An ethical code for collecting, using and transferring sensitive health data: outcomes of a modified Policy Delphi process in Singapore.

One of the core goals of Digital Health Technologies (DHT) is to transform healthcare services and delivery by shifting primary care from hospitals into the community. However, achieving this goal will rely on the collection, use and storage of large datasets. Some of these datasets will be linked to multiple sources, and may include highly sensitive health information that needs to be transferred across institutional and jurisdictional boundaries. The growth of DHT has outpaced the establishment of clear legal pathways to facilitate the collection, use and transfer of potentially sensitive health data. Our study aimed to address this gap with an ethical code to guide researchers developing DHT with international collaborative partners in Singapore. We generated this code using a modified Policy Delphi process designed to engage stakeholders in the deliberation of health data ethics and governance. This paper reports the outcomes of this process along with the key components of the code and identifies areas for future research.

Does Legislation Impede Data Sharing in Australia Across Institutions and Jurisdictions? A Scoping Review.

In Australia, regulations governing data, including formal legislation and policies promulgated by private and public agencies, are often seen as a barrier to data sharing. This sharing can include between institutions, as well as across jurisdictional borders in a federated jurisdiction such as Australia. In some cases, these regulations place a barrier to sharing data across borders or between institutions without a prerequisite requirement. In other cases, these regulations may be perceived as a justification not to share data. The objective of this review was to analyse published literature from Australia to see what regulations were used to justify not sharing data, along with any other factors that might discourage data sharing. We searched PubMed, Scopus and Web of Science for empirical and policy articles discussing data sharing in Australia. We then filtered these results via abstract and conducted a full text assessment to include 33 articles for analysis. Although there are a few areas of notable regulatory divergence with respect to legislation governing health data, most regulations in Australia are relatively consistent. Further, the absence of uniform ethics approval between sites in different states was frequently cited as a barrier to data sharing.

Health data privacy through homomorphic encryption and distributed ledger computing: an ethical-legal qualitative expert assessment study.

BACKGROUND: Increasingly, hospitals and research institutes are developing technical solutions for sharing patient data in a privacy preserving manner. Two of these technical solutions are homomorphic encryption and distributed ledger technology. Homomorphic encryption allows computations to be performed on data without this data ever being decrypted. Therefore, homomorphic encryption represents a potential solution for conducting feasibility studies on cohorts of sensitive patient data stored in distributed locations. Distributed ledger technology provides a permanent record on all transfers and processing of patient data, allowing data custodians to audit access. A significant portion of the current literature has examined how these technologies might comply with data protection and research ethics frameworks. In the Swiss context, these instruments include the Federal Act on Data Protection and the Human Research Act. There are also institutional frameworks that govern the processing of health related and genetic data at different universities and hospitals. Given Switzerland's geographical proximity to European Union (EU) member states, the General Data Protection Regulation (GDPR) may impose additional obligations. METHODS: To conduct this assessment, we carried out a series of qualitative interviews with key stakeholders at Swiss hospitals and research institutions. These included legal and clinical data management staff, as well as clinical and research ethics experts. These interviews were carried out with two series of vignettes that focused on data discovery using homomorphic encryption and data erasure from a distributed ledger platform. RESULTS: For our first set of vignettes, interviewees were prepared to allow data discovery requests if patients had provided general consent or ethics committee approval, depending on the types of data made available. Our interviewees highlighted the importance of protecting against the risk of reidentification given different types of data. For our second set, there was disagreement amongst interviewees on whether they would delete patient data locally, or delete data linked to a ledger with cryptographic hashes. Our interviewees were also willing to delete data locally or on the ledger, subject to local legislation. CONCLUSION: Our findings can help guide the deployment of these technologies, as well as determine ethics and legal requirements for such technologies.

Health Technology and Big Data: Social Licence, Trust and the Law.

Technology is empowering advances in health care, extending beyond the clinical interface to the collection, collation and use of personal data. While this advance has the potential for population-wide benefits, there are legal and ethical challenges which carry the risk of both individual and collective harms. This section critically appraises the existing approach to the governance of health data in Australia. This approach is grounded in the principles of autonomy, privacy and respect for individual choice. This section then identifies the broader imperatives of social good, public health, improvement of outcomes and advancement of knowledge and the importance of balancing individual and collective interests. Central to this discussion are the concepts of social licence and avoiding ethical debt. A significant challenge to the appropriate sharing and use of health data are the existing regulatory barriers (both perceived and actual) and these are explored in some detail.

Provenance and risk in transfer of biological materials.

Whereas biological materials were once transferred freely, there has been a marked shift in the formalisation of exchanges involving these materials, primarily through the use of Material Transfer Agreements (MTAs). This paper considers how risk aversion dominates MTA negotiations and the impact it may have on scientific progress. Risk aversion is often based on unwarranted fears of incurring liability through the use of a material or loss of control or missing out on commercialisation opportunities. Evidence to date has suggested that complexity tends to permeate even straightforward transactions despite extensive efforts to implement simple, standard MTAs. We argue that in most cases, MTAs need do little more than establish provenance, and any attempt to extend MTAs beyond this simple function constitutes stifling behaviour. Drawing on available examples of favourable practice, we point to a number of strategies that may usefully be employed to reduce risk-averse tendencies, including the promotion of simplicity, education of those engaged in the MTA process, and achieving a cultural shift in the way in which technology transfer office (TTO) success is measured in institutions employing MTAs.

Revolutionizing Medical Data Sharing Using Advanced Privacy-Enhancing Technologies: Technical, Legal, and Ethical Synthesis.

