Use Cases Requiring Privacy-Preserving Record Linkage in Paediatric Oncology.

Large datasets in paediatric oncology are inherently rare. Therefore, it is paramount to fully exploit all available data, which are distributed over several resources, including biomaterials, images, clinical trials, and registries. With privacy-preserving record linkage (PPRL), personalised or pseudonymised datasets can be merged, without disclosing the patients' identities. Although PPRL is implemented in various settings, use case descriptions are currently fragmented and incomplete. The present paper provides a comprehensive overview of current and future use cases for PPRL in paediatric oncology. We analysed the literature, projects, and trial protocols, identified use cases along a hypothetical patient journey, and discussed use cases with paediatric oncology experts. To structure PPRL use cases, we defined six key dimensions: distributed personalised records, pseudonymisation, distributed pseudonymised records, record linkage, linked data, and data analysis. Selected use cases were described (a) per dimension and (b) on a multi-dimensional level. While focusing on paediatric oncology, most aspects are also applicable to other (particularly rare) diseases. We conclude that PPRL is a key concept in paediatric oncology. Therefore, PPRL strategies should already be considered when starting research projects, to avoid distributed data silos, to maximise the knowledge derived from collected data, and, ultimately, to improve outcomes for children with cancer.

Ethical considerations for real-world evidence studies.

Real-world evidence (RWE) studies are conducted on patient's data primarily collected for monitoring of health status of patients. The use of real-world data to generate evidence in academic research or for regulatory submission raises a variety of ethical issues such as privacy, confidentiality, data protection, data de-identification, data sharing, scientific design of study, and informed consent requirements. The investigators-researchers and sponsors should adhere to current standards of ethics whilst planning and conduct of RWE studies. The ethics committees should consider ethical issues specific to RWE studies before approval.

Information in Healthcare - From Data to Knowledge: Improving Data Literacy Competencies.

Digitalization in healthcare and the increasing availability of data demand data literacy competences of nurses and other healthcare professionals including technical, ethical and communication skills. The international Spring School 2023 "Information in Healthcare - From Date to Knowledge" aimed at these competences covering interoperability, data protection and security, data analytics and ethical issues. These topics were embedded in the overall case of data-driven quality improvement for diabetes patients in a region. The curriculum includes an online preparation-phase and a five-days attendance week, incorporating problem-based and group work approaches. According to the studentt's evaluation, the awareness of the importance of the topics was raised and theoretical as well as practical application skills were improved. The Spring School enhanced data literacy competences, critical thinking, problem-solving, interprofessional und intercultural skills among healthcare professionals. Such course offering can contribute to meeting the increasing challenges of digitalization in healthcare.

[Chat messenger use in the care of patients with Parkinson's disease]. / Chat-Messenger-Nutzung in der Parkinson-Versorgung.

BACKGROUND: The demand for chat messaging apps for communication between physicians, therapists and patients is increasing. The expectations for this form of communication and uncertainties regarding introduction and use are heterogeneous. OBJECTIVE: The implementation of chat messengers in the care of patients with Parkinson's disease should be facilitated by recommendations regarding introduction and usage. METHODS: Semi-structured interviews with neurologists and physiotherapists were conducted to capture the expectations and needs regarding the use of chat messengers. From the data analysis, recommendations were derived. RESULTS: The expectations for technical functionality exceeded the chat messenger functions. This concerns, e.g., the connection of the chat messenger to the electronic patient file. There is a great deal of uncertainty, particularly when it comes to the applicable General Data Protection Regulations (GDPR). The recommendations relating to the use of chat messengers, data protection aspects, the design of such tools and methodological considerations can help to implement the tool as an additional communication channel. CONCLUSION: Practical recommendations regarding functionality, the use of chat messengers in everyday life and in relation to data protection are derived from the results. By improving knowledge, physicians and therapists can contribute to the successful establishment of chat messengers as an additional communication tool.

Ethical Considerations and Fundamental Principles of Large Language Models in Medical Education: Viewpoint.

