Presentation is loading. Please wait.

Presentation is loading. Please wait.

Linked2Safety Project (FP7-ICT-2011-7 – 5.3) A NEXT-GENERATION, SECURE LINKED DATA MEDICAL INFORMATION SPACE FOR SEMANTICALLY-INTERCONNECTING ELECTRONIC.

Published byKareem Delaney Modified over 9 years ago

Similar presentations

Presentation on theme: "Linked2Safety Project (FP7-ICT-2011-7 – 5.3) A NEXT-GENERATION, SECURE LINKED DATA MEDICAL INFORMATION SPACE FOR SEMANTICALLY-INTERCONNECTING ELECTRONIC."— Presentation transcript:

1 Linked2Safety Project (FP7-ICT-2011-7 – 5.3) A NEXT-GENERATION, SECURE LINKED DATA MEDICAL INFORMATION SPACE FOR SEMANTICALLY-INTERCONNECTING ELECTRONIC HEALTH RECORDS AND CLINICAL TRIALS SYSTEMS ADVANCING PATIENTS SAFETY IN CLINICAL RESEARCH Prof. Nikolaus Forgó, Mag. Magdalena Góralczyk, RA Constantin Graf von Rex Institute for Legal Informatics, Leibniz University Hannover

2 FP7, ICT-2011 – 5.3 Page 2 1 st Review Meeting, 14 th November 2012 I.Introduction II.Presentation of the Project Linked2Safety III.Legal Requirements IV.Ethical Requirements V.Conclusion

3 FP7, ICT-2011 – 5.3 Page 3 1 st Review Meeting, 14 th November 2012  Legal and ethical requirements lead in a research project dealing with the medical data of patients to specific security issues that must be considered and resolved.  European and national laws and ethical standards and principles provide a framework for a research project.

4 FP7, ICT-2011 – 5.3 Page 4 1 st Review Meeting, 14 th November 2012  Linked2Safety (grant agreement n°288328) is a project funded funded under the FP7 framework of the European Union.  The Vision of the project is the development of an extensible, scalable architecture that will facilitate the semantic interlinking between spatially distributed clinical care information sources, electronic patients’ health records and clinical trials systems for gathering and sharing adequate knowledge to support decision making in medical and clinical research.

5 FP7, ICT-2011 – 5.3 Page 5 1 st Review Meeting, 14 th November 2012  The Linked2Safety consortium combines multidisciplinary competences and resources from the academia, industry, and research community. It consists of eleven (11) partners representing research institutes, universities, industrial partners (including SMEs) and clinical research end-user organisations (with a medical, healthcare & pharmaceutical background), from seven (7) European countries, i.e. Luxembourg, Greece, Germany, United Kingdom, Ireland, Romania, Cyprus and Switzerland –one of them from the new Member States (Cyprus) and one of them from the Associated Countries (Switzerland).

6 FP7, ICT-2011 – 5.3 Page 6 1 st Review Meeting, 14 th November 2012  The project iterative implementation plan is organized over 12 quarters (36 months). To guarantee smooth and effective project running and progress the whole work has been devided into nine (9) work-packages.

7 FP7, ICT-2011 – 5.3 Page 7 1 st Review Meeting, 14 th November 2012 1.Personal data and non-personal data In a research project dealing with patient data the differentiation has to be made between personal and non- personal data. Personal data is understood as those data that leads to an identified or identifiable subject. Data that does not lead to an identifiable subject because of its aggregation or anonymization is non-personal. At European level the principles for the protection of personal data are defined by the Data Protection Directive.

8 FP7, ICT-2011 – 5.3 Page 8 1 st Review Meeting, 14 th November 2012 1.Personal and non-personal data Once medical data of patients is included in a research project, these types of data are sensitive personal data. For these special data the DP Directive forces the EU member states to increase the protection for it.

9 FP7, ICT-2011 – 5.3 Page 9 1 st Review Meeting, 14 th November 2012 2.Data controller and data processor The data processor prosesses personal data for the data controller. The data controller is the one who is responsible for the processing of personal data. The data controller has to ensure that data quality principles are complied with and he has to ensure the implementation of appropriate and necessary technical and organizational measures.

10 FP7, ICT-2011 – 5.3 Page 10 1 st Review Meeting, 14 th November 2012 3.Pseudonymisation and anonymisation of data The pseudonymisation of data is considered as a safety measure in research projects. If it is possible to recode the data so that the data subject can be re-identified, it is called pseudonymous data. In the case of pseudonymous data the person behind the data can be identified with acceptable effort and therefore the general data protection rules are to be applied to pseudonymous data. As the highest safety measure in research projects with medical data of real patients, the anonymisation of data is considered.

