Werkzeuggestützte Verfahren für die Realisierung einer Treuhandstelle im Rahmen des zentralen Datenmanagements in der epidemiologischen Forschung

Vor allem kleinere Forschungsvorhaben können die erforderlichen Aufwände zur Realisierung eines zentralen Datenmanagements (ZDM), insbesondere aber dem Aufbau einer Treuhandstelle zur Unterstützung der informationellen Gewaltenteilung, bislang häufig nicht leisten. Aufgrund vielzähliger Herausforderungen ist ZDM in Kohortenstudien und Registern daher nur wenig verbreitet. Im Rahmen dieser Arbeit wurden, ausgehend von ausgewählten epidemiologischen Projekten und Fachpublikationen, wesentliche Anforderungen an ein ZDM zusammengefasst und zentrale funktionale Bestandteile eines ZDM identifiziert. Datenquellen, ETL-Prozesse, eine Treuhandstelle, eine Speicherlösung und ein Datenbereitstellungsverfahren sind Kernkomponenten eines ZDM. Am Beispiel der Treuhandstelle wurden erforderliche Werkzeuge identifiziert. Die ID-Management-Lösung E-PIX, das Pseudonymisierungswerkzeug gPAS und das Einwilligungsmanagement gICS bieten die notwendige Funktionalität. Alle werden kostenfrei über das MOSAIC-Projekt bereitgestellt. Unterschiedliche Kohortenstudien und Register machen Szenario-spezifische Abläufe innerhalb einer Treuhandstelle erforderlich. Es wurde gezeigt, dass sich diese individuellen Abläufe software-seitig und effektiv durch Kombination der Funktionalitäten der einzelnen Werkzeuge (E-PIX, gPAS und gICS) in Form eines Treuhandstellen-Dispatchers realisieren lassen. Ein workflow-basierter Ansatz kann helfen, erforderliche individuelle Anpassungen auf ein Mindestmaß zu reduzieren. Die Praxistauglichkeit dieses werkzeuggestützten Ansatzes wurde im Rahmen des DFG-gefördertern Projektes MOSAIC (Fördernummer HO 1937/2-1) für die ausgewählten Werkzeuge mittels einer Kennzahlenerhebung in 8 kooperierenden Anwenderprojekten untersucht. In Summe konnten mittels E-PIX bisher etwa 580.000 Personen erfasst, 2.5 Mio. Pseudonyme generiert und mittels gICS 69.000 Einwilligungen erfasst werden (Stand: 03.05.2016). Weitere Anwendungen sind bereits in Vorbereitung. Der vorgestellte Treuhandstellenansatz wird bereits in zwei der Deutschen Zentren für Gesundheitsforschung genutzt. Auch wenn nicht jeder Aspekt eines ZDM durch vorkonfigurierte Werkzeuge unterstützt werden kann, wurde gezeigt, dass ein werkzeugunterstützter Ansatz zum Aufbau einer Treuhandstelle im Rahmen eines ZDM die nötige Flexibilität, Übertragbarkeit und Nachnutzbarkeit bietet, um den individuellen Anforderungen sowohl kleinerer als auch größerer Forschungsprojekte zu entsprechen und dabei gleichzeitig unterstützt, erforderliche Aufwände zu reduzieren.Especially small-scale research projects are not able to afford the required resources to implement a central data management (CDM), particularly the setup of a Trusted Third Party to support the informational separation of powers. Consequently, a variety of challenges cause CDM in cohort studies and registers to be less widespread. Based on selected epidemiological research projects and several publications, essential requirements for a CDM were summarized and general functional components of a CDM were identified in this dissertation. Data sources, ETL-processes, a Trusted Third Party, a storage solution and a data provision procedure are core components of a CDM. Using the example of the Trusted Third Party, necessary software tools to support the implementation procedure were identified. The ID-Management solution E-PIX, the pseudonymization tool gPAS as well as the consent management solution gICS developed by the Community Medicine Institute in Greifswald provide the needed functionalities. These tools are provided by the MOSAIC-Project (funded by the German Research Foundation, grant number HO 1937/2-1) as open source software. Individual requirements and characteristics of particular studies and registers require scenario-specific workflows within a Trusted Third Party. These individual workflows can be implemented by easily linking available functionalities of E-PIX, gICS and gPAS using a Trusted Third Party dispatcher. Additionally, a workflow-based approach helps to reduce the necessary effort for individual customizations to a minimum. For this dissertation, the practicability of this tool-based approach was evaluated within the MOSAIC-Project based on information from eight cooperating research projects using tool-related key performance indicators for the selected tools (E-PIX, gPAS and gICS). Altogether E-PIX managed more than 580.00 persons, gPAS generated more than 2.5 million pseudonyms and with help of gICS about 69.000 informed consent documents were stored (Status: 03.05.2016). Further applications are already in preparation. The proposed Trusted Third Party approach was successfully implemented in two nationwide studies (German Centre for Cardiovascular Research and the German National Cohort). Even though not every aspect of CDM might be implementable with pre-configured tools, this work indicated that tool-based methods to implement a Trusted Third Party within a CDM provide the necessary flexibility, applicability and reusability to match the individual requirements of small-scale as well as large-scale epidemiological research projects and simultaneously allows reducing necessary efforts