This viewpoint article first explores the ethical challenges associated with the future application of large language models (LLMs) in the context of medical education. These challenges include not only ethical concerns related to the development of LLMs, such as artificial intelligence (AI) hallucinations, information bias, privacy and data risks, and deficiencies in terms of transparency and interpretability but also issues concerning the application of LLMs, including deficiencies in emotional intelligence, educational inequities, problems with academic integrity, and questions of responsibility and copyright ownership. This paper then analyzes existing AI-related legal and ethical frameworks and highlights their limitations with regard to the application of LLMs in the context of medical education. To ensure that LLMs are integrated in a responsible and safe manner, the authors recommend the development of a unified ethical framework that is specifically tailored for LLMs in this field. This framework should be based on 8 fundamental principles: quality control and supervision mechanisms; privacy and data protection; transparency and interpretability; fairness and equal treatment; academic integrity and moral norms; accountability and traceability; protection and respect for intellectual property; and the promotion of educational research and innovation. The authors further discuss specific measures that can be taken to implement these principles, thereby laying a solid foundation for the development of a comprehensive and actionable ethical framework. Such a unified ethical framework based on these 8 fundamental principles can provide clear guidance and support for the application of LLMs in the context of medical education. This approach can help establish a balance between technological advancement and ethical safeguards, thereby ensuring that medical education can progress without compromising the principles of fairness, justice, or patient safety and establishing a more equitable, safer, and more efficient environment for medical education.

[Artificial intelligence (AI) in diagnostic and therapeutic decision-making-a tool or communication partner?] / Künstliche Intelligenz (KI) bei Diagnostik- und Therapieentscheidungen ­ Einsatz als Werkzeug oder als Kommunikationspartner?

Artificial intelligence (AI) is a tool that is only as good as its user. In the case of humanoid robots, an AI system can be seen as a social counterpart. Decision intelligence (DI) is a term that stems from engineering. DI as a science is used to process data with findings from the social sciences and decision theories. The aim is to improve decision-making processes. However, AI should be categorized as a tool and not as a communication partner. AI analyzes information from studies, guidelines, and textbooks from the outset-taking individual patient information into account. Physicians with a high level of clinical expertise can ask more specific questions about the latter. ChatGPT is trained with millions of texts from the internet, social media, online forums, journal articles, and books; it covers almost all areas of life.

DNA encoding schemes herald a new age in cybersecurity for safeguarding digital assets.

With the urge to secure and protect digital assets, there is a need to emphasize the immediacy of taking measures to ensure robust security due to the enhancement of cyber security. Different advanced methods, like encryption schemes, are vulnerable to putting constraints on attacks. To encode the digital data and utilize the unique properties of DNA, like stability and durability, synthetic DNA sequences are offered as a promising alternative by DNA encoding schemes. This study enlightens the exploration of DNA's potential for encoding in evolving cyber security. Based on the systematic literature review, this paper provides a discussion on the challenges, pros, and directions for future work. We analyzed the current trends and new innovations in methodology, security attacks, the implementation of tools, and different metrics to measure. Various tools, such as Mathematica, MATLAB, NIST test suite, and Coludsim, were employed to evaluate the performance of the proposed method and obtain results. By identifying the strengths and limitations of proposed methods, the study highlights research challenges and offers future scope for investigation.

Cross-border data sharing for research in Africa: An analysis of the data protection and research ethics requirements in 12 jurisdictions.

Background: In recent years, there has been a notable uptake in genomic and health-related research activities across the African continent. Similarly, there has been increased introduction of data protection legislation that affects the sharing of personal data such as health data and genomic data, including for research. Many of these statutes have stricter requirements when sharing personal data across borders. Consequently, the cross-border sharing of health data that includes genetic data requires careful navigation of the pertinent data protection legislation, in particular concerning the sharing of such data for research purposes. To help researchers navigate these legal frameworks, 12 African countries were analysed to develop country guides on cross-border data sharing. Results: Of the 12 countries that were analysed, ten have data protection laws in place (Botswana, Ghana, Kenya, Malawi, Nigeria, Rwanda, South Africa, Tanzania, Uganda, and Zimbabwe), while two countries (Cameroon and The Gambia) do not. With the exception of Ghana, all countries with data protection statutes or bills had additional requirements to be met when sharing personal data across borders. Consent and adequacy are the most common grounds for justifying the sharing of personal data across borders. Conclusion: Given the limitations of the current models of consent, consent is not a suitable basis to transfer large quantities of data for research. Adequacy is a common ground, but there are national differences in the implementation of this ground. Researchers must therefore analyse each national legal framework and make decisions on a case-by-case and country-by-country basis.

