Governance and ELSI
To improve personalised medicine based on genomic information, the 1+MG initiative aims to give cross-border access to genomic data from 1 million+ EU citizens for research analyses and clinical applications. This effort must meet ethical-legal standards and be socially responsible.
These standards cover a broad range of topics, including but not limited to consent for research, feedback of results, commercialisation of Intellectual Property, and data protection. While often answers have been given for individual genome initiatives, a joint cross-border genome initiative is complicated by overlaps, gaps and conflicts between EU and Member State laws and policies.
To bridge these gaps and to help the 1+MG community navigate the heterogeneous ethical-legal landscapes, the Ethical Legal and Societal Issues (ELSI) team has worked to establish a legal, ethical and socially acceptable framework for secure sharing of genomics data across Europe.
1+MG Initiative
GDPR
- Purpose and Recital 33 in the GDPR Informational
- Exploration of what constitutes a valid purpose under the GDPR and interpretation of Recital 33 about broad consent in this context
- Secondary use and further processing Informational
- Analysis of the differences between secondary use and further processing as defined in the GDPR and the possibility of building the legal basis under Art. 6.1 on further processing.
- Roles under the GDPR for secondary use Informational
- Identification of roles under the GDPR for the main processing operations for 1+MG
- Challenges: Legal basis for the core processing operations Informational
- Analysis of the availability of legal bases under Art. 6.1 GDPR and Art. 9.2 GDPR for the controllers along the main processing operations
Translation of ethical and legal requirements into policies and recommendations
- Evaluation of the potential legal frameworks for the infrastructure
- The establishment of a joint European genomic data infrastructure requires the establishment of a legal basis under Article 6 of the General Data Protection Regulation (GDPR) and a legitimation for processing health and genetic data for the processing within the infrastructure itself as well as for the stakeholders contributing personal data to it or using the personal data. We have identified the challenges related to the the three steps of 1) how to bring data into the 1+Million Genomes (1+MG) infrastructure, 2) how to disclose data towards users, and 3)how to process data as a user, in particular where data use goes beyond research.
- Policy for special (vulnerable) subjects and groups Required
- Recommendations on how to consider the vulnerability and rights of special subjects such as children and special groups subject to vulnerability
- Policy for incidental findings Required
- Recommendations for dealing with incidental findings in 1+MG
- Policy for communication of general research results Required
- Information of data subjects and the general public on outcome from research use
- Data Access and Governance Framework Required
- This report lists a set of specifications and guidelines needed to allow efficient cross-border access and use of genomes for research in compliance with legal and ethical requirements.
- Transparency and consent guidance Required
- Minimum standards and recommendations to be considered for information sheets and for obtaining consent for secondary use of data
- Data Protection / ELSI by Design and Default (DPbDD recommendations):
- Recommendations for the information management and IT infrastructure features to comply with legal requirements and to implement the data governance
- Data Protection by Design and Default: Full list of principles
- A presentation that lists all DPbDD principles by category
- Report on Legal Set-up including Data Protection Impact Assessment
- This report presents an analysis of the legal data protection (GDPR) framework governing the creation of a federated cohort of human genomic data across multiple Member States of the European Union (“EU”), followed by an analysis of the delineation of the pertinent national and EU competences, for a number of selected Member States, establishing the existence, scope and impact of GDPR exemptions at the level of the Member States, which analyses collectively feed into a workable mechanism to bridge the legal national divergences found, in the form of a Transnational Code of Conduct respecting national minimum standards with respect to privacy, medical secrecy (aka patient confidentiality) and protection of personal data.
- Legal instruments for the sustainable implementation of the 1+MG genomic infrastructure
- Analysis of possible legal instruments that could be used to create the legal framework that the 1+MG infrastructure could build on and their evaluation with respect to suitability for 1+MG needs
-
Draft data management policy published including ELSI best practice
- Defining the data management policy is an important step to ensure genomic data in GDI is protected from unauthorised access, use, or disclosure, and that it complies to local legal and regulatory requirements. This is the draft version of the data management policy and it will evolve as the discussions around data governance, ELSI requirements and data management plans are taken into account in WP6 and in GDI as a whole. This report describes the main elements of the data management plan that need to be taken into account and as such this should be used as a guide for each node in GDI. Over time, we will describe good common practices for each of these elements, and individual nodes will be able to add any deviations from these common practices to represent the way data management is actually performed.