11 FP7, ICT-2011 – 5.3 Page 11 1 st Review Meeting, 14 th November 2012 3.Pseudonymisation and anonymisation of data According to the DP-Directive data are then anonymous, if the person standing behind the data cannot be identified with reasonable means (in terms of costs, effort and manpower). The anonymisation of personal data is a process that falls under the same rules like any other form of data-processing. The DP-Directive provides rules for the fair and lawful processing of personal data, which must be observed for the anonymisation of data, as much as for any other kind of processing.

12 FP7, ICT-2011 – 5.3 Page 12 1 st Review Meeting, 14 th November 2012 4.Informed Consent The informed consent of a patient is one way to legitimize the processing of patient data. Regarding the informed consent of patients to participate in clinical research and in respect of the informed consent of patients to process their data, especially their health data, there are similarities and differences.

13 FP7, ICT-2011 – 5.3 Page 13 1 st Review Meeting, 14 th November 2012 4.Informed Consent For a research project like Linked2Safety a possibility may be considered that would allow the processing of patient data without their consent. Within the DP-Directive it is stipulated, that subject to adequate provision of guarantees by the member states, these are given the opportunity, if an important public interest requires so, to provide exceptions to the general prohibition on processing sensitive data through a law or decision of the supervisory authority.

14 FP7, ICT-2011 – 5.3 Page 14 1 st Review Meeting, 14 th November 2012 5.Technical and organisational measures To ensure the security of the data, the following technical and organizational measures have to be taken:  control of the entrance to installations,  control of data media,  memory control,  control of utilisation,  access control,  control of communication,  control of data introduction, control of transport, availability control.

15 FP7, ICT-2011 – 5.3 Page 15 1 st Review Meeting, 14 th November 2012 6.Rights of the data subject From the DP-Directive result the following individual rights of patients as data subjects:  right to be informed  right of access  right of rectification, erasure or blocking  right to object

16 FP7, ICT-2011 – 5.3 Page 16 1 st Review Meeting, 14 th November 2012 7.Transfer of personal data to third countries Another security issue may be the transfer of patient`s personal data to any country outside the European Union and / or the European Economic Area. Such a transfer is only allowed if a European-standard level of data protection is guaranteed.

17 FP7, ICT-2011 – 5.3 Page 17 1 st Review Meeting, 14 th November 2012 1.Informed Consent The idea behind the requirement of informed consent of patients is that any medical procedure, which has an impact on the patient requires his/her prior written consent based on comprehensive information.

18 FP7, ICT-2011 – 5.3 Page 18 1 st Review Meeting, 14 th November 2012 2.Other ethical requirements If it is not possible to obtain patient`s consent or at least the consent from the patient´s legally authorized representative to render the personal data anonymous could be the solution. Another ethical requirement for a medical research project is that the methods used must conform to generally accepted scientific principles, be based on a thorough knowledge of scientific literature, other relevant sources of information and adequate laboratory. A research project has to be lead and monitored by qualified and trained persons only.

19 FP7, ICT-2011 – 5.3 Page 19 1 st Review Meeting, 14 th November 2012  Personal data and especially sensitive data needs special protection in a research project which deals with patient`s medical data. Once there is non-personal data involved the European and national data protection laws do not apply.  One way to protect the personal and sensitive data from patients is rendering the data anonymous. Personal patient data are therefore processed in an anonymous form only in the project Linked2Safety.  The safety and privacy of patients’ data must be ensured by the data controller. In the case of the research project Linked2Safety the data controllers are the clinical partners of the project.

20 FP7, ICT-2011 – 5.3 Page 20 1 st Review Meeting, 14 th November 2012  The DP-Directive provides technical and organizational measures to guarantee the protection of the personal data.  The informed consent of patients is one of the demands made by both ethical and legal side of a research project and must therefore be mindful of the security issues as well.  In addition, the rights of data subjects have to be respected, as well as the conditions for the transfer of data to third countries, if such scenarios come up.

