There has been a significant demand for data donation with global and local enterprises attempting to optimally use of sensitive and personal medical and health data in their clinical and medical research, relevant decision on treatment and policy measure. The purpose of data donation is to serve public good. It could enable improving health cures and treatment, innovative medical diagnosis and care. It could have variable use in the commercial and non-commercial activities. This dissertation will explore the characteristics of sensitive medical data and the reason why they are crucial in medical research. It will explore the various challenges, concerns and management and governance issues related with data donation from the perspective of data privacy and control and regulatory framework.
This dissertation aims to review the available legal, regulatory and policy framework regarding medical data donation with the objective of finding certain recommendations in order to establish effective management models in regard to data donation. This dissertation, therefore, will aim to answer the following research questions:
Q1. What are the practices involved in handling data donation?
Q2. Is the current regulatory and administrative framework governing and managing data donation sufficient?
The researcher used a desk-based research, which employed qualitative methods for critically evaluating and answering the research questions. The researcher reviewed data from secondary sources, which include written records from the books and journals, policies, laws, and other relevant online sources. Qualitative method of research is descriptive. It focuses on building theories. This dissertation will describe the features of data donation and its management activities. It will raise questions and relevant explanation regarding the gap in the availability of data and its underuse and between sense of data donation and lack of governance. Thus, the Qualitative method employed in this dissertation will involve a deductive approach. It will, thus, involve analysing available generic data to arrive at a particular conclusion. It is a basically a top-down approach. In this current research, the researcher explored the aspect of privacy concerns around medical data and practices of handling such data and its donation. The researcher explored literature and other information concerning regulatory and administrative framework and other concerns governing data donation and its management in order to evaluate their sufficiency in regard to data donation management. Thus, this research employed adeductive approach to answer the research questions. While the researcher used a desk-based research methodology, the researcher critically approached the research questions in order to derive recommendations that could inform future strategy on data donation management. In order to analyse the data properly, the researcher needed to use appropriate methods to that effect. Such appropriate method included a thematic method, which was used to analyse the qualitative data. This helped the researcher recognised patterns and themes or clusters of themes.Such analysis helped the researcher to organise the qualitative data and to present the data in themes.If key messages are ascribed to the texts, themes could be derived.
Literature review on data donation reveals more discussion on data control and privacy concerns around sharing the personal data. The existing literature, therefore, discusses less on data management since concerns are primarily related around data privacy. Data management, as such, seems to be at its nascent stage where before the concerns on privacy concerns around data sharing and donation are not tackled, discussion on model of data management and its operation cannot be taken further. This dissertation tackles the aspects and concerns around medical data donation. The paragraphs below discuss some scholarsand their viewpoints around concerns regarding around medical data donation. The discussion about medical data donation stems from the fact that large amount of medical data are generated every year and the volume of medical data is a source of advanced medical research and remedies. An aspect of this dissertation is to explore the possibility of data donation, its management, and barriers. Felix Holl et al capture the underuse of this huge volume of medical data being generated and highlight the potential of using the data for the purposes of transforming health care and the systems. This underuse of data for better public good in the form of medical research and treatment and inventing medical drugshighlights a gap in the regulatory and policy framework on one hand and public awareness on the public good that their data could deliver. The gap in the regulatory and policy framework takes the form of privacy concerns that the public have in regard to the use, control and sharing of their medical personal data. Concerns around data privacy are justifiable in particular respect to medical data. Medical data comprises various and multiple components and sub-data. These concerns are captured by David M. Shaw, who explored aspects of data donation after death. He focuses on consent and control of the data owner, who would like to exercise control over the manner of donation and the use of their personal data. There are metadata items that comprise medical data. Concerns around data privacy and control could also be reflected when Shaw discusses about how the metadata could reveal identify of the owners as well as their control over preference of the use of their data. Even in case posthumous data, which is data related to a death person, the data owners could exercise control over their data. Discussion around data privacy concerns and control by available literature also shows that there is a lack of policy governing and also lack of initiative discussion around data subjects’ choices and perception. No doubt the discussion is around data control and privacy that concerns exercise of free will by data donors. However, the question is whether they really attempt to understand the donors’ understanding and perception of data donation and how they relate to the whole idea of using their medical data for general public good. If one sees the work of Felix Holl et al, Mariarosaria Taddeo, or David M. Shaw, the discussion and debates are majorly focussed on lack of management of medical data or lack of governance that could deliver data donors’ control. Felix Holl et al highlights underuse of data and discusses mismanagement as well as models of governing data. Similarly, David M. Shaw discusses about data donation and governance with focus on control and consent. Discussion by Taddeo is on similar lines focussed on issues around data control and ownership, and lack of adequate framework for governing data.
Scholars like Anya Skatova, on the other hand, focus on the issues related with data donation more from the aspect of individual understanding and motivation. Skatova explored issues regarding data donation from the aspect of motivation. She discusses concept like data sovereignty and the need to understand it to deliver secured and protected environment. She observes that people with higher concern for others will donate personal data than people with focus on self-benefit. Thus, there is a general expectation to bring a balance between this motivation to donate data and the risk management of the environment in which data will be donated. Public needs to be aware and to understand the overall purpose of data donation. There is support in the observation of Mhairi Aitken et al. They discuss the notion of public acceptability of data donation and how a donor data will be use in varying medical research. The instances of the literatures, a group of whom focuses more on data governance and privacy concerns and another group focuses on understanding the data donors, highlight the apparent need to bridge this gap and ensure the public motivation is converted in sufficient use and governance of personal medical data for better public good. One might ask why despite the existence of law and regulation, there are issues around data governance. However, the existence of debate around data governance and privacy concerns is testimony to the absence of the law or its insufficiency in particular. This dissertation will explore the suitability of the existing laws, rules and regulation with governing the management of data donation and the privacy and control issues related to personal medical data. The General Data Protection Rules 2016 (GDPR) is a sound legal base to govern use and processing of personal data including medical data. Its definition of personal data has a very wide coverage including any information relating to an identified or identifiable natural person. The Data Protection Act 2018 (s2) also provides for protection of personal data with focus on consent and interest of the data subjects. GDPR allows enables research activities and use of health data subject to interest of the donor and requirement of consent. Processing of the data is allowed for purposes of public health, social care and for overall public interest. Likewise, the National Health Services Act 2006 provides for regulating processing of patient information for medical purposes, improving patient’s care and also in public interest. Even though, GDPR and the DPA 2018 do not govern posthumous data,the Access to Health Records Act 1990 governs access to health record of a deceased data subject. Considering that there are laws and regulation to tackle data donation and related issues, the existence of the problem and concerns around data donation evidently shows their insufficiency in governing personal data use or donation. The existence of laws and issues related with data donation alsohighlight the lack of administrative governance of data use, control or donation. Scholars like Kerina H. Jones and Jenny Krutzinna et al highlight in their work that there is dismissive regulatory governance, which fails to locate accountability regarding data handling and managing expectation of data donors. This might be especially true where it is observed that there has been a generous amount of medical data being generated in all medical institutions and agencies. The issue of dismissive regulatory governanceis raised based on certain observations. When there is a large volume of medical data and when there are laws and regulations such as GDPR that provide for processing and use of data, there still is a concern around data donation and sharing. Two observations could be made. First is that there is no governing framework that could give a collective presentation of the data and could centralised the available data.Felix Holl et observed it likewise and stated that the current focus of data management is extracting data only. The problem is increased with failure in categorising the data sets or in defining the extent of its usage. This highlights lack of investment in technical framework in dealing with the data with the purpose of public good. This has been observed byBahr and Schlünder in regard to European scientific research projects, which lack proper data management. The current genomic revolution that generates huge opportunities of exploiting the large amount of genomic information for medical research could not be of greater good due to the technical disadvantages. In entirety, the combination of the lack of proper administrative and technical governance framework backed by proper regulatory framework and the gap in understanding this problem with greater emphasis on increasing public awareness about benefits of data donation and more important focus on their perception and preferences calls for a further discussion on a management framework that governs all the necessary legal, ethical, regulatory and social aspects of data donation. The rest of the chapters of this dissertation will explore further in this regard.
