We summarise a recent article, published in JAMIA, that has provided a set of guidelines with ten key principles to guide the responsible and appropriate use and sharing of clinical data.
Data sharing vs privacy demands
The transition from paper to digital medical records has broadened the utility of clinical data. The increasing value of this data has led to a demand for healthcare institutions to share data for purposes beyond clinical care. This includes quality improvement and biomedical research and development. The COVID-19 pandemic has been a catalyst to increase data sharing. However, there are concerns about topics such as data ownership, loss of privacy and the protection of intellectual property (IP). As a result, healthcare institutions are struggling with competing data sharing and privacy demands.
Through discussions with multiple stakeholders at various institutions, researchers generated a set of guidelines with ten key principles to guide the responsible and appropriate use and sharing of clinical data for the purpose of care and discovery (including potential commercialisation).
These guidelines are primarily targeted to academic medical institutions. They embrace existing regulations and honour the principles of patient privacy and ethical research. The goals underpinning these guidelines are to promote sharing, to enable discovery without compromising trust and autonomy, to foster innovation and to also preserve opportunities for investigators to participate in such research.
- Data sharing with external parties must be consistent with the organisations core missions of patient care, education and research for the purpose of generalisable knowledge and the advancement of health.
- Financial compensation should be based on the value of the contribution (e.g., academic research, expertise or invention) provided by the mission-driven organisation. Data alone and financial gain should not be primary drivers.
- Sharing will be limited to the minimum data elements needed for the project.
- Data sharing agreements should be nonexclusive and have defined time limits. Additionally, permission for data use should be revocable at any time.
- Sharing agreements confer stewardship. Data ownership cannot be transferred and, as such, recipients cannot redistribute or sell the data.
- Recipients of data should not attempt to reidentify deidentified data.
- Data cannot be associated with other datasets without explicit permission.
- The key purpose of data sharing activities and engagements should be transparent to all stakeholders, including patients and study participants.
- Conflicts of interest must be transparent with appropriate governance of both employee and organisation-level conflicts.
- All decisions about data sharing should be overseen by appropriate representative stakeholders. This is much like an institutional review board overseeing human subject’s research.
These principles are not exhaustive. While the authors note that they are a work in progress, they believe that they provide a foundation upon which to build.
Image credit: By rawpixel.com – www.freepik.com