21 FP7, ICT-2011 – 5.3 Page 21 1 st Review Meeting, 14 th November 2012

22 FP7, ICT-2011 – 5.3 Page 22 1 st Review Meeting, 14 th November 2012 Prof. Nikolaus Forgó Mag. Magdalena Goralczyk RA Constantin Graf von Rex LUH E-mail: forgo@iri.uni-hannover.de; goralczyk@iri.uni-hannover.de; rex@iri.uni-hannover.de

Download ppt "Linked2Safety Project (FP7-ICT-2011-7 – 5.3) A NEXT-GENERATION, SECURE LINKED DATA MEDICAL INFORMATION SPACE FOR SEMANTICALLY-INTERCONNECTING ELECTRONIC."

Similar presentations

Training and Education

Training and Education
Basic Principles of GMP

Basic Principles of GMP
The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.

The Role of the IRB An Institutional Review Board (IRB) is a review committee established to help protect the rights and welfare of human research subjects.
Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.

Assurance Services Independent professional services that “improve the quality of information, or its context, for decision makers” Assurance service encompass.
1 Welcome Safety Regulatory Function Handbook April 2006.

1 Welcome Safety Regulatory Function Handbook April 2006.
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
1 THE WHITE PAPER ON SPORT THE EU AND SPORT: MATCHING EXPECTATIONS MICHELE COLUCCI Tilburg University, Spring semester 2012

1 THE WHITE PAPER ON SPORT THE EU AND SPORT: MATCHING EXPECTATIONS MICHELE COLUCCI Tilburg University, Spring semester 2012
ActionDescription 1Decisions about planning and managing the coast are governed by general legal instruments. 2Sectoral stakeholders meet on an ad hoc.

ActionDescription 1Decisions about planning and managing the coast are governed by general legal instruments. 2Sectoral stakeholders meet on an ad hoc.
Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.

Re-use of PSI Data Protection Issues Cécile de Terwangne Professor at the Law Faculty, Research Director at CRIDS University of Namur (Belgium) 2 nd LAPSI.
Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.

Public Sector Information & Data Protection: A plea for personal privacy settings for the re-use of PSI Bart van der Sloot Institute for Information Law.
PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR

PRIVACY ASPECTS OF RE-USE OF PSI: BETWEEN PRIVATE AND PUBLIC SECTOR
Regional Policy EUROPEAN COMMISSION 1 EGTC regulation EGTC regulation ESF and EGTC regulations Regulation of the European Parliament and of the Council.

Regional Policy EUROPEAN COMMISSION 1 EGTC regulation EGTC regulation ESF and EGTC regulations Regulation of the European Parliament and of the Council.
4 th Meeting of the EC International Dialogue on Bioethics Copenhagen, June 19 th, 2012 Large research and medical databases in clinical and research multi-centred.

4 th Meeting of the EC International Dialogue on Bioethics Copenhagen, June 19 th, 2012 Large research and medical databases in clinical and research multi-centred.
1 Large research and medical databases in clinical and research multi-centres trials A Swiss Perspective June 19, 2012 European Commission International.

1 Large research and medical databases in clinical and research multi-centres trials A Swiss Perspective June 19, 2012 European Commission International.
Joint presentation by respective units in DGs AGRI, EMPL and REGIO IPA Components III, IV and V: Conditions for successful preparation and absorption of.

Joint presentation by respective units in DGs AGRI, EMPL and REGIO IPA Components III, IV and V: Conditions for successful preparation and absorption of.
1 17/3/2009 European Commission Directorate General Information Society & Media Funding Instrument Briefing for Remote Reading.

1 17/3/2009 European Commission Directorate General Information Society & Media Funding Instrument Briefing for Remote Reading.
International Telecommunication Union Accra, Ghana, 16-17 June 2009 Conformance and Interoperability Testing: (WTSA-08) Resolution 76 Joshua Peprah Director,

International Telecommunication Union Accra, Ghana, June 2009 Conformance and Interoperability Testing: (WTSA-08) Resolution 76 Joshua Peprah Director,
International Telecommunication Union Workshop on Standardization in E-health Geneva, 23-25 May 2003 Europe: TM-Alliance, facilitating e-Health Interoperability.

International Telecommunication Union Workshop on Standardization in E-health Geneva, May 2003 Europe: TM-Alliance, facilitating e-Health Interoperability.
1 Enforcement Powers of National Data Protection Authorities and Experience gained of the Data Protection Directive Safe Harbour Conference Washington.

1 Enforcement Powers of National Data Protection Authorities and Experience gained of the Data Protection Directive Safe Harbour Conference Washington.
1 Targeted Case Management (TCM) Changes Iowa Medicaid Enterprise October 14, 2008.

1 Targeted Case Management (TCM) Changes Iowa Medicaid Enterprise October 14, 2008.

Similar presentations

Ads by Google