Data is claimed to be the new fuel for by many industries for their growth. Huge amount of money is generated by mining of personal data. Big corporate giants and other entities from the healthcare and financial industries are investing in data mining. It is understandable in this contemporary time where there are advanced technologies being developed and are used for personal, professional and business purposes. The functioning of new technologies depends on availability of data and information. At the same time, the use of these technologies generate large amount of data. In such circumstances that involve engagement with personal data, there is a need to sensitise about personal data and to regulate the access and the use of personal data. Sensitivity attached to personal data requires the data to be protected for ethical and legal requirement. Sensitive data covers information related to physical or mental health and condition, racial origin, and sexual life among other information. The personal data may also involve data of a person after his death. It can include financial data, social media data, government data, and other personally owned data. Data also extends to his clinical data and medical research data, which may serve as a powerful resource in research projects. Such clinical or medical data can include overtly sensitive sexual health data, genetic data.The General Data Protection Rules 2016 (GDPR) has defined personal data as follows:
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
The Data Protection Act 2018 (DPA 2018), s2 provides for protection of personal data by emphasizing on lawful and fair processing of personal data with consent of the person and consideration of the person’s interest. In relation of medical and health related data, the Data Protection Directive 1995 recognises this data to be sensitive data. It is included under the “special categories of personal data” in GDPR and the DPA 2018. This category covers genetic data, health related data and biometric data. Medical data can also include the data of the subject’s family members, which may and unknowingly and unconditionally donated. It can be medical data after death, which may be donated to National Health Service and its associated researchers. The data can also be fully identifiable such as donor’s name, date of birth, address, demographics and full medical history; fully anonymised data that is only the medical history; de-identified data is without personal and demographic information; and pseudonymised information is a form of anonymised data re-linked to patient identifiers.
GDPRprovides for protection of citizens’ data rights and also enables research activities.GDPR generally prohibits the processing of these data with certain exceptions allowing data procession, including concerned grounds for health data, which could be of vital interest of a person and with his explicit consent. This is provided for under GDPR, art 9(2)(a) and (c). Processing can also be allowed for the purposes of public health, social care and for overall public interest in context to public health. This is governed by GDPR, art 9(2)(h) and (i). It could also be allowed for research purposes, as provided under art 9(2)(j), in which case the procession will be conducted as per art 89(1) subject to EU and member state law. This ground is in context with facilitating medical research and access to medical registries and data sets, and thereby relevant with medical data donation by living persons. Member states of EU can set exemptions with conditions and safeguards such as data minimization, derogations and pseudonymisation from data rights of subjects to object, access, rectify and to restrict processing. At the UK level, the National Health Services Act 2006 provides for regulating processing of patient information for medical purposes. Section 251 provides for control and regulation of patient information. Patient information means the physical or mental health or condition of the patient, and any information directly or indirectly derived from the patient information. Medical purposes include preventative medicine, medical research and diagnosis, provision of care and treatment, and management of health care and social care services. The Act 2006 provides that any processing of patient information must be for the purpose of improving the patient’s care and also in public interest. It provides for prescribed communications and disclosure by health service bodies and relevant processing according to regulations. Any medical research conducted should not make it possible to relate the data back to patient data subject. Section 251 of the NHS Act 2006 provides legal basis for processing of medical data without the consent of the data subject. This overrides the duty of confidentiality as provided under common law, but permissible in the interests of improving patient care or in the public interest. The Health Service (Control of Patient Information) Regulations 2002 also supports this. Both GDPR and the DPA 2018 do not have rules governing posthumous data. GDPR states that it does not apply to data of a deceased person and the DPA 2018 states that it applies only to data of a living person, as per section 3(2).The Access to Health Records Act 1990 protects access to health record of a deceased data subject. As provided under Section 3(1)(f), access is limited to the deceased patient’s personal representative or a person having claim out of the death of the patient.Posthumous data is generally stored up to 10 years from the time of the death with exception extending to 100 years. Hospital records are stored for 8 years as per advise of the Department of Health. The Public Records Act 1958 governs the NHS records.NHS provides opt-out regime allowing patients to opt out from use of their personal data in research. This regime also governs posthumous data. Case law principles under the common law impose duty of confidentiality on the doctors, which may survive the patient’s death. This is supported by the case of Lewis v Secretary of State of Health & Anor.
