1 / 39

Issues around confidentiality and privacy Australian National Data Service (ANDS)

Issues around confidentiality and privacy Australian National Data Service (ANDS) Sharing Health-y Data: Challenges and Solutions Thursday, 17 September 2015 Flinders University, Adelaide Chris Radbone, Associate Director, SA NT DataLink.

hraines
Download Presentation

Issues around confidentiality and privacy Australian National Data Service (ANDS)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Issues around confidentiality and privacy Australian National Data Service (ANDS) Sharing Health-y Data: Challenges and Solutions Thursday, 17 September 2015 Flinders University, Adelaide Chris Radbone, Associate Director, SA NT DataLink The Australian Government has provided financial support to SA NT DataLink through the National Collaborative Research Infrastructure Strategy (NCRIS).

  2. Who is SA NT DataLink?

  3. Population Health Research Network SA NT DataLink Queensland Research Linkage Group PHRN Program Office Sax Institute Centre for Data Linkage NSW/ACTCentre for Health Record Linkage WA Data Linkage Branch SA NT DataLink AIHW Victorian Data Linkages Tasmanian Data Linkage Unit The Australian Government has provided financial support to the PHRN and its members through the National Collaborative Research Infrastructure Strategy (NCRIS).

  4. What is Administratively collected data? Early Childhood & Education Records States/Territories & Non-Government Public and Private Hospital Records States/Territories & Non-Government Cancer and other Health Condition Registries States/Territories Cause of Death Records States/Territories Motor Vehicle Licensing & Crash Records States/Territories Birth Records States/Territories Mental Health Records States/Territories Public Housing Records States/Territories CRADLE GRAVE Family Tax Benefit CentreLink PBS Records Commonwealth GP Medical Records Non-Government GP Payment MBS Records Commonwealth Immigration Records Commonwealth Veterans’ Affairs/ Ageing Commonwealth

  5. Legal jurisdictional responsibility Commonwealth Government trade, taxation, immigration, citizenship, social security, industrial relations and foreign affairs State/Territory Governments public health, education, roads, public land use, police, fire and ambulance services Joint Responsibility education, transport, health and law enforcement

  6. Data Linkage / Record Linkage In Australia • Commenced in late 1960’s in Western Australia when Michael Hobbs returned from Oxford University. 1969 article by Fellegi and Sunter’s “A theory for Record Linkage”. • Michael Hobbs collaborated with Fiona Stanley at the Telethon Institute for Child Health Research, University of Western Australia with active support from the WA Department of Health. In 1995 the WA Department of Health established the WA Data Linkage Unit. • Notable early WA studies included the pioneering work on the birth defect from folate deficiency (hypothesis), and issues associated with low birth weight babies and pre-term deliveries, cerebral palsy, spina bifida research. • Based on the demonstrated value from the Western Australian experience, the Commonwealth government funded the Population Health Research Network (PHRN) in 2009 to increase the research infrastructure and capacity to link health data from across Australia, through the National Collaborative Research Infrastructure Strategy (NCRIS) and also the Super Science Initiative – Education Investment fund (SSI-EIF).

  7. https://www.youtube.com/watch?v=vLYGcbxrIPA

  8. Privacy – Fundamental Human Right • No one shall be subjected to arbitrary or unlawful interference with privacy, family, home or correspondence, nor to unlawful attacks on honour and reputation. • Everyone has the right to the protection of the law against such interference or attacks. Australia is a signatory to Article 17 of the United Nations International Covenant on Civil and Political Rights, 1966

  9. Source: www.konoozi.com

  10. Linking Data • Data from different organisations (Government and Non-Government) is matched and linked in a secure environment. • Any directly identifying personal information always remains ‘separate’ from the researchable data. • No consistent terminology - often referred to as ‘data linkage,’ ‘record linkage’ or ‘data integration’. • Can be large scale population based longitudinal data - originally collected for another purpose, but also includes integrating surveys/registries. • Linkage may take place across data sets in a single domain (i.e. health) or across domains (i.e. health, education, social services, early childhood and justice.)

  11. Benefits for Society Provides information and evidence to decision makers for informed choices to improve the health and wellbeing of the community.

