The authors call for solutions to overcome these barriers to ensure timely and straightforward research collaboration in the public sector and thereby maximize health benefits for European citizens. In the report “International sharing of personal health data for research”, the European Federation of Academies of Sciences and Humanities (ALLEA), the European Academies’ Science Advisory Council (EASAC), and the Federation of European Academies of Medicine (FEAM) call on EU policymakers and legislators for a commitment to overcome the barriers in sharing pseudonymised health data with researchers outside the EU/EEA, including the ones from the public sector, preferably under Article 46 of the General Data Protection Regulation (GDPR).
Article • New regulation
New laws mark the biggest shake-up in data protection legislation in decades. The General Data Protection Regulation (GDPR) comes into effect across Europe on May 25. Whilst the new legislation affects a wide range of organisations and businesses, Freelance Data Privacy Consultant Darren Rose emphasises the importance of healthcare providers being ready for the change.
“EU/EEA citizens strongly benefit from international sharing of health data by allowing researchers to make best use of limited resources and to ensure that research conducted elsewhere is also relevant for patients in Europe. This must be encouraged and facilitated to maximise the individual and societal benefits to be obtained from the contribution of research participants”, emphasizes George Griffin, co-author of the report.
For research to thrive, pseudonymised personal data often needs to be shared internationally between research groups in a straightforward and timely fashion, whilst securing the protection of personal dataVolker ter Meulen
The GDPR was implemented before options for transferring data to countries outside of EU were operational. In particular, statutory conflicts between other countries’ legislation and EU fundamental rights have been a main challenge. This affects the direct transfer of public sector health data to foreign institutions and the possibility for external researchers to remotely access data at its original location. When institutions in other countries have statutory conflicts that prevent them from signing the required contracts under the GDPR, there is currently no workable legal mechanism for sharing health data for public sector research. It has been estimated that in 2019 more than 5,000 collaborative projects were affected between EEA countries and the US National Institutes of Health alone.
The authors stress that a solution is urgently needed, both for ongoing research collaborations as well as for new studies. “Collecting and combining health data is fundamental for the advancement of medical research and improving disease diagnosis and treatment. For research to thrive, pseudonymised personal data often needs to be shared internationally between research groups in a straightforward and timely fashion, whilst securing the protection of personal data”, says Volker ter Meulen, co-author of the report.
In the joint report, the three European academy networks focus on how global sharing of health data benefits public research, describe the challenges imposed by data protection regulations, and provide possible solutions through adapting or expanding the existing legal framework.
The joint report is based on discussions between experts from across Europe that were nominated by member academies of ALLEA, EASAC, and FEAM and acted in an individual capacity, bringing together all relevant disciplines and expertise for this topic of great shared importance for all. The participants convened virtually in two working group meetings (June 2020 and September 2020) and an online cross-sectoral roundtable (October 2020). The resulting draft report was peer-reviewed by independent academy-nominated experts.
Key takeaways from the report
- Health research is crucial for all: it benefits individual patients, population health, development of health-care systems, and social cohesion and stability.
- Sharing pseudonymised personal health data for public sector research is essential to make effective use of limited resources.
- Data must be shared safely and efficiently, taking account of privacy concerns: this is part of the conduct of responsible science and addressing these opportunities should be part of wider initiatives to build trust in research and researchers and to take account of patient views.
- Legal challenges have resulted in impediments to data sharing with researchers outside the EU/EEA, affecting both the direct transfer of data to non-EU/EEA countries and remote access to data at its original location.
- There must be increased commitment by the European Commission to urgently overcome these barriers in sharing data. Preferably, a simple and consistent operational solution would be found under Article 46 of the GDPR, whilst protecting the privacy of personal data from EU/EEA citizens.
Source: EASAC - European Academies' Science Advisory Council