Donation is an exercise of free will of the donors, who control what they wish to donate and the manner in which they donate. David M. Shaw, while exploring the aspects of data donation after death, discusses the governance of data donation with focus on control of data and consent from the data subjects. David emphasises on the donors’ wishes to grant authority over his/her medical data to a person or organisation for future uses. He further observes that personal medical data comprises various other metadata items, which could reveal preferences of donors over the manner of use and terms related to donation. Such terms may include firstly, whether the data could be shared at all. Such data includes sensitive data on sexual health, data on genetics, which could reveal information of paternity related to other family members. Secondly, the terms may be related to information that may reveal information about the family members. Such data comprises information on genetics, which the data subject or its family members may want to control the disclosure as it may impact privacy and insurance issues. Thirdly, the terms may be related to posthumous donation of data with conditions including data access. Data subject may wish to exercise or regulate disclosure of data to recipients after they donate their data. This is understandable, whether the data subject is alive or death. No one person would be willing to expose themselves of their sensitive data to the public or to any organisation that may legally use the data. A data subject should be able to exercise control and regulate their own data, while being alive or after their death, as it would definitely influencehis or her willingness to donate data. Fourthly, the terms should prescribe the forms in which data will be shared and the measures to protect the data. As mentioned earlier, data could be fully identifiable; fully anonymised; de-identified; and pseudonymised.The protective measures must be proper in order to ensure that these forms remain distinct so that data subjects are secured in their decisions to protect their data and policy measures ensure distinguished action to deal with individual forms. These measures are particularly important when the data and derivatives of the data are all interlinked. As observed earlier, applicable laws, such as the GDPR or the National Health Services Act 2006 provides for processing or regulating processing of patient information for medical purposes or in public interest. Data donation can contribute to public good. Hummel et al support this view when they state that data donation may generate social bonds. They state that medical data are useful in medical research. Various clinical learning-driven diagnostics and treatment rely on patient data and other relevant information. Such data constitutes raw materials for exploring new medical correlations and creates path for new preventive actions, diagnostics and treatment. Such data are fed in systems that predict useful application of the data analysis results and facilitates medical decisions. The availability of data through donation by data subject or collection by medical agencies will create sufficient opportunity of improving the health of individuals as well as innovative treatment and diagnostics of existing and potential medical problems. The important question is how the data subjects retain their control and sovereignty over their data once they are donated. Are there proper regulatory measures and policies in place to that effect, which would provide data subjects to further their sovereignty over their data?
Felix Holl et al observe that healthcare delivery process generates a huge amount of heath data. The personal health devices, health care measures, clinical trial and related medical related project are all means of producing health data. They further observe that there is an underuse of all of this data, which could not convert multiple opportunities of transforming health care and the systems. The abundant availability of data may signify that medical care requires individuals to disclose their personal data including medical information. It may signify that there is no proper mechanism to store all these data and to utilise them for appropriate purposes, such as for public medical health. It may also signify there is no proper regulatory and policy mechanism to regulate and manage the data to enable their use for improving patients’ health and for public good. Keeping this into consideration, the question of data donation could only be answered if the reason(s) that would drive data donation could be found. In this regard, it needs to be determined whether it is the need for a conducive regulatory framework or the perception of the public that would proactively enable data donation. The later paragraphs will explore this situation.
Mariarosaria Taddeoprovides that the existence of issues around data control and ownership, lack of technical understanding and adequate frameworks for governance stand as barrier to data sharing among private stakeholders. This observation has touched upon the core barriers against data donation. There is a collective problem involving deprivation or lack of control and ownership on the part of the data donors or subjects. This is coupled with the non-existence of a legal framework that secures ownership of the data subjects and the management of the data. In this regard, it has been rightly pointed out by Felix Holl et al that a major challenge in using the data is posed by the regulation governing privacy of personal data. This itself shows the data security concerns of the data subjects. P Hummel et al observed that it is mostly data sovereignty that poses the current issue in data donation activities. Unlike data sharing, data donation indicates once you give access to a personal data, the person may not be able to still use the data and the element of exclusivity is reduced considerably. The lack of control on the part of the data subjects over their data may become an important determining factor for data donation. In this technology-based culture of life, there is a large amount of data being shared, transferred and stored. The possibility of having data security concerns on the part of the public is justified in this aspect. This is reflected in the observation of Taddeo that particular problem in data donation respect arises from maximizing accessibility and use of personally identifiable data. Technology has enabled converting data into anonymised data and removing any reference linking back to the data subjects. However, there is still a risk of re-identification, which creates the risk of subsequent breaching of privacy rights of data subject. This risk concern may de-motivate data subjects to donate or share personal data.The late Baroness Jowell, former British Labour MP, was reportedly the first person to donate her medical data to Universal Cancer Databank.Her 2018 speech to the House of Lords called for sharing personal data to develop better treatments. This reflected an ‘altruistic giving’ and suggested an exercise of autonomy for common good. However, common good may not be achievable where there is severe concern about individual data security. Taddeo rightly observes that an individual prioritises protection of his or her rights over the purpose of social good.Also, data donation by individuals is subject to high-profile scrutiny.
The concern of data privacy and security concern can only be aggravated by the data management challenges pointed out above. If the data subjects lack confidence on the regulatory management system about the way their data will be used, there will not be proactive donation of data donation even for social good. Felix Holl et al observed that there are challenges in managing the data and they stem from unsuccessful centralisation or coordinated approach towards managing the data. Data are scattered across multiple institutions. Also, most activities concerning medical data are tailored for extracting data only. Concerns around legal, ethical and social challenges are high, which impede data donation from individuals. The existence of legal, ethical and social challenges is testimony to the lack of government will tackle the regulatory deficit in the field of data donation. This might also be the reason behind initiatives started mostly by private organization. This finds support in Taddeo’s observation that most of the existing literature focuses on data donation by private companies. The apparent focus of the existing literature more towards data management and lesser towards understanding the data subjects or donors raises the following questions: a) Is the lack of data management also causing the lack of attempts to understand data subject’s perception and attitude?; and b) Is there a gap in the existing governing practices and the expectation of the data donors? These questions reflect potential problems in the area of governance related to data donation. Kerina H. Jones presents certain governance principle. She finds legitimacy about the data donors’ expectations in terms of their willingness to donate, but also their expectation about their data free from exploitation and irresponsible handling. Jones states that data donated should be put to proper and effective work, and that a third-party must not interfere with its equitable distribution. She states that donors expect appropriate safeguards and minimisation of their burdens related to the donation.Jones pointed out one dilemma though. She states that the manner and the level at which data donation occur may vary widely. This may present a potential dilemma against the data subjects. Data subjects may not be aware of what and when and to whom they donate their personal data. They may agree to terms and conditions that they might not understand or are too lengthy to understand and they allow donating every data. Jones recognizes this dilemma as a common problem. Jones observes that there should be somebody with responsibility to engage with the public, whether it is the data subject or the data collector, in regard to the consent process. This is particularly relevant in this current time of advanced genomic revolution. The existence of dismissive regulatory governance may create problem in locating accountability regarding data handling and managing expectation of data donors. Jones observes that there has been a generation of rich and large amount of genomic information. She raises concerns that the lack of regulatory governance may not be able to safeguard this information. This dismissive governance will raise privacy concerns among the data subject and their kin. The reason is that the absence of security around private and personal data will make accessibility to DNA details easy. She states that even if there is legislation, such as the UK Human Tissue Act to govern donation of human tissue, the new regime of advanced genomic revolution presents an unclear future on the governance of such genomic data given the fact that private actors such as Apple, Google or Amazon has entered the market. She, therefore, emphasises on the only option of a good data management and access regime. Jones recognises the constant existence of the issues of bioethical principle and lack of legal regulatory framework when she states that these issues in governing data such as genomic data are always bound to occur. It is a good sign that there is discussion about donors’ expectation of data safeguards and security. This means that there is willingness among the public to donate data or allow their data to be used for public good. The existence of this expectation makes the more necessary to establish proper governance principle and framework. If only there were proper legal, regulatory and political framework in place, the framework would have generated sufficient data for medical research and it would have enable the use of the data in a structured format and methodology for the right cause. For example, the lack of a proper governance framework failed the proper exploitation of medical data as has been seen in the EU. Auffrayet also bserved that there is enormous potential of medical data for improving health. However, they have not been properly exploited. EU sees numerous technical and legal, and historical and political barriers that have been hindering exploitation of medical data produced from genomic medicine, and other wide range of mobile health devices and applications. They observe that the European health systems are fragmented and diverse, which add to the problem. It has resulted into diverse data formats and transfer, and processing and analysis. These problems created incompatibilities and many lost opportunities.
