datos de salud en entornos de Bigdata. Aclarar qué rutas debe seguir el investigador de la Biomedicina en el desarrollo de su su tarea sometiéndola a los nuevos controles éticos y jurídicos, contribuirá sin duda a mejorar la calidad de la investigación y de la protección del ciudadano, atendiendo también a un desempeño más eficiente de los órganos de decisión y autorización, que hoy se ven desbordados, no solo por las informaciones que deben tener en cuenta, sino por la constatación de la inseguridad que supone la interpretación de este nuevo marco normativo. Al mismo tiempo, este esfuerzo de clarificación pretende satisfacer la creciente y urgente demanda social de transparencia en la investigación biomédica

This paper aims to clarify the picture drawn by new data protection regulatory instruments in order to establish control routes of health research projects in Bigdata environments. Clarifing which routes should follow the researcher in biomedicine in the development of their task by subjecting it to the new ethical and legal controls, will contribute to improve the quality of research and the protection of the citizen, also attending to a more efficient performance of decision making boards and control authorities. These instances are overwhelmed, not only for the information to be taken into account, but also because of the doubts posed by the interpretation of this new regulatory framework. At the same time, this effort is intended to meet the urgent and growing social demand for transparency in biomedical research

Evaluación de proyectos de investigación con tecnología Big Data por un Comité de Ética de la investigación / Evaluation of research projects with Big Data technology by a Research Ethics Committee

La investigación con tecnología Big Data en el ámbito sanitario debe realizarse en el contexto de un marco ético y jurídico que garantice el máximo nivel de protección en el tratamiento de datos de carácter personal. Los comités de ética de la investigación, como garantes de los derechos, seguridad y bienestar de los sujetos que participan en un proyecto de investigación biomédica, deben verificar el cumplimiento de los principios éticos y legales aplicables a la investigacion con datos de salud. En este trabajo se revisan los principios éticos y legales aplicables a la investigación con Big Data, así como las funciones que deben desempeñar los comités de ética de la investigación en la evaluación de este tipo de estudios

Research with Big Data technology in the world of health must be carried out within an ethical and legal framework that guarantees the highest level of protection in the processing of personal data. The research ethics committees, as guarantors of the rights, safety and welfare of the subjects participating in a biomedical research project, must verify compliance with the ethical and legal principles applicable to research with health data. In this paper, we review the ethical and legal principles applicable to research with Big Data, as well as the functions that the research ethics committees must perform in the evaluation of this type of studies

Transferencias internacionales de datos genéticos y datos de salud con fines de investigación / International transfers of genetic data and health data for research purposes

El desarrollo presente y futuro de la investigación científica y, en especial, la biomédica, depende, en gran medida, de la internacionalización del sector y de la constitución de un ecosistema científico global y conectado. Sin embargo, el procesamiento y tratamiento de grandes cantidades de datos personales (big data), unida a las transferencias internacionales de estos datos plantean una serie de interrogantes y retos para la protección de datos de carácter personal. Por consiguiente, el presente artículo pretende identificar las carencias y virtudes del actual marco jurídico de protección de datos personales en relación a la puesta en marcha de proyectos y consorcios paneuropeos e internacionales de investigación que requieren la recogida, explotación y re-utilización de grandes cantidades de datos genéticos y de salud, así como presentar los diversos mecanismos y soluciones susceptibles de ser utilizados para la consecución de dicha finalidad

The development of scientific research and, in particular, the biomedical research, depends on the internationalisation of this sector and the creation of a global and connected scientific ecosystem. However, the processing of large amounts of personal data (big data) together with the international transfers of such data raises a number of questions and challenges. Therefore, this article aims to identify the shortcomings and virtues of current legal framework of data protection in relation to the creation of pan-european and international research projects and consortia. Specially, those that require the collection, processing and re-use of large amounts of genetic data and data concerning health

IntimidAPP: los problemas del tratamiento de datos biosanitarios en wearables y apps para móviles / Privacy: the problems of biosanitary data processing in wearables and apps for mobiles