  12. Benefits for Society • Privacy Protected Linked Data benefits society health, social and economic research through: • Efficient and economical – reuse of existing administratively collected data from government and non-government for informed decision making and research. • Socially responsible – including information on people who are under-represented in conventional surveys, who are equally important for key policy decisions. • The Bigger Picture – Administrative datasets cover the whole of Australia enabling a detailed picture of society, leading to greater understanding and better informed policy decisions and operational service delivery improvements. • Providing a Trustworthy source of data to support policy makers, research and evaluation – enabling approved access and use of publically funded data collections for public good purposes. • Supports Data Repositories – enables the establishment of ‘Business Intelligence System for Government and the Community’

  13. Factors to consider when Protecting Privacy Trusted party - required to ensure all information that can directly identify a person, household, business or ethnic / indigenous community is removed from the data before the researcher access it. Integrity – an independent panel reviews and approves all research proposals, along with each of the Data Custodian’s approval for the use of their data. Timeliness– an issue raised is the time take for approval, integration and release. Solution is to establish Repositories ready to hold and check the data prior to approved release. All researchers and data analysts are trained in data safety and lawful use of data. Secure – secure environments for researchers accessing linked data, with research outputs reviewed to ensure privacy is always protected. Data Custodians given pre-release copy of the published research outcomes 28 days in advance to all review for privacy disclosure risk, as well as the integrity of the research findings. Secure Remote Access – use of a Secure Remote Access Laboratory facility to enable analysts and researchers to securely access the ‘approved’ data from ‘any’ location. For example the use SURE, compared to ‘physically accessed data labs’.

  14. High level principles for statistical data integration across Australian Government Principle 1 Responsible agencies should treat data as a strategic resource and design and manage administrative data to support their wider statistical research use. • This is an aspirational principle, designed to support Agencies treat Data as an Asset and make better use of existing and new data sets. Principle 2 Agencies responsible for source data used in statistical data integration remain individually accountable for their security and confidentiality. • To ensure Data Custodians control the use of personal or other sensitive data for ‘statistical versus operational’ integration purposes. Refer Principle 5.

  15. High level principles for statistical data integration across Australian Government Principle 3 A responsible ‘integrating authority’ will be nominated for each data integration proposal. • Agencies may choose between a small number of integrating authorities which are approved as trusted entities to conform with specified governance arrangements • Single organisation ultimately accountable for the project • Ensure appropriate governance is in place for • An open approval process • Documentation of the proposal • Impact on privacy • Risks have been assessed, managed and mitigated • Expected costs and benefits • Outputs are controlled throughout their lifecycle

  16. High level principles for statistical data integration across Australian Government Principle 4 Statistical integration should only occur when it provides significant overall benefit to public. • This principle is consistent with the public interest test under the Commonwealth Privacy Act. Principle 5 Statistical data integration must be used for statistical and research purposes only. • Other data integration activities e.g. compliance monitoring, are covered by other mechanisms, policies and legislation.

  17. High level principles for statistical data integration across Australian Government Principle 6 Policies and procedures used in data integration must minimise any potential impact on privacy and confidentiality. • e.g. risks of direct and indirect identification should be carefully managed, taking account of the potential increase in identifiability when datasets are combined. Principle 7 Statistical data integration will be conducted in an open and accountable way. • The principle seeks to ensure transparency in the nature and coverage of statistical integration projects.

  18. Why is Privacy Protection of Data Linked Important? • Data linkage is an invaluable tool for enabling policy analysis, program evaluation and research made possible through cheaper ICT easing the cost of recruitment and provision of population wide records. • Enables smaller targeted populations, study cohorts (eg consenting studies) to be evaluated and enhanced by comparing and integrating data. • Is cost-effective relative to other data collection mechanisms, and enables studies to be done that could not otherwise be performed. Allows for variety of research methodologies including case matching and case control. • Evaluating rare or small cohorts, registries or limited numbers of results is more feasible, given the ability to draw upon multiple years of records. • Capability to analyse decades of data from very large datasets, compared to smaller survey cohorts, provides a picture of the entire population. • Australian Linkage methodologies address the ‘Lack of unique identifier’ for each member in society; unlike the countries of Scandinavia and the USA.

