Advertisement

The Challenge of Data Privacy Compliant Registry Based Research

Open ArchivePublished:March 16, 2018DOI:https://doi.org/10.1016/j.ejvs.2018.02.018
      Large scale use of real world data in vascular research projects has become a central point for discussion among scientific collaborations worldwide. As there is a distinct diversity of patients with various vascular diseases undergoing a broad range of diagnostic and treatment approaches, it remains unclear whether results from randomised controlled trials (RCTs) can always reflect the non-homogeneous treatment reality. In addition, the design of a RCT is not suited for quality improvement. To improve the paucity of evidence and to implement quality improvement in vascular maintenance, several national registries and international collaborations such as VASCUNET (including 12 registries in Europe, Australia, and New Zealand) or the International Consortium of Vascular Registries (ICVR) are collecting an increasing amount of data.
      • Bjorck M.
      • Beiles B.
      • Menyhei G.
      • Thomson I.
      • Wigger P.
      • Venermo M.
      • et al.
      Editor's choice: contemporary treatment of popliteal artery aneurysm in eight countries: a Report from the Vascunet collaboration of registries.
      • Lees T.
      • Troeng T.
      • Thomson I.A.
      • Menyhei G.
      • Simo G.
      • Beiles B.
      • et al.
      International variations in infrainguinal bypass surgery - a VASCUNET report.
      • Mani K.
      • Lees T.
      • Beiles B.
      • Jensen L.P.
      • Venermo M.
      • Simo G.
      • et al.
      Treatment of abdominal aortic aneurysm in nine countries 2005–2009: a vascunet report.
      • Venermo M.
      • Wang G.
      • Sedrakyan A.
      • Mao J.
      • Eldrup N.
      • DeMartino R.
      • et al.
      Editor's choice – carotid stenosis treatment: variation in international practice patterns.
      • Beck A.W.
      • Sedrakyan A.
      • Mao J.
      • Venermo M.
      • Faizer R.
      • Debus S.
      • et al.
      International Consortium of Vascular R
      Variations in abdominal aortic aneurysm care: a report from the international consortium of vascular registries.
      • Budtz-Lilly J.
      • Venermo M.
      • Debus S.
      • Behrendt C.A.
      • Altreuther M.
      • Beiles B.
      • et al.
      Editor's choice – assessment of international outcomes of intact abdominal aortic aneurysm repair over 9 years.
      Cross border merging and comparison of these data are valuable in terms of rare events (outcomes) or diseases. In the field of rare entities such as genetic aortic diseases, the European Union (EU) Reference Networks on Rare Diseases (ERNs) support cross border exchange and collection of medical data in terms of research and quality improvement.
      To date, the scientific discussion mostly considers external and internal validation of registry data.
      • Bergqvist D.
      • Björck M.
      • Lees T.
      • Menyhei G.
      Validation of the VASCUNET registry – pilot study.
      • Debus S.E.
      Vascunet registry validated.
      • Venermo M.
      • Mani K.
      • Kolh P.
      The quality of a registry based study depends on the quality of the data – without validation, it is questionable.
      • Björck M.
      • Mani K.
      Publication of vascular surgical registry data: strengths and limitations.
      However, in the light of so called “big data” applications in modern medicine, another topic has recently arisen. Although the term “big data” is diversely used, it is commonly characterised by its big volume, variety, velocity, and variability.
      • Technology UDoC-NIoSa
      NIST big data interoperability framework: volume 1, definitions.
      To meet changing requirements in the field of digital health care, the European Commission proposed a comprehensive reform of data protection rules in the EU. After a transition phase, the EU General Data Protection Regulation (EU-GDPR) will come into force from May 25, 2018 and then replace the existing Federal Data Protection Act. All 28 governments of the EU are working to adapt their national data protection legislation to be in line with the EU-GDPR. New EU data protection legislation
      • EUR-Lex
      Regulation (EU) 2016/679 of the European parliament and of the council, General Data Protection Regulation (GDPR).
      aims to create a uniform set of rules across the EU fit for the digital era, to improve certainty as to the law, and boost trust in the digital single market for citizens. The Article 29 Working Party (WP29) is in charge of providing expert opinions to the European Commission and codes of conduct at community level.
      Conscientiously dealing with this subject is of the utmost importance before implementing registry based projects in medical research or quality improvement.
      • Behrendt C.A.
      • Pridohl H.
      • Schaar K.
      • Federrath H.
      • Debus E.S.
      Clinical registers in the twenty-first century : balancing act between data protection and feasibility?.
      Since Sweeney
      • Sweeney L.
      k-anonymity: a model for protecting privacy.
