Trust and Governance Issues in eResearch
Mark Hartswood1, Kate Ho1, Marina
Jirotka2, Rob Procter3, Roger Slack1,
Alex Voss1
1School
of Informatics, University of Edinburgh
2Computing Laboratory, Oxford University
3National Centre for e-Social Science
15th March, 2005
NeSC
1
Overview

e-Research:
– The vision of seamless data sharing
between dynamic networks of researchers

Trust and governance:
– Data Protection Act
– Ethical approval

Case study:
– Ethics in practice

Implications for e-Research
15th March, 2005
NeSC
2
The e-Research vision
“e-Science is about global
collaboration in key areas of
science and the next generation of
infrastructure that will enable it.”
(John Taylor, DG, Research
Councils)
15th March, 2005
NeSC
3
e-Research infrastructure

Seamless integration of data, on demand access to
compute resources
Scientist
Scientist
G
R
I
D
Scientist
15th March, 2005
M
I
D
L
E
W
A
R
E
Experiment
Analysis
Computing
Storage
Storage
Analysis
Experiment
Computing
Storage
Computing
NeSC
4
e-Research challenges


While e-Research promises to transform
science, full benefits will not be realised
unless legal, ethical and societal challenges
can be overcome
These are particularly acute in e-Health and
related e-Biology, where projects face
generic challenges arising from the use of
sensitive data:
– Research governance and accountability in the (re)use of data
– Trusting technologies to be secure
15th March, 2005
NeSC
5
Research governance

DPA (1998) established a number of
principles for collection and use of data
about living persons:
– Privacy, confidentiality, security

DPA states that:
– Informed patient consent needed for use of
identifiable data
– No (re-)use of patient data for purposes other
than those declared at time of original consent

But is arguably ambiguous in a number of key
areas:
– Exceptions may be made in ‘the public interest’
15th March, 2005
NeSC
6
Research governance





Approval must be secured from research ethics committee(s) to
ensure that studies comply with relevant ethical and legal
guidelines such as the Human Rights and DPA
Approval process for multi-centre research will require
submissions both to individual LRECs and to MREC
Ethics committees require that researchers:
– Provide a specific research protocol
– Summarise how they will gather and analyse data
– Demonstrate how data will be used and how it will benefit patient
care
– Demonstrate that they have secured individual patient consent for
their data to be used in the proposed studies
Data cannot be used for any purposes that were not identified
in the research protocol
Researchers must be seen to be accountable to research
committees, society and individual patients for the studies they
undertake
15th March, 2005
NeSC
7
Governance challenges for e-Research

e-Research makes avoidance of identifiable data problematic:
– Data linkage
– Need for follow-up, e.g., removal of subjects
– De-identification of some kinds of data, e.g., images, cannot be
guaranteed

e-Research implies re-use of data for new purposes:
– Re-consenting is time consuming, costly and unreliable
– Recruitment based on consent creates sample biases
– Prospective data collection

e-Research involves sharing data across organisational
boundaries between dynamic networks of collaborators:
– Data linkage increases disclosure risk through statistical methods
– Increased risk that data used for studies which go beyond
purposes specified in research protocol
– Problems of policing use of data become greater in ‘virtual
organisations’ as structures of accountability become less clear
15th March, 2005
NeSC
8
Trusting the technology

Fears have been expressed within the NHS that data
sharing may compromise patient confidentiality:
Trust: “I believe that we should fight to retain control of our
own data since confidentiality and trust are the
cornerstones of general practice, and not an optional extra.
The job is impossible without it, and if we lose this, then
general practice is truly dead. Can I trust my computer?”
Responsibility: “As GPs in the brave new world of sharing
patient information electronically throughout the NHS, can
we still promise our patients that we will keep their secrets
confidential?”
Governance: “The NHS would like easy access to our
information—but who else would have such access?”
15th March, 2005
NeSC
9
Trusting the technology




The implications of e-Infrastructure for research
ethics approval are unclear
Security arguments become more complex and rely
on concepts with which REC members may be
unfamiliar
The evidence to date is that e-Infrastructure is not
a ‘trusted’ technology
In practice, medical e-Research projects deploy
simpler and more familiar but inefficient methods
for data sharing and linkage:
– The ‘swivel chair’
– ‘Trust blocks’

These problems will grow as researchers look to
utilise social care and demographic data sets
15th March, 2005
NeSC
10
Case study: eDiaMoND

Flagship 2 year pilot UK e-Science project
aimed at demonstrating value of the Grid to
NHS:
– Grid-enabled, federated database of mammograms
– Distributed breast screening environment
– Epidemiological studies


Fieldwork to observe and understand current
screening work practices, including data
sharing
Identify challenges to sharing data between
breast screening units and epidemiological
researchers
15th March, 2005
NeSC
11
eDiaMoND ethical approval




LREC and MREC submissions made,
approval process took over 1 year
Permission given to use anonymised data
and only for the specified purposes
Explicit consent was deemed not to be
required for ‘historic’ data
Will have to re-apply for ethics
approval for any new, additional uses
15th March, 2005
NeSC
12
Fieldwork findings




The vision for eDiaMoND encompasses not only
sharing data across BSUs, but also – and resonating
with the e-Research vision – sharing data across
different scientific disciplines
The vision affords the potential to make data
available to a larger community, regardless of where
the data was generated or produced
Our observations suggest that the potential for
sharing data between different researchers is
fraught with difficulties linked to ethical concerns
These concerns also relate to practical matters of
trust in relation to their working more at a distance
from the context of the production of data
15th March, 2005
NeSC
13
Practical ethical action



It is not considered ethical for
mammograms to be shown to someone
outside of the clinic
But there are exceptions which are
justified as being ‘in the patient’s best
interest’
Represents a situated, professional
judgement as to what is ethical ‘here
and now’
15th March, 2005
NeSC
14
Governance and digital data



The work of manipulating physical artefacts
such as paper records affords a natural,
locally visible account of itself
Introducing mobile, digital data changes the
visibility and accountability of work and
hence of ‘trust procedures’
Digital data raises questions about embedding
security policies too tightly so as to limit the
scope for local professional judgements to be
made
15th March, 2005
NeSC
15
Summary

e-Research raises challenges for trust and
governance. There is a difficult balance to strike
between acquiring data that is in the public interest
and protecting citizens from its unscrupulous use:
– Use of personal data is governed by legal, organisational, and
professional rules but also depends on situated, practical
(professional) judgements
– If governance is too tightly embedded in systems and
centrally administered, these kinds of routine, situated
ethical judgements are not easily afforded
– Healthcare professionals may be unwilling to commit data to
a system unless they trust security and governance
mechanisms

It is important to understand trust and governance
not only in technical terms, but also consider the
ways in which they are achieved in everyday work
15th March, 2005
NeSC
16