FAIR compliant database development for human microbiome data samples.

Introduction: Sharing microbiome data among researchers fosters new innovations and reduces cost for research. Practically, this means that the (meta)data will have to be standardized, transparent and readily available for researchers. The microbiome data and associated metadata will then be described with regards to composition and origin, in order to maximize the possibilities for application in various contexts of research. Here, we propose a set of tools and protocols to develop a real-time FAIR (Findable. Accessible, Interoperable and Reusable) compliant database for the handling and storage of human microbiome and host-associated data. Methods: The conflicts arising from privacy laws with respect to metadata, possible human genome sequences in the metagenome shotgun data and FAIR implementations are discussed. Alternate pathways for achieving compliance in such conflicts are analyzed. Sample traceable and sensitive microbiome data, such as DNA sequences or geolocalized metadata are identified, and the role of the GDPR (General Data Protection Regulation) data regulations are considered. For the construction of the database, procedures have been realized to make data FAIR compliant, while preserving privacy of the participants providing the data. Results and discussion: An open-source development platform, Supabase, was used to implement the microbiome database. Researchers can deploy this real-time database to access, upload, download and interact with human microbiome data in a FAIR complaint manner. In addition, a large language model (LLM) powered by ChatGPT is developed and deployed to enable knowledge dissemination and non-expert usage of the database.

OHDSI-compliance: a set of document templates facilitating the implementation and operation of a software stack for real-world evidence generation.

Introduction: The open-source software offered by the Observational Health Data Science and Informatics (OHDSI) collective, including the OMOP-CDM, serves as a major backbone for many real-world evidence networks and distributed health data analytics platforms. While container technology has significantly simplified deployments from a technical perspective, regulatory compliance can remain a major hurdle for the setup and operation of such platforms. In this paper, we present OHDSI-Compliance, a comprehensive set of document templates designed to streamline the data protection and information security-related documentation and coordination efforts required to establish OHDSI installations. Methods: To decide on a set of relevant document templates, we first analyzed the legal requirements and associated guidelines with a focus on the General Data Protection Regulation (GDPR). Moreover, we analyzed the software architecture of a typical OHDSI stack and related its components to the different general types of concepts and documentation identified. Then, we created those documents for a prototypical OHDSI installation, based on the so-called Broadsea package, following relevant guidelines from Germany. Finally, we generalized the documents by introducing placeholders and options at places where individual institution-specific content will be needed. Results: We present four documents: (1) a record of processing activities, (2) an information security concept, (3) an authorization concept, as well as (4) an operational concept covering the technical details of maintaining the stack. The documents are publicly available under a permissive license. Discussion: To the best of our knowledge, there are no other publicly available sets of documents designed to simplify the compliance process for OHDSI deployments. While our documents provide a comprehensive starting point, local specifics need to be added, and, due to the heterogeneity of legal requirements in different countries, further adoptions might be necessary.

Unpacking Sociotechnical Discourses on Telehealth Use and Data Protection: A Path Towards Digital Health Value Creation.

BACKGROUND: Telehealth uptake will remain sub-optimal without consumer trust. Safeguarding the security and privacy of health information plays an important role in building trust and acceptance of telehealth. OBJECTIVES: This study seeks to unpack the sociotechnical discourses on the use of telehealth with a focus on privacy and security in the context of United States health services. METHODS: A search of the media outlets facilitated via the Factiva database was conducted. Using a qualitative method, thematic analysis was performed on the news texts to identify the key themes and provide contextual explanations. RESULTS: The analysis led to the identification of three key themes: 'data protection practice', 'clinical resilience', and 'digital health business value' perspectives. These themes focus on various concepts of telehealth use including data privacy, security, public health emergency, compliance activities in the use of telehealth, meeting stakeholders' needs, reducing costs of service delivery, the potential of telehealth for informed action, and improving users' experience. Among these themes, 'data protection practice' was directly associated with privacy compliance and telehealth use. Other thematic discourses have provided an indirect reflection on the role of privacy compliance, with a greater emphasis placed on health service delivery and market dynamics rather than compliance in practice. CONCLUSION: Our study revealed the importance of the COVID-19 pandemic in telehealth use, highlighting the move towards 'good faith' and responsible use of telehealth.