      introduced the term “k-anonymity” as a model for protecting privacy in real world data systems, the importance of this aspect has been increasingly noted. A crosslink between growing data sources potentially allows for re-identifying single individuals. The reform of the data protection legal framework aims to consider these aspects and to harmonise data privacy across the EU through a total of 99 articles and 173 recitals. Local Data Protection Authorities will monitor compliance. A fine of up to 20 million Euros or 4% of global annual turnover means a significant increase in the cost of non-compliance. Several aspects must be highlighted: A local data protection officer must be involved before and during processing of personal data on genetics and health. The controller, who determines the purposes and means of the processing of personal data, shall maintain a record of processing activities under their responsibility. Where processing is to be carried out on behalf of a controller, the controller shall use only processors providing sufficient guarantees to implement appropriate technical and organisational measures to ensure the protection of personal data. A mandatory data protection impact assessment (DPIA)
      • European Commission
      WP29 guidelines on Data Protection Impact Assessment (DPIA) for the purposes of regulation 2016/679.
      must be carried out, describing all potential harms and suitable safeguards especially for information on health or race. The EU-GDPR facilitates the data processing for scientific research. Article 89 is devoted to this purpose.Processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes, shall be subject to appropriate safeguards, in accordance with this Regulation, for the rights and freedoms of the data subject. Those safeguards shall ensure that technical and organizational measures are in place in particular in order to ensure respect for the principle of data minimization. Those measures may include pseudonymization provided that those purposes can be fulfilled in that manner. Where those purposes can be fulfilled by further processing which does not permit or no longer permits the identification of data subjects, those purposes shall be fulfilled in that manner.”
      If data are transferred to countries that have not been approved by the EU authorities, legal arrangements are necessary.
      Clear informed consent is necessary to process data and plain language is recommended to clarify who exactly is collecting what data for what reason and how long it will be stored or forwarded. The EU-GDPR specifies in recital 33:It is often not possible to fully identify the purpose of personal data processing for scientific research purposes at the time of data collection. Therefore, data subjects should be allowed to give their consent to certain areas of scientific research when in keeping with recognised ethical standards for scientific research. Data subjects should have the opportunity to give their consent only to certain areas of research or parts of research projects to the extent allowed by the intended purpose.”
      The EU-GDPR introduces the requirement for a personal data breach to be notified to the competent national supervisory authority within 72 h and, in certain cases, to the individuals whose personal data have been affected by the breach.
      • European Commission
      WP29 guidelines on personal data breach notification under regulation 2016/679.
      For example, if medical records in a hospital are unavailable for a period of 30 h because of a cyber attack, the hospital is obliged to notify the supervisory authority and the data subject because of the high risk to patients' well being and privacy. In the field of medical research, advances in capabilities of big data analytics and artificial intelligence have made it easier to make automated decisions, but these have associated impacts on individuals' rights and freedoms.
      The EU-GDPR introduces new provisions to address risks arising from profiling and automated individual decision making,
      • European Commission
      WP29 guidelines on automated individual decision-making and profiling for the purposes of regulation 2016/679.
      notably privacy. A DPIA is required in the case ofa systematic and extensive evaluation of personal aspects relating to natural persons which is based on automated processing, including profiling, and on which decisions are based that produce legal effects concerning the natural person or similarly significantly affect the natural person.”
      Privacy by design” will become an essential principle and will incentivise business to innovate and develop new projects and methods for the security and protection of personal data.
      Nonetheless, several aspects of the EU-GDPR remain controversial. For instance, processing genetic data (e.g. genetic mutations in aortic diseases) necessitates informed consent not only by the patients but also by their relatives. Furthermore, depending on the rarity of the mutation and the volume of data within the registry project, it might be impossible to de-identify the patient. Lastly, because of the growing volume and variety of data, safeguards that are reasonable today might lose validity in the future. Therefore, regular re-evaluation is necessary.