The generic Informed Consent Service gICS®: implementation and benefits of a modular consent software tool to master the challenge of electronic consent management in research

Background Defining and protecting participants’ rights is the aim of several ethical codices and legal regulations. According to these regulations, the Informed Consent (IC) is an inevitable element of research with human subjects. In the era of “big data medicine”, aspects of IC become even more relevant since research becomes more complex rendering compliance with legal and ethical regulations increasingly difficult. Methods Based on literature research and practical experiences gathered by the Institute for Community Medicine (ICM), University Medicine Greifswald, requirements for digital consent management systems were identified. Results To address the requirements, the free-of-charge, open-source software “generic Informed Consent Service” (gICS®) was developed by ICM to provide a tool to facilitate and enhance usage of digital ICs for the international research community covering various scenarios. gICS facilitates IC management based on IC modularisation and supports various workflows within research, including (1) electronic depiction of paper-based consents and (2) fully electronic consents. Numerous projects applied gICS and documented over 336,000 ICs and 2400 withdrawals since 2014. Discussion Since the consent’s content is a prerequisite for securing participants’ rights, application of gICS is no guarantee for legal compliance. However, gICS supports fine-granular consents and accommodation of differentiated consent states, which can be directly exchanged between systems, allowing automated data processing. Conclusion gICS simplifies and supports sustained IC management as a major key to successfully conduct studies and build trust in research with human subjects. Therefore, interested researchers are invited to use gICS and provide feedback for further improvements

Toolbox for Research, or how to facilitate a central data management in small-scale research projects

Abstract Background In most research projects budget, staff and IT infrastructures are limiting resources. Especially for small-scale registries and cohort studies professional IT support and commercial electronic data capture systems are too expensive. Consequently, these projects use simple local approaches (e.g. Excel) for data capture instead of a central data management including web-based data capture and proper research databases. This leads to manual processes to merge, analyze and, if possible, pseudonymize research data of different study sites. Results To support multi-site data capture, storage and analyses in small-scall research projects, corresponding requirements were analyzed within the MOSAIC project. Based on the identified requirements, the Toolbox for Research was developed as a flexible software solution for various research scenarios. Additionally, the Toolbox facilitates data integration of research data as well as metadata by performing necessary procedures automatically. Also, Toolbox modules allow the integration of device data. Moreover, separation of personally identifiable information and medical data by using only pseudonyms for storing medical data ensures the compliance to data protection regulations. This pseudonymized data can then be exported in SPSS format in order to enable scientists to prepare reports and analyses. Conclusions The Toolbox for Research was successfully piloted in the German Burn Registry in 2016 facilitating the documentation of 4350 burn cases at 54 study sites. The Toolbox for Research can be downloaded free of charge from the project website and automatically installed due to the use of Docker technology