La entrada en vigor del Reglamento General de Protección de Datos el pasado 28 de mayo alcanzó cierta notoriedad entre la ciudadanía, normalmente desapegada de todo celo sobre sus datos de carácter personal. Ello se debió a la necesidad por parte de diferentes aplicaciones y servicios digitales de recabar de nuevo el consentimiento, para encontrarse acorde con los estándares del RGPD, y poder seguir tratando los datos de los usuarios. Sin embargo, pasado el revuelo inicial, y tras volver a aceptar todo tipo de cláusulas y condiciones sin haberlas leído detenidamente, encontramos que muchas aplicaciones y servicios recaban y tratan multitud de datos sanitarios y biométricos, cuyo tratamiento está prohibido por defecto al tratarse de datos especialmente sensibles. Por ello, se encuentran sujetos a la obtención del preceptivo consentimiento "expreso y por escrito" que exige el art. 9.2.a) del RGPD para este tipo de datos. No hablamos solo de las "imágenes faciales o datos dactiloscópicos" con los que el art. 4.14 ejemplifica los datos biométricos, sino también de informaciones mucho más elaboradas como las que se obtienen a través de pulseras deportivas, básculas inteligentes, y otros datos altamente sensibles por sí mismos. La posibilidad de combinación de diversos datos en clave Big Data, y el riesgo de creación de perfiles en base a ellos, constituye una seria amenaza que afecta claramente al derecho fundamental a la intimidad y a la protección de datos de carácter personal

General Data Protection Regulation became enforceable on last May 28th and reached a certain notoriety among citizens, often inattentive over their personal data. This was due to the need of different digital applications and services to obtain users' consent again in accordance with the new standards set by the GDPR, in order to be able to keep treating their data adequately. However, after the initial fuss, and after accepting all kinds of clauses and conditions without having read them carefully, we find that many applications and services collect and process a wide variety of health and biometric data, whose treatment is forbidden by default because of their especially sensitive nature. For this reason, treatment of these data is subject to obtaining the mandatory "express and written" consent required by art. 9.2.a) of the RGPD for this kind of data. We do not speak only of the "facial images or dactyloscopic data" exemplified in art. 4.14 about biometric data, but also of a much more elaborate information, such as those obtained through sports wristbands, smart scales, and other highly sensitive data. The possibility of combining diverse data with the power of Big Data, and the risk of creating profiles based on them, constitutes a serious threat that clearly affects the fundamental right to privacy and to the protection of personal data

Participative consent: beyond broad and dynamic consent for health big data resources / Consentimiento participativo: más allá de los consentimientos genérico y dinámico para las iniciativas de salud de datos masivos

Nowadays, we participate in a knowledge-based society where a large part of our lives has been digitalised. Products, services, and professional, academic and personal activities have turned digital and with that change, it became possible to record and collect data about (almost) everything. Through research and innovation, this information has offered great opportunities to improve health and the health systems it depends on. The present study is interested in initiatives that use this kind of personal information, specifically, big data initiatives that serve as resources to support research and innovation, such as 'biobanks' or 'genome projects'. They will be further referred in this paper as 'health big data resources' or 'initiatives'. The main goal of this work is to identify a model of consent that would allow these initiatives to align with EU values, respect fundamental rights and meet the expectations of participants, data subjects and society. In the EU, consent responds to the different socioeconomic contexts, the national and EU policy (including the General Data Protection Regulation), and to the abandonment of the idea of absolute anonymisation. From the point of view of citizens, consent should respond to their expectations regarding health, well-being, health systems, science and technology. Because it is shaped by multiple factors, there are different models of consent used in health big data resources and there is a constant interest in improving them. The current tendency is that consent has shifted away from the model used in traditional clinical or biomedical research. Instead, big data resources are adopting models of broad or assumed consent. This analysis supports the current general idea that the traditional concept of informed consent is insufficient for supporting health big data resources. Moreover, it stresses that it is insufficient to simply move towards models of broad or assumed consent. The main purpose of this analysis is to show that health big data initiatives should aim towards a model of consent based on a representative governance system. Through this system, participants, data subjects and society will be able to influence the initiative's operations, communicate their will and retain a certain level of control over their personal data and the activities of the resource. In other words, it is necessary to strive for mechanisms to extend the traditional concept of consent through governance which would enable the exercise of autonomy of those implicated. Therefore, consent must become not only modifiable (in the sense that it should be allowed to change through time), but participative. For these models of consent to be successful, they must be grounded in a solid relationship of trust with participants, data subjects and society in general. Consequently, it is necessary to establish a permanent process of dialogue and public engagement with the goal of informing, shaping and directing the governance systems of big data resources for health