[Nationally standardized broad consent in practice: initial experiences, current developments, and critical assessment]. / National standardisierter Broad Consent in der Praxis: erste Erfahrungen, aktuelle Entwicklungen und kritische Betrachtungen.

BACKGROUND: The digitalization in the healthcare sector promises a secondary use of patient data in the sense of a learning healthcare system. For this, the Medical Informatics Initiative's (MII) Consent Working Group has created an ethical and legal basis with standardized consent documents. This paper describes the systematically monitored introduction of these documents at the MII sites. METHODS: The monitoring of the introduction included regular online surveys, an in-depth analysis of the introduction processes at selected sites, and an assessment of the documents in use. In addition, inquiries and feedback from a large number of stakeholders were evaluated. RESULTS: The online surveys showed that 27 of the 32 sites have gradually introduced the consent documents productively, with a current total of 173,289 consents. The analysis of the implementation procedures revealed heterogeneous organizational conditions at the sites. The requirements of various stakeholders were met by developing and providing supplementary versions of the consent documents and additional information materials. DISCUSSION: The introduction of the MII consent documents at the university hospitals creates a uniform legal basis for the secondary use of patient data. However, the comprehensive implementation within the sites remains challenging. Therefore, minimum requirements for patient information and supplementary recommendations for best practice must be developed. The further development of the national legal framework for research will not render the participation and transparency mechanisms developed here obsolete.

A Scalable Pseudonymization Tool for Rapid Deployment in Large Biomedical Research Networks: Development and Evaluation Study.

Background: The SARS-CoV-2 pandemic has demonstrated once again that rapid collaborative research is essential for the future of biomedicine. Large research networks are needed to collect, share, and reuse data and biosamples to generate collaborative evidence. However, setting up such networks is often complex and time-consuming, as common tools and policies are needed to ensure interoperability and the required flows of data and samples, especially for handling personal data and the associated data protection issues. In biomedical research, pseudonymization detaches directly identifying details from biomedical data and biosamples and connects them using secure identifiers, the so-called pseudonyms. This protects privacy by design but allows the necessary linkage and reidentification. Objective: Although pseudonymization is used in almost every biomedical study, there are currently no pseudonymization tools that can be rapidly deployed across many institutions. Moreover, using centralized services is often not possible, for example, when data are reused and consent for this type of data processing is lacking. We present the ORCHESTRA Pseudonymization Tool (OPT), developed under the umbrella of the ORCHESTRA consortium, which faced exactly these challenges when it came to rapidly establishing a large-scale research network in the context of the rapid pandemic response in Europe. Methods: To overcome challenges caused by the heterogeneity of IT infrastructures across institutions, the OPT was developed based on programmable runtime environments available at practically every institution: office suites. The software is highly configurable and provides many features, from subject and biosample registration to record linkage and the printing of machine-readable codes for labeling biosample tubes. Special care has been taken to ensure that the algorithms implemented are efficient so that the OPT can be used to pseudonymize large data sets, which we demonstrate through a comprehensive evaluation. Results: The OPT is available for Microsoft Office and LibreOffice, so it can be deployed on Windows, Linux, and MacOS. It provides multiuser support and is configurable to meet the needs of different types of research projects. Within the ORCHESTRA research network, the OPT has been successfully deployed at 13 institutions in 11 countries in Europe and beyond. As of June 2023, the software manages data about more than 30,000 subjects and 15,000 biosamples. Over 10,000 labels have been printed. The results of our experimental evaluation show that the OPT offers practical response times for all major functionalities, pseudonymizing 100,000 subjects in 10 seconds using Microsoft Excel and in 54 seconds using LibreOffice. Conclusions: Innovative solutions are needed to make the process of establishing large research networks more efficient. The OPT, which leverages the runtime environment of common office suites, can be used to rapidly deploy pseudonymization and biosample management capabilities across research networks. The tool is highly configurable and available as open-source software.

