The evolving role of research ethics committees in the era of open data

Main Article Content

S Mahomed
M L Labuschaigne

Abstract

While open science gains prominence in South Africa with the encouragement of open data sharing for research purposes, there are stricter laws and regulations around privacy – and specifically the use, management and transfer of personal information – to consider. The Protection of Personal Information Act No. 4 of 2013 (POPIA), which came into effect in 2021, established stringent requirements for the processing of personal information and has changed the regulatory landscape for the transfer of personal information across South African borders. At the same time, draft national policies on open science encourage wide accessibility to data and open data sharing in line with international best practice. As a result, the operation of research ethics committees (RECs) in South Africa is affected by the conflicting demands of the shift towards open science on the one hand, and the stricter laws protecting participants’ personal information and the transfer thereof, on the other. This article explores the continuing evolving role of RECs in the era of open data and recommends the development of a data transfer agreement (DTA) for the ethical management of personal health information, considering the challenges that RECs encounter, which centres predominantly on privacy, data sharing and access concerns following advances in genetic and genomic research and biobanking.

Article Details

How to Cite
The evolving role of research ethics committees in the era of open data. (2023). South African Journal of Bioethics and Law, 15(3), 80-83. https://doi.org/10.7196/SAJBL.2022.v15i3.822
Section
Research Articles

How to Cite

The evolving role of research ethics committees in the era of open data. (2023). South African Journal of Bioethics and Law, 15(3), 80-83. https://doi.org/10.7196/SAJBL.2022.v15i3.822

References

Rowhani-Farid A, Allen M, Barnett AG. What incentives increase data sharing in health and medical research? A systematic review. Res Integr Peer Rev 2017;4. https://doi.org/10.1186/s41073-017-0028-9.

UNESCO.UNESCORecommendationonOpenScience.16November2021.https:// www.unesco.org/en/natural-sciences/open-science (accessed 1 August 2022).

SabinetLaw. National Open Science Policy on the Cards. 10 March 2022.

https://legal.sabinet.co.za/articles/national-open-science-policy-on-the-cards/

(accessed 29 July 2022).

Government of South Africa. Draft National Policy on Data and Cloud,

Government Notice 306. Pretoria: Government Gazette 44389 of 1 April 2021.

Thaldar DW, Townsend B. Genomic research and privacy: A response to Staunton et al. S Afr Med J 2020;110(3):172-174. https://doi.org/10.7196/SAMJ.2020.

v110i3.14431

Staunton C, R Adams, M Botes, et al. Safeguarding the future of genomic research

in South Africa: Broad consent and the Protection of Personal Information Act 2013.

S Afr Med J 2019;109(7):468. https://doi.org/10.7196/SAMJ.2019.v109i7.14148

Thaldar DW, Townsend BA. Exempting health research from the consent provisions of POPIA. PER J 2021;24. https://doi.org/10.17159/1727-3781/2021/

v24i0a10420

Mahomed S, Labuschaigne M. The role of research ethics committees in South

Africa when human biological materials are transferred between institutions S Afr

J Bioethics Law 2019;12(2):84-87. https://doi.org/10.7196/SAJBL.2019.v12i2.685

Mahomed S, Loots G, Staunton C. The role of data transfer agreements in ethically managing data sharing for research in South Africa. S Afr J Bioethics Law

;15(1):26-30. https://doi.org/10.7196/SAJBL.2022.v15i1.807

Feretti A, Ienca M, Sheehan M, et al. Ethics review of big data research: What should stay and what should be reformed? BMC Med Ethics (2021) 22:51 https:// doi.org/10.1186/s12910-021-00616-4

Alkinoon M, Choi SJ, Mohaisen D. Measuring Healthcare Data Breaches. In: Kim H, editor. Information Security Applications. WISA 2021. Lecture Notes in Computer Science, vol 13009. Cham: Springer, 2021. https://doi.org/10.1007/978-3-030- 89432-0_22

Examples regarding personal data breach notification. Guidelines 01/2021 at par 6. https://edpb.europa.eu/system/files/2022-01/edpb_guidelines_012021_ pdbnotification_adopted_en.pdf (accessed 2 August 2022).

IBM Security. Cost of a data breach report 2022. https://www.ibm.com/ downloads/cas/XZNDGZKA (accessed 2 August 2022).

Mungadze S. Life Healthcare reveals damage caused by data breach. IT Web. 31 August 2020. https://www.itweb.co.za/content/rW1xLv59YPGvRk6m (accessed 2 August 2022).

