- but modernising consent is part of the solution!
It is a long way for a researcher to find and access data from a restricted access repository to access e.g. Health records or Clinical biomedical data or genomics data for their research. The long-winded process is not without reason — the heavy governance overhead is put in place so that the data custodian can ensure that any access to the protected data is done in accordance with the consent of the patient/individual who donated their sample and data for research.
Unfortunately, the heavy governance, makes the whole process of accessing data or making data accessible so cumbersome and time-consuming for the researchers that the governance process itself is often used as an excuse to not make data available for reuse for the research community. “Sorry, we do not have the resources to set up a Data Access Committee to handle access applications, so we cannot make our data available” — to the dismay and annoyance of the other researchers who are eager to access data to validate their findings.
You might think:
“Can’t we just bypass patient consent, or remove consent altogether to simplify the process for researchers?”
Avoiding the consent process, would be to consider consent as part of the problem and fail to acknowledge that it is thanks to the voluntary contribution of data from individuals that researchers have any data to look at in the first place. The individuals have a right to decide how their data is used, just as well as they have a right to say no for their data to be used for research.
Rather, we should think of how we can leverage the social contract that the research community is making with the patients and individuals, every single time a consent document is signed. While we sign the document that states that data is only to be used for biomedical research purposes, not to be released to insurance companies, and the identifiable data on the individual will always be treated as confidential and the data points anonymised or pseudonomised where possible, the process is building up the expectation for the patient that their data will be used, even extensively so. However, although these forms tend to be explicit about what should not be done with the data, current consent forms often fail to mention what should be done and what the individual would want to be done with the data.
Imagine if every single consent form stated explicitly:
“I want my data to be used for greatest possible research impact within the limitations set out in this document”
— then there would be no excuse for any researcher to not make an effort to make the collected research data available for the research community.
And imagine if not every possible use of the data need to be thought up and explained in advance, but it would be possible to develop the need for and limitations of usage as the need for data would develop. And those new uses could be requested directly from the patient — the data owner?
And imagine if all consent forms were digitised, and data application processes were automated and would not cause a governance overhead and would suddenly be feasible to set up even for small research organisations or individual researchers.
If consent forms would be modernised to fit modern research needs — Then maybe we would start to see a breakthrough in the extent of data sharing in the biomedical research community.
A lot of great work is underway to achieve machine-readable and automated consent, see e.g. the work of the workgroup on Machine Readable Consent as part of the Global Alliance for Genomics and Health
Several initiatives are working on bringing the request for consent closer to the data and closer to the data owner, see for instance how PatientsKnowBest http://www.patientsknowbest.com are allowing patients to control access to their medical records, and how Sage Bionetworks are developing guidelines for Patient Centered Consent: http://sagebase.org/pcc/pcc-toolkit-frequently-asked-questions/
Illustration: Siddhartha consenting to a Contest at Borobudur