The concerned problems raised here extend to data of deceased persons. Krutzinna et. al observed that there are two risks associated with posthumous data donation. Firstly, any medical data relates beyond one individual but to their kins, who may be affected, may be in the form of discrimination based on hereditary disease. At the same time, potential burden is imposed on the handler of or researchers using the data. Secondly, there is a risk of potential misuse of the donated data. There is a lack of control of posthumous data donation unlike the level of control a living data donor would possess even though a living donor is exposed to higher potential harm. Krutzinna et. al observed the issues of consent, privacy and ownership related to posthumously donated data, which make it impossible to unlock an individual data. They process to gain access to such data become burdensome in addition to the limited awareness of and attention to PMDD is limited. Donation of such medical data lacks materiality, which consequently challenges the plausibility of the notion of data donation. It could be alternative stated that the problems observed here are opportunities for future corrective measures. There is a need for a proper legal framework that would govern data management and exploitation. There is a need for a proper technical framework that governs use of appropriate tools and methodology to facilitate the exploitation. The lack of these frameworks creates problems, such as those observed by Bahr and Schlünder. According to them, the main issues in European scientific research projects have been with the management of processing health data. They argue that the problem occurred while defining and differentiating data, dealing with anonymised, pseudonymised, biometric and de-identified data and bio samples; while dealing with process of obtaining consent due to fragment approach across EU; and due to chances of misuse of data.The problem is found in the case of use of biobanks. In this regard, Cambon et. al argue that relevant studies encountered ethical issues around informed consent, long time use of samples and data, confidentiality, return of results and issues of data sharing.There are many and different levels and modalities to dealing with these issues, and the legal measures are also varied in terms of the existing law and soft regulations, including ethical recommendations by committees or other professional organisations.Conflict between the international practice and national practice adds to the problem as their positions on the concerned topic vary.
The modern digital technology has generated large amounts of personal data that constitutes an invaluable asset to the government and private players. There is, therefore, an inevitable question of exploitation of the data in the interest of the public. As observed earlier, the discussion around data donation raises four aspects to consider if there is a future attempt to create necessary framework or to revise existing framework governing data donation and management. Firstly, there is a sense among the data donors about the general public good that data donation could create. There is a certain level of awareness about the objective and the purpose of donating their medical and health data. Secondly, this awareness raises the concern about their data privacy and security. This is understandable and justified. Even though they understand the end goal of the donation of their data, they also have priority about their privacy and confidentiality around the data they would like to donate. Thirdly, the privacy concerns raise the question of expectation from the data handlers, whether they are a private agency or a government agency. This question concerns sovereignty of the data, control and ownership of the data, the whereabouts and the handlers of the data, and the accountability arising from handling the data. Fourthly, the expectation of the donors is justified in regard to providing an appropriate governing framework to secure all the general sense around data donation, privacy concerns and expectation. An appropriateness of the framework will determine whether data donors will donate their data or not. These aspects all point to how various aspects associated with data donation, as discussed above, will be managed. Global enterprises are attempting to make the optimal use of personal data in their policy making decision, health and other public services, and other commercial and non-commercial activities for public good and for profit. Jones states that there has been a significant demand for data donation. As seen earlier, the issue of loss of data ownership is relevant here considering the balance that needs to be achieved between the four aspects mentioned above. Jones pointed out that proper data protection legislation and other regulations should be in place to safeguard the privacy of the data and the data subjects as well as the confidentiality of the information. GDPR is one such example of a substantial legal framework that imposes obligation on the processor and the controller to legally justify any processing of personal data. Such framework is the need of the hour, which could be used to develop the appropriate framework that was discussed earlier. The revised framework would inculcate all necessary governance principles and process, which would drive decision of data donation. Ernst Hafen states that decisions of data donation in context of research project are based on framework with defined protocol, aims and anticipated outcomes with expected risks and benefits for data subjects. Such decisions could be considered as being taken based on data subjects’ sense of social responsibility. This may be considered a fair judgment considering that it is an intrusive process for benefits of others. The potential issue that may need regulating is that related to free consent. The framework should ensure without an exercise of free will, any consent provided by data donors must not be considered valid. The flip side in such case is also that if offered personal incentive and benefits, consent could also be obtained and be considered free. This poses a dilemma about constructing additional guidelines necessary to mitigate risk of coercive actions or incentive programs. There is a potential issue of balancing exercise of free will while donating data and regulatory guidelines on creating incentivizing programmes that could encourage data donation. This may increase the chances of successful initiatives of data donation. It might have been able to tackle the issue that Edina Harbinja point out. She observed that the existence of legal provision, such as GDPR or the National Health Services Act 2006 governing anonymised data, duty of confidentiality or processing data without consent has not been able to improve the low success rate for processing medical data without the consent. Data processors are generally encouraged to pursue consent of data subject. GDPR helps in this regard and it plays a significant role in tackling issues such as this related with the consent process. It provides for clear and affirmative consent via its Recital 32 to reflect free, specific and informed decision by the data subject. This recital thus places limits on the opt-out consent mechanisms and the use of lengthy and tiny terms and conditions. More safeguards are found in rights of the data subject to have access to a copy of its data or to erase the data.