Muncaster P. Experian Data Breach Hits 24 Million Customers. Info Security. 30 August 2020. https://infosecurity-magazine.com/news/experian-data-breach- 24-million/ (accessed 2 August 2022).

Healthcare Data Breach Statistics (December 2021). HIPAA Journal. https://www. hipaajournal.com/healthcare-data-breach-statistics/ (accessed 2 August 2022).

Shabani M, Chassang G, Marelli L. The Impact of the GDPR on the Governance of Biobank Research. In: Slokenberga S, Tzortzatou O, Reichel J, editors. GDPR and Biobanking. Law, Governance and Technology Series, vol 43. Cham: Springer; 2021. https://doi.org/10.1007/978-3-030-49388-2_4

Ferretti A, Ienca M, Velarde MR, Hurst S, Vayena E. The challenges of big data for research ethics committees: A qualitative Swiss study. J Empir Res Human Res Ethics 2022;17(1-2): 129-143 at 129.

Leonelli S. Scientific research and big data. In: Stanford Encyclopedia of Philosophy, Summer 2020 ed. Zalta EN, editor. https://plato.stanford.edu/ archives/sum2020/entries/science-big-data/

Rennie S, Buchbinder M, Juengst E, Brinkley-Rubinstein L, Blue C, Rosen DL. Scraping the web for public health gains: Ethical considerations from a ‘big data’ research project on HIV and incarceration. Public Health Ethics 2020;13(1):111- 121. https://doi.org/10.1093/phe/phaa006

Samuel G, Chubb J, Derrick G. Boundaries between research ethics and ethical research use in artificial intelligence health research. J Empir Res Human Res Ethics 2021;16(3):325-337. https://doi.org/10.1177/ 15562646211002744

Blasimme A, Vayena E. The ethics of AI in biomedical research, patient care and public health. In: Dubber MD, Pasquale F, Das S, editors. Oxford Handbook of Ethics of Artificial Intelligence. Oxford: Oxford University Press; 2019 at 718.

Price WN, Cohen IG. Privacy in the age of medical big data. Nature Med 2019;25(1):37-43. https://doi.org/10. 1038/s41591-018-0272-7

Friesen P, Douglas-Jones R, Marks M, et al. Governing AI-driven health research: Are IRBs up to the task? Ethics Human Res 2021;43(2):35-42. https://doi. org/10.1002/eahr.500085

Metcalf J, Crawford K. Where are human subjects in big data research? The emerging ethics divide. Big Data Soc 2016;3(1):1-14. https://doi. org/10.1177/2053951716650211

Kaye J. The tension between data sharing and the protection of privacy in genomics research. Ann Rev Genomics Human Gen 2012;13(1):415-431. https:// doi.10.1146/annurev-genom-082410-101454

Greenbaum D, Sboner A, Mu XJ, Gerstein M. Genomics and privacy: Implications of the new reality of closed data for the field. PLoS Comput Biol 2011;7(12):e1002278. https://doi.org/10.1371/journal.pcbi.1002278.

Johnson AD, Leslie R, O’Donnell CJ. Temporal trends in results availability from genome-wide association studies. PLoS Gen 2011;7(9):e1002269. https://doi. org/10.1371/journal.pgen.1002269

South African Government. Material Transfer Agreement for Human Biological Materials. Government Notice 719, Government Gazette 41781, 20 July 2018. 30. Mahomed S, Staunton C. Ethico-legal analysis of international sample and data

sharing for genomic research during COVID-19: A South African perspective.

BioLaw Law, Genetics Genomics: An unfolding relationship 2021;261-276.

Mello MM, Triantis G, Stanton R, Blumenkranz E, Studdert DM. Waiting for data: Barriers to executing data use agreements. Science 2020;367(6474):150-152. https://doi.org/10.1126/science.aaz7028.

Reinsel D, Gantz J, Rydning J. The digitisation of the world from edge to

core. IDC White Paper, Doc#US44413318, 2018.https://www.seagate.com/ files/www-content/our-story/trends/files/idc-seagate-dataage-whitepaper. pdf#:~:text=IDC%20predicts%20that%20the%20Global%20Datasphere%20 will%20grow,of%20that%20capacity%20supplied%20from%20the%20 HDD%20industry (accessed 30 July 2022).

Finck M, Pallas F. They who must not be identified – distinguishing personal from non-personal data under the GDPR. Int Data Privacy Law 2020;10(1):11-36. https://doi.org/10.1093/idpl/ipz026