Trustworthy Governance of Genomic and Health-Related Data: Lessons from Singapore

People choose how and if to generate and disclose not just personal genomic data, but also multiple other types of personal health and non-health related data. To contextualize choices about genetic testing and genetic data disclosure, we explored perspectives of genomic data privacy and disclosure compared to other types of data. We conducted a qualitative focus group study with adult members of an integrated U.S. health system, using administrative data to stratify our sample by age and by race/ethnicity. Discussion topics included qualities, rights, benefits and harms of disclosure of genomic, health, family history and non-health related data. We conducted thematic template analysis using verbatim transcripts. The sample (n = 24) was 67% female, mean age 54.1 years (range 23-88), and 37% people of color; 71% reported college degree. Participants considered genetic data, but not other data types, as a permanent, core part of the individual self and as protected health information under current laws. Participants did not feel that individuals had a right to family medical history disclosure from their relatives. Participants assumed high levels of privacy protections of genetic and other health-related data, but no perceived privacy or protection around other personal data. Participants weighed benefits and risks of generation and disclosure of all data types; harms were more far-reaching for non-health data, possibly related to the perceived lack of protections around these data. People make privacy-related choices about genetic testing in the context of related considerations for multiple types of data and rely on perceived privacy protections under current U.S. health privacy laws. Genetic research and screening programs should consider providing clear guidance on privacy protections afforded to genetic information in U.S. clinical settings. Future research should examine connections between privacy-related views on genetic and multiple other types of personal data.

ABSTRACTObjectivesData safe havens can bring together and combine a rich array of anonymised person-based data for research and policy evaluation within a secure setting. To date, the majority of available datasets have been structured micro-data derived from routine health-related records. Possibilities are opening up for the greater reuse of genomic data such as Genome Wide Association studies (GWAS) and Whole Exome/Genome Sequencing (WES or WGS). However, there are considerable challenges to be addressed if the benefits of using these data in combination with health-related data are to be realized safely.
 ApproachWe explore the benefits and challenges of using genomic datasets with health-related data, and using the Secure Anonymised Information Linkage (SAIL) system as a case study, the implications and way forward for Data Safe Havens in seeking to incorporate genomic data for use with health-related data.
 ResultsThe benefits of using GWAS, WES and WGS data in conjunction with health-related data include the potential to explore genetics at a population level and open up novel research areas. These include the ability to increasingly stratify and personalize how medical indications are detected and treated through precision medicine by understanding rare conditions and adding socioeconomic and environmental context to genomic data. Among the challenges are: data availability, computing capacity, technical solutions, legal and regulatory frameworks, public perceptions, individual privacy and organizational risk. Many of the challenges within these areas are common to person-based data in general, and often Data Safe Havens have been designed to address these. But there are also aspects of these challenges, and other challenges, specific to genomic data. These include issues due to the unknown clinical significance of genomic information now or in the future, with corresponding risks for privacy and impact on individuals.
 ConclusionGenomic data sets contain vast amounts of valuable information, some of which is currently undefined, but which may have direct bearing on individual health at some point. The use of these data in combination with health-related data has the potential to bring great benefits, better clinical trial stratification, epidemiology project design and clinical improvements. It is, therefore, essential that such data are surrounded by a properly-designed, robust governance framework including technical and procedural access controls that enable the data to be used safely.

mantic interoperability of the CCR/CCD standard with the metadata technology. CCR+ functions as a (data) surrogate of a person in an integrated distributed intelligence platform or the Health Avatar Platform (HAP). HAP is a run-time environment for distributed intelligence programming of health agents, which are expected to provide a variety of health services to CCR+ surrogates with privacy-controlled access to personal and private big data using open application programming interfaces (APIs). One can login with her/his own avatar to the platform, where individual avatars interact with distributed and healthcaregiving agents for real-time personalized medicine.

BackgroundResearch using genomic data opens up new insights into health and disease. Being able to use the data in association with health and administrative record data held in safe havens can multiply the benefits. However, there is much discussion about the use of genomic data with perceptions of particular challenges in doing so safely and effectively.ObjectiveThis study aimed to work toward a risk-utility data governance framework for research using genomic and phenotypic data in an anonymized form for research in safe havens.MethodsWe carried out a multifaceted review drawing upon data governance arrangements in published research, case studies of organizations working with genomic and phenotypic data, public views and expectations, and example studies using genomic and phenotypic data in combination. The findings were contextualized against a backdrop of legislative and regulatory requirements and used to create recommendations.ResultsWe proposed recommendations toward a risk-utility model with a flexible suite of controls to safeguard privacy and retain data utility for research. These were presented as overarching principles aligned to the core elements in the data sharing framework produced by the Global Alliance for Genomics and Health and as practical control measures distilled from published literature and case studies of operational safe havens to be applied as required at a project-specific level.ConclusionsThe recommendations presented can be used to contribute toward a proportionate data governance framework to promote the safe, socially acceptable use of genomic and phenotypic data in safe havens. They do not purport to eradicate risk but propose case-by-case assessment with transparency and accountability. If the risks are adequately understood and mitigated, there should be no reason that linked genomic and phenotypic data should not be used in an anonymized form for research in safe havens.

