ENSURING THE TRUSTWORTHY REUSE OF HEALTH DATA FOR RESEARCH Dipak Kalra President Electronic Health Records for Clinical Research
Ensuring the trustworthy reuse of health data for research ▪ Compliance with data protection legislation, at a European level and across all European Member States ▪ Consistent information governance practices and expectations across Europe ▪ Societally acceptable codes of good practice for governing many uses of health data ▪ Reflect state of the art in privacy protection and information security ▪ Greater confidence and reduced risk for those providing data for research use e.g. hospitals, GPs, patients ▪ Greater confidence and reduced risk for those performing the research, managing the data or sponsoring the research ▪ Greater societal endorsement of public health and research uses of health data ▪ A scaling up of learning from health data, leading to more rapid innovation in treatments, and accelerated health system transformation towards better health outcomes 2
Some key principles for trustworthy reuse of health data: the EHR4CR example Segregation… of the research data warehouse from the EHR De- identification… individual patient data are de-identifed (anonymised, pseudonymised, to best Control… practice standards) lock/unlock access by hospital or GP practice Consolidation… only aggregated patient numbers leave the healthcare site Governance… independent institute ensures data are accessed in a trustworthy way 3
Need to remove the bottlenecks to accessing and combining health data from diverse sources across Europe • Only patient counts leave a hospital • Transient data pools per specific • Provenance metadata captured throughout research question and team • Platform never stores or communicates the architecture • Ethical code of practice data about single data subjects • Strong separation between zones for • Only treating physicians can re-identify • Limited to (pre-agreed) bona fide clinical use and research use candidate patients research • Pseudo-identification and linkage managed • Standard operating rules • Pre-agreed purposes of use by a trusted “middle” zone • Robust identify management, • allows flexibility as to where the 'linkage • Requirement for data sharing information security and audit zone' is provided agreements There is a need for harmonised best practices & sustainability 4
i~HD information governance services ▪ Quality labelling criteria for the platform and services, including components deployed at hospitals, and in other data sources ▪ Codes of Practice for feasibility studies and for remote data access and sharing ▪ Standard Operating Rules ▪ Legal requirements and their implementation through specific technical safeguards and specified duties, to ensure proper use of the platform ▪ Standard Operating Procedures ▪ Access Controls, Incident Management, Audit & Monitoring, Study Management, Organisation Management ▪ Staff competence checklist and training resources about data management and privacy protection when using the platform ▪ for hospital staff, pharma and academic research staff, for platform service providers ▪ i~HD Information Governance Board, providing oversight 5
Staff competence ▪ Staff using the platform services and applications, in pharma, hospitals, and the service providers must ▪ meet defined standards of knowledge and competence ▪ work to an agreed Code of Conduct and Ethics ▪ a high-level catalogue of rights and duties concerning privacy while conducting clinical trials and reusing clinical data for research ▪ Main areas covered ▪ Work To high professional standards ▪ Personal behaviour, processes, Good practices, Data and systems, Outcomes, Mitigating risk ▪ Respect the rights and professional interests of others (staff and colleagues) ▪ Protect and promote the interests of patients and the public ▪ Promote the standards and status of clinical research professionals 12
ECRIN, infrastructure for multinational trials in Europe ▪ Coordinating services provided by national partners ESFRI-roadmap infrastructure „ERIC“ status Coordinating centre (Paris) National partners / national hubs European Correspondent hosted in national hub Develop tools for multinational trials Support trial preparation and conduct Including data managemeent services through ECRIN-certified data centres 13 13
i~HD Information Governance Board: activities ▪ Confirms the suitability of the i~HD governance instruments ▪ Confirms that all deployed platform components and services have been certified, and all connected organisations have a staff accreditation programme ▪ Reviews activity and incident logs on a regular basis ▪ Receives and investigates all incidents and apply escalation and remediation as appropriate ▪ Provides regular reports for the i~HD Executive Board, key stakeholders and for the public ▪ Monitors the evolving legislative and regulatory landscape, and make recommendations for updates to the governance instruments as needed 14
i~HD Information Governance Board: proposed constitution ▪ Patient association representatives ▪ Privacy protection legal experts, EU and some national ▪ Hospital privacy protection officers ▪ Medicines regulatory experts ▪ Information security experts ▪ Service Provider representative as an observer ▪ i~HD appointed representative as an observer ▪ Other expertise may be co-opted as needed 15
Enriching knowledge and enhancing care through health data
Recommend
More recommend
