1
|
Shabani M, Borry P. Rules for processing genetic data for research purposes in view of the new EU General Data Protection Regulation. Eur J Hum Genet 2017; 26:149-156. [PMID: 29187736 DOI: 10.1038/s41431-017-0045-7] [Citation(s) in RCA: 54] [Impact Index Per Article: 7.7] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Received: 07/17/2017] [Revised: 09/26/2017] [Accepted: 10/31/2017] [Indexed: 11/09/2022] Open
Abstract
Genetic data contain sensitive health and non-health-related information about the individuals and their family members. Therefore, adopting adequate privacy safeguards is paramount when processing genetic data for research or clinical purposes. One of the major legal instruments for personal data protection in the EU is the new General Data Protection Regulation (GDPR), which has entered into force in May 2016 and repealed the Directive 95/46/EC, with an ultimate goal of enhancing effectiveness and harmonization of personal data protection in the EU. This paper explores the major provisions of the new Regulation with regard to processing genetic data, and assesses the influence of such provisions on reinforcing the legal safeguards when sharing genetic data for research purposes. The new Regulation attempts to elucidate the scope of personal data, by recognizing pseudonymized data as personal (identifiable) data, and including genetic data in the catalog of special categories of data (sensitive data). Moreover, a set of new rules is laid out in the Regulation for processing personal data under the scientific research exemption. For instance, further use of genetic data for scientific research purposes, without obtaining additional consent will be allowed, if the specific conditions is met. The new Regulation has already fueled concerns among various stakeholders, owing to the challenges that may emerge when implementing the Regulation across the countries. Notably, the provided definition for pseudonymized data has been criticized because it leaves too much room for interpretations, and it might undermine the harmonization of the data protection across the countries.
Collapse
Affiliation(s)
- Mahsa Shabani
- Centre for Biomedical Ethics and Law, Department of Public Health and Primary Care, University of Leuven, Kapucijnenvoer 35 blok d-box 7001, 3000, Leuven, Belgium.
| | - Pascal Borry
- Centre for Biomedical Ethics and Law, Department of Public Health and Primary Care, University of Leuven, Kapucijnenvoer 35 blok d-box 7001, 3000, Leuven, Belgium
| |
Collapse
|
2
|
Wallace SE. What Does Anonymization Mean? DataSHIELD and the Need for Consensus on Anonymization Terminology. Biopreserv Biobank 2016; 14:224-30. [PMID: 27219861 DOI: 10.1089/bio.2015.0119] [Citation(s) in RCA: 3] [Impact Index Per Article: 0.4] [Reference Citation Analysis] [Abstract] [Track Full Text] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 11/12/2022] Open
Abstract
Anonymization is a recognized process by which identifiers can be removed from identifiable data to protect an individual's confidentiality and is used as a standard practice when sharing data in biomedical research. However, a plethora of terms, such as coding, pseudonymization, unlinked, and deidentified, have been and continue to be used, leading to confusion and uncertainty. This article shows that this is a historic problem and argues that such continuing uncertainty regarding the levels of protection given to data risks damaging initiatives designed to assist researchers conducting cross-national studies and sharing data internationally. DataSHIELD and the creation of a legal template are used as examples of initiatives that rely on anonymization, but where the inconsistency in terminology could hinder progress. More broadly, this article argues that there is a real possibility that there could be possible damage to the public's trust in research and the institutions that carry it out by relying on vague notions of the anonymization process. Research participants whose lack of clear understanding of the research process is compensated for by trusting those carrying out the research may have that trust damaged if the level of protection given to their data does not match their expectations. One step toward ensuring understanding between parties would be consistent use of clearly defined terminology used internationally, so that all those involved are clear on the level of identifiability of any particular set of data and, therefore, how that data can be accessed and shared.