-
Report outlining the recommendations on data curation and ELSI compliance
- It is a challenging task to work with genomic data sequenced over several years (legacy and future data). The aim of this deliverable is to gather recommendations and best practices for the process of curating data for ingestion into GDI nodes. Data curation is a broad term that includes managing data throughout its lifecycle, overlapping with other tasks and aspects of the GDI project. Since one important aspect of data curation is to ensure its quality—the availability and fitness for use and reuse-, this report will focus on data quality aspects and ELSI compliance during the submission process to the data repository. It also discusses some possibilities on how to assure data quality and elaborates on the concepts of data quality and data curation, with a strong focus on genomic data. This report then provides a list of resources for genomic data quality assessment.
- Evaluation of data governance experiences
- This deliverable reports on experience collected from existing national and international data infrastructures with the focus on data access governance. This is based on input gathered in the project HealthData @ EU and complemented by information gathered in a workshop that we organised ourselves.
Public Trust & Stakeholder Engagement
- Stakeholders trust in genomic data sharing landscape analysis Recommended
- This scoping report represents a mission-oriented approach to supporting citizens’ engagement and public trust in genomic data sharing, scoping out and suggesting possible approaches. It recognises from the outset that the issues of engagement and trust extend beyond the indispensable involvement of citizens to embrace a much wider range of stakeholders whose buy-in will also be essential to success. This review takes account of the B1MG and 1+MG, and aims to offer conceptual and practical steps for building on those achievements to bridge potential and actual benefits to science and society with a specific focus on citizens.
- Citizens engagement and public trust in genomic data sharing Recommended
- Citizen engagement and public trust have been raised as critical components in the B1MG stakeholder forum meetings and country visits. To discuss these components, an online expert workshop was facilitated on January 18, 2023. Lessons learned from various engagement activities were shared under three subthemes: “When an ELSI framework is in place, what is the (additional) role of citizen engagement in fostering data sharing and public trust?”; “How does citizen engagement relate to (interests of) other stakeholders?”; “When and how to engage and at what level?”.
- B1MG recommendation on citizens engagement and public trust in genomic data sharing Recommended
- Lessons learned from various engagement activities were shared under three subthemes: “When an ELSI framework is in place, what is the (additional) role of citizen engagement in fostering data sharing and public trust?”; “How does citizen engagement relate to (interests of) other stakeholders?”; “When and how to engage and at what level?”. Recommendations stress the need for dedicated resources; acknowledging different views and interests; the need for capacity building to enable engagement; and creating meaningful participation via selected tools through early engagement with a careful choice of engagement strategy; having good and transparent governance for enabling trustworthiness to contribute to accountability; and the need to find ways to connect the relational trust established at the national level to the EU level.
Economics and Sustainability of the Infrastructure
-
First analysis of cost elements for the setup of 1+MG infrastructure
- Long-term financial sustainability is vital for any data infrastructure – but it is particularly true for infrastructures like 1+MG that depend on the accumulation of data over time to function. To accommodate the sensitive nature of the data, the computing infrastructure needs to be made available to users in secure processing environments and there needs to be sufficient storage in place. Coordinating and aligning compute hardware infrastructure, the data and services across many stakeholders and countries is challenging. The infrastructure will need to be able to support a large number of different users, working in research, health care and innovation.
This deliverable provides the first step in building the financial underpinnings of this understanding: it defines the functional elements across the infrastructure with their independent functions in operating the infrastructure, and provides lists of cost items for each of these functions including how they scale with regard to the size of the infrastructure. Future work will focus on possible sources of financing that can be appealed to for the maintenance of each of these functions.
-
- This report will give the reader the first overview of the financial obligations for a country in becoming a member of the EDIC. In this report, the assumption is that the costs of the central operation will be distributed across member countries based on the individual countries GDP level. While this is only the first iteration of the budget and cost distribution, it should provide an indication of the expected size of the general membership fee.
We are still working on the content for this page. If you are interested in adding to the page, then:
This is a community-driven website, so contributions are welcome! You will, of course, be listed as a contributor on the page.