      References

        • Bjorck M.
        • Beiles B.
        • Menyhei G.
        • Thomson I.
        • Wigger P.
        • Venermo M.
        • et al.
        Editor's choice: contemporary treatment of popliteal artery aneurysm in eight countries: a Report from the Vascunet collaboration of registries.
        Eur J Vasc Endovasc Surg. 2014; 47: 164-171
        • Lees T.
        • Troeng T.
        • Thomson I.A.
        • Menyhei G.
        • Simo G.
        • Beiles B.
        • et al.
        International variations in infrainguinal bypass surgery - a VASCUNET report.
        Eur J Vasc Endovasc Surg. 2012; 44: 185-192
        • Mani K.
        • Lees T.
        • Beiles B.
        • Jensen L.P.
        • Venermo M.
        • Simo G.
        • et al.
        Treatment of abdominal aortic aneurysm in nine countries 2005–2009: a vascunet report.
        Eur J Vasc Endovasc Surg. 2011; 42: 598-607
        • Venermo M.
        • Wang G.
        • Sedrakyan A.
        • Mao J.
        • Eldrup N.
        • DeMartino R.
        • et al.
        Editor's choice – carotid stenosis treatment: variation in international practice patterns.
        Eur J Vasc Endovasc Surg. 2017; 53: 511-519
        • Beck A.W.
        • Sedrakyan A.
        • Mao J.
        • Venermo M.
        • Faizer R.
        • Debus S.
        • et al.
        • International Consortium of Vascular R
        Variations in abdominal aortic aneurysm care: a report from the international consortium of vascular registries.
        Circulation. 2016; 134: 1948-1958
        • Budtz-Lilly J.
        • Venermo M.
        • Debus S.
        • Behrendt C.A.
        • Altreuther M.
        • Beiles B.
        • et al.
        Editor's choice – assessment of international outcomes of intact abdominal aortic aneurysm repair over 9 years.
        Eur J Vasc Endovasc Surg. 2017; 54: 13-20
        • Bergqvist D.
        • Björck M.
        • Lees T.
        • Menyhei G.
        Validation of the VASCUNET registry – pilot study.
        Vasa. 2014; 43: 141-144
        • Debus S.E.
        Vascunet registry validated.
        Vasa. 2014; 43: 86-87
        • Venermo M.
        • Mani K.
        • Kolh P.
        The quality of a registry based study depends on the quality of the data – without validation, it is questionable.
        Eur J Vasc Endovasc Surg. 2017; 53: 611-612
        • Björck M.
        • Mani K.
        Publication of vascular surgical registry data: strengths and limitations.
        Eur J Vasc Endovasc Surg. 2017; 54: 788
        • Technology UDoC-NIoSa
        NIST big data interoperability framework: volume 1, definitions.
        2015
        • EUR-Lex
        Regulation (EU) 2016/679 of the European parliament and of the council, General Data Protection Regulation (GDPR).
        2016 (Retrieved from)
        • European Parliament
        Data protection reform – parliament approves new rules fit for the digital era.
        2016 (Retrived from)
        • European Commission
        Article 29 working party.
        2017 (Retrieved from)
        • Behrendt C.A.
        • Pridohl H.
        • Schaar K.
        • Federrath H.
        • Debus E.S.
        Clinical registers in the twenty-first century : balancing act between data protection and feasibility?.
        Chirurg. 2017; 88: 944-949
        • Sweeney L.
        k-anonymity: a model for protecting privacy.
        Int J Uncertain Fuzziness Knowledge-Based Syst. 2002; 10: 557-570
        • European Commission
        WP29 guidelines on Data Protection Impact Assessment (DPIA) for the purposes of regulation 2016/679.
        2017 (Retrieved from)
        • European Commission
        WP29 guidelines on personal data breach notification under regulation 2016/679.
        2017 (Retrieved from)
        • European Commission
        WP29 guidelines on automated individual decision-making and profiling for the purposes of regulation 2016/679.
        2017 (Retrieved from)

      Comments

      Commenting Guidelines

      To submit a comment for a journal article, please use the space above and note the following:

      • We will review submitted comments as soon as possible, striving for within two business days.
      • This forum is intended for constructive dialogue. Comments that are commercial or promotional in nature, pertain to specific medical cases, are not relevant to the article for which they have been submitted, or are otherwise inappropriate will not be posted.
      • We require that commenters identify themselves with names and affiliations.
      • Comments must be in compliance with our Terms & Conditions.
      • Comments are not peer-reviewed.