Collapse
Affiliation(s)
- Susan E Wallace
- Department of Health Sciences, University of Leicester , Centre for Medicine, Leicester, United Kingdom
| |
Collapse
|
3
|
Kaye J, Briceño Moraia L, Mitchell C, Bell J, Bovenberg JA, Tassé AM, Knoppers BM. Access Governance for Biobanks: The Case of the BioSHaRE-EU Cohorts. Biopreserv Biobank 2016; 14:201-6. [PMID: 27183185 PMCID: PMC5939924 DOI: 10.1089/bio.2015.0124] [Citation(s) in RCA: 19] [Impact Index Per Article: 2.4] [Reference Citation Analysis] [Abstract] [Track Full Text] [Download PDF] [Figures] [Journal Information] [Subscribe] [Scholar Register] [Indexed: 02/04/2023] Open
Abstract
Currently, researchers have to apply separately to individual biobanks if they want to carry out studies that use samples and data from multiple biobanks. This article analyzes the access governance arrangements of the original five biobank members of the Biobank Standardisation and Harmonisation for Research Excellence in the European Union (BioSHaRE-EU) project in Finland, Germany, the Netherlands, Norway, and the United Kingdom to identify similarities and differences in policies and procedures, and consider the potential for internal policy “harmonization.” Our analysis found differences in the range of researchers and organizations eligible to access biobanks; application processes; requirements for Research Ethics Committee approval; and terms of Material Transfer Agreements relating to ownership and commercialization. However, the main elements of access are the same across biobanks; access will be granted to bona fide researchers conducting research in the public interest, and all biobanks will consider the scientific merit of the proposed use and it's compatibility with the biobank's objectives. These findings suggest potential areas for harmonization across biobanks. This could be achieved through a single centralized application to a number of biobanks or a system of mutual recognition that places a presumption in favor of access to one biobank if already approved by another member of the same consortium. Biobanking and Biomolecular Resources Research Infrastructure-European Research Infrastructure Consortia (BBMRI-ERIC), a European consortium of biobanks and bioresources with its own ethical, legal, and social implications (ELSI) common service, could provide a platform by developing guidelines for harmonized internal processes.
Collapse
Affiliation(s)
- Jane Kaye
- 1 HeLEX Centre for Health, Law and Emerging Technologies, Nuffield Department of Population Health, University of Oxford , Oxford, United Kingdom
| | - Linda Briceño Moraia
- 1 HeLEX Centre for Health, Law and Emerging Technologies, Nuffield Department of Population Health, University of Oxford , Oxford, United Kingdom
| | - Colin Mitchell
- 1 HeLEX Centre for Health, Law and Emerging Technologies, Nuffield Department of Population Health, University of Oxford , Oxford, United Kingdom
| | - Jessica Bell
- 1 HeLEX Centre for Health, Law and Emerging Technologies, Nuffield Department of Population Health, University of Oxford , Oxford, United Kingdom
| | | | - Anne-Marie Tassé
- 3 Public Population Project in Genomics and Society (P3G) , Montreal, Canada
| | - Bartha Maria Knoppers
- 3 Public Population Project in Genomics and Society (P3G) , Montreal, Canada .,4 Centre of Genomics and Policy, McGill University , Montreal, Canada
| |
Collapse
|
4
|
Kaye J, Bell J, Briceno L, Mitchell C. Biobank Report: United Kingdom. THE JOURNAL OF LAW, MEDICINE & ETHICS : A JOURNAL OF THE AMERICAN SOCIETY OF LAW, MEDICINE & ETHICS 2016; 44:96-105. [PMID: 27256127 DOI: 10.1177/1073110516644202] [Citation(s) in RCA: 2] [Impact Index Per Article: 0.3] [Reference Citation Analysis] [Abstract] [MESH Headings] [Grants] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 06/05/2023]
Abstract
The United Kingdom is a leader in genomics research, and the presence of numerous types of biobanks and the linking of health data and research within the UK evidences the importance of biobank-based research in the UK. There is no biobank-specific law in the UK and research on biobank materials is governed by a confusing set of statutory law, common law, regulations, and guidance documents. Several layers of applicable law, from European to local, further complicate an understanding of privacy protections. Finally, biobanks frequently contain data in addition to the samples; the legal framework in the UK generally differentiates between data and samples and the form of the data affects the applicability of legal provisions. Biobanks must be licensed by the Human Tissue Authority; certain projects must be reviewed by Research Ethics Committees, and all projects are encouraged to be reviewed by them. Data Access Committees in biobanks are also common in the UK. While this confusing array of legal provisions leaves privacy protections in biobanking somewhat unclear, changes at the EU level may contribute to harmonization of approaches to privacy.
