Dr. Robin Fears, one of the lead authors of the ALLEA/EASAC/FEAM report “International sharing of personal health data for research”, answers questions about the importance of science advice, the key messages of the joint report, and its implications for international medical research and European citizens. He has a background in biochemistry and almost three decades of Research and Development experience in the pharmaceutical industry in the UK. He is currently the Biosciences Programme Director at EASAC.
Question: Thank you for joining us in this interview for ALLEA’s Digital Salon. You are currently the Biosciences Programme Director for the European Academies Science Advisory Council (EASAC). Can you explain to our readers how you became interested in science advice and what your current role entails?
Robin Fears: My interest in science advice began while I was working in pharmaceutical R&D where it was clear that success in research was dependent to a significant extent on the world outside the company. For example, there has to be a supportive public policy environment to encourage innovation and competitiveness, and engagement with research partners and other stakeholders was often essential to make the most of scientific investment and ensure its translation to novel products and services. It also became clear that various other bodies were similarly interested in the broader issues for strengthening the research enterprise and tackling societal priorities. Among the leaders in these respects, were academies of science and medicine.
On pursuing new career directions as a consultant, I found academies and their networks, with their convening powers and experience across multiple disciplines, were very receptive to initiatives to promote scientific collaboration and very committed to build the evidence base to help inform public policy, innovation and practice.
My current role for the Biosciences Programme is to provide advice and support to EASAC on a range of topics including biomedicine, food systems, biosecurity and emerging technologies, in order to tackle priorities for using the scientific evidence base to inform policy options in the EU [more details on that topic to be found here].
Q.: The Covid-19 pandemic has demonstrated the importance of international scientific collaboration, including sharing of personal health data. Why and how do good data sharing practices help scientific advancement?
R.F.: Health research produces considerable value for patients, helps to reduce health inequalities, supports development of health services and benefits society. It is often necessary to collaborate in research and to share data with other researchers in order to ensure sufficiently large sample sizes (particularly in rare diseases or subtypes of more common diseases), to identify complex pathways and improve diagnosis and treatment, thereby making the most of limited resources and of the contribution by patients and volunteers to research.
International sharing of data for research is often particularly important, for example to compare the determinants and outcomes of disease in different settings, to assess whether findings in other countries are also applicable to patients in Europe, to develop new areas of health research, such as artificial intelligence, and to capitalise on the emergence of new big data sets.
At the same time, it is essential to provide appropriate protections for personal data privacy, that is to ensure that data sharing procedures are safe and secure. The vital focus on personal data privacy is itself pivotal to supporting research because it helps to build patient trust and involvement in research.
R.F.: This project is the first tripartite collaboration between ALLEA, EASAC and FEAM. All three academy networks had previously worked on issues for using research data for public benefit and for protecting personal privacy. We came together in this project to facilitate the inclusion of the necessarily wide range of disciplines and experience from across medicine, ethics, health informatics and the social sciences, together with discussion with other stakeholders (including patients and health companies). Although the academy networks have collaborated previously through SAPEA (Science Advice for Policy by European Academies, part of the European Commission’s Scientific Advice Mechanism), because of the urgency to provide evidence-based advice and the important implications for many institutions and countries, ALLEA, EASAC and FEAM decided to proceed expeditiously, using their own resources to generate consensus recommendations.
Q.: The report explores how the EU’s General Data Protection Regulation (GDPR) hampers the sharing of personal health data with researchers outside the EU/EEA (European Economic Area). At first sight, this could seem like a technical problem that only affects scientists, policymakers and legislators working in this specific area. Can you explain, in simple terms, the current challenges for international medical collaborations, how this affects European citizens, and how they will benefit from the solutions proposed in the report?
