Providing a Network of Trust in Processing Health Data for Research Iheanyi Nwankwo (LUH), Elias Neri (Custodix) 1
Outline Legal framework for processing health data Technical and organisational measures in protecting sensitive data The CHIC data protection framework 2
Bridging the silos of medical data The global healthcare challenges: - Rising cost - Management of chronic diseases with an unpredictable nature (Cancer, Parkinson s) - Individual differences = tailored treatment 3
Digital Patient Reserach in developing a Digial Patient - Models that will accurately predict each patient s condition with his/her health data - The last mile towards achieving personalised medicine http://www.digital-patient.net/index.html 18.11. 2014 EICAR Conference, Frankfurt 4
Unlocking data for research The digital patient represents medical data (much of which are undiscovered, locked in various silos) Rules governing the processing of sensitive data impact medical research 5
Medicial data and research The Problem: Sharp divide between personal data and non-personal data Retrospective data and issues of informed consent Sometimes the aim of research requires a link-back to the data subject (eg. for validation, incidental findings etc) 6
Data security What data security measures? the controller must implement appropriate technical and organizational measures to protect personal data against accidental or unlawful destruction or accidental loss, alteration, unauthorized disclosure or access, and against all other unlawful forms of processing (Art 17 DPD) 7
The CHIC Approach CHIC Network of Trust 8
CHIC Data Protection Framework Pseudonymisation and De Facto Anonymisation of Data Pseudonymisation Tools Upload Tool Custodix Anonimisation Tool & Services (CATS) CHIC Contractual Obligations Dedicated Center for Data Protection (CDP) Use of Trusted Third Party Security Authentication, Authorisation & Auditing Encryption 9
Example Data upload from hospital to CHIC platform 10
CHIC Computational Horizons in Cancer 11
Export of Patient Data - Anonymisation 12
Export of Patient Data Link back 18.11. 2014 13 EICAR Conference, Frankfurt
Export of Patient Data - Pseudonymisation 14
Export of Patient Data De Facto Anonymisation 15 TTP
DPF Data Flow 16
Implementation Pseudonymisation Engine Model-drive approach Define a privacy profile (transformations) once.. Apply it to different data sources 17
Implementation - CAT 18
Implementation - CATS Service-oriented CAT Hosted service (TTP) or appliance (installed in-house) Easy integration into workflows Provides Local and central de-identification or a combination hereof Central management of privacy profiles Compatible with CAT-generated profiles Centralised audit tracking of de-identification requests for compliance & fault management 19
Data Transfer Create Privacy Profiles 20
Data Transfer - CSV 21
Data Transfer Privacy Profile Generic Model & Mapping from CSV Privacy Operations 22
Data Transfer Privacy Profile 18.11. 2014 23 EICAR Conference, Frankfurt
Data Transfer Process and Upload Data 24
Data Transfer - Result Original Pseudonymised 25
ACKNOWLEDGMENT This project has received funding from the European Union s Seventh Framework Programme for research, technological development and demonstration under Grant Agreement No 600841. www.chic-vph.eu 26
The CHIC Consortium 18.11.2014 EICAR Conference, Frankfurt 27
Thank you for your attention 28