Collapse
Affiliation(s)
- Jane Kaye
- Jane Kaye, Grad Dip Leg Pract, is the Director of the HeLEX Centre. Jessica Bell, LL.B., M.A., joined HeLEX in March 2014 as research assistant to Professor Jane Kaye. Colin Mitchell, M.St., joined HeLEX in January 2014 as a researcher in law. Linda Briceno, LL.B., D.Phil., was a researcher in law at HeLEX until July 2015
| | - Jessica Bell
- Jane Kaye, Grad Dip Leg Pract, is the Director of the HeLEX Centre. Jessica Bell, LL.B., M.A., joined HeLEX in March 2014 as research assistant to Professor Jane Kaye. Colin Mitchell, M.St., joined HeLEX in January 2014 as a researcher in law. Linda Briceno, LL.B., D.Phil., was a researcher in law at HeLEX until July 2015
| | - Linda Briceno
- Jane Kaye, Grad Dip Leg Pract, is the Director of the HeLEX Centre. Jessica Bell, LL.B., M.A., joined HeLEX in March 2014 as research assistant to Professor Jane Kaye. Colin Mitchell, M.St., joined HeLEX in January 2014 as a researcher in law. Linda Briceno, LL.B., D.Phil., was a researcher in law at HeLEX until July 2015
| | - Colin Mitchell
- Jane Kaye, Grad Dip Leg Pract, is the Director of the HeLEX Centre. Jessica Bell, LL.B., M.A., joined HeLEX in March 2014 as research assistant to Professor Jane Kaye. Colin Mitchell, M.St., joined HeLEX in January 2014 as a researcher in law. Linda Briceno, LL.B., D.Phil., was a researcher in law at HeLEX until July 2015
| |
Collapse
|
5
|
Abstract
High throughput approaches such as whole genome sequencing (WGS) and whole exome sequencing (WES) create an unprecedented amount of data providing powerful resources for clinical care and research. Recently, WGS and WES services have been made available by commercial direct-to-consumer (DTC) companies. The DTC offer of genetic testing (GT) has already brought attention to potentially problematic issues such as the adequacy of consumers' informed consent and transparency of companies' research activities. In this study, we analysed the websites of four DTC GT companies offering WGS and/or WES with regard to their policies governing storage and future use of consumers' data and samples. The results are discussed in relation to recommendations and guiding principles such as the “Statement of the European Society of Human Genetics on DTC GT for health-related purposes” (2010) and the “Framework for responsible sharing of genomic and health-related data” (Global Alliance for Genomics and Health, 2014). The analysis reveals that some companies may store and use consumers' samples or sequencing data for unspecified research and share the data with third parties. Moreover, the companies do not provide sufficient or clear information to consumers about this, which can undermine the validity of the consent process. Furthermore, while all companies state that they provide privacy safeguards for data and mention the limitations of these, information about the possibility of re-identification is lacking. Finally, although the companies that may conduct research do include information regarding proprietary claims and commercialisation of the results, it is not clear whether consumers are aware of the consequences of these policies. These results indicate that DTC GT companies still need to improve the transparency regarding handling of consumers' samples and data, including having an explicit and clear consent process for research activities.
Collapse
|
6
|
Dove ES. Biobanks, Data Sharing, and the Drive for a Global Privacy Governance Framework. THE JOURNAL OF LAW, MEDICINE & ETHICS : A JOURNAL OF THE AMERICAN SOCIETY OF LAW, MEDICINE & ETHICS 2015; 43:675-689. [PMID: 26711409 DOI: 10.1111/jlme.12311] [Citation(s) in RCA: 16] [Impact Index Per Article: 1.8] [Reference Citation Analysis] [Abstract] [MESH Headings] [Grants] [Track Full Text] [Subscribe] [Scholar Register] [Indexed: 06/05/2023]
Abstract
Biobanks are a key emerging biomedical research infrastructure. They manifest the turn towards greater global sharing of genomic and health-related data, which is considered by many to be an ethical and scientific imperative. Our collective interests lie in improving the health and welfare of individuals, communities, and populations; improving health and welfare requires access to, and use of, widely dispersed quality data. But sharing these individual and familial data requires in turn that due thought be given to the ethical and legal interests at stake. Most critically, data sharing must occur in an environment whereby privacy interests are safeguarded throughout the lifecycle of biobank initiatives, and regardless of the locations where the data are stored, to which they are sent, and where they are ultimately processed. In this article, I outline the complex dimensions of data privacy regulation that challenge data sharing within the biobanking context. I discuss how harmonization may be a remedy for the gaps and marked differences of approach in data privacy regulation. Finally, I encourage the development of foundational responsible data sharing principles set within an overarching governance framework that provides assurance that reasonable expectations of privacy will be met.
Collapse
Affiliation(s)
- Edward S Dove
- Ph.D. candidate in the School of Law at the University of Edinburgh. Previously, he was an Academic Associate at the Centre of Genomics and Policy at McGill University in Montreal. He received his LL.M. degree from Columbia University
| |
Collapse
|