Public Health Genomics, by Alison Hall
Effective data sharing underpins much of health care, and new ways of integrating and mining data support existing practice and inform novel approaches. The regulatory framework that governs the processing of data therefore impacts upon all aspects of health care.
A key principle in data regulation is that the most identifying data warrants the most stringent protection: this is on the basis that personal identifiable data has the most intrinsic value but is also the most likely to be used to harm, stigmatise and discriminate against individuals. The main scope of the current Data Protection Act (and future General Data Protection Regulation) therefore, is personal identifiable data. The common law also recognises certain categories of information (such as those shared between patient and doctor) as confidential and meriting special protection. Conversely, data which is neither identifiable nor confidential and therefore falling outside this regulation can be used more freely.
It is fundamentally misguided to regard all genetic/genomic data as being inherently identifying - since the identifiability of genetic or genomic data is heavily dependent on context.
Since so much rests on this distinction between identifiable data and de-identified data, defining where the boundary lies and the circumstances in which data may move from one category to another, is hotly debated - nowhere more so than in the context of de-identification of genetic and genomic data, where the debate has been dominated by how new technologies might promote or undermine existing processes and approaches. Read more.