Regulations that apply across geographic borders can provide researchers and patients with a firmer foundation on data protection.
In a clinical trial, there are few aspects of higher importance than protecting the privacy and trust of the patients who give their time and health data to further medical research. Unfortunately, regional and national governments each have their own set of laws for how to best safeguard this sensitive personal health data. But, as digital innovation grows and the amount of free-flowing data increases, stopping regulations at geographic borders may not be the best means to govern patient data use, and instead can result in a web of regulations that end up hindering research efficiency, patient trust, and ultimately, participation in clinical trials. The creation of nationally, or better yet, globally agreed-upon privacy standards is critical to give researchers a clearer framework around which to build studies, and patients a firmer foundation on what they can expect from privacy protections.
The maze of privacy regulations based on location
While well-intentioned, current national and international privacy laws can adversely stunt population-wide medical research. Regulations concerning collected patient health information (PHI) differ based on the location of the clinical trial. Researchers conducting clinical trials in the US must spend precious hours ensuring they are following the laws of the state, or multiple states, where the trial is taking place. Similarly, while the General Data Protection Regulation (GDPR) promulgated by the EU to govern the use of personal data purports to provide researchers in the EU with a more consistent framework around which to design studies, country specific exemptions and other regulations often result in a piecemeal approach to data privacy. Internationally-recognized and straightforward privacy regulations would give researchers more bandwidth to focus on advancing research instead of their jurisdictions’ regulations, and trial participants a clearer understanding of how their privacy will be protected and, in turn, greater trust in the system.
Strengthening research with diverse data
Citizens are justified in their hesitation to share their highly personal health information. Greater consistency in laws governing personal data use could increase trust in the medical field and participation in clinical studies. Unfortunately, populations that have historically exhibited higher rates of mistrust in the medical field are less likely to be represented in medical research, leading to an unfortunate chain of events—with lower participation in clinical trials, resulting treatments will not be as effective for all patients. , and mistrust will persist.
De-identification technology offers an opportunity to strengthen trust and further the impact of the use of PHI for future research. It is critical for researchers to emphasize the severity of the guidelines in place to protect patients’ privacy and confidentiality, while also outlining how their PHI can be used in the future to advance science, especially for rare diseases. More consistent regulations around de-identification, security technology, and encryption will give patients better confidence in sharing their PHI for short and long-term use to support future research.
Collaboration is needed to create global data standards
Protecting patient privacy and advancing medical research shouldn’t be mutually exclusive. Medical and technology organizations are designed to help patients, so it is essential that patients not only have confidence in their ability to protect their information but also understand the critical role they could play in advancing treatments for generations to come. In order to bring about this sorely needed streamlining of data legislation, it is imperative for governments, technology, and healthcare institutions around the globe to unite to push for internationally-recognized privacy standards. This way, patients will have more confidence in giving their valuable health data to medical research, and researchers can then design treatments that more precisely meet patients’ needs.
When the appropriate regulations are in place, data sharing across institutions and borders will flow more freely, and researchers will be able to expand upon de-identified PHI from past studies, ushering in an unprecedented wave of breakthroughs in the medical field.
Gordon Kesslergeneral counsel, chief administrative officer, AiCure, LLC