Consent of data subjects and factors that drive them to convert their sense of contributing to public good by donating data occupy centre stage in the framework necessary for data donation. Hafen proposes reformative measures that would retain the decision-making control with the individuals. Hafen argues that the individuals should have right to access copies of their data. This will be in line with the right to data portability provided under GDPR, Article 20. GDPR, Article 20 provides that individuals are entitled to receive a copy of their personal data in a format structured, commonly used and machine-readable. They are entitled to transmit their data to another controller only subject to their consent or a contract to that effect. In that respect, Hafen proposes that individuals should be treated as the ultimate aggregators of all personal data. Their role in health research and in personal data economy should be centre-stage. Their data have intellectual and economic value, which use and benefit should be under their control.Consequently, Hafen states that this may help in unlocking medical records that are often locked in data silos in care centres or private practices. Maybe a non-profit democratic personal data cooperative could bring the required governance and framework to that effect. It is now understandable that the consent and the proper process management around consent is a prime factor that could drive data donation. Having a structured format, as is required by GDPR, where data subject can control movement of their data may serve as a significant contributory factor in data donation. Skatova explored the issues regarding data donation from the aspect of motivation. She observes that data donation is associated with the factor of motivation behind the act of a person giving others access to his or her personal data. Data sovereignty in regard to data donation is more than just excluding others from one’s personal information. As discussed earlier, the need of a framework to deliver secured and protected environment for the data donated is a major expectation of the donors. Skatova, thus, focuses more on the importance of understanding the motivations, if any, behind a data subject to donate his or her personal data in the interest of public good. On one hand, having a higher concern for others is more likely drive personal data donate his personal data. On the other hand, individuals who focus more on self-benefit have low likelihood to donate.She observes that while attempting to manage data donation process, there must be to balance between motivation of a donor and concerns around the data sensitivity and privacy safeguards. She, thus, sums that the motivations to donate are opportunity to achieve self-benefit, duty towards the society, and need to understand the overall purpose of data donation. In addition to the factor of motivation and the balancing of potential benefits against the risks, it is also required to assess whether the public accepts the notion of data donation and the overall purpose of data donation. It is also equally important that there must be quality agencies and organisations, which the public can relate with the overall goal of public good out of data donation. While exploring the notion of public acceptability on the use of their personal data, Aitken observes that public acceptability should have regard to the varying use of health data in research. Research is conducted by many research agencies and multiple stakeholders, including private and other third sectors. Consideration has to be given to the kind of agencies and stakeholders designated or involved in exploiting data donated for medical research purposes while determining whether public will accept their involvement in the research that involves using their personal data. This consideration is aligned with the observation of Shaw. Shaw observes that public is more comfortable sharing personal data with NHS, but very less comfortable when it comes to sharing their sensitive data with private companies. The concept of public acceptability and the observation made here in that regard opens some gaps, which could again be represented as an opportunity while building the framework discussed earlier. Do the gaps mean private companies do not strictly follow rules and compliances? Do they mean that only the government agencies could ensure compliance in specific regard to data security concerns? Do they mean that there is an opportunity on the government to regulate all data donation management and processes? These questions are particularly relevant in the observation made by Taddeo that most of the existing literature focuses on data donation by private companies. This is means there is lack of pro-activeness on the part of the government and its agencies in this area.They are also relevant to the observation made by Taddeo of the existence of issues around data control and ownership and lack of technical understanding and adequate frameworks.
The question of gaps around regulation of data donation is particularly relevant in that data donation. Data donation will involve sharing, transferring, and exploiting sensitive data, would attract risks in terms of privacy and security. Skatova explored the use of digital technology in processing and handling personal data and the potential risk associated with it. Skatova pointed out that processing will involve collecting and curating the data and potential sharing of the data beyond the scope of the original purpose for which the data was obtained or generated in context of health and the use of medical data. Thus, while conducting a risk analysis regarding the use of the data and the potential benefits from the use, it should consider the risks associated with the way the data will be use and moved.For example, flow of health data was disrupted or was out of the original scope to use the data in research, when the spread of malaria was predicted using mobile phone data. Skatova, thus, observes that risk consideration is highly significant in the context ofhealth and the use of medical. Skatova rightly states that aproactive data management would deliver improvements in human health against the risk of inability to define the legal limit of open science and the corresponding common law duty of confidentiality. Risk analysis presented by Skatova raises the question about how to define the limits and to identify the authority which would be accountable for ensuring data does not flow out of the original scope of use. This is a gap, which a regulatory framework could mend. Such framework must also take care of situations where data could be exploited in the interest of the public, which is too broad a principle to be regulated. Considering the dilemma presented here, it may be worth exploring models of managing data donation. Switzerland follows cooperative models that govern managing practices regarding personal health. Such models have schemes like health bank and MIDATA.MIDATA focuses on use of data for common good, while simultaneously ensuring public control over their personal data. It covers both domestic and international application. It supports regional or national MIDATA cooperatives. They all share data platform infrastructure. MIDATA permits owners of data account to contribute to medical research and clinical studies. The system grants the owners the capability to selectively access to their personal. They are granted membership, which helps them control cooperatives. Sorbie acknowledges such models that enable people gain control of data storage, management, access of and decision of manner of sharing their personal health and related data. Such models and schemes may encourage people donate medical data to contribute to medical research.Such models would be appropriate considering the desire of individuals to donate data for public good measured against the lack of regulatory framework. They would ensure proper safeguards of the data and its secured processing. Such models are aligned with framework suggested by Krutzinna et. al that could value data subjects’ desire and preferences. As observed earlier, there are gaps in the form of lack of regulatory framework and governance that would expose the safeguards for the privacy of the data. Such framework would serve as a reason for individual prioritizing protection of his or her rights over the purpose of social good. The literature review so far has resulted to a list of problems and the webs of issues related to privacy concerns against regulatory governance regarding data donation. There are few legislative provisions such as those provided under GDPR or the NHS Act. However, they do not specifically solve the issues related to data donation discussed here. There is no proper centralised governing framework. Few models are in place, such as MIDATA, which countries can emulate. However, if the basic foundation is not laid out tackling basic concerns such as privacy and data control concerns, such models also would not work. One area that could be explored in detail could be the case of posthumous data. A deceased may not have as much privacy concerns as a living data subject would have. Krutzinna et. al emphasis on posthumous medical data donation (PMDD). They state that an individual could donate his medical data once deceased in the same manner as an organ donation to enable scientific research. They claim that PMDD possesses huge potential for medical research and for bringing large scale healthcare improvements. However, the same issue of data control and ownership in regard to data of living data subjects would arise out of the claim of closest kin. As observed earlier by Shaw, a data subject would still wish lay down some control over the use of his or her data after death. Krutzinna et. al also recognised the risk of use of posthumous data that may affect the deceased kins, and the risk of exploitation of data that is exposed to lesser control. They observed that PMDD is subject to law or political willingness. For instance, the UK does not allow access to records of physical or mental health of a deceased patient until 100 years after their death. Exception is that medical researchers, without consent of the data subjects, can access such data with approval by the Public Records Office. In Germany, to access posthumous data, it is incredibly challenging in that researchers should prove public interest in result of the medical study outweighs the deceased right for privacy.Shaw et al observed that in case of use of anonymised data, researchers need to establish that there is no other way to find answer to the research study question.