Genetics in Medicine Open to us all

Preamble The sharing of genomic and health-related data for biomedical research is of key importance in ensuring continued progress in our understanding of human health and wellbeing. The challenges raised by international, collaborative research require a principled but nevertheless practical Framework that brings together regulators, funders, patient groups, information technologists, industry, publishers, and research consortia to share principles about data exchange. Such a Framework will facilitate responsible research conduct. This Framework is developed under the auspices of the Global Alliance for Genomics and Health. Its mission is to accelerate progress in human health by helping to establish a common Framework of harmonized approaches to enable effective and responsible sharing of genomic and clinical data and to catalyze data sharing projects that drive and demonstrate the value of data sharing. This Framework provides guidance for the responsible sharing of human genomic and health-related data, including personal health data and other types of data that may have predictive power in relation to health. In particular, it highlights, and is guided by, Article 27 of the 1948 Universal Declaration of Human Rights. Article 27 guarantees the rights of every individual in the world “to share in scientific advancement and its benefits” (including to freely engage in responsible scientific inquiry), and at the same time “to the protection of the moral and material interests resulting from any scientific...production of which [a person] is the author”. (As set out in Appendix 1, many other international conventions and national laws, regulations, codes and policies also guide responsible data sharing behavior). This Framework is guided by the human rights of privacy, non-discrimination and procedural fairness. At the same time, it considers all human rights principles relevant, complementary and interrelated, founded as they are on respect for human dignity. Since science proceeds only

While there has been considerable deliberation about ownership and stewardship of genomic data, as of yet, there does not exist a singular framework that encapsulates the current and future trajectory of how these data governance models can exist for Indigenous communities. We succinctly describe two case studies in the Akimel O'odham (Pima) communities that demonstrate the spectrum of data governance structures, in which tribal members have no input to complete control of data collection and usage. We describe (1) tribal-trust relationships, (2) non-tribal partnerships, and (3) tribally-driven models in context of an Indigenous people whose genomic and health data have been widely misused and exploited by outside researchers and the new narrative in which the O'odham have begun re-asserting their sovereignty in data domains. We demonstrate various strategies or models that communities and researchers can use to discuss data governance for their own best practices, institutions, and community members.

Database community has been involved in topics related to improve data-related techniques or to solve data access efficiency. Health domain has been attracting the interest of database community as an application domain for many database research topics, including: (i) health data heterogeneity (e.g., different health bioimages protocols), (ii) data size (e.g., patient health related data), (iii) biomedical signals (e.g., electrocardiography data, ECG), (iv) geographical data (e.g., epidemiological one), and more recently (v) genomic and proteomic data as well as NGS data. In this chapter we present experiences from the last decade, made in a medical school, where we used database experiences to manage and analyse clinical, biological and health related data. The methodology is problem oriented and shows how to start from a problem defined in the medical domain and choose and apply techniques often known by the database community. In this chapter interesting results, in terms of applications to the clinical and medical domains, are reported.

Regulatory regimes and procedural values for health-related motion data in the United States and Canada

The integration of large-scale genomic and multimodal data is critical to advancing oncology research. However, challenges related to data storage, sharing, and governance hinder its effective use. We share experience from conducting a multi-site, cross-industry UK project utilising large-scale genomic data obtained from tissue and liquid biopsies from patients with cancer, to produce recommendations for enabling and optimising the use of multimodal data in oncology research. A collaborative approach involving NHS Trusts, industry, start-ups, and academic partners was adopted to develop a robust data management strategy. A data lake architecture was selected as the centralised repository to store and share diverse datasets securely. Key factors influencing the selection and implementation of this solution included data storage requirements, access control, ownership, and information governance. Processes for planning, deploying, and maintaining the data lake infrastructure were documented and evaluated. The data lake enabled secure, compliant, and federated storage of large-scale genomic and clinical data. Successful implementation required early engagement of stakeholders and the establishment of clear data governance frameworks. Lessons learned highlighted the importance of aligning technical solutions with governance, security, and accessibility requirements across diverse partners. Effective management of multimodal data in oncology requires early planning, multi-stakeholder engagement (among National Health Service [NHS] Trusts, industry, start-up collaborators, and academic institutions), and robust governance. The data lake model demonstrated a scalable and compliant approach to enabling secure, collaborative research using genomic data, providing a template for future initiatives in precision oncology.