R.F.: The inception of the GDPR had been welcomed by academies because of its recognition of the importance of encouraging the sharing of data for health research. However, this has not happened internationally because of disparity between EU legislation and the legislation of other countries. Unfortunately, since GDPR implementation, problems in sharing data with researchers outside the EU/EEA have increased. These problems affect both the direct transfer of data and remote access by foreign researchers to data at its original location. The impediments create major difficulties for the EU/EEA both with regard to the continuation of previous international research studies and to the initiation of new studies. For example, for just one partner, the US National Institutes of Health (NIH), it was estimated (in 2019) that more than 5,000 collaborative projects with EU/EEA countries were affected. Research sharing with major international bodies, such as WHO, is also stalled.
Currently, when other countries do not have protection procedures equivalent to the EU (adequacy) there is no workable mechanism for international sharing of health data for public sector research purposes.
While the impact of GDPR implementation on sharing personal data has been discussed in the last few years, the focus has mainly been on the problems for the private sector and the greater problems for public sector researchers have been neglected.
This affects science in Europe and worldwide. As noted in the previous answer, international sharing is crucially important to improve health and health systems and, more generally, reinforces social cohesion and stability. Science is a global endeavour. Less global sharing of data for health research is hurting everyone – patients, researchers, public health systems and society as a whole – and we risk losing the collective capacity to deliver the value of health research that has been a great European strength.
Q.: The GDPR has been implemented to protect the privacy of citizens by giving them more control over who is storing, using, and sharing their personal information. Especially in the context of health data, we are talking about extremely sensitive information. How can we ensure international medical research flourishes, while at the same time guaranteeing the privacy of the European research participants, also when their data is shared with non-EU/EEA countries?
R.F.: There are strong European protections for patients and volunteers when participating in research, for example through the statutory activities of research ethics bodies. Rapid advances in privacy-enhancing technologies will also help to provide a secure environment for data. With regard to the current impediments associated with the GDPR, the pressing need is to find a simple operational solution respectful of fundamental rights that does not conflict with other countries’ laws or with the regulations of international organisations.
Our preferred option to overcome the current barriers is to find an operational solution under Article 46 of the GDPR. Our recommendations examine how best to do this for the EU/EEA and in the broader context of the EU leading discussions worldwide to ensure privacy protection.
Our report starts with the principle that data must be shared safely and efficiently – this is part of the responsible conduct of research – and we must take account of patient views. We emphasise that strong pseudonymisation procedures (data for which identifiable information fields are replaced by codes or identifier with the key to the code kept securely and separately from the other data) are essential for sharing data. Pseudonymisation and other supplementary measures, ensure the privacy of individuals is preserved when sharing data with other researchers.
Q.: The report has been published online on 8 April on the websites of all three academy networks. What do you envision will be the next steps in resolving the aforementioned challenges in international sharing of personal health data and what will be the role of the ALLEA/FEAM/EASAC collaboration in this?
R.F.: Following publication of our report, all three networks are working to disseminate our messages at EU/EEA and national levels, to engage with policy makers, to inform the wider scientific community, and to encourage our member academies in their own countries to raise the visibility of the problems and the urgency to find a solution.
Additionally, continuing monitoring and assessment of the issues is needed, because of the fast-changing environment, technology developments, other country initiatives on data sharing, the momentum favouring open science and data, and new opportunities and needs in health care and disease prevention. We recommend development of an inter-disciplinary mechanism for the continuing monitoring of these developments, which can also serve to reinforce communication of the value and opportunities for personal data sharing for health research. Academies and their networks can have a core role in these continuing activities, for example by encouraging discussion with academic and other research institutions and research funders and with patients and other stakeholders.
We acknowledge that even when appropriate mechanisms for transferring data are established, there are other methodological and technical quality issues that need resolving to enable interoperability in the use of data. Privacy-enhancing technologies are relevant in offering potential to improve data security but their use does not circumvent the requirements of the GDPR.
The GDPR has become a privacy standard that other countries seek to follow. Therefore, the EU can take a lead role in wider, global, discussions about the value of health research, privacy rules and the free movement of data, including options for reforming regulations in other countries for reciprocity in data sharing.
As part of our dissemination and engagement efforts we are organising a public webinar to catalyse further discussion and action. The details will be announced soon.