Privacy-Preserving Workflow for the Cross-Border Federated Analysis of Clinical Data.

The motivation behind this research is to perform a privacy-preserving analysis of data located at remote sites and in different jurisdictions with no possibility of sharing individual-level information. Here, we present key findings from requirements analysis and a resulting federated data analysis workflow built using open-source research software, where patient-level information is securely stored and never exposed during the analysis process. We present additional improvements to further strengthen the security of the workflow. We emphasize and showcase the use of data harmonization in the analysis. The data analysis is done using the R language for statistical computing and DataSHIELD libraries for non-disclosive analysis of sensitive data. The workflow was validated against two data analysis scenarios, confirming the results obtained with a centralized analysis approach. The clinical datasets are part of the large Pan-European SARS-Cov-2 cohort, collected and managed by the ORCHESTRA project. We demonstrate the viability of establishing a cross-border federated data analysis framework and conducting an analysis without exposing patient-level information, achieving results equivalent to centralized non-secure analysis. However, it is vital to ensure requirements associated with data harmonization, anonymization and IT infrastructure to maintain availability, usability and data security.

An innovative technological infrastructure for managing SARS-CoV-2 data across different cohorts in compliance with General Data Protection Regulation.

Background: The ORCHESTRA project, funded by the European Commission, aims to create a pan-European cohort built on existing and new large-scale population cohorts to help rapidly advance the knowledge related to the prevention of the SARS-CoV-2 infection and the management of COVID-19 and its long-term sequelae. The integration and analysis of the very heterogeneous health data pose the challenge of building an innovative technological infrastructure as the foundation of a dedicated framework for data management that should address the regulatory requirements such as the General Data Protection Regulation (GDPR). Methods: The three participating Supercomputing European Centres (CINECA - Italy, CINES - France and HLRS - Germany) designed and deployed a dedicated infrastructure to fulfil the functional requirements for data management to ensure sensitive biomedical data confidentiality/privacy, integrity, and security. Besides the technological issues, many methodological aspects have been considered: Berlin Institute of Health (BIH), Charité provided its expertise both for data protection, information security, and data harmonisation/standardisation. Results: The resulting infrastructure is based on a multi-layer approach that integrates several security measures to ensure data protection. A centralised Data Collection Platform has been established in the Italian National Hub while, for the use cases in which data sharing is not possible due to privacy restrictions, a distributed approach for Federated Analysis has been considered. A Data Portal is available as a centralised point of access for non-sensitive data and results, according to findability, accessibility, interoperability, and reusability (FAIR) data principles. This technological infrastructure has been used to support significative data exchange between population cohorts and to publish important scientific results related to SARS-CoV-2. Conclusions: Considering the increasing demand for data usage in accordance with the requirements of the GDPR regulations, the experience gained in the project and the infrastructure released for the ORCHESTRA project can act as a model to manage future public health threats. Other projects could benefit from the results achieved by ORCHESTRA by building upon the available standardisation of variables, design of the architecture, and process used for GDPR compliance.

International Clinical Research Data Ecosystem: From Data Standardization to Federated Analysis.

Within the HORIZON 2020 project ORCHESTRA, patient data from numerous clinical studies in Europe related to COVID-19 were harmonized to create new knowledge on the disease. In this article, we describe the ecosystem that was established for the management of data collected and contributed by project partners. Study protocols elements were mapped to interoperability standards to establish a common terminology. That served as the basis of identifying common concepts used across several studies. Harmonized data were used to perform analysis directly on a central database and also through federated analysis when data was not permitted to leave the local server(s). This ecosystem facilitates the answering of research questions and generation of new knowledge available for the scientific community.