Ownership of individual-level health data, data sharing, and data governance

Abstract

BackgroundThe ownership status of individual-level health data affects the manner in which it is used. In this paper we analyze two competing models of the ownership status of the data discussed in the literature recently: private ownership and public ownership.Main bodyIn this paper we describe the limitations of these two models of data ownership with respect to individual-level health data, in particular in terms of ethical principles of justice and autonomy, risk mitigation, as well as technological, economic, and conceptual issues. We argue that undifferentiated application of neither private ownership nor public ownership will allow us to resolve all the problems associated with effective, equitable, and ethical use of data. We suggest that, instead of focusing on data ownership, we should focus on the institutional and procedural aspects of data governance, such as using Data Access Committees (DACs) or equivalent managed access processes, which can balance the elements of these two ownership frameworks.ConclusionUndifferentiated application of the ownership concept (private or public) is not helpful in resolving problems associated with sharing individual-level health data. DACs or equivalent managed access processes should be an integral part of data governance. They can approve or disapprove data access requests after considering the potential benefits and harms to data subjects, their communities, primary researchers, and the wider society.