Suggested framework by Jenny Krutzinna et al also included division of medical data into subsets. Thus, would enable donation of certain data possible. For example, genome data and data generated from participation in research projects or clinical trials could be donated for research purposes. On the other hand, data sets that are comprehensive, such as personal medical records could be strictly regulated in the context of their donation. They pointed out potential issue in categorising the data sets or in defining the extent to what or how much data could be donated.Thus, if proper structure is laid down to categorise the data sets and define the extent of the data donation, as was seen in MIDATA, this suggested framework could potentially work. Similarly, if proper format structure is laid out, it might also be able to deal with another issue identified by Krutzinna et al. The issue is technical handicap in the form of variant data formats or lack of interoperability between data system that hinder the notion or practice of data donation. This has happened with EHRs (electronic heath records), which was introduced within NHS. That destructed the quality of information and its completeness. That also hindered medical research goals due to the system’s inability to capture the valuable opportunity of the data in hand. If only the technical framework were in place in structure and defined format considering the dynamics of variant data formats and interoperability between data system, the system would have produced a system that could create valuable exploitation of the data. Krutzinna et al recommended a value-based code that inculcates all good practices of biomedical data schemes, such as those of the NHS care may be put in order. There should be security, pseudonymisation and also encryption. It will ensure accountability, regulatory scrutiny and the factor of transparency regarding use of data donated by living data subjects, which are required by GDPR provided under Articles 5 and 89, and Article 29 of the Working Party 2018. Particular emphasis has been provided by Harbinja on GDPR, Article 6.2 in case of treatment of posthumous data. These regulatory frameworks could help build a base for the codein terms of measures regarding interest or preference of data subjects. Harbinja cites the example of French Digital Republic Act 2016, which respects specific directives of a deceased. Harbinja, thus, recommends that the UK Data Protection Act 2018 may be amend in accordance and amend provisions to include posthumous data, such as including it in the definition of personal data. Harbinja also recommends further amendment of the Access to Health Records Act 1990 that could allow researchers access the posthumous data as permitted by the deceased. In addition to the changes desired in the existing regulatory framework to govern data donation, a process framework needs to be in place too to manage the donation process. Felix Holl el al propose a process model for medical data donation to govern donation process involving small size and mid-size healthcare units, and research facilities and projects. This process should identify the barriers against data donation, including ethical, technical, social or privacy related concerns, and the solution against the barriers. In entirety, the literature review has found that necessary gaps in the form of lack of regulatory framework and governance and enforcement of data privacy safeguards. The gap reflects lack of balance between priotisation of protection of individual rights and purpose of social good. The gap reflects lack of balance between data management and understanding data subject’s expectation, perception and attitude. The gap reflects lack of balance between initiatives of private companies and government priorities and regulatory compliances. The gap also reflects a balance between data control and ownership and technical understanding and adequate frameworksdefining limits of data donation and accountability of stakeholders. However, literature review also presents existing legal framework, such as the GDPR provisions, NHS Act, Data Protection Act and data donation models, such as MIDATA or bio databank such as Universal Cancer Databank. They could be the case for building new framework or bringing new amendments, such as those suggested by Harbinja, which may take care of the gaps identified here.
Literature review has revealed that the donation of personal sensitive data is problematic due to the lack of appropriate legal and regulatory framework balancing the interest of the public and that of the privacy concerns of the data subjects. This rather alleviates the privacy concerns raised by data subjects and verifies their reluctance to donate medical data even if it is in the interest of the public. Certain crucial views were laid out in the literature review, such as the prevalence of a general sense among the public to donate data for public good, their consequent concerns around data privacy and security, their prioritization of expectation around data sovereignty, control and ownership, and demand for an appropriate governing framework with ability to deliver solutions to these concerns.
The Association of Medical Research Charities (AMRC), a group of medical research charities observes that people are comfortable sharing anonymised medical data for the purposes of improving health, health care and services and for general public benefit. There is more likelihood of them to support the use of medical data for public good when they are more informed. This is understandable where the data donors expect to have awareness and knowledge of the use of the data, including the purpose, research area and location of the use of the data. More than being informed, data donors need to be secured in terms of the data being anonymised and are not retraceable to the owner. This is what Taddeo observed earlier. The risk is being re-identification and breaching privacy. Altruistic donation as called for by the late Baroness Jowell and prioritizing protection of individual rights might only work when the donors are informed and secured. This might be the reason why donors are mostly found not comfortable with giving companies access to their health data.This also confirms the gapsidentified in literature review. The observation of the existence of the general sense of duty towards donation data for public good is supported by the findings of the 2016 study conducted by Wellcome Trust, one of the members of AMRC. They conduct periodical study to measure public’s awareness, interests and attitudes with specific regard to biomedical research. The report found that around 70% are interested in medical research and the general public showed particular interest in development of new drugs and treatments. It also found that around 70% of the public showed willingness to share their anonymised medical data or genetic information for medical research purposes.The existence of willingness to donate for public good does not mean the absence of concerns over privacy. The report showed that a section of the public were unwilling to share their data. Their primary concern was related to confidentiality and privacy. The reports demonstrated that there is a general sense among the public of being a part of a greater cause of general public good in the form of general health care improvement and advance medical research that would benefit the society at large. The concerns are primarily about data security and privacy concerns. This is understandable in today modern time where technologies intrude into public personal data. This has been highlighted in the literature review as well. However, if there is a framework that could make it possible to restrict identification of persons from using the personal data, the implementation of the public desire in contribution medical data towards public good and health care would be possible. This is seen in the example of MIDTA cooperative model adopted by Switzerland. The UK has also seen a model, such as the UK Biobank project, which may make implementation of framework possible. This is in similar line with the initiatives of MIDATA cooperatives, which was seen in the literature review. MIDATA permits owners of data account to selectively access to their personal data and control them, which encourage owners to contribute to medical research and clinical studies. The UK Biobank project, since it started in 2006, has been able to collect large number of public participants and medical researchers. The project aims to investigate contributions of genetic predisposition and exposure to environmental to development of disease. The 500, 000 participants provided medical researchers, academicians and university health information which did not identify them. The project also received 1,463 access applications between 2012 and 2019 for studies using data from the Biobank project. There was tremendous amount of money being invested by both private and government agencies.
The large volume of public data donated to Biobank project is a testimony to the general sense of social obligation prevailing among the public. It also shows that if proper framework is in place to facilitate sharing the data anonymously without identifying the donors, it could encourage maximum public participation in medical research. However, reviewing the operation of UK Biobank, there is a similarity as well as difference between MIDATA and UK Biobank. Both of them provide the participants or the donors exercise control over the data donated. UK Biobank allows the participants online monitor of the progress of the relevant research currently underway and the site of the research. This means the donors have knowledge and awareness of where and how their data has been used. The only difference is it does not apparently allow selective control of data donation, which is available in MIDATA. It means that once the data has been donated, donors cannot exercise much control over the data. This is one of the gaps highlighted in literature review. Losing control over own data would de-motivate donors from donating data even for public good where there is lesser priority being given over their interest. As Sorbie observed about MIDATA, model such as MIDITA would enable people gain control of data and consequently encourage them donate data for medical research.If only UK Biobank inculcate this policy, it would attract more public towards the good cause.