Health-related data uses and data sharing have been in the spotlight for a while. Since the beginning of the big data era, massive data mining and its inherent possibilities have only increased the debate about what the limits are. Data governance is a relevant aspect addressed in ethics guidelines. In this context, the European project BRIDGE Health (BRidging Information and Data Generation for Evidence-based Health policy and research) strove to achieve a comprehensive, integrated and sustainable EU health-information system. One of the aims of the project was to evaluate the requirements to construct a data-linkage infrastructure for the secure management of health information. In a blueprint provided for this infrastructure, the topics ethics and the intimately related governance occupied a whole section, where the recent ethics guidelines by the Council for International Organizations of Medical Sciences (CIOMS) and the World Medical Association (WMA) were referenced. We explore what has changed in the latest versions of the ethics documents adopted by CIOMS and WMA regarding the management of health data and human tissues, the appropriateness of their application in new forms of research and infrastructures as the proposed in the BRIDGE Health project, and whether society should be so concerned about this topic, in the digital era of social exchange.

BackgroundAs with other countries, Australia is seeking to make efficient use of genomic data for use in research, clinical medicine and population health. However, to enable cross jurisdictional consistency in the management of and access to data, it will first need to establish a national framework for governing genomic data. To this end, ethical, legal and social issues are often discussed. However, the literature offers little evidence-based support for such a framework.MethodsTo address this literature gap, we systematically reviewed two databases (Scopus and PubMed) for research articles that discussed issues and opportunities for enacting genomic data governance frameworks in the domains of research, genomic medicine and public (population) health in the Australian context.ResultsThirty-one relevant articles were included and were analysed using inductive content analysis. Our findings identified that opportunities for implementing a national genomic data governance framework concerned defining roles for patients in data governance, data management processes and increasing the public acceptance of genomic data use in healthcare and research. Additionally, they highlight differences in the opportunities and priorities for clinical and research genomics that hinder further advancement of data governance.ConclusionsOur synthesis of the current literature on genomic data governance suggests that the current focus on individual consent as the primary mechanism for protecting data subjects and different priorities in clinical and research governance need to be addressed. Given the significance of the role of consent procedures and differences in clinical and research data in generating a data governance framework, our findings hence reveal a critical gap in the research literature. Advancing a national genomic data governance framework will require greater consensus and clarity regarding the application of ethical principles across jurisdictions and institutions.

Greater sharing of potentially sensitive data raises important ethical, legal and social issues (ELSI), which risk hindering and even preventing useful data sharing if not properly addressed. One such important issue is respecting the privacy-related interests of individuals whose data are used in genomic research and clinical care. As part of the Global Alliance for Genomics and Health (GA4GH), we examined the ELSI status of health-related data that are typically considered ‘sensitive’ in international policy and data protection laws. We propose that ‘tiered protection’ of such data could be implemented in contexts such as that of the GA4GH Beacon Project to facilitate responsible data sharing. To this end, we discuss a Data Sharing Privacy Test developed to distinguish degrees of sensitivity within categories of data recognised as ‘sensitive’. Based on this, we propose guidance for determining the level of protection when sharing genomic and health-related data for the Beacon Project and in other international data sharing initiatives.

To the Editor — The Beacon Project (https://github.com/ga4gh-beacon/) is a Global Alliance for Genomics & Health (GA4GH)1 initiative that enables genomic and clinical data sharing across federated networks. The project is working toward developing regulatory, ethics and security guidance to ensure proportionate safeguards for distribution of data according to the GA4GH-developed “Framework for Responsible Sharing of Genomic and Health-Related Data”2. Here we describe the Beacon protocol and how it can be used as a model for the federated discovery and sharing of genomic data.

This article analyses how the notion of health data under the GDPR has evolved through the legal instruments and provisions on health data sharing in the Data Governance Act (DGA) and the European Health Data Space (EHDS), aiming both legal sources to facilitate data access and governance, including electronic health data for its primary and secondary use, by establishing harmonised rules. These regulations open opportunities to enhance cross-border data access, the promotion of data altruism, and the development of data governance models facilitating biomedical research. In the specific context of rare diseases, however, significant challenges remain emerging from variations between EU Member States implementation of the EHDS. In particular, the EHDS's secondary use framework, the genomic and biobank data exception, and the coexistence with the DGA's consent‑based data altruism model create a complex legal landscape for rare disease research. This contribution intends to clarify the legal bases for secondary use to improve the capacity to protect data subjects' right to data protection, while preserving data value and utility in biomedical research within the context of rare diseases.