Data protection in grid-based multicentric clinical trials

Killjoy or confidence-building measure?

authored by: Marian Arning, Nikolaus Forgó, Tina Cornelius-Krügel
Abstract: In order to protect the privacy of participating patients in multicentric genetic research projects and to improve the working conditions for researchers in such projects a data protection framework needs to be installed. In the first place, all genetic data processed in the project has to be pseudonymized. In addition to that, contracts have to be concluded between the project and each project partner to guarantee that genetic data are used only within the project and that each partner complies with data security standards. Furthermore, a central data protection authority has to be installed in the project to control the partners' compliance with these contracts and to serve as a central contact point for participants. If these conditions are fulfilled, only (de facto) anonymous data are used in the project, so that data protection legislation is not directly applicable. Second, each participant has to sign a special consent form for ethical reasons and as a fallback solution if the pseudonymizatio n of the genetic data fails. With this safety net it is possible to protect the participants' privacy and to improve the working conditions for researchers.
Organisation(s): Institute of Legal Informatics
Type: Article
Journal: Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences
Volume: 367
Pages: 2729-2739
No. of pages: 11
ISSN: 1364-503X
Publication date: 13.07.2009
Publication status: Published
Peer reviewed: Yes
ASJC Scopus subject areas: General Mathematics, General Engineering, General Physics and Astronomy
Electronic version(s): https://doi.org/10.1098/rsta.2009.0060 (Access: Closed)

BibTeX

@article{ea5d2cec93e64f81bb549ca68cbcfa6a,
title = "Data protection in grid-based multicentric clinical trials: Killjoy or confidence-building measure?",
abstract = "In order to protect the privacy of participating patients in multicentric genetic research projects and to improve the working conditions for researchers in such projects a data protection framework needs to be installed. In the first place, all genetic data processed in the project has to be pseudonymized. In addition to that, contracts have to be concluded between the project and each project partner to guarantee that genetic data are used only within the project and that each partner complies with data security standards. Furthermore, a central data protection authority has to be installed in the project to control the partners' compliance with these contracts and to serve as a central contact point for participants. If these conditions are fulfilled, only (de facto) anonymous data are used in the project, so that data protection legislation is not directly applicable. Second, each participant has to sign a special consent form for ethical reasons and as a fallback solution if the pseudonymizatio n of the genetic data fails. With this safety net it is possible to protect the participants' privacy and to improve the working conditions for researchers.",
keywords = "Central data protection agency, Data protection, De facto anonymization, Genetic data, Genetic research projects, Pseudonymization",
author = "Marian Arning and Nikolaus Forg{\'o} and Tina Cornelius-Kr{\"u}gel",
year = "2009",
month = jul,
day = "13",
doi = "10.1098/rsta.2009.0060",
language = "English",
volume = "367",
pages = "2729--2739",
journal = "Philosophical Transactions of the Royal Society A: Mathematical, Physical and Engineering Sciences",
issn = "1364-503X",
publisher = "The Royal Society",
number = "1898",
}