Suchergebnisse

Multisite medical data sharing is critical in modern clinical practice and medical research. The challenge is to conduct data sharing that preserves individual privacy and data utility. The shortcomings of traditional privacy-enhancing technologies mean that institutions rely upon bespoke data sharing contracts. The lengthy process and administration induced by these contracts increases the inefficiency of data sharing and may disincentivize important clinical treatment and medical research. This paper provides a synthesis between 2 novel advanced privacy-enhancing technologies—homomorphic encryption and secure multiparty computation (defined together as multiparty homomorphic encryption). These privacy-enhancing technologies provide a mathematical guarantee of privacy, with multiparty homomorphic encryption providing a performance advantage over separately using homomorphic encryption or secure multiparty computation. We argue multiparty homomorphic encryption fulfills legal requirements for medical data sharing under the European Union's General Data Protection Regulation which has set a global benchmark for data protection. Specifically, the data processed and shared using multiparty homomorphic encryption can be considered anonymized data. We explain how multiparty homomorphic encryption can reduce the reliance upon customized contractual measures between institutions. The proposed approach can accelerate the pace of medical research while offering additional incentives for health care and research institutes to employ common data interoperability standards. ; ISSN:1438-8871

Our paper compares legislation on data protection and research ethics requirements for health-related data and particularly personalised medicine across seven jurisdictions. Personalised medicine can improve both public and individual health by providing targeted preventative and therapeutic healthcare. For these benefits to be realised, doctors, healthcare providers, and researchers must be encouraged to share patient health data between institutions. Data sharing is an integral part of multisite research, and may require transfer across jurisdictional boundaries. However, whilst data protection, privacy, and research ethics laws protect patient confidentiality, safety, and security, they also may act as impediments to multisite research. This effect is exacerbated when transferring data across jurisdictions due to the divergences in data protection and research ethics laws. Accordingly, we adopt a comparative approach using the concept of data accessibility when examining data protection and research ethics laws in seven jurisdictions. These jurisdictions include Switzerland, Italy, Spain, the United Kingdom (which have implemented the General Data Protection Regulation), the United States, Canada, and Australia. Our paper then identifies the most significant regulatory barriers to the sharing of health-related data for multisite research. According to our research, we identify these barriers as the requirements for consent, the standards for anonymisation or pseudonymisation, and adequacy of protection between jurisdictions. We also identify differences between the European Union and other jurisdictions as a significant barrier for data accessibility in cross jurisdictional multisite research. Our paper then concludes by considering how contractual and organisational solutions can be used to overcome these legislative differences. These solutions include data transfer agreements and organisational collaborations designed to 'front load' the process of ethics approval, so that subsequent research protocols are standardised. We also allude to the potential of technical solutions, such as distributed computing, secure multiparty computation and homomorphic encryption.