  19. Example of Privacy AgreementsUse & transfer of NT Data: Northern Territory Information ActUniversity SA (SA NT DataLink): Commonwealth Privacy Act 1988 SA NT DataLink Protocols: Privacy Committee of South Australia NT Information (Privacy) Commissioner Dataset Level:(i) Data Transfer Agreement (MOU/Deed) (ii) Schedule 2 (iii) Linkage Unit Staff Deed of Confidentiality Project specific: (1.) Data Custodian(s) approval (2.) Human Research Ethics Committee approval (3.) Researcher Deed of Confidentiality

  20. Ethical Conduct in Human Research- National Statement • Outlines behaviours and expectation on organisations and individuals conducting research • Including responsibilities of Data Custodians providing data and those receiving, storing and using data • Positioned under Privacy Act (Cth)1998 Source: National Health & Medical Research Council (NHMRC) & Australian Research Council (ARC)

  21. Is this Data Linkage Legal? • Consideration of existing legislation is ‘always’ required: • 1. Is there Legislation covering the particular data collection activity and its use? • 2. Have participant’s Consent been sought; restrictive, permissive or specific? • 3. Is there a role for ethical approval; refer Section 95 Privacy Act 1988 • Commonwealth ‘Public Interest Certificate’ process for approving data access / use • Does the Community have a role and responsibility in the access and use of data? • Who is the Community and how best can you engage? • How do you demonstrate Trust, effective Privacy protecting measures and ongoing community engagement? • Useful Best Practice Community and Consumer Engagement includes: • ‘SA NT DataLink - ‘Community and Consumer Conversations’ • Telethon Institute / UWA - ‘Citizen Jury’ , ‘Green Book’ by A McKenzie & B Hanley • The Menzies Institute for Health Research – ‘Indigenous Community engagement’

  22. Integrity: Importance of Metadata and Data Quality Data Quality – fitness for purpose • Quality of Linkage – for Researcher’s benefit in publishing papers • Quality of Linked Data – working with Data Custodians Metadata – to explain utility of the data • Responding to the demand from Researchers and Analysts for information on researchable variables • Use of online Metadata tools ie ANDS, METeOR • Currency and completeness – SA NT DataLink Data Quality Statements

  23. Social Contract Demonstrating benefit to society • Agreement on the release, sharing and use of health, social and economic service data for public good research and analysis • Social contract includes: • Transparency and reporting of outcomes from the use of the community’s data • Engagement with the Community through-out the life course of a data activity • Plain language summary and community input into the ethical review • Seek Community support for establishing persistent and enduring datasets – build & use many times versus create & destroy

  24. How is Privacy Protected? The Separation Principle

  25. Challenge of facilitating access to the data...

  26. Summary: Key Challenges and Opportunities • Cost in terms of governance, approval & compliance • Increased competing work priorities & demand on Custodian’s scare resources • Timeliness of Data Custodian approval and then the actual data extraction • Knowledge transfer from ageing (retiring) workforce • data related activities - often seen non core work • Demonstrating Public Benefit to the Community • Developing a ‘Social Contract’ between consumers / community, data custodians and the researchers. • Privacy Protected Open Data: Whole of Government and Community perspective for a ‘Business Intelligence System for Government and Non-Government’ Source: www.drmattroach.com

  27. Maintaining Trust and the Separation Principle Key and critical role of Consent • Discussion with the Privacy Commissioners from across Australian Evolution of the record linkage (data linkage / data integration) • Establishment of de-identified data repositories ie Manitoba, Ontario Institute for Clinical Evaluation Science (ICES), Scotland, Wales, WA Department of Health and SA NT DataLink ‘Custodian Controlled data repository’ to maintain separation and security • Secure Access - online or physical access to de-identified linked data through SA NT DataLink’s Data Integration Unit, SURE, or SURE-Like. • Consideration of Legalisation similar to Ontario and Manitoba ie legislation to support Data Custodians releasing Personal: Medical and other sensitive data. Challenge of re-identification by Analyst • Custodian and Ethical approved methodology becomes legal under Section 95 Privacy Act 1988 noting tight scope ‘Medical Research’

  28. Scottish Case Study - International Best Practice • £12B • Population 5M • Single health care provider • 14 Territorial Boards • 38 Hospitals, 1020 General Practices • High rates of morbidity of common complex disease • Collaboration – Aberdeen, Edinburgh, Dundee, Glasgow, St Andrews • Unique patient identifier Layered access Links to CHI / NHS records Prescription records

