A Data Protection Scheme for Medical Research Networks

Abstract

The data protection requirements matured in parallel to new clinical tests generating more personal data since the 1960s. About ten years ago it was recognized that a generic data protection scheme for medical research networks is required, which reinforces patient rights but also allows economically feasible medical research compared to "hand-carved" individual solutions. To give recommendations for more efficient IT infrastructures for medical research networks in compliance with data protection requirements. The IT infrastructures of three medical research networks were reviewed with respect to the relevant data management modules. Recommendations are derived to increase cost efficiency in research networks assessing the consequences of a service provider approach without lowering the data protection level. The existing data protection schemes are very complex. Smaller research networks cannot afford the implementation of such schemes. Larger networks struggle to keep them sustainable. Due to a modular redesign in the medical research network community, a new approach offers opportunities for an efficient sustainable IT infrastructure involving a service provider concept. For standard components 70-80% of the costs could be cut down, for open source components about 37% over a three-year period. Future research networks should switch to a service-oriented approach to achieve a sustainable, cost-efficient IT infrastructure.