MAGIC: once upon a time in consent management—a FHIR® tale

Abstract Background The use of medical data for research purposes requires an informed consent of the patient that is compliant with the EU General Data Protection Regulation. In the context of multi-centre research initiatives and a multitude of clinical and epidemiological studies scalable and automatable measures for digital consent management are required. Modular form, structure, and contents render a patient’s consent reusable for varying project settings in order to effectively manage and minimise organisational and technical efforts. Results Within the DFG-funded project “MAGIC” (Grant Number HO 1937/5-1) the digital consent management service tool gICS was enhanced to comply with the recommendations published in the TMF data protection guideline for medical research. In addition, a structured exchange format for modular consent templates considering established standards and formats in the area of digital informed consent management was designed. Using the new FHIR standard and the HAPI FHIR library, the first version for an exchange format and necessary import-/export-functionalities were successfully implemented. Conclusions The proposed exchange format is a “work in progress”. It represents a starting point for current discussions concerning digital consent management. It also attempts to improve interoperability between different approaches within the wider IHE-/HL7-/FHIR community. Independent of the exchange format, providing the possibility to export, modify and import templates for consents and withdrawals to be reused in similar clinical and epidemiological studies is an essential precondition for the sustainable operation of digital consent management

A FHIR has been lit on gICS: facilitating the standardised exchange of informed consent in a large network of university medicine

Background The Federal Ministry of Education and Research of Germany (BMBF) funds a network of university medicines (NUM) to support COVID-19 and pandemic research at national level. The “COVID-19 Data Exchange Platform” (CODEX) as part of NUM establishes a harmonised infrastructure that supports research use of COVID-19 datasets. The broad consent (BC) of the Medical Informatics Initiative (MII) is agreed by all German federal states and forms the legal base for data processing. All 34 participating university hospitals (NUM sites) work upon a harmonised infrastructural as well as legal basis for their data protection-compliant collection and transfer of their research dataset to the central CODEX platform. Each NUM site ensures that the exchanged consent information conforms to the already-balloted HL7 FHIR consent profiles and the interoperability concept of the MII Task Force “Consent Implementation” (TFCI). The Independent Trusted Third-Party (TTP) of the University Medicine Greifswald supports data protection-compliant data processing and provides the consent management solutions gICS. Methods Based on a stakeholder dialogue a required set of FHIR-functionalities was identified and technically specified supported by official FHIR experts. Next, a “TTP-FHIR Gateway” for the HL7 FHIR-compliant exchange of consent information using gICS was implemented. A last step included external integration tests and the development of a pre-configured consent template for the BC for the NUM sites. Results A FHIR-compliant gICS-release and a corresponding consent template for the BC were provided to all NUM sites in June 2021. All FHIR functionalities comply with the already-balloted FHIR consent profiles of the HL7 Working Group Consent Management. The consent template simplifies the technical BC rollout and the corresponding implementation of the TFCI interoperability concept at the NUM sites. Conclusions This article shows that a HL7 FHIR-compliant and interoperable nationwide exchange of consent information could be built using of the consent management software gICS and the provided TTP-FHIR Gateway. The initial functional scope of the solution covers the requirements identified in the NUM-CODEX setting. The semantic correctness of these functionalities was validated by project-partners from the Ludwig-Maximilian University in Munich. The production rollout of the solution package to all NUM sites has started successfully

A survey on the current status and future perspective of informed consent management in the MIRACUM consortium of the German Medical Informatics Initiative

<jats:title>Abstract</jats:title><jats:sec> <jats:title>Background</jats:title> <jats:p>The consent management is an essential component for supporting the implementation of consents and withdrawals and thus, the realisation of patient’s rights. In MIRACUM, one of the four consortia of the Medical Informatics Initiative (MII), ten university hospitals intend to integrate the generic Informed Consent Service® (gICS) in their Data Integration Center (DIC). To provide a tool that supports the local workflows of the MIRACUM sites, the gICS should be improved.</jats:p> </jats:sec><jats:sec> <jats:title>Methods</jats:title> <jats:p>We used three standardised questionnaires with 46 questions to elicit requirements from the ten sites. Each site answered the questions from the current and the desired future perspective. This made it possible to understand the individual processes at each site and it was possible to identify features and improvements that were generally necessary.</jats:p> </jats:sec><jats:sec> <jats:title>Results</jats:title> <jats:p>The results of the survey were classified according to their impact on the gICS. Feature requests of new functionalities, improvements of already implemented functionalities and conceptual support for implementing processes were identified. This is the basis for an improved gICS release to support the ten sites’ individual consent management processes.</jats:p> </jats:sec><jats:sec> <jats:title>Conclusions</jats:title> <jats:p>A release plan for the feature requests and improvements was coordinated with all sites. All sites have confirmed that the implementation of these features and enhancements will support their software-based consent management processes.</jats:p> </jats:sec&gt

