ABSTRACT
BACKGROUND: The use of linked healthcare data in research has the potential to make major contributions to knowledge generation and service improvement. However, using healthcare data for secondary purposes raises legal and ethical concerns relating to confidentiality, privacy and data protection rights. Using a linkage and anonymisation approach that processes data lawfully and in line with ethical best practice to create an anonymous (non-personal) dataset can address these concerns, yet there is no set approach for defining all of the steps involved in such data flow end-to-end. We aimed to define such an approach with clear steps for dataset creation, and to describe its utilisation in a case study linking healthcare data. METHODS: We developed a data flow protocol that generates pseudonymous datasets that can be reversibly linked, or irreversibly linked to form an anonymous research dataset. It was designed and implemented by the Comprehensive Patient Records (CPR) study in Leeds, UK. RESULTS: We defined a clear approach that received ethico-legal approval for use in creating an anonymous research dataset. Our approach used individual-level linkage through a mechanism that is not computer-intensive and was rendered irreversible to both data providers and processors. We successfully applied it in the CPR study to hospital and general practice and community electronic health record data from two providers, along with patient reported outcomes, for 365,193 patients. The resultant anonymous research dataset is available via DATA-CAN, the Health Data Research Hub for Cancer in the UK. CONCLUSIONS: Through ethical, legal and academic review, we believe that we contribute a defined approach that represents a framework that exceeds current minimum standards for effective pseudonymisation and anonymisation. This paper describes our methods and provides supporting information to facilitate the use of this approach in research.
Subject(s)
Biomedical Research/methods , Confidentiality , Data Anonymization , Biomedical Research/ethics , Datasets as Topic , Electronic Data Processing/ethics , Electronic Data Processing/methods , Electronic Health Records/organization & administration , Humans , Information Storage and Retrieval , United KingdomABSTRACT
While tracking-data analytics can be a goldmine for institutions and companies, the inherent privacy concerns also form a legal, ethical and social minefield. We present a study that seeks to understand the extent and circumstances under which tracking-data analytics is undertaken with social licence-that is, with broad community acceptance beyond formal compliance with legal requirements. Taking a University campus environment as a case, we enquire about the social licence for Wi-Fi-based tracking-data analytics. Staff and student participants answered a questionnaire presenting hypothetical scenarios involving Wi-Fi tracking for university research and services. Our results present a Bayesian logistic mixed-effects regression of acceptability judgements as a function of participant ratings on 11 privacy dimensions. Results show widespread acceptance of tracking-data analytics on campus and suggest that trust, individual benefit, data sensitivity, risk of harm and institutional respect for privacy are the most predictive factors determining this acceptance judgement.
Subject(s)
Confidentiality/psychology , Data Collection/ethics , Data Mining/ethics , Electronic Data Processing/ethics , Privacy/psychology , Trust/psychology , Adolescent , Adult , Australia , Bayes Theorem , Female , Humans , Licensure , Male , Middle Aged , Surveys and Questionnaires , UniversitiesABSTRACT
O surgimento de novos softwares baseados em tecnologia blockchain lançam novas perguntas ao novo RGPD, criticado por ter sido criado tendo apenas em vista realidades virtuais centralizadas de controlo de dados. Apesar de quer o RGPD, quer o blockchaindesejarem objetivos comuns, como o aumento da transparência e da confiança na troca de dados online, a verdade é que em vários aspetos os desentendimentos entre ambos são reais: certas noções, como a de responsável pelo tratamento ou subcontratante, dificilmente se adequam; certos direitos, como o direito ao esquecimento ou à transferência de dados, correm o risco de perder conteúdo útil; ou mesmo certos princípios, como o da limitação de tratamento, dificilmente se compatibilizam com esta nova tecnología
La creación y el surgimiento de nuevos programas informáticos basados en la tecnología blockchain desafían el reciente GDPR con nuevas cuestiones, ya que se le critica tener en cuenta sólo las realidades virtuales basadas en el control centralizado de datos. A pesar de que tanto el RGDP como la blockchain comparten intereses comunes para aumentar la transparencia y la confianza en el intercambio de datos en línea, lo cierto es que, en varios aspectos, los malentendidos entre ambos son reales: algunas nociones como la de controlador o procesador de datos, son poco adecuadas; ciertos derechos, como el derecho al olvido o el derecho a la portabilidad de los datos corren el riesgo de perder su aplicación; o incluso ciertos principios, como la minimización de datos, son difícilmente compatibles con esta nueva tecnología
The creation and emergence of new software based on blockchain technology challenge the recent GDPR to new questions, as it is severely criticized for bearing in mind only virtual realities based on centralized data control. Despite both RGDP and blockchain share common interests in increasing transparency and confidence in online data exchange, the truth is that in several ways misunderstandings between the two are real: certain notions, such as data controller or processor, hardly adequate; certain rights, such as right to be forgotten or the right to data portability risk losing their enforcement; or even certain principles, such as data minimization, are hardly compatible with this new technology
