Insights from Adopting a Data Commons Approach for Large-scale Observational Cohort Studies: The California Teachers Study.

BACKGROUND: Large-scale cancer epidemiology cohorts (CEC) have successfully collected, analyzed, and shared patient-reported data for years. CECs increasingly need to make their data more findable, accessible, interoperable, and reusable, or FAIR. How CECs should approach this transformation is unclear. METHODS: The California Teachers Study (CTS) is an observational CEC of 133,477 participants followed since 1995-1996. In 2014, we began updating our data storage, management, analysis, and sharing strategy. With the San Diego Supercomputer Center, we deployed a new infrastructure based on a data warehouse to integrate and manage data and a secure and shared workspace with documentation, software, and analytic tools that facilitate collaboration and accelerate analyses. RESULTS: Our new CTS infrastructure includes a data warehouse and data marts, which are focused subsets from the data warehouse designed for efficiency. The secure CTS workspace utilizes a remote desktop service that operates within a Health Insurance Portability and Accountability Act (HIPAA)- and Federal Information Security Management Act (FISMA)-compliant platform. Our infrastructure offers broad access to CTS data, includes statistical analysis and data visualization software and tools, flexibly manages other key data activities (e.g., cleaning, updates, and data sharing), and will continue to evolve to advance FAIR principles. CONCLUSIONS: Our scalable infrastructure provides the security, authorization, data model, metadata, and analytic tools needed to manage, share, and analyze CTS data in ways that are consistent with the NCI's Cancer Research Data Commons Framework. IMPACT: The CTS's implementation of new infrastructure in an ongoing CEC demonstrates how population sciences can explore and embrace new cloud-based and analytics infrastructure to accelerate cancer research and translation.See all articles in this CEBP Focus section, "Modernizing Population Science."

Legal framework for health cloud: A systematic review.

BACKGROUND: The complicated nature of cloud computing encompassing internet-based technologies and service models for delivering IT applications, processing capability, storage, and memory space brings along challenging problems. Some issues such as information security, privacy, and legal aspects of cloud computing may become challenging while cross passing with another complex domain like healthcare. OBJECTIVES: The present study was conducted to report the results of a systematic literature review on the legal aspects of health cloud. METHOD: The original English papers published in Pub Med, Scopus, Web of Science, and IEEE Digital Library databases were extracted, among which1582 were related to the legal aspects of health cloud environment and were selected using predefined search strings. CONCLUSION: Through the review process, effective factors in relation to a health cloud legal framework were identified and accordingly, a proper design was developed for this domain. Next, the identified factors were confirmed and adjusted by mapping the contents of the selected papers to different categories and subcategories under the proposed framework. Five Main categories like the issues related to the compliance, data protection, Identity Credential Access Management (ICAM), ownership, and quality of service were selected as the basic pillars in the proposed framework. Finally, 22 papers were selected, among which 19 were mapped to the compliance issues, 18 the issues related to "Data protection" were addressed, and 14 "Identity Credential Access Management (ICAM)" was discussed. Fifteen Papers were mapped to "Data ownership" and "Quality of service" categories. Some papers were found to present some solutions in all the mentioned areas; however, most of them have addressed only a few issues.

Riesgos y vulnerabilidades de la denegación de servicio distribuidos en internet de las cosas / Risks and vulnerabilities of the denial of service distributed on the internet of things / Riscos i vulnerabilitats de la denegació de servei distribuïts en internet de les coses

La dependencia de la sociedad a la tecnología es cada vez mayor, donde el monitoreo de las ciudades se ha vuelto común. En este sentido, se expone en el presente artículo el riesgo a nivel de seguridad de la información sobre Internet de las Cosas, debido a potenciales ataques de denegación de servicio distribuida. Bajo este mismo esquema, se presentan otros tipos de vulnerabilidades relacionados, tales como: el criptohackeo, blockchain, amenazas persistentes avanzadas, ransonware e inteligencia artificial, exponiendo de manera general el riesgo potencial frente a la ciberseguridad en cuanto al uso y manipulación de la información

The dependence of society on technology is growing, where the monitoring of cities has become common, either through camera systems arranged everywhere, to devices and sensors that record a number of variables that literally measure the pulse from the same. In this sense, this article exposes the risk at the level of security of information on the Internet of Things (IoT), whose level of application grows day by day and with it, vulnerabilities in terms of connectivity and navigability, due to potential distributed denial of service (DoS) attacks. Under this same scheme, other types of vulnerabilities directly and indirectly related to IoT and DoS are presented, such as cryptohack, blockchain, advanced persistent threats (APT), ransomware and artificial intelligence, generally explaining the potential risk in the face of cybersecurity regarding the use and manipulation of information