White Paper - Verbesserung des Record Linkage für die Gesundheitsforschung in Deutschland

Die personenbezogene Verknüpfung von unterschiedlichen, gesundheitsbezogenen Daten mit dem Ziel einen Forschungsdatensatz zu erstellen, wird als Record Linkage bezeichnet. Diese Daten zu einer Person können bei voneinander getrennten Datenhaltern vorliegen. Auf diese Weise lassen sich wissenschaftliche Fragestellungen beantworten, die wegen des beschränkten Variablenumfangs mit einer Datenquelle alleine nicht zu beantworten wären. Diese verknüpften Daten entfalten ein riesiges Potential für die Gesundheitsforschung, um Prävention, Therapie und Versorgung der Bevölkerung zu verbessern. Da es sich dabei um sensible Daten handelt, gelten strenge Rechtsvorschriften um vor potenziellen Missbrauch zu schützen. Die derzeitigen rechtlichen Gegebenheiten schränken allerdings die Nutzung der Gesundheitsdaten für die Forschung so stark ein, dass ihr Potenzial für eine Verbesserung von Prävention und Versorgung bisher nicht ausgeschöpft werden kann. Record Linkage wird in Deutschland dadurch erschwert bzw. in vielen Fällen sogar unmöglich gemacht, dass es im Gegensatz zu Ländern keinen eindeutigen personenbezogenen Identifikator gibt, der eine Zusammenführung über verschiedene Datenkörper hinweg ermöglichen würde. Zudem sind in Deutschland interoperable Lösungen nicht vorhanden, um ein umfassendes studien- und datenkörperübergreifendes Record Linkage in einer gesicherten Umgebung durchführen zu können. Dem berechtigten Interesse auf Schutz der personenbezogenen Daten steht z. B. das Interesse entgegen, Risiken und Nutzen von Behandlungen zu erforschen und diese zur Verbesserung der gesundheitlichen Versorgung zu nutzen. Bei der Durchführung von Record Linkage-Projekten steht die Wissenschaft vor großen Herausforderungen. Oftmals wird von Datenhaltern oder Datenschützern für die Verknüpfung personenbezogener Daten die informierte Einwilligung der einzelnen Studienteilnehmenden gefordert, selbst wenn dies nicht erforderlich ist, z. B. weil klare gesetzliche Regelungen fehlen. Hinzu kommt eine unterschiedliche Auslegung der gesetzlichen Rahmenbedingungen durch Datenschutzbehörden. Zweitens erlauben die Informationen der zu verknüpfenden Datenquellen oft keine exakte Verknüpfung. So ist die Datensatzverknüpfung nicht nur ein rechtliches, sondern auch eine methodische Herausforderung. Insgesamt ist festzuhalten, dass das Record Linkage für die Gesundheitsforschung in Deutschland gegenwärtig weit hinter den Standards anderer europäischer Länder hinterherhinkt. So müssen für jeden Anwendungsfall und jedes Record Linkage-Projekt einzelfallspezifische Lösungen entwickelt, geprüft, ggf. modifiziert und – falls positiv beschieden – umgesetzt werden. Die Limitationen und Möglichkeiten dieser unterschiedlichen und spezifisch auf verschiedene Anwendungsfelder zugeschnittenen Ansätze werden diskutiert und es werden die Voraussetzungen beschrieben, die erfüllt sein müssen, um einen forschungsfreundlicheren Ansatz für die personenbezogene Datensatzverknüpfung zwischen verschiedenen Datenquellen in Deutschland zu erreichen. Dabei werden auch entsprechende Empfehlungen an den Gesetzgeber formuliert. Das White Paper soll die Grundlage für eine Verbesserung des Record Linkage für die Gesundheitsforschung in Deutschland schaffen. Es zielt darauf ab, praktikable Lösungen für die personenbezogene Datensatzverknüpfung von unterschiedlichen Datenquellen anzubieten, die im Einklang mit der europäischen Datenschutzgrundverordnung stehen