illustrated eye with data inside

The INSIGHT Data Trust Advisory Board: data access criteria

Mon Jan 25, 2021
$download_content = get_field('download_content');

The ODI is working with eye-health charity AAAMD on a data-sharing initiative: INSIGHT. Find out how we helped facilitate as the INSIGHT Data Trust Advisory Board set its criteria for assessing data access requests

The Open Data Institute (ODI) is working with eye health charity Action Against Age-related Macular Degeneration (AAAMD) to support the INSIGHT Health Data Research Hub to put patients and the public at the heart of data sharing. In the fourth of five blog posts, researcher and consultant Walter Pasquarelli describes how the INSIGHT Data Trust Advisory Board (INSIGHT DataTAB) is developing its own data access criteria.

The INSIGHT Health Data Research Hub aims to unlock new insights in disease detection, diagnosis, treatment, and personalised healthcare. To do this, it brings together and makes available anonymised data from eye scans and images and advanced analytics, and makes them available to researchers from the NHS, academia and industry.

We’re working closely with charity AAAMD to convene a group of public, patient and other stakeholders, to provide meaningful oversight and scrutiny over how INSIGHT manages data.

In our previous post we described the INSIGHT DataTAB and how it functions. In this post, we’ll talk about how the group has been developing its own data access criteria, which will underpin its recommendations on who should access the data held by INSIGHT, for what purpose, and under what conditions.

The need for criteria

As we described last time, when INSIGHT receives an application from a researcher to access the eye scans and other data, its expert team processes the request to check that it is technically and legally feasible. If so, the application is passed to the INSIGHT DataTAB to review.

In advising the Hub on the design and setup of the INSIGHT DataTAB, we thought it was important for the group to have control over the assessment criteria and processes it uses to make recommendations. We anticipated that, while the Hub must scrutinise requests to ensure potential data usage is safe, secure and legal, the INSIGHT DataTAB members might choose to use an entirely different set of criteria and standards.

Having its own access criteria enables the group to assess multiple requests with a degree of consistency, and helps it to guide debate and discussion around individual access requests when there isn’t consensus.

So, in autumn of 2020, with the group’s initial members on board, we set out in a facilitative mode to support them to produce a set of data access criteria.

The process

Our first step was to speak to INSIGHT DataTAB members to document their individual views and opinions. We had video calls (unsurprising, in a time of Covid-19) with each member, asking them to share their perspectives on what conditions should be satisfied in order for INSIGHT to provide access to health data.

These conversations produced a long list of different conditions that encompassed what issues were important to the INSIGHT DataTAB group.

As an intermediate step, working with INSIGHT staff, we amended the list removing duplicates (including similar suggestions from multiple members of the INSIGHT DataTAB team), and anything which was out of scope or already covered by the Hub’s own assessment criteria. For example, we removed the suggestion that INSIGHT DataTAB judge whether access requests must ‘be GDPR compliant’, as this will be covered by the Hub’s initial assessment and is therefore a requisite. In September 2020, we organised a workshop to enable members of the INSIGHT DataTAB to ‘meet’, and to collaboratively produce an initial set of criteria that it could use to assess and provide recommendations on data access requests.

The workshop was divided into two parts. The first included INSIGHT DataTAB members, as well as representatives from the Hub’s partner organisations (AAAMD, University Hospitals Birmingham, Moorfields Eye Hospital, Google Health and Roche), a patient from University Hospitals Birmingham living with a condition the Hub is designed to address, and a representative from Understanding Patient Data.

The purpose was to frame the discussion, and enable different stakeholders to share their views, experiences and expectations of the use of eye scans and related data. We heard from the clinicians involved in running the Hub, and Understanding Patient Data shared findings from their research into patient and public attitudes towards the sharing of health data.

It was also a chance for INSIGHT DataTAB members to ask questions about the Hub to its different partners. We were particularly grateful to the patient from University Hospitals Birmingham for sharing their experiences of living with a debilitating eye condition and views on the importance of responsible, trustworthy sharing of data to enable new research and development.

The second part of the workshop was only for members and the Chair of the INSIGHT DataTab, Wen Hwa Lee of AAAMD (plus the ODI as facilitator). It was designed to enable the group to collaborate on an initial set of data access criteria, based on its initial longlist of conditions. The group agreed with the Chair’s suggestion to identify an initial set of ten criteria from the longlist, in order to focus on the topics of most importance.

After a discussion of the full longlist, the Chair initiated a voting procedure to produce a shortlist. Each member chose up to ten criteria, and any that had five or more votes would be selected. This produced eight criteria that the group were comfortable with and felt reflected their priorities, listed below:

  1. Is there a clear audit trail of how the data is being used and published?
  2. Is there a clear clinical outcome, social care or public health outcome?
  3. Does the proposed application pose a significant risk to individuals’ privacy?
  4. Will data obtained through INSIGHT be linked to other datasets? If so, has the applicant considered the risks and offered a mitigation process?
  5. Do we believe that the risk mitigation process(es) are realistic and sufficient?
  6. Has the applicant taken into account public/patient views when designing the project proposal? Has the applicant consulted public/patients in the formulation of their research question or project proposal?
  7. Does the project outcome strike a good balance between public good, scientific discovery and value generation?
  8. Will the proposed outcome disadvantage any group or individual?

The group was keen to include criteria that would help ensure that any organisation accessing and using the data would create demonstrable value. Members spoke of the need for applicants to have a commercial model in place that they considered fair, as well as the need for INSIGHT data to generate value beyond the applying organisation (i.e. to benefit the health system or society at large). Given that INSIGHT and the other Hubs funded by Health Data Research UK (HDR UK) are still developing their sustainability models, the group agreed to reserve its final two criteria for dealing with questions of ‘value’ and finalise the exact wording as the Hubs’ commercial plans progressed. Notes from this discussion and the group’s feedback on this topic from the first part of the workshop were shared with INSIGHT and HDR UK as an input into this work.

Members then had time to digest and reflect on the criteria and were invited by the Chair to voice any concerns about topics or issues missing. There were not further points raised and after a final round of discussion, the initial criteria was agreed.

In the first post in this series, we described how the criteria used by similar advisory groups in the health data domain were not made public. As well as listing the initial set here, we will help to keep them updated on INSIGHT’s own website alongside other documentation related to the INSIGHT DataTAB. These criteria are not set in stone, and we suspect that the group will want to add to and amend them as it starts to review applications.

The group will begin reviewing applications, beginning with exemplar cases proposed by the INSIGHT partners, in early 2021. In our next post, we’ll share more about how this goes.