Anya Skatova and James Goulding explored to find the reasons for data donation by analysing individuals’ attitudes towards data donation. As observed earlier in literature review, exploring the motivation behind data donation cannot be effective if there is no understanding of the public perception towards data donation and its link with public good. Such understanding depends on careful consideration of the different use of the data and most important the agencies involved. Literature review revealed that donors are comfortable sharing their data with NHS. They do not feel comfortable sharing it with private companies. This gap reflecting doubt over compliance issues related with private companies. However, study by Skatova and Goulding found a different observation. While doing the study, they faced the challenge of the lack of publicly acceptable research frameworks that prevented them from using data for academic research. Thus, there was a lack of clarity of what motives would drive people to donate personal data for their research purpose. However, they included queries that attempted to measure reasons for donating medical data that could be used in research. They used three scales: social duty reflecting desire to serve society; self-interest reflecting personal benefits; and purpose reflecting consequences of data donation and understanding use of data after donation. The study found that fifty percent of the participants showed willingness to donate personal data for research purposes that would generate public good. The study showed that the three scales predicted participants’ intentions to donate personal data beyond generic altruistic motives. They found participants’ intention to donate, which was mostly driven by their sense of social duty. The study also found that the participants had negative association with self-serving motives.The study reveals a great sense of social obligation among the participants willing to donate their medical data for a greater cause. It also reflects that there is a potential of creating a motivating environment where people are willing to donate medical data for legally required purposes. In this regard, it should be seen whether the existing legal and regulatory framework has been able to convert this willingness and the sense of social obligation into practical implementation and also explore any plausible barriers.
Krutzinna and Floridi, while exploring the potential of medical data donation, observed that even with legal framework in place, the problem will still persist. They observed that the prevalent process around ethics of using medical data and its discussion do not focus on preferences of data subjects, but more on operation of systems that would process the data.This also seems to be the case with posthumous donation of medical data. Edina Harbinja and Henry Pearce recognise this problem when they pointed out the inability of individuals to posthumously donate their medical data for legitimate and non-commercial medical research. They pointed out the lack of jurisdiction that does not provide a legal and regulatory framework supporting this cause. This causes absence of any practices enabling proactive medical and health data for research purpose. They explored this problem by examining the existing law and policy and the extent they enable or should enable posthumous medical data donation. They observed that the law at both the UK and EU level does not protect data and record of the deceased. They found that legal treatment of personal data, both of the livingand deceased data subjects, is not based on ownership. It is focussed more on the protection offered through GDPR, data protection laws, and doctor and patient privilege communication. However, these regulations are applicable to living persons and do not govern data of the deceased. For example, GDPR, Recital 27 and DPA 2018, s3(2) exclude data of deceased. Harbinja and Henry Pearce observed that even if there are other specific legislations, which could allow use of medical data, the consent and authority of the data subjects trumps these legislations. For example, National Health Service Act 2006allows authorising or mandating processing of patient informationfor particular medical purposes.The Health Service (Control of Patient Information) Regulations 2002 enable setting aside common law duty of confidence and allows disclosure of patient information without consent. However, all these authorised uses can be made redundant by the patient’s consent or patient exercising opt-out. Re-iterating Krutzinna and Floridi, this available legal and regulatory framework focuses more on the protection measures and the purpose of medical research, but less emphasis on establishing a framework that could proactively protect processing patients’ consent. The emphasis on the consent of the data subjects could also be found in the study findings of Susan E. Kellyet al. Susan E. Kellyet al observe that biomedical research involves large datasets and the integration of different data, such as DNA, molecular data and clinical information. Taking into consideration the large number of digital datasets being used, Susan E. Kellyet al attempted to examine the view of individuals on consent process. They release a survey to the participants with a definition of consent as “a process by which a subject voluntarily confirms his or her willingness to participate in research, after having been informed of all relevant aspects of the research.” Some of the questions included were regarding their willingness to share medical information and DNA with medical researchers in the research fields such as mental health, intelligence, and criminal behaviour. The study found that majority showed preference of being informed of the main researcher’s identity in which they would be participating. 80% desired to complete consent process online. They did not see any difference between their DNA and medical information in regard to the consent process. They preferred to provide a broad consent that would cover future research subject to the condition that the data would be used by the original researcher. The consent of data subject occupies a crucial role considering the study and observations above. Consent trumps the regulatory requirement of advancing medical research and use of the data in public interest or in the interest of caring patient’s health. As observed, the existing legal framework does not focus more on the consent process but more on the protection of data. This policy understanding of the policy makers and implementing agencies contrasts with the view and desires of the data subjects. Data subjects, as seen above, prefer to have control over their data shared, and set limit for the use of their data. The above study findings of Susan E. Kelly et al demonstrate that data subjects’ willingness to share broad consent to allow use of their data for medical research, but subject to their preference of knowing where it is used and who is using it. Susan E. Kelly et al demonstrated that there is a perceived relationship between research participants and researchers that importantly shapes the preferences of the data subject regarding the consent process.
The existing legal framework, including the Data Protection Act 2018, GDPR or the National Health Services Act 2006 provides and focuses on protection of personaldata and their processingconditions and safeguards. They focus on consent of and control by the donors and reason of improving patient’s care and public interest for use of medical data. This dissertation has so far found the existing framework is not sufficient in a few core areas concerning data donation. For instance, they are limited only to data of living person excluding the rich data of death donors. Not only that, they have not been able to provide enough encouragement to the public to donate medical data. On an alternative aspect, acknowledging that there is a large volume of medical data being generated every year, the legal framework cannot alone be blamed for the underuse of medical data. Through this dissertation, it is observed that medical data comprises range of metadata and various kinds of data. The advanced medical innovation and technology has also led to generation of genomic data. The problem with such maximization of data or the disclosure or use of them is that any data privacy concerns cannot alone be confined to the interest of the donors. They impact the family members too. This kind of excessive intrusion of technology into data of the public against the very need of exploiting the data for higher public good all calls for proper safeguard in place. Particularly, protection and practicing data sovereignty is of prime importance, which passes the control to the data donors or subjects. Data subjects may wish to exercise or regulate disclosure of their personal medical data to recipients after they donate their data. Literature review has dealt with the issue of whether it is the need for a conducive regulatory environment or the perception of the public that would proactively enable data donation. It has been observed that it is mostly data sovereignty that poses the current issue in data donation activities. Thus, the lack of control on the part of the data subjects over their data may become and always remain an important determining factor for data donation. Activities that maximise accessibility and use of personally identifiable data would further strengthen this barrier. Advanced technology in this time that has enabled converting data into anonymised data and removing reference linking back to the data subjects, however, has not been able to tackle the risk of re-identification. This goes against the data sovereignty that data subjects wish to exercise. There is an apparent lack confidence on the existing regulatory management system about the manner in which their data will be used. It is understandable when most activities concerning medical data are not focused on managing data donation and sovereignty, but on extracting data only. This leads to challenges around ethics and legal and social concerns.