Towards a GDPR-compliant cloud architecture with data privacy controlled through sticky policies.

Data privacy is one of the biggest challenges facing system architects at the system design stage. Especially when certain laws, such as the General Data Protection Regulation (GDPR), have to be complied with by cloud environments. In this article, we want to help cloud providers comply with the GDPR by proposing a GDPR-compliant cloud architecture. To do this, we use model-driven engineering techniques to design cloud architecture and analyze cloud interactions. In particular, we develop a complete framework, called MDCT, which includes a Unified Modeling Language profile that allows us to define specific cloud scenarios and profile validation to ensure that certain required properties are met. The validation process is implemented through the Object Constraint Language (OCL) rules, which allow us to describe the constraints in these models. To comply with many GDPR articles, the proposed cloud architecture considers data privacy and data tracking, enabling safe and secure data management and tracking in the context of the cloud. For this purpose, sticky policies associated with the data are incorporated to define permission for third parties to access the data and track instances of data access. As a result, a cloud architecture designed with MDCT contains a set of OCL rules to validate it as a GDPR-compliant cloud architecture. Our tool models key GDPR points such as user consent/withdrawal, the purpose of access, and data transparency and auditing, and considers data privacy and data tracking with the help of sticky policies.

Patients' experiences and perspectives regarding the use of digital technology to support exercise-based cardiac rehabilitation: a qualitative interview study.

Introduction: Despite the well-known benefits of exercise-based cardiac rehabilitation for the secondary prevention of cardiovascular disease, participation in cardiac rehabilitation programmes and adherence to secondary prevention recommendations remain limited. Digital technologies have the potential to address low participation and adherence but attempts at implementing digital health interventions in real-life clinical practice frequently encounter various barriers. Studies about patients' experiences and perspectives regarding the use of digital technology can assist developers, researchers and clinicians in addressing or pre-empting patient-related barriers. This study was therefore conducted to investigate the experiences and perspectives of cardiac rehabilitation patients in Austria with regard to using digital technology for physical activity and exercise. Methods: Twenty-five current and former cardiac rehabilitation patients (18 men and 7 women, age range 39 to 83) with various cardiac conditions were recruited from a clinical site in Salzburg, Austria. Semi-structured qualitative interviews were audio-recorded and transcribed verbatim. The analysis followed a descriptive phenomenological approach, applying the framework analysis method. Results: The sample was diverse, including interviewees who readily used digital devices to support their physical activity, exercise and health monitoring, and interviewees who did not. Simplicity, convenience and accessibility were highlighted as important facilitators for the use of digital technology, while annoyance with digital devices, concerns about becoming dependent on them, or simply a preference to not use digital technology were commonly stated reasons for non-use. Interviewees' views on data protection, data sharing and artificial intelligence revealed wide variations in individuals' prior knowledge and experience about these topics, and a need for greater accessibility and transparency of data protection regulation and data sharing arrangements. Discussion: These findings support the importance that is attributed to user-centred design methodologies in the conceptualisation and design of digital health interventions, and the imperative to develop solutions that are simple, accessible and that can be personalised according to the preferences and capabilities of the individual patient. Regarding data protection, data sharing and artificial intelligence, the findings indicate opportunity for information and education, as well as the need to offer patients transparency and accountability in order to build trust in digital technology and digital health interventions.

Balancing Protection and Quality in Big Data Analytics Pipelines.