La creació i el sorgiment de nous programes informàtics basats en la tecnologia blockchain desafien el recent GDPR amb noves qüestions, ja que se li critica tenir en compte només les realitats virtuals basades en el control centralitzat de dades. A pesar que tant el RGDP com la blockchain comparteixen interessos comuns per a augmentar la transparència i la confiança en l'intercanvi de dades en línia, la veritat és que, en diversos aspectes, els malentesos entre tots dos són reals: algunes nocions com la de controlador o processador de dades, són poc adequades; certs drets, com el dret a l'oblit o el dret a la portabilitat de les dades corren el risc de perdre la seva aplicació; o fins i tot certs principis, com la minimització de dades, són difícilment compatibles amb aquesta nova tecnología
Subject(s)
Software/ethics , Software/legislation & jurisprudence , Confidentiality , Computer Security/legislation & jurisprudence , Computer Communication Networks , Computer Communication Networks/legislation & jurisprudence , Data Curation/ethics , Electronic Data Processing/ethics , Electronic Data Processing/legislation & jurisprudenceABSTRACT
Health data processing fields face ethical and legal problems regarding fundamental rights. As we know, patients can benefit in the Digital Era from having health or medical information available, and medical decisions can be more effective with a better understanding of clinical histories, medical and health data thanks to the development of Artificial Intelligence, Internet of Things and other Digital technologies. However, at the same time, we need to guarantee fundamental rights, including privacy ones. The complaint about ethical and legal requirements - including constitutional ones - is particularly relevant in the processing of health data. This paper is focused on the problem of the consent required to the processing of health data and the exceptions established in the new European Union General Data Regulation, which cover the processing of this special data -within other aims- for scientific, historical and statistical research as legitimate purposes, which include biomedical research. The conclusion is that these open concepts are problematic both for the protection of privacy rights and for the legal security/certainty of research. On one hand there are several interpretation problems, regarding the processing of health data and the protection of information privacy. On the other hand, professionals must follow the Multilevel legal framework and to guarantee fundamental rights in the processing of health data, so there are also problems of interpretation for researchers. Therefore, we need a clearer legal framework for biomedical research
El tratamiento de los datos relativos a la salud se enfrenta a problemas éticos y legales relacionados con los derechos fundamentales. Como sabemos, los pacientes pueden beneficiarse en la era digital de tener a su disposición información médica o de salud, y asimismo las decisiones médicas pueden ser más efectivas con una mejor comprensión de historias clínicas, datos médicos y de salud gracias al desarrollo de Inteligencia Artificial, el Internet de las Cosas y otras tecnologías digitales. Sin embargo, al mismo tiempo, debemos garantizar los derechos fundamentales, incluidos los de privacidad. La preocupación sobre el cumplimiento de los requisitos éticos y legales, incluidos los constitucionales, es particularmente relevante en el tratamiento de datos de salud. Este trabajo se centra en el problema del consentimiento requerido para el tratamiento de datos de salud y las excepciones establecidas en el nuevo Reglamento General de Protección de Datos, que contempla el tratamiento de estos datos especiales con fines de investigación científica, histórica y estadística como propósitos legítimos, junto a otros. La conclusión que se obtiene es que estamos ante conceptos abiertos problemáticos tanto para la protección de los derechos vinculados a la privacidad como para la propia seguridad jurídica de la investigación. Por un lado, hay varios problemas de interpretación relacionados con el tratamiento de los datos de salud y la protección de la privacidad; éstos también afectan a los profesionales que deben llevar a cabo el tratamiento con respeto al marco legal multinivel aplicable y garantizar al mismo tiempo los derechos fundamentales. Por todo ello, se defiende que necesitamos un marco legal más claro para la investigación biomédica
Subject(s)
Humans , Confidentiality/legislation & jurisprudence , Privacy/legislation & jurisprudence , Informed Consent/legislation & jurisprudence , Research Subjects/legislation & jurisprudence , Research Report/legislation & jurisprudence , Duty to Warn/legislation & jurisprudence , Computer Security/legislation & jurisprudence , Biomedical Research/ethics , Ethics, Research , Electronic Data Processing/ethicsABSTRACT
EDUCERE (Ubiquitous Detection Ecosystem to Care and Early Stimulation for Children with Developmental Disorders) is a government funded research and development project. EDUCERE objectives are to investigate, develop, and evaluate innovative solutions for society to detect changes in psychomotor development through the natural interaction of children with toys and everyday objects, and perform stimulation and early attention activities in real environments such as home and school. In the EDUCERE project, an ethical impact assessment is carried out linked to a minors' data protection rights. Using a specific methodology, the project has achieved some promising results. These include use of a prototype of smart toys to detect development difficulties in children. In addition, privacy protection measures which take into account the security concerns of health data, have been proposed and applied. This latter security framework could be useful in other Internet of Things related projects. It consists of legal and technical measures. Special attention has been placed in the transformation of bulk data such as acceleration and jitter of toys into health data when patterns of atypical development are found. The article describes the different security profiles in which users are classified.