La dependència de la societat a la tecnologia és cada vegada major. A les ciutats el monitoratge s'ha tornat comú, sigui a través de sistemes de càmeres disposats per onsevulla, o a través de dispositius i sensors que registren un sens fi de variables que literalment mesuren el pols d'aquestes. En aquest article s'exposa el risc a nivell de la seguretat de la informació sobre Internet de les Coses (IoT), el nivell de les quals d'aplicació creix dia a dia i amb això, les vulnerabilitats quant a connectivitat i navegabilitat, a causa de potencials atacs de denegació de servei distribuïda (DOS). Sota aquest mateix esquema, es presenten altres tipus de vulnerabilitats relacionades directa i indirectament amb el IoT i el DDoS, tals com el criptohackeo, el blockchain, les amenaces persistents avançades (APT), el ransomware i la intel·ligència artificial, exposant de manera general el risc potencial enfront de la ciberseguretat quant a l'ús i manipulació de la información

Observational health research in Europe: understanding the General Data Protection Regulation and underlying debate.

Insights into the incidence and survival of cancer, the influence of lifestyle and environmental factors and the interaction of treatment regimens with outcomes are hugely dependent on observational research, patient data derived from the healthcare system and from volunteers participating in cohort studies, often non-selective. Since 25th May 2018, the European General Data Protection Regulation (GDPR) applies to such data. The GDPR focusses on more individual control for data subjects of 'their' data. Yet, the GDPR was preceded by a long debate. The research community participated actively in that debate, and as a result, the GDPR has research exemptions as well. Some of those apply directly; other exemptions need to be implemented into national law. Those exemptions will be discussed together with a general outline of the GDPR. I propose a substantive definition of research-absent in the GDPR-which can warrant its special status in the GDPR. The debate is not over yet. Most legal texts exhibit ambiguity and are interpreted against a background of values. In this case, those could be subsumed under informational self-determination versus solidarity and the deeper meaning of autonomy. Values will also guide national implementation and their interpretation. The value of individual control or informational self-determination should be balanced by nuanced visions about our mutual dependency in healthcare, as an ever-learning system, especially in the European solidarity-based healthcare systems. Good research governance might be a way forward to escape the consent or anonymise dichotomy.

Government Cloud Computing Policies: Potential Opportunities for Advancing Military Biomedical Research.

Introduction: This position paper summarizes the development and the present status of Department of Defense (DoD) and other government policies and guidances regarding cloud computing services. Due to the heterogeneous and growing biomedical big datasets, cloud computing services offer an opportunity to mitigate the associated storage and analysis requirements. Having on-demand network access to a shared pool of flexible computing resources creates a consolidated system that should reduce potential duplications of effort in military biomedical research. Methods: Interactive, online literature searches were performed with Google, at the Defense Technical Information Center, and at two National Institutes of Health research portfolio information sites. References cited within some of the collected documents also served as literature resources. Results: We gathered, selected, and reviewed DoD and other government cloud computing policies and guidances published from 2009 to 2017. These policies were intended to consolidate computer resources within the government and reduce costs by decreasing the number of federal data centers and by migrating electronic data to cloud systems. Initial White House Office of Management and Budget information technology guidelines were developed for cloud usage, followed by policies and other documents from the DoD, the Defense Health Agency, and the Armed Services. Security standards from the National Institute of Standards and Technology, the Government Services Administration, the DoD, and the Army were also developed. Government Services Administration and DoD Inspectors General monitored cloud usage by the DoD. A 2016 Government Accountability Office report characterized cloud computing as being economical, flexible and fast. A congressionally mandated independent study reported that the DoD was active in offering a wide selection of commercial cloud services in addition to its milCloud system. Our findings from the Department of Health and Human Services indicated that the security infrastructure in cloud services may be more compliant with the Health Insurance Portability and Accountability Act of 1996 regulations than traditional methods. To gauge the DoD's adoption of cloud technologies proposed metrics included cost factors, ease of use, automation, availability, accessibility, security, and policy compliance. Conclusions: Since 2009, plans and policies were developed for the use of cloud technology to help consolidate and reduce the number of data centers which were expected to reduce costs, improve environmental factors, enhance information technology security, and maintain mission support for service members. Cloud technologies were also expected to improve employee efficiency and productivity. Federal cloud computing policies within the last decade also offered increased opportunities to advance military healthcare. It was assumed that these opportunities would benefit consumers of healthcare and health science data by allowing more access to centralized cloud computer facilities to store, analyze, search and share relevant data, to enhance standardization, and to reduce potential duplications of effort. We recommend that cloud computing be considered by DoD biomedical researchers for increasing connectivity, presumably by facilitating communications and data sharing, among the various intra- and extramural laboratories. We also recommend that policies and other guidances be updated to include developing additional metrics that will help stakeholders evaluate the above mentioned assumptions and expectations.

