Title of Presentation
1- “The IMI Code of Practice”
2- “Can genetic data be anonymised?”
Date and Place
Sessions A1 & C2
Irene Schlünder is a laywer and advises and supports various research projects within TMF, the German platform for interdisciplinary exchange and cooperation to address legal/ethical and technological issues in biomedical research. Due to her expertise in EU data protection law, Irene Schlünder represents TMF in European research projects aiming to facilitate transnational data sharing. She is the German expert in the BBMRI-ERIC Common Service ELSI. She worked as a researcher at the University of Potsdam, focusing and publishing on human rights. She has also long experience as attorney at law with a focus on privacy law and on IP law.
The CODE of PRACTICE on SECONDARY USE of MEDICAL DATA in EUROPEAN SCIENTIFIC RESEARCH PROJECTS has been developed in 2014 as a response to needs identified by the EHR4CR and eTRIKS projects, and also in the context of several other European IMI (Innovative Medicines Initiative) funded projects dealing with the secondary use of health data. These projects encounter very similar problems with regard to the need for a common framework to protect patient privacy when sharing research data. It is obvious that the European legal framework is being implemented differently across Europe and that there are many open questions to be answered to ensure that researchers can share data and comply with the requirements without being data protection experts. This is still true after the adoption of the General Data Protection regulation, which fails to harmonise data protection law in the field of biomedical research due to general derogation clauses for the Member States. The Code attempts to resolve issues in a way that balances the need to make research possible and the need to protect patients’ privacy at its best. It is based on the conviction that clear standards and implementable rules for researchers are urgently needed to facilitate collaborative research in Europe. The Code is a very good example of successful collaboration of industry and academia. Both research sectors face similar issues in dealing with sensitive data and thus should and can find joint answers in order to facilitate collaboration
An increasing number of genetic profiles are worldwide available now, publicly as well as non-publicly, and the question, if such data can be considered anonymous in the legal sense, is under debate and methods to build effective anonymisation tools for high dimensional data are still to be developed. But first, it is necessary to flesh out the definition of genetic data and to describe typical scenarios, in which these data are used. The maximum case of genetic data is the whole genome sequence bearing the following risk-related characteristics: (i) information about an individual’s health and behavior, (ii) traceability, i.e. the genome does not change does change much over time, (iii) Uniqueness, (iv) information about an individual blood relatives, and (v) unknown future phenotype-associations. Those are only partially valid for other genetic data types. We will use the term “DNA-related marker” in order to cover further relevant DNA elements that are not genes. We will provide a brief outline of the nature, measurement, usage, as well as the risk-related characteristics for the following DNA-related markers: Single Nucleotide Polymorphisms, Short Tandem Repeats, Copy Number Variation, and CpG Methylation. We then discuss whether it is feasible to anonymize such markers and provide hints for anonymization approaches. As the context has to be considered for assessing the resulting re-identification risk, we take attacker scenarios, organizational & security countermeasures, and potential users of such markers into consideration.