Hoy en día participamos de una sociedad del conocimiento donde gran parte de nuestras vidas ha sido digitalizada. Esta transformación ha afectado productos y servicios y ha cambiado nuestras actividades profesionales, académicas y personales. La magnitud de la digitalización de nuestra sociedad ha permitido generar y almacenar datos de (casi) todo. A través de la investigación e innovación, esta información nos brinda grandes oportunidades para mejorar nuestra salud y los sistemas de salud de los que depende. El presente estudio está interesado en los proyectos de salud de datos masivos que utilizan este tipo de información personal y que son establecidos como facilitadores al servicio de la investigación e innovación. Puesto que llevan diferentes nombres, como 'biobancos' o 'proyectos genoma', se les referirá en este artículo como 'proyectos de salud de datos masivos' o 'iniciativas'. El objetivo principal de este estudio es identificar un modelo de consentimiento que le permita a estos proyectos funcionar de acuerdo con los valores de la UE, respetar los derechos humanos fundamentales y satisfacer las expectativas de los participantes, de los titulares de los datos y de la sociedad en general. Actualmente en la UE, los modelos de consentimiento utilizados para estas iniciativas responden a la transformación de los modelos socioeconómicos, a los cambios en las políticas nacionales y de la UE (incluyendo el nuevo Reglamento General de Protección de Datos), a los avances científicos y tecnológicos y al abandono de la idea de anonimización absoluta. Desde el punto de vista de los ciudadanos, el consentimiento debe responder a sus expectativas con respecto a su salud, bienestar, servicios sanitarios, ciencia y tecnología. Puesto que el consentimiento se ve influenciado por múltiples factores, diferentes modelos se proponen para proyectos de datos masivos en salud y hay un interés constante en mejorarlos. Hoy en día, los modelos de consentimiento utilizados en proyectos de salud de datos masivos se han alejado del modelo tradicionalmente utilizado en la investigación clínica o biomédica. En su lugar se adoptan modelos de consentimiento genérico o presunto

La asistencia sanitaria transfronteriza a la luz del reglamento general de protección de datos / Cross-border health care in the light of the general data protection regulation

Este trabajo analiza cómo influye la normativa de protección de datos en la asistencia sanitaria transfronteriza. Presta atención, de manera específica, a tres aspectos: los efectos en los sistemas de garantía estatales, la influencia en el modo de transferirse la información entre los Estados miembros y, finalmente, el influjo en la determinación de los datos que deben ser objeto de la historia clínica destinada a ser compartida

This paper analyses the impact of data protection legislation on cross-border healthcare. Specifically, it focuses on three aspects: the effects on State guarantee systems influence on the transfer of information between Member States and, finally, the impact on the determination of which data should be included in the clinical record destined to be shared

Una aproximación al big data y al blockchain sanitario y su implicación en la protección de datos personales / An approach to big data and health blockchain and their involvement in the protection of personal data

A mayor flujo de información, mayor será el impacto en el derecho fundamental de protección de datos personales máxime en el sector de la salud digital. El binomio de big data y blockchain propicia un "ecosistema" donde actores y participantes (por ejemplo, hospitales, médicos, investigadores, universidades, aseguradoras, farmaceúticas, etc..) interactúan e intercambian información con seguridad y legalidad

The greater the flow of information, the greater the impact on the fundamental right to protection of personal data, especially in the digital health sector. The binomial of big data and blockchain propitiates an "ecosystem" where actors and participants (for example, hospitals, doctors, researchers, universities, insurance companies, pharmaceuticals, etc.) interact and exchange information with security and legality

[Chapter 5. Health and Big Data: the emergence of an infrastructure law in the digital space]. / Chapitre 5. Santé et Big data : l?émergence d?un droit d?infrastructure dans l?espace numérique.

In the field of health, IoT devices, mobile apps, and online communities generate an enormous amount of data. However, health data benefit from a precise legal definition and protection as sensitive data, whereas well-being data have no specific legal regime. Since those data may contribute to identify individuals' health status, there are potential breaches to confidentiality and privacy. Recent European cases (ECHR and ECJ) reaffirms citizens' fundamental rights to privacy and family life, and to an effective remedy. Such decisions contribute to mitigate the misuse of big data broadly speacking, inclunding in the health sector.

Data mining and biological sample exportation from South Africa: A new wave of bioexploitation under the guise of clinical care?

Discovery Health, one of the leading healthcare funders in South Africa (SA), will offer genetic testing to its members for USD250 (approximately ZAR3 400) per test from 2016. On the surface, this appears to be innovative and futuristic. However, a deeper look at this announcement reveals considerable problems in the exportation of biological samples and data out of SA, and brings into sharp focus the lack of protection in place for potential donors. In return for a reduced-cost genetic test, which will nevertheless be billed to a member's savings plan, data from the patient's results, and probably the sample itself, will be sent to the USA for storage, research purposes and possible commercial use, with no further benefit for the patient. This development has demonstrated the need for more stringent protection of the movement of biological samples and data out of SA, particularly with reference to consenting procedures, material transfer agreements, and the export of biological data themselves.