Background
Literature search
‘First, do no harm’: potential risks to patients
Cluster | Ethical theme | Examples from the literature | References |
---|---|---|---|
Potential harms | Privacy | • Linkage across datasets in critical care research increases the risk of re-identification of the individual | [41] |
Genetic discrimination | • Genetic testing for SCA-associated conditions creates the potential for stigma and discrimination | ||
Disclosure of individual findings | • Dilemma: whether or not to inform patients with a high risk of SCA who refuse to know their test results | [36] | |
Research design | • SCA data may be of low quality due to the acute setting and variety of data sources: sound methodology is vital | ||
• Incorrect subject selection may exacerbate SCA knowledge gaps between developed and developing countries | |||
Applications | • The creation of (incorrect) risk profiles (e.g. for hypertrophic cardiomyopathy) may give rise to health disparities | ||
Protective measures | Informed consent | • Insistence on informed consent for use of data from emergency medical settings would bias research | |
• Deferred consent for data collection is seen by patients as an acceptable consent model in emergency settings | |||
Data governance | • Critical care research without consent requires safeguards (e.g. safe-havens) to protect data security |
Privacy of personal data
Genetic discrimination
The (non-) disclosure of individual findings
Fairness in research design
Responsible application of research results
Measures to protect SCA patients in observational studies
Informed consent in the emergency medical setting
Alternatives to prospective consent: waived or deferred
Model | Description | Advantages | Disadvantages | |
---|---|---|---|---|
Level of control | Opt-in | Actively given, explicit consent | - Promotes autonomy - Respects patients’ expectations and preserves trust | - Lower response rates and potential consent bias - Relatively costly and time-consuming |
Opt-out | Consent is presumed unless participant objects | - Higher participation rates and less bias than opt-in - More practical, less costly | - Assumes that people want to participate: may infringe upon autonomy - Potentially less informed | |
No consent | Study is conducted without consent (exception/waiver) | - Maximum participation rates and no consent bias - Most practical, least costly | - No control whatsoever by data subjects: least autonomy-enhancing | |
Timing | Prospective | Consent is given prior to the start of data collection | - Promotes autonomy - Respects patients’ or representatives’ expectations and preserves trust | - Time pressure and stress in emergencies: consent not fully informed/valid - Excluding (temporarily) incapacitated subjects causes bias and may not respect subjects’ wishes |
Deferred | Retrospective consent which is sought after data collection | - Provides temporarily incapacitated subjects the opportunity to participate - More valid than prior (subject or representative) consent in stressful situations | - Logistical issues with reaching participants - Data are already collected: less autonomy-enhancing than prior consent | |
Specificity | Study-specific | Consent for the use of data for one specific aim | - Promotes autonomy since patient has a high level of control over uses | - Requires re-contacting subjects for new aims: logistical challenge and burden for participants - Bias when contact attempts are unsuccessful |
Tiered | Subject chooses from a list what types of research are allowed (online: dynamic consent) | - Promotes autonomy since patient has a high level of control over uses | - Burdensome and complicated for subjects: requires detailed understanding | |
Broad or blanket | Consent for overall research topic (broad) or without limitation (blanket) | - Smallest burden for researchers and patients in terms of re-contacting | - Broad consent may not be truly informed - Blanket consent often not accepted by research ethics committees |
Deceased patients
Responsible data governance
Data security and oversight
Scope and definitions: • Subject-matter: The GDPR applies to the processing of personal data from natural persons (Article 1), thus excluding anonymous data (Recital 26) and data from deceased persons (Recital 27), as the ‘95 Directive did. • Special categories: Processing of data concerning health (Article 4(15)) and in the updated framework also genetic and biometric data (Article 4(13,14)) is in principle prohibited, unless one of the exceptions in Article 9(2) applies, e.g. when explicit consent has been provided (a) or when processing of sensitive data is necessary for scientific purposes (j) provided that safeguards are in place (Article 89(1)). • Extended territorial scope: The GDPR applies to all processing of personal data of EU citizens, whether it takes place in the EU or not (Article 3). Transfer of data to countries outside the EU may take place when the European Commission has evaluated the level of protection in the receiving country as adequate (Article 45), when appropriate safeguards have been provided (Article 46), or in case of specific derogations (Article 49). Principles and conditions for data processing: • Principles: The principles (Article 5) of data processing remain largely the same as those in the Directive: (a) lawfulness, fairness and transparency; (b) purpose limitation (note that secondary use of data for scientific purposes is presumed compatible with the original purpose (Recital 50)); (c) data minimisation; (d) accuracy; (e) storage limitation; (f) integrity and confidentiality. The principle of accountability (Article 5(2)), which holds that the data controller should be able to demonstrate compliance with the principles, has been added. • Conditions for consent: Data subjects’ consent (Article 4(11)) has become bound by stronger conditions in the GDPR (Article 7). When consent is used as the legal basis for processing, it should be “clearly distinguishable” from other matters and presented in an accessible form using clear and plain language. The controller should be able to demonstrate that consent was given, and the data subject is free to withdraw at any time. In the context of data processing for scientific research, the law leaves room for broad consent (Recital 33). Rights and responsibilities: • Data subjects’ rights: The GDPR introduces the right to data portability (Article 20), which allows transmission of one’s data to another controller. Moreover, the GDPR enhances existing rights, namely the right to: receive transparent information (Articles 12–14); access data (Article 15); rectification (Article 16); erasure (‘right to be forgotten’) (Article 17); restriction of processing (Article 18); object (Article 21); not to be subject to automated decision taking, including profiling (Article 22). However, in the context of scientific research Member States may provide derogations from these rights if they would impair research (Article 89). • Privacy by design: The idea of “data protection by design” is introduced to ensure risks are accounted for early through technical and organisational protective measures (Article 25). Processing of data for research purposes requires “appropriate safeguards” (Article 89(1)), although it is not specified what these should be. • Data breaches: Data controllers are required to keep a detailed record of all processing activities (Article 30) and in particular of any data breaches, which should be reported to the competent authorities within 72 h and—in case of high risk—to the data subject without undue delay (Articles 33 and 34). • Data protection impact assessment: For high risk processing of data (which includes processing of special categories of data, e.g. health data), the GDPR mandates performing a data protection impact assessment (DPIA) in order to ascertain the risks relating to data subjects’ rights (Article 35). • Data protection officer: Research institutions are now required to install a data protection officer (DPO) who monitors compliance with the GDPR, provides advice on data processing, including the DPIA, and acts as the contact point for the supervisory authority (Articles 37–39). • Penalties: Organisations that do not comply with the GDPR can be fined up to 4% of annual global turnover or 20 million EUR, whichever is greatest (Article 83(5)). |