Trust and Governance Issues in eResearch

1
Trust and Governance Issues in e-Research

• Mark Hartswood1, Kate Ho1, Marina Jirotka2, Rob
  Procter3, Roger Slack1, Alex Voss1
• 1School of Informatics, University of Edinburgh
• 2Computing Laboratory, Oxford University
• 3National Centre for e-Social Science

2
Overview

• e-Research
• The vision of seamless data sharing between
  dynamic networks of researchers
• Trust and governance
• Data Protection Act
• Ethical approval
• Case study
• Ethics in practice
• Implications for e-Research

3
The e-Research vision

• e-Science is about global collaboration in key
  areas of science and the next generation of
  infrastructure that will enable it. (John
  Taylor, DG, Research Councils)

4
e-Research infrastructure

• Seamless integration of data, on demand access to
  compute resources

MIDLEWARE
Scientist
GRID
Scientist
Scientist
5
e-Research challenges

• While e-Research promises to transform science,
  full benefits will not be realised unless legal,
  ethical and societal challenges can be overcome
• These are particularly acute in e-Health and
  related e-Biology, where projects face generic
  challenges arising from the use of sensitive
  data
• Research governance and accountability in the
  (re-)use of data
• Trusting technologies to be secure

6
Research governance

• DPA (1998) established a number of principles for
  collection and use of data about living persons
• Privacy, confidentiality, security
• DPA states that
• Informed patient consent needed for use of
  identifiable data
• No (re-)use of patient data for purposes other
  than those declared at time of original consent
• But is arguably ambiguous in a number of key
  areas
• Exceptions may be made in the public interest

7
Research governance

• Approval must be secured from research ethics
  committee(s) to ensure that studies comply with
  relevant ethical and legal guidelines such as the
  Human Rights and DPA
• Approval process for multi-centre research will
  require submissions both to individual LRECs and
  to MREC
• Ethics committees require that researchers
• Provide a specific research protocol
• Summarise how they will gather and analyse data
• Demonstrate how data will be used and how it will
  benefit patient care
• Demonstrate that they have secured individual
  patient consent for their data to be used in the
  proposed studies
• Data cannot be used for any purposes that were
  not identified in the research protocol
• Researchers must be seen to be accountable to
  research committees, society and individual
  patients for the studies they undertake

8
Governance challenges for e-Research

• e-Research makes avoidance of identifiable data
  problematic
• Data linkage
• Need for follow-up, e.g., removal of subjects
• De-identification of some kinds of data, e.g.,
  images, cannot be guaranteed
• e-Research implies re-use of data for new
  purposes
• Re-consenting is time consuming, costly and
  unreliable
• Recruitment based on consent creates sample
  biases
• Prospective data collection
• e-Research involves sharing data across
  organisational boundaries between dynamic
  networks of collaborators
• Data linkage increases disclosure risk through
  statistical methods
• Increased risk that data used for studies which
  go beyond purposes specified in research protocol
• Problems of policing use of data become greater
  in virtual organisations as structures of
  accountability become less clear

9
Trusting the technology

• Fears have been expressed within the NHS that
  data sharing may compromise patient
  confidentiality
• Trust I believe that we should fight to retain
  control of our own data since confidentiality and
  trust are the cornerstones of general practice,
  and not an optional extra. The job is impossible
  without it, and if we lose this, then general
  practice is truly dead. Can I trust my computer?
• Responsibility As GPs in the brave new world of
  sharing patient information electronically
  throughout the NHS, can we still promise our
  patients that we will keep their secrets
  confidential?
• Governance The NHS would like easy access to
  our informationbut who else would have such
  access? 

10
Trusting the technology

• The implications of e-Infrastructure for research
  ethics approval are unclear
• Security arguments become more complex and rely
  on concepts with which REC members may be
  unfamiliar
• The evidence to date is that e-Infrastructure is
  not a trusted technology
• In practice, medical e-Research projects deploy
  simpler and more familiar but inefficient methods
  for data sharing and linkage
• The swivel chair
• Trust blocks
• These problems will grow as researchers look to
  utilise social care and demographic data sets

11
Case study eDiaMoND

• Flagship 2 year pilot UK e-Science project aimed
  at demonstrating value of the Grid to NHS
• Grid-enabled, federated database of mammograms
• Distributed breast screening environment
• Epidemiological studies
• Fieldwork to observe and understand current
  screening work practices, including data sharing
• Identify challenges to sharing data between
  breast screening units and epidemiological
  researchers

12
eDiaMoND ethical approval

• LREC and MREC submissions made, approval process
  took over 1 year
• Permission given to use anonymised data and only
  for the specified purposes
• Explicit consent was deemed not to be required
  for historic data
• Will have to re-apply for ethics approval for any
  new, additional uses

13
Fieldwork findings

• The vision for eDiaMoND encompasses not only
  sharing data across BSUs, but also and
  resonating with the e-Research vision sharing
  data across different scientific disciplines
• The vision affords the potential to make data
  available to a larger community, regardless of
  where the data was generated or produced
• Our observations suggest that the potential for
  sharing data between different researchers is
  fraught with difficulties linked to ethical
  concerns
• These concerns also relate to practical matters
  of trust in relation to their working more at a
  distance from the context of the production of
  data

14
Practical ethical action

• It is not considered ethical for mammograms to be
  shown to someone outside of the clinic
• But there are exceptions which are justified as
  being in the patients best interest
• Represents a situated, professional judgement as
  to what is ethical here and now

15
Governance and digital data

• The work of manipulating physical artefacts such
  as paper records affords a natural, locally
  visible account of itself
• Introducing mobile, digital data changes the
  visibility and accountability of work and hence
  of trust procedures
• Digital data raises questions about embedding
  security policies too tightly so as to limit the
  scope for local professional judgements to be made

16
Summary

• e-Research raises challenges for trust and
  governance. There is a difficult balance to
  strike between acquiring data that is in the
  public interest and protecting citizens from its
  unscrupulous use
• Use of personal data is governed by legal,
  organisational, and professional rules but also
  depends on situated, practical (professional)
  judgements
• If governance is too tightly embedded in systems
  and centrally administered, these kinds of
  routine, situated ethical judgements are not
  easily afforded
• Healthcare professionals may be unwilling to
  commit data to a system unless they trust
  security and governance mechanisms
• It is important to understand trust and
  governance not only in technical terms, but also
  consider the ways in which they are achieved in
  everyday work