Until and unless the framework is made with more priority based understanding of donors perception and expectation, management of data donation for better public good might not be achievable. Donors desire for sovereignty stems from their expectation of data being free from exploitation and irresponsible handling and also their desire to exercise control in this area. This could be achievable when there is a regulatory governance that could locate and enforce accountability and responsibility of data use. This might convert the public sense of duty of data donation for public good into a reality. If control, free exercise of will and a good governance is in place, it is foreseeable that the large amount of data, such as posthumous data, genomic data and other medical data could be well placed and control to enhance medical care, treatment and strategies. Understandably, it is the absence of this governance that might have failed programmes and regulation that even allow processing of data without consent. MIDATA, Switzerland is an extra-ordinary example upon which the guidelines, practices and governance could be based. It retains the control with data donors and gives their roles centre stage. Biobank, UK is another example that could be used. These models emphasis on donors’ preferences rather than the operation of systems. If only recommended model works, progressive medical research, cure and treatment could be carried out with use of data, such as posthumous medical data that are in abundant. Such models should work more on ownership of data being or shared with the donors. Overall, location of accountability on the part of the authority and better monitoring and control system provided to donors might be able to tackle privacy concerns in regard to data donation. The enormous generation of data requires a conscious effort to safeguard privacy. This should be the prime target when data is dealt with smarter technology that intrudes personal privacy. Medical data carries lots of economic and social value and regulatory governance has to keep pace with the use and processing of the data. In this regard, this dissertation has created an opportunity for further research on understanding public perception, acceptability and motivation towards data donation in respect to building a governance framework. This finding itself is the limitation of this dissertation. Lack of literature review and quantitative results on understanding this perspective has severely highlighted the need to understand why the public sense of data donation even when it is there could not be converted into a reality in practice.
Ahmed V, Alex Opoku and Zeeshan Opoku Aziz, Research Methodology in the Built Environment: A Selection of Case Studies (Routledge 2016)
Hafen E, ‘Personal Data Cooperatives–A New Data Governance Framework for Data Donations and Precision Health’ in Jenny Krutzinna and Luciano Floridi (eds.), The Ethics of Medical Data Donation (Springer Open 2019)
Harbinja E, ‘Posthumous Medical Data Donation: The Case for a Legal Framework’ in Jenny Krutzinna and Luciano Floridi (eds.), The Ethics of Medical Data Donation (Springer Open 2019)
Holl F et al, ‘Investigating Ethical, Legal, and Socio-Technical Barriers of Medical Data Donation and Developing A Concept to Address Them’ in J. Mantas, A. Hasman and P. Gallos (eds.), Health Informatics Vision: From Data via Information to Knowledge(IOS Press Inc. 2019)
Hummel P, M Braun and P Dabrock, ‘Data Donations as Exercises of Sovereignty’ in Jenny Krutzinna and Luciano Floridi(eds.), The Ethics of Medical Data Donation. Philosophical Studies Series (Springer 2019)
Kumar R, Research Methodology: A Step-by-Step Guide for Beginners (SAGE Publications Inc.2010)
Krutzinna J, Mariarosaria Taddeo and Luciano Floridi, ‘Enabling posthumous medical data donation: an appeal for the ethical utilisation of personal health data’ in Jenny Krutzinna and Luciano Floridi(eds.), The Ethics of Medical Data Donation (Springer Open 2019)
Miles MB and MA Huberman, Qualitative Data Analysis (SAGE 1994)
Roper GC, ‘Research Governance in the UK: What the Academic Surgeon Needs to Know’ in Thanos Athanasiou, H. Debas and Ara Darzi (eds.), Key Topics in Surgical Research and Methodology(Springer-Verlag Berlin Heidelberg)
Shaw DM, ‘Defining Data Donation After Death: Metadata, Families, Directives, Guardians and the Route to Big Consent’ in Jenny Krutzinna and Luciano Floridi (eds.), The Ethics of Medical Data Donation (Springer Open 2019)
Sorbie A, ‘Medical Data Donation, Consent and the Public Interest After Death: A Gateway to Posthumous Data Use’ in J Krutzinna and L Floridi (eds.), The Ethics of Medical Data Donation. Philosophical Studies Series (Springer 2019)
Aitken M et al., ‘Public responses to the sharing and linkage of health data for research purposes: a systematic review and thematic synthesis of qualitative studies’ (2016) 17(1) BMC medical ethics 73
Auffrayet C et al., ‘Making sense of big data in health research: towards an EU action plan’ (2016) 8(1) Genome medicine 71
Bahr A and Irene Schlünder, ‘Code of practice on secondary use of medical data in European scientific research projects’ (2015) 5(4) International Data Privacy Law279-291
Bearman M and P Dawson, ‘Qualitative synthesis and systematic review in health professions education’ (2013) 47 Medical Education252–260
DeHert P et al., ‘The right to data portability in the GDPR: Towards user-centric interoperability of digital services’ (2017) 34 (2) Computer Law & Security Review: The International Journal of Technology Law and Practice 1–11
Harbinja E and Henry Pearce, ‘Your data will never die, but you will: A comparative analysis of US and UK post-mortem data donation frameworks’ (2020) 36 Computer Law & Security Review 105403
Shaw DM, Juliane V. Gross and Thomas C. Erren, ‘Data donation after death’ (2016) 17(1) EMBO reports 14-17
Thomas J and A Harden, ‘Methods for the thematic synthesis of qualitative research in systematic reviews’ (2008) 45(8) BMC Medical Research Methodology
Bastian, C. C., Souza, A. S., & Gade, M. (2016). No evidence for bilingual cognitive advantages: A test of four hypotheses. Journal of Experimental Psychology: General, 145(2), 246.It is observed that students are not able to pull out the task of completing their dissertation, so in that scenario, they prefer taking the help of the Dissertation Writer, who provides the best and top-notch Essay Writing Service and Thesis Writing Services to them. All the Dissertation Samples are cost-effective for the students. You can place your order and experience amazing services.
DISCLAIMER : The dissertation help samples showcased on our website are meant for your review, offering a glimpse into the outstanding work produced by our skilled dissertation writers. These samples serve to underscore the exceptional proficiency and expertise demonstrated by our team in creating high-quality dissertations. Utilise these dissertation samples as valuable resources to enrich your understanding and enhance your learning experience.