Existing data engine implementations do not properly manage the conflict between the need of protecting and sharing data, which is hampering the spread of big data applications and limiting their impact. These two requirements have often been studied and defined independently, leading to a conceptual and technological misalignment. This article presents the architecture and technical implementation of a data engine addressing this conflict by integrating a new governance solution based on access control within a big data analytics pipeline. Our data engine enriches traditional components for data governance with an access control system that enforces access to data in a big data environment based on data transformations. Data are then used along the pipeline only after sanitization, protecting sensitive attributes before their usage, in an effort to facilitate the balance between protection and quality. The solution was tested in a real-world smart city scenario using the data of the Oslo city transportation system. Specifically, we compared the different predictive models trained with the data views obtained by applying the secure transformations required by different user roles to the same data set. The results show that the predictive models, built on data manipulated according to access control policies, are still effective.

[Open educational resources for otorhinolaryngology : A pilot study on needs assessment and implementation]. / Open Educational Resources für die HNO-Heilkunde : Ein Pilotprojekt zur Bedarfsanalyse und Implementierung.

BACKGROUND: Open educational resources (OER) are educational materials licensed openly by authors, permitting usage, redistribution, and in some instances, modification. OER platforms thereby serve as a medium for distributing and advancing teaching materials and innovative educational methodologies. OBJECTIVE: This study aims to determine the present state of OER in otorhinolaryngology and to examine the prerequisites for seamlessly integrating OER into the curricular teaching of medical schools, specifically through the design of two OER blended learning modules. METHODS: OER content in the field of otorhinolaryngology was analyzed on OER platforms, ensuring its relevance to the German medical curriculum. Data protection concerns were addressed with legal counsel. The blended learning modules were developed in collaboration with medical students and subsequently published as OER. RESULTS AND CONCLUSION: This project yielded the first OER from a German ENT department, tailored to the German medical curriculum. One significant barrier to OER use in medicine, more than in other fields, is data protection. This challenge can be navigated by obtaining consent to publish patient data as OER. OER hold the promise to play a pivotal role in fostering cooperation and collaboration among educators, aiding educators in lesson preparation, and simultaneously enhancing didactic quality.

Population Neuroscience: Strategies to Promote Data Sharing While Protecting Privacy.

Population neuroscience aims to advance our understanding of how genetic and environmental factors influence brain development and brain health over the life span, by integrating genomics, epidemiology, and neuroscience at population scale. This big data approach depends on data sharing strategies at both the micro- and macro-level, as well as attention to effective data management and protection of participant privacy. At the micro-level, researchers participate in international consortia that support collaboration, standards, and data sharing. They also seek to link together cohort studies, administrative health databases, and measures of the physical, built, and social environment in creative ways. Large-scale, longitudinal, and multi-modal cohorts are being designed to support explorations of genetic and environmental impacts on the brain. At a macro-level, funding agency policies now require data across health research domains to be managed according to the FAIR (findable, accessible, interoperable, and re-useable) Data principles and made available to the research community in a timely manner to support reproducibility and re-use. Data repositories provide technical infrastructure for storing, accessing, and increasingly also analyzing rich population-level data. Federated and cloud-based approaches are being leveraged to improve the security, remote accessibility, and performance of repositories. Finally, legal frameworks are being developed to facilitate secure health data access, integration, and analysis, providing new opportunities for the field.

Purpose definition as a crucial step for determining the legal basis under the GDPR: implications for scientific research.

The General Data Protection Regulation (GDPR) of the European Union, which became applicable in 2018, contains a new accountability principle. Under this principle, controllers (ie parties determining the purposes and the means of the processing of personal data) are responsible for ensuring and demonstrating the overall compliance with the GDPR. However, interpretive uncertainties of the GDPR mean that controllers must exercise considerable judgement in designing and implementing an appropriate compliance strategy, making GDPR compliance both complex and resource-intensive. In this article, we provide conceptual clarity around GDPR compliance with respect to one core aspect of the law: the determination and relevance of the purpose of personal data processing. We derive from the GDPR's text concrete requirements for purpose specification, which we subsequently apply to the area of secondary use of personal data for scientific research. We offer guidance for correctly specifying purposes of data processing under different research scenarios. To illustrate the practical necessity of purpose specification for GDPR compliance, we then show how our proposed approach can enable controllers to meet their compliance obligations, using the example of the overarching GDPR principle of lawfulness to highlight the relevance of purpose specification for the identification of a suitable legal basis.