Multisite medical data sharing is critical in modern clinical practice and medical research. The challenge is to conduct data sharing that preserves individual privacy and data utility. The shortcomings of traditional privacy-enhancing technologies mean that institutions rely upon bespoke data sharing contracts. The lengthy process and administration induced by these contracts increases the inefficiency of data sharing and may disincentivize important clinical treatment and medical research. This paper provides a synthesis between 2 novel advanced privacy-enhancing technologies-homomorphic encryption and secure multiparty computation (defined together as multiparty homomorphic encryption). These privacy-enhancing technologies provide a mathematical guarantee of privacy, with multiparty homomorphic encryption providing a performance advantage over separately using homomorphic encryption or secure multiparty computation. We argue multiparty homomorphic encryption fulfills legal requirements for medical data sharing under the European Union's General Data Protection Regulation which has set a global benchmark for data protection. Specifically, the data processed and shared using multiparty homomorphic encryption can be considered anonymized data. We explain how multiparty homomorphic encryption can reduce the reliance upon customized contractual measures between institutions. The proposed approach can accelerate the pace of medical research while offering additional incentives for health care and research institutes to employ common data interoperability standards.

An ethico-legal assessment of intellectual property rights and their effect on COVID-19 vaccine distribution: an Australian case study.

This article posits that Australia, as an affluent country with increasing capacity to manufacture vaccines, has an obligation to assist its regional (and global) counterparts in implementing vaccination programs that protect their populations. First, the article explores the capacity of high-income nations to meet their obligations, assist their neighbours and refrain from vaccine nationalism. This inquiry involves an analysis of the optimal ethical strategy for distributing vaccines globally, and the role that Australia might play in this distribution strategy. Secondly, the article examines the intellectual property landscape for vaccines in Australia, focusing on the patents that cover vaccine compositions and manufacturing techniques (recognizing the potential for know-how and access to materials as well as patents to affect manufacturing capacity). This article then discusses the strategies the Australian Government has at its disposal to counter potential intellectual property impediments whilst complying with existing obligations under the Agreement on Trade-related Aspects of Intellectual Property Rights (TRIPS), as an ethically appropriate response to the pandemic. This article also considers whether a so-called TRIPS waiver could provide better options and concludes that the challenge of compelling disclosure of know-how remains.

Benefits, challenges, and contributors to success for national eHealth systems implementation: a scoping review.

OBJECTIVE: Our scoping review aims to assess what legal, ethical, and socio-technical factors contribute to or inhibit the success of national eHealth system implementations. In addition, our review seeks to describe the characteristics and benefits of eHealth systems. MATERIALS AND METHODS: We conducted a scoping review of literature published in English between January 2000 and 2020 using a keyword search on 5 databases: PubMed, Scopus, Web of Science, IEEEXplore, and ProQuest. After removal of duplicates, abstract screening, and full-text filtering, 86 articles were included from 8276 search results. RESULTS: We identified 17 stakeholder groups, 6 eHealth Systems areas, and 15 types of legal regimes and standards. In-depth textual analysis revealed challenges mainly in implementation, followed by ethico-legal and data-related aspects. Key factors influencing success include promoting trust of the system, ensuring wider acceptance among users, reconciling the system with legal requirements, and ensuring an adaptable technical platform. DISCUSSION: Results revealed support for decentralized implementations because they carry less implementation and engagement challenges than centralized ones. Simultaneously, due to decentralized systems' interoperability issues, federated implementations (with a set of national standards) might be preferable. CONCLUSION: This study identifies the primary socio-technical, legal, and ethical factors that challenge and contribute to the success of eHealth system implementations. This study also describes the complexities and characteristics of existing eHealth implementation programs, and suggests guidance for resolving the identified challenges.

Digital tools against COVID-19: taxonomy, ethical challenges, and navigation aid.

Data collection and processing via digital public health technologies are being promoted worldwide by governments and private companies as strategic remedies for mitigating the COVID-19 pandemic and loosening lockdown measures. However, the ethical and legal boundaries of deploying digital tools for disease surveillance and control purposes are unclear, and a rapidly evolving debate has emerged globally around the promises and risks of mobilising digital tools for public health. To help scientists and policy makers to navigate technological and ethical uncertainty, we present a typology of the primary digital public health applications that are in use. These include proximity and contact tracing, symptom monitoring, quarantine control, and flow modelling. For each, we discuss context-specific risks, cross-sectional issues, and ethical concerns. Finally, recognising the need for practical guidance, we propose a navigation aid for policy makers and other decision makers for the ethical development and use of digital public health tools.

Data protection and ethics requirements for multisite research with health data: a comparative examination of legislative governance frameworks and the role of data protection technologies.

Personalised medicine can improve both public and individual health by providing targeted preventative and therapeutic healthcare. However, patient health data must be shared between institutions and across jurisdictions for the benefits of personalised medicine to be realised. Whilst data protection, privacy, and research ethics laws protect patient confidentiality and safety they also may impede multisite research, particularly across jurisdictions. Accordingly, we compare the concept of data accessibility in data protection and research ethics laws across seven jurisdictions. These jurisdictions include Switzerland, Italy, Spain, the United Kingdom (which have implemented the General Data Protection Regulation), the United States, Canada, and Australia. Our paper identifies the requirements for consent, the standards for anonymisation or pseudonymisation, and adequacy of protection between jurisdictions as barriers for sharing. We also identify differences between the European Union and other jurisdictions as a significant barrier for data accessibility in cross jurisdictional multisite research. Our paper concludes by considering solutions to overcome these legislative differences. These solutions include data transfer agreements and organisational collaborations designed to `front load' the process of ethics approval, so that subsequent research protocols are standardised. We also allude to technical solutions, such as distributed computing, secure multiparty computation and homomorphic encryption.