  29. Community Health Number 07 10 64 0250 Date of Birth Sex Check

  30. Key ingredients for change • a strong science infrastructure with vibrant PhD and post doctorate communities • Systematic Collaboration with a tripartite mission and significant infrastructure investment • a commitment to linking information from medical and non-medical sources using electronic patient records to support better treatment, safety and research • a new pathway for the regulation and governance of health research • collaborative arrangements with the biotechnology pharmaceutical and medical devices industries • positioning Scotland as a single research site

  31. Key Delivery UnitsNHS Research Scotland Clinical Research Facilities Tissue acquisition service Biorepositories ‘Safe Havens’ Health informatics research Project management Quality & Facilitation Research imaging platform

  32. CHI Lab Data AHPs GP Pharmacy Hospital Eye Van Screening Investigations Linking Data - the key to seamless care

  33. Bio-Repository network Strategic national collections • Rheumatoid arthritis • Renal cancer • Type 1 diabetes • Generation Scotland/ SHHS National/ local planned collections • Generic consent • Strategy driven • Future focus NRS NE NRS E Bespoke collections • Specific consent • Project based • Investigator ‘owned’ NRS W NRS SE Infrastructure development • Inventory management system • Patient record linkage • Enhanced storage capacity • Facilitated rapid access Pathology archive ~300,000 consented for genomic studies

  34. Reducing Regulatory BurdenSingle sign off across Scotland NRS Permissions CC • Approvals- Costing- Contracting • Reciprocity with NIHR CSP NRS CC NRS NE Regional working – 4 hubs- ethics- R&D management NRS E NRS SE NRS W Targets- Ethics approval in 30 days (Scottish average) - R&D 95% approved in 30days Universities umbrella agreement of single contracting

  35. NRS Permissions Co-ordinating Centre Performance NRS Permissions Co-ordinating Centre Performance Table 1 Time (working days) to approval for multi-site studies Time to permission for all Scottish sites Non-commercial Commercial Notes : Time to permission is the number of working days elapsed between the receipt of a ‘full document set’ by the Permissions Centre and management approval by all Scottish sites. It includes the time taken for generic review of principal governance issues by the lead review site (once for Scotland) and for local review of resource availability.

  36. NHSScotland Surgical Mortality

  37. Possible legislative options Possible Legislation to facilitate increased access & use: Ontario’s Personal Health Information Protection Act 1994 (PHIP Act) Manitoba’s Personal Health Information Act1997. Personally Controlled eHealth Record (PCEHR) • across all sectors (Health, Education Australia Wide Personal Identifier • across all sectors (Health, Education, Justice, Immigration and Community Services domains) to enable and ‘control’ timely and efficient Linkage and Record Matching

  38. References Population Health Research Network www.phrn.org.au National Data Linkage Infrastructure: including Online Application process National Health and Medical Research Council (NHMRC) Guidelines under Section 95 Privacy Act 1988 https://www.nhmrc.gov.au/guidelines-publications/pr1 Anne McKenzie and Bec Hanley ‘Consumer and Community Participation in Health and Medical Research – a practical guide for health and medical research organisations’, UWA/Telethon Institute for Child Health Research, October 2007 Secure Unified Research Environment (SURE) www.sure.org.au National remote access secure data analysis platform International Data Linkage Network www.ipdln.org/ Statistical Data Integration involving Commonwealth Data www.nss.gov.au/nss/home.nsf/pages/Data+Integration+Landing+Page?OpenDocument Peter Christen 'Data Matching - Concepts and Techniques for Records Linkage, Entity Resolution, and Duplicate Detection' , Springer, 2012 SA NT DataLink – ‘For Researchers’ section of the website www.santdatalink.org.au SA NT DataLink Access and Pricing Policy https://www.santdatalink.org.au/files/PDF_Files/AccessPricingPolicy_20131206.pdf

  39. Chris Radbone SA NT DataLink, Associate Director (08) 8302 2777 chris.radbone@unisa.edu.au Client Services: santdatalink@unisa.edu.au Adelaide: (08) 8302 1604 Darwin: (08) 8985 8011 www.santdatalink.org.au

More Related