Computing patient data in the cloud: practical and legal considerations for genetics and genomics research in Europe and internationally.

Biomedical research is becoming increasingly large-scale and international. Cloud computing enables the comprehensive integration of genomic and clinical data, and the global sharing and collaborative processing of these data within a flexibly scalable infrastructure. Clouds offer novel research opportunities in genomics, as they facilitate cohort studies to be carried out at unprecedented scale, and they enable computer processing with superior pace and throughput, allowing researchers to address questions that could not be addressed by studies using limited cohorts. A well-developed example of such research is the Pan-Cancer Analysis of Whole Genomes project, which involves the analysis of petabyte-scale genomic datasets from research centers in different locations or countries and different jurisdictions. Aside from the tremendous opportunities, there are also concerns regarding the utilization of clouds; these concerns pertain to perceived limitations in data security and protection, and the need for due consideration of the rights of patient donors and research participants. Furthermore, the increased outsourcing of information technology impedes the ability of researchers to act within the realm of existing local regulations owing to fundamental differences in the understanding of the right to data protection in various legal systems. In this Opinion article, we address the current opportunities and limitations of cloud computing and highlight the responsible use of federated and hybrid clouds that are set up between public and private partners as an adequate solution for genetics and genomics research in Europe, and under certain conditions between Europe and international partners. This approach could represent a sensible middle ground between fragmented individual solutions and a "one-size-fits-all" approach.

The Adoption of Cloud Computing in the Field of Genomics Research: The Influence of Ethical and Legal Issues.

This study aims to understand the influence of the ethical and legal issues on cloud computing adoption in the field of genomics research. To do so, we adapted Diffusion of Innovation (DoI) theory to enable understanding of how key stakeholders manage the various ethical and legal issues they encounter when adopting cloud computing. Twenty semi-structured interviews were conducted with genomics researchers, patient advocates and cloud service providers. Thematic analysis generated five major themes: 1) Getting comfortable with cloud computing; 2) Weighing the advantages and the risks of cloud computing; 3) Reconciling cloud computing with data privacy; 4) Maintaining trust and 5) Anticipating the cloud by creating the conditions for cloud adoption. Our analysis highlights the tendency among genomics researchers to gradually adopt cloud technology. Efforts made by cloud service providers to promote cloud computing adoption are confronted by researchers' perpetual cost and security concerns, along with a lack of familiarity with the technology. Further underlying those fears are researchers' legal responsibility with respect to the data that is stored on the cloud. Alternative consent mechanisms aimed at increasing patients' control over the use of their data also provide a means to circumvent various institutional and jurisdictional hurdles that restrict access by creating siloed databases. However, the risk of creating new, cloud-based silos may run counter to the goal in genomics research to increase data sharing on a global scale.

FDA's Activities Supporting Regulatory Application of "Next Gen" Sequencing Technologies.

Applications of next-generation sequencing (NGS) technologies require availability and access to an information technology (IT) infrastructure and bioinformatics tools for large amounts of data storage and analyses. The U.S. Food and Drug Administration (FDA) anticipates that the use of NGS data to support regulatory submissions will continue to increase as the scientific and clinical communities become more familiar with the technologies and identify more ways to apply these advanced methods to support development and evaluation of new biomedical products. FDA laboratories are conducting research on different NGS platforms and developing the IT infrastructure and bioinformatics tools needed to enable regulatory evaluation of the technologies and the data sponsors will submit. A High-performance Integrated Virtual Environment, or HIVE, has been launched, and development and refinement continues as a collaborative effort between the FDA and George Washington University to provide the tools to support these needs. The use of a highly parallelized environment facilitated by use of distributed cloud storage and computation has resulted in a platform that is both rapid and responsive to changing scientific needs. The FDA plans to further develop in-house capacity in this area, while also supporting engagement by the external community, by sponsoring an open, public workshop to discuss NGS technologies and data formats standardization, and to promote the adoption of interoperability protocols in September 2014. LAY ABSTRACT: Next-generation sequencing (NGS) technologies are enabling breakthroughs in how the biomedical community is developing and evaluating medical products. One example is the potential application of this method to the detection and identification of microbial contaminants in biologic products. In order for the U.S. Food and Drug Administration (FDA) to be able to evaluate the utility of this technology, we need to have the information technology infrastructure and bioinformatics tools to be able to store and analyze large amounts of data. To address this need, we have developed the High-performance Integrated Virtual Environment, or HIVE. HIVE uses a combination of distributed cloud storage and distributed cloud computations to provide a platform that is both rapid and responsive to support the growing and increasingly diverse scientific and regulatory needs of FDA scientists in their evaluation of NGS in research and ultimately for evaluation of NGS data in regulatory submissions.