3D illustration of a Renaissance marble statue of Zeus, king of the gods, who was also the god of the sky and thunder. Zeus in Greek mythology is known as Jupiter in Roman mythology.

Data Pseudonymization and POPIA

By Donrich Thaldar

Just as Zeus, the King of the Gods in Greek mythology, assumed various forms to conceal his true identity, so does modern data often undergo transformations to mask its origins. Zeus could become a swan, a bull, or even golden rain to achieve his purposes — all while maintaining his essence. Similarly, pseudonymization techniques aim to alter data enough to protect individual privacy without losing the core information necessary for research or analysis. This entails replacing data subjects’ identifying information in a dataset with unique codes, while keeping another dataset that links these data subjects’ identifying information with their allocated codes. Therefore, just as Zeus’ transformations were sometimes seen through by keen eyes, pseudonymized data can be re-identified by those having access to the linking dataset.

Read More

Double exposure of abstract digital world map on laptop background.

Harmonizing Africa’s Data Governance: Challenges and Solutions

By Donrich Thaldar

The establishment of a single data market across African nations promises significant socio-economic advantages, facilitating unrestricted and fluid data exchange. This concept has captured the attention of political leaders and has been prominently featured in the African Union’s (AU) Digital Transformation Strategy for Africa, as well as the AU’s Data Policy Framework. Further, entities like Smart Africa are actively championing the cause of creating an African single data market.

To transform the vision of an African single data market into reality, and to unlock its potential benefits for the continent’s populace, establishing regulatory alignment is paramount. This necessitates the integration of markets, the implementation of uniform online payment systems, the standardization of taxation and duties, and cross-border trade facilitation. This article delves into two critical legal dimensions of cross-border trade facilitation: data privacy and data ownership.

Read More

Operating room Doctor or Surgeon anatomy on Advanced robotic surgery machine.

Protecting Consumer Privacy in DTC Tissue Testing

By Adithi Iyer

In my last piece, I discussed the hypothetical successor of 23andme — a tissue-based direct-to-consumer testing service I’ve called yourtissueandyou — and the promise and perils that it might bring in consumer health information and privacy. Now, as promised, a closer look at the “who” and “how” of protecting the consumer at the heart of direct-to-consumer precision medicine. While several potential consumer interests are at stake with these services, at top of mind is data privacy — especially when the data is medically relevant and incredibly difficult to truly de-anonymize.

As we’ve established, the data collected by a tissue-based service will be vaster and more varied than we’ve seen before, magnifying existing issues with traditional data privacy. Consumer protections for this type of information are, in a word, complicated. A singular “authority” for data privacy does not exist in the United States, instead being spread among individual state data privacy statutes and regulatory backstops (with overlapping sections of some federal statutes in the background). In the context of health, let alone highly sophisticated cell signaling and microenvironment data, the web gets even more tangled.

Read More

sample tube in female hands with pipette.

Why We Should Care About the Move from Saliva to Living Cells in Precision Medicine

By Adithi Iyer

The cultural, informational, and medical phenomenon that is 23andMe has placed a spotlight on precision medicine, which seeks to personalize medical care to each patient’s unique makeup. Thus far, advances in direct-to-consumer genetic testing have made saliva-sample sequencing services all the rage in this space, but regenerative medicine, which relies on cells and tissues, rather than saliva, now brings us to a new, increasingly complex inflection point.

While collecting and isolating DNA samples from saliva may offer a wealth of information regarding heredity, disease risk, and other outflows of the “instruction manual” for patients, analyzing cells captures the minutiae of patients that goes “beyond the book” and most closely informs pathology. Disease isn’t always “written in the stars” for patients. Epigenetic changes from environmental exposures, cell-to-cell signaling behaviors, and the mutations present in diseased cells all profoundly inform how cells behave in whether and how they code the instructions that DNA offers. These factors are critical to understanding how disease materializes, progresses, and ultimately responds to treatment. This information is highly personal to each patient, and reflects behavioral factors as well as genetics.

Regenerative medical technologies use cell- and tissue-based methods to recapitulate, bioengineer, and reprogram human tissue, making a whole suite of sci-fi-sounding technologies an ever-closer reality. With cell-based and other regenerative therapies entering the market (making up an entire FDA subgroup), it well worth considering how cell-based medicine can advance the world of personalized consumer testing. In other words, could a corporate, direct-to-consumer cell-based testing service be the next 23andMe? And what would that mean for patients?

