EU
Why all vital medical data cannot be anonymous
By European Alliance for Personalised Medicine (EAPM) Executive Director Denis Horgan and Francesco Florindi, European Cancer Patient Coalition
Talks are hotting up in Europe over data protection and the use of personal information in medical research. And, despite MEP Jan Philipp Albrecht’s recent assertion that the European Parliament’s position on the General Data Protection Regulation (GDPR) - currently being discussed under the Trilogue of the Parliament, European Council and Commission - allows more breadth for research, multi-stakeholder groups remain concerned.
One of these, the Brussels-based European Alliance for Personalised Medicine (EAPM), is of the view that, in certain areas, the Parliament’s position is not the correct one.
The Regulation is designed to update the out-of-touch Data Protection Directive, which, because science subsequently moved so quickly, originally failed to consider these unforeseen massive leaps in technology, as well as the growth of social networks and the expansion of cloud computing.
When the GDPR eventually comes into force, apart from a two-year transitional period (because it is a Regulation, rather than a Directive) it will have an immediate effect on all 28 member states.
The amount of data available (not just in health, of course) has never been bigger – it will continue to grow – and its uses for research purposes are invaluable.
But Albrecht, who is spokesperson for Justice and Home Affairs for the Greens/EFA, and has made commendable efforts to promote data protection down the years, seems reluctant to recognise that all vital data for use in medical research cannot be pseudonymised without it losing much of its intrinsic value.
Speaking during an interview on Vieuws last Friday, Albrecht responded to an open letter from Cancer Research UK, that expressed concern over possible requirements placed upon researchers to prove, in advance, what the research would be used for before the law allowed access to the data.
The MEP responded by saying: “It was not foreseen…that such research should be prohibited, in any case. But, of course, there are requirements for this research to be done.
“For example…we foresee that if you do research with personalised data, you should pseudonymize (it, and) try to keep separate individuals’ data and the whole research data. And that’s possible. You can do research data in that circumstance.”
This article will come back to that comment, shortly.
He added: “But it has to be better and more often explained to the research community that we are allowing for quite a lot of research which, at the moment…in some of the Member States is even not allowed.
“The Parliament says, for example, you may give your consent in a more broader way for more purposes of research, if there is such a research foreseen, so that you don’t have to explain everything from the beginning in detail…
“The Parliament also foresees that if there is a high public interest you can do research processing even without asking the individual.”
Parts of this make sense and are laudable attempts at striking a balance between the need for research, for the better health of the EU population - 500 million potential patients across 28 Member States - and the protection of their personal data.
However, what Mr Albrecht appears not to have grasped is the fact that, very often, it is not possible to pseudonymise vital research data. So, are we to throw all of this valuable data away?
It is agreed that, wherever possible, researchers should use pseudonymized data (which is encrypted at an individual level) instead of fully identifiable data. EAPM has no issue with this and it is already common practice.
However, sometimes the processing of fully identifiable data is required and pseudonymised data are simply not always adequate.
For example, a disease registry needs to hold the identifiable data on each individual with that disease. This is in order that they can link together the correct information for each patient to include details of the disease; where and what treatment was received; and, when they die, the cause of death.
Since patients may receive treatment over years and live for a long time after this, the data may need to be tracked and linked over years. This would be impossible without any identifying information.
Researchers would be given access to the minimum data set required and, while this would normally be pseudonymized, it would not be possible to generate these datasets without the use of identifiable data earlier in the process.
Meanwhile, in cases where information about one individual needs to be linked across different administrative data sets, it is again not possible to do this without processing identifiable data.
And when, as in many cases, researchers only receive anonymized data for their study, in order to generate the anonymized research data set, fully identifiable data will need to have been processed to generate an accurate linked data set.
It would not be possible to perform the linkage with only pseudonymised data, as records about one individual from different government departments could not be matched together in the first place.
The above are just some examples.
EAPM has argued, and continues to do so, that the Parliament’s version of the GDPR, which in essence appears to envision only two types of data – personal and anonymous – could seriously jeopardize health research. As stated above, this is because data used in such research often contains indirect identifiers.
Banning this under a blanket regulation makes little sense.
Meanwhile, as the GDPR stands, any research based on registries of millions of patients would need the informed consent of every single patient. Apart from anything else, this flies in the face of widespread calls to reduce waste in research regulation and management, as well as initiatives focused on responsible sharing of individual data linked to clinical trials.
Those involved in trilogue discussions need to note that science will not stop moving forward, and the use of genetics in personalised medicine, the existence of biobanks and the availability of super computers for data-processing purposes, all combine to make the potential for the use of Big Data huge in the arena of health. It is abundantly clear that Big Data, data mining and data sharing can be used to drive innovation in translational research and health outcomes tailored to the individual – offering the potential to revolutionize the effectiveness of health interventions in what are increasingly cash-strapped public health-care systems.
And there is little doubt that the majority of patients are happy to share their data for certain types of research – as long as trust is there and, of course, sufficient requests for consent (where possible) and suitable safeguards exist.
Once again, to be absolutely clear, the Alliance is confident that robust safeguards already exist in research these days - we are not talking about huge data gathering by one-off companies such as Google and Facebook - to target advertising, for instance - nor are we talking about government surveillance or ‘safe harbour’ rulings.
This is medical research. For which there must be a separation in the GDPR. This concerns the health and well-being of patients across Europe today and the many millions that will follow.
Share this article:
EU Reporter publishes articles from a variety of outside sources which express a wide range of viewpoints. The positions taken in these articles are not necessarily those of EU Reporter. Please see EU Reporter’s full Terms and Conditions of publication for more information EU Reporter embraces artificial intelligence as a tool to enhance journalistic quality, efficiency, and accessibility, while maintaining strict human editorial oversight, ethical standards, and transparency in all AI-assisted content. Please see EU Reporter’s full A.I. Policy for more information.
Why China and Russia did not come to the aid of Iran? Yes, they did!
Why right-wing populism remains popular 10 years post-Brexit
Lebanon, Hezbollah and the price of caution
Going down a treat...that's top chef Dev Biswal
Improving energy efficiency of buildings to reduce bills and save energy
Europe's broken promise, 300 million times over
DG Translation in a city near you: June events
Energy use in the industry sector continues to decline
High-Speed Drama Shatters Monaco’s Tranquil Façade
Mobile liver testing rolls into Brussels
Commission accelerates transition away from animal testing in chemical safety assessments
Commission proposes new authorization for mobile satellite services for EU's resilience and competitiveness
Defending values, driving reform, delivering impact: New measures to strengthen EU humanitarian action
Europe must not turn its back on rural women’s empowerment
Republic of Moldova joins European Patent Organization as 40th member state
Stepping out...to get the UK back in European Union
Kazakhstan reforms under scrutiny at Brussels Press Club round table
Japan should face up to history and contribute more to regional peace
Ambassador calls for 'speeding up' of co-operation between EU and Kazakhstan
Timur Turlov at Smart Moves Summit 2025: How chess can transform global education
Shevtsova’s case: Out-of-court sanctions dismantling trust in Ukrainian cause
The future of European transport
Trump Vs Trueman