Subject(s)
Computer Security , Confidentiality , Data Collection/ethics , Decision Support Systems, Clinical/ethics , Internet , Play and Playthings , Privacy , Big Data , Child , Child Development , Computers , Data Collection/methods , Developmental Disabilities/diagnosis , Developmental Disabilities/therapy , Electronic Data Processing/ethics , Electronic Data Processing/methods , Electronic Health Records , Humans , Motor Skills , TelemedicineABSTRACT
La expresión Big Data hace referencia al tratamiento de grandes volúmenes de datos mediante algoritmos matemáticos con el fin de establecer correlaciones entre ellos, predecir tendencias y tomar decisiones. Los usuarios de herramientas digitales ceden sus datos para fines concretos, por ejemplo: en las redes sociales a cambio de comunicación, en los comercios para obtener promociones y ofertas, o en las aplicaciones de salud para conseguir una relación médico-paciente más directa. El usuario desconoce los usos posteriores: empresas externas compran o alquilan los datos cedidos para finalidades que no han sido autorizadas. Derechos del usuario como privacidad, confidencialidad y autonomía quedan vulnerados. Los datos manejados de forma responsable son una herramienta útil para facilitar actos cotidianos, pero, empleados equivocadamente pueden convertirse en una fuente de discriminación y coacción de la autonomía
The term Big Data refers to the treatment of large volumes of data using mathematical algorithms in order to establish correlations between them, predict trends and to make decisions. Information and data are transferred by the users of digital tools for specific purposes, e.g.: exchange for communication in social networks, to benefit from promotions and deals in stores, or for a more direct physician-patient relationship while using Health Apps. The user does not know potential subsequent uses of these data: external companies may buy or rent these data for purposes that have not been authorized. User rights such as privacy, confidentiality and autonomy are infringed. Handled responsibly, these data are a useful tool to facilitate day-to-day acts, but mistakenly employed, can become a source of discrimination and coercion of autonomy
Subject(s)
Humans , Privacy/legislation & jurisprudence , Confidentiality/ethics , Confidentiality/legislation & jurisprudence , Professional Autonomy , Bioethics/trends , Electronic Data Processing/ethicsABSTRACT
The implementation of traceability in the food supply chain has reinforced adoption of technologies with the ability to track forward and trace back product-related information. Based on the premise that these technologies can be used as a means to provide product-related information to consumers, this paper explores the perceived benefits and drawbacks of such technologies. The aim is to identify factors that influence consumers' perceptions of such technologies, and furthermore to advise the agri-food business on issues that they should consider prior to the implementation of such technologies in their production lines. For the purposes of the study, a focus group study was conducted across 12 European countries, while a set of four different technologies used as a means to provide traceability information to consumers was the focal point of the discussions in each focus group. Results show that the amount of and confidence in the information provided, perceived levels of convenience, impact on product quality and safety, impact on consumers' health and the environment, and potential consequences on ethical and privacy liberties constitute important factors influencing consumers' perceptions of technologies that provide traceability.
Subject(s)
Consumer Behavior , Electronic Data Processing , Food Technology/methods , Information Management/methods , Adolescent , Adult , Animals , Electronic Data Processing/ethics , Europe , Female , Fishes , Focus Groups , Food Labeling , Food Supply/instrumentation , Food Technology/ethics , Fruit , Humans , Information Management/ethics , Male , Middle Aged , Perception , Privacy , Product Recalls and Withdrawals , Radio Frequency Identification Device/ethics , SafetyABSTRACT
With regard to the use of bio materials, there is a great need for clarification of the legal ramifications. And since procuring and storing bio materials is becoming an increasingly important point for answering molecular-genetic questions within medical research, finding an answer soon for the related legal and organisational questions is extremely important. This article examines the modern uses of bio materials, suitable types of legal entity for biobanks as well as questions related to ownership of samples.