Read More

DNA helix on colored background.

State Genetic Privacy Statutes: Good Intentions, Unintended Consequences?

By Christi Guerrini, David Gurney, Steve Kramer, CeCe Moore, Margaret Press, and Amy McGuire

State legislators have enacted a flurry of genetic privacy bills that will strengthen the privacy and security practices of direct-to-consumer genetic testing companies and give customers more control over their data. What they might not realize is that these bills could be interpreted in ways that limit law enforcement’s ability to use a new technique that helps identify violent criminals and human remains and exonerate the wrongfully convicted.

Read More

Medicine doctor and stethoscope in hand touching icon medical network connection with modern virtual screen interface, medical technology network concept

Governing Health Data for Research, Development, and Innovation: The Missteps of the European Health Data Space Proposal

By Enrique Santamaría

Together with the Data Governance Act (DGA) and the General Data Protection Regulation (GDPR), the proposal for a Regulation on the European Health Data Space (EHDS) will most likely form the new regulatory and governance framework for the use of health data in the European Union. Although well intentioned and thoroughly needed, there are aspects of the EHDS that require further debate, reconsiderations, and amendments. Clarity about what constitutes scientific research is particularly needed.

Read More

Medicine doctor and stethoscope in hand touching icon medical network connection with modern virtual screen interface, medical technology network concept

AI in Digital Health: Autonomy, Governance, and Privacy

The following post is adapted from the edited volume AI in eHealth: Human Autonomy, Data Governance and Privacy in Healthcare.

By Marcelo Corrales Compagnucci and Mark Fenwick

The emergence of digital platforms and related technologies are transforming healthcare and creating new opportunities and challenges for all stakeholders in the medical space. Many of these developments are predicated on data and AI algorithms to prevent, diagnose, treat, and monitor sources of epidemic diseases, such as the ongoing pandemic and other pathogenic outbreaks. However, these opportunities and challenges often have a complex character involving multiple dimensions, and any mapping of this emerging ecosystem requires a greater degree of inter-disciplinary dialogue and more nuanced appreciation of the normative and cognitive complexity of these issues.

Read More

Blue biohazard sign in front of columns of binary code.

The International Weaponization of Health Data

By Matthew Chun

International collaboration through the sharing of health data is crucial for advancing human health. But it also comes with risks — risks that countries around the world seem increasingly unwilling to take.

On the one hand, the international sharing of health-related data sets has paved the way for important advances such as mapping the human genome, tracking global health outcomes, and fighting the rise of multidrug-resistant superbugs. On the other hand, it can pose serious risks for a nation’s citizens, including re-identification, exploitation of genetic vulnerabilities by foreign parties, and unauthorized data usage. As countries aim to strike a difficult balance between furthering research and protecting national interests, recent trends indicate a shift toward tighter controls that could chill international collaborations.

Read More

Hand holding smartphone with colorful app icons concept.

Who Owns the Data Collected by Direct-to-Consumer Health Apps?

By Sara Gerke and Chloe Reichel

Who owns the data that are collected via direct-to-consumer (DTC) health apps? Who should own that data?

We asked our respondents to answer these questions in the third installment of our In Focus Series on Direct-to-Consumer Health Apps. Learn about the respondents and their views on data privacy concerns in the first installment of this series, and read their thoughts on consumer access to DTC health app data in the second installment.

Read More

Illustration of multicolored profiles. An overlay of strings of ones and zeroes is visible

Should Users Have Access to Data Collected by Direct-to-Consumer Health Apps?

By Sara Gerke and Chloe Reichel

Should consumers have access to the data (including the raw data) that are collected via direct-to-consumer (DTC) health apps? What real-world challenges might access to this data introduce, and how might they be addressed?

In this second installment of our In Focus Series on Direct-to-Consumer Health Apps, that’s what we asked our respondents. Learn about the respondents and their views on data privacy concerns in the first installment of this series. Read on for their thoughts on whether and how consumers should gain access to the data that direct-to-consumer health apps collect.

Read More