Introduction
There has been significant effort in linking different electronic datasets within healthcare and between health and social care,1–6 both for research purposes and for clinical care. These electronic data are referred to as ‘routinely collected’ as they are collected during usual clinical practice, in contrast to ‘research’ data which are collected in a bespoke manner within the context of a research project. Such datasets (here referred to as routinely collected electronic health and social care data) are already used extensively in epidemiological research, to assess the impact of healthcare interventions in real-world practice, and to provide outcome measures in clinical trials.7–9
In wider society, the actions of large personal data processors have brought public scrutiny on the use and misuse of personal data. Previous attempts at large-scale use of electronic health and social care data (eg, the national Electronic Health Record (EHR) in England) have been controversial in concept and problematic in execution, with consequent damage to public confidence in the ability of organisations to act as trustworthy stewards of personal data.10–13 These negative experiences damage the relationship between individuals, their data and the research community.14 We argue for moving towards a model of consent and use based on respect for digital personhood, and review some of the technical and governance solutions that could enable this transition.
Differences in data generation and use
Routinely collected electronic health and social care data differ from data generated by traditional research studies. The primary expectation of research participants in the traditional research model is that their data are collected and used, with consent, for research purposes. In contrast, patients and service users may not know that routinely collected electronic health and social care data may be used for research. In a traditional research study, there is opportunity to maintain regular contact and therefore foster collaborative, ongoing consent.15 For researchers using routinely collected data scope for collaborative data use is limited. As routinely collected data are not limited to a specific research need or time period, the volume of information is much greater than would typically be collected in a traditional research study.
Public attitudes
Most people in the UK are happy to consent to use of their routinely collected electronic health and social care data for ethically approved research by university and National Health Service (NHS) researchers,16 reflecting the high levels of trust in healthcare professionals and researchers.17 18 Public acceptance is lower for commercial research data use,19 20 despite the potential added value that commercial partners bring to improving healthcare.21 This added value is at risk if the public are not convinced that their data will be used in an ethical way.21 Lack of trust in commercial data providers explains global trends towards greater regulation—for instance, the General Data Protection Regulation (GDPR)22 in Europe, California’s Consumer Privacy Act (California, 2018) and even companies such as Facebook now openly asking for more government control.23
Digital personhood
The way that personal data are considered within ethical and legal frameworks has undergone an important shift over the last few decades. Personal data are often now considered part of a person in the same way that body parts and tissue samples are part of a person.24 This concept of ‘digital personhood’ supposes that the data about a person, and the transactions on that data, are an integral part of their persona, and that rights pertaining to personhood should be extended to incorporate these data.25
Ensuring that digital personhood is fully respected hinges on how consent is both conceptualised and operationalised. In a traditional research study, voluntary, uncoerced, transparently and honestly acquired consent is sought at the onset of the research. Consent requires capacity to understand, retain and weigh the relevant information. Close interaction with the research team affords opportunities to ensure that consent is fully informed, opt-in, provides opportunities for participants to change their mind, and in many cases allows participants to personalise the components of the study that they consent to. Each further interaction with the research team presents an opportunity to reaffirm, modify or withdraw consent. This ongoing, two-way process of consent maximises choice and autonomy for the participant.
Informed, ongoing consent
How can the current processes for research using routinely collected health and social care data be adapted to ensure that digital personhood is fully respected? We propose mechanisms by which the consent relationship can be maximised while preserving the ability to conduct efficient and generalisable research.
Reciprocal communication
For research using routinely collected electronic health and social care data, reciprocal communication can be challenging, as the individualised pathway to gain and reaffirm consent may not exist at scale in current EHR systems. Technology can help however—communication can be facilitated through ‘patient portal’ applications, allowing researchers to inform participants about research achievements, allow participants to provide feedback and allow participants to exercise their rights over the use of the data, such as the right to withdraw from a particular research use.26 This would resemble the traditional researcher–participant relationship more closely than the current model.
As with traditional research, upholding the right not to participate in research risks losing participants, compromising the validity and generalisability of research. Nonetheless, this is a crucial part of developing and maintaining trust. Attempts to avoid developing these research relationships are more likely to lead to a loss of trust in the whole research process, with individuals rescinding or restricting access potentially in large numbers. Building these relationships with individuals may also stimulate new opportunities—particularly for individuals to put forward and then shape research questions of importance, facilitating the emergence of genuine codesign and coanalysis in research using routinely collected data.
Understandable information
Access to transparent information using plain language is essential to support understanding about the potential use of routinely collected electronic health and social care data in research. Information is currently delivered at population level, via advertising campaigns, information leaflets and information boxes on clinical appointments. Such methods have arguably failed to deliver individualised, tailored information. There is a growing expectation that individuals should be able to access their own health and social care data, and applications such as the patient portal1 can help to deliver such information. Applications to manage chronic disease are another example of this approach (eg, the My Diabetes My Way application).27
Managing consent
The design of routinely collected data consent systems would benefit greatly from public and patient involvement, either through extensive consultation or fully participatory codesign. The process of consent should incorporate mechanisms that support ease of access for individuals to their data. For consent to be meaningful, individuals need to have a sense of control over their data. They need to be able to request the correction or removal of inaccurate or inappropriately held data, rights currently embedded in GDPR legislation.22 Mechanisms must enable individuals to withdraw or change consent. The increasing complexity of health and social care records means that it may be technically possible for individuals to express a preference as to what parts of their data can be accessed by different parties, as is the case with the patient portal application being deployed as part of the Great North Care Record.1 Legislation also requires that preferences are processed in a timely manner, are shown to have been executed and that data no longer relevant to the original consented purpose are removed from linked datasets derived for research analysis (including backups). Supporting these processes carries costs, both in time and money, and these costs need to be acknowledged by researchers and funders.
Regulatory frameworks
Governance and regulatory frameworks exist to protect the safety and rights of individuals, with most research being submitted, reviewed and approved on a project-by-project basis, an approach developed for traditional research involving small numbers of participants consenting face to face. Balancing regulation against the burden on research teams, funders and institutions is challenging.28 29 Research involving routinely collected health and social care data typically involves multiple uses of the same datasets, often with access by multiple research groups. An opportunity exists to move away from traditional project-by-project approval to centralised or federated data warehouses, platforms and governance approvals. Governance and regulatory structures currently lag behind these technological advances in data management and research use. The focus of governance should shift to platform level rather than project level—an approach used successfully by the Dundee Health Informatics Centre,2 in which a single umbrella ethics approval covers a wide range of health informatics projects, with per-project approval devolved to a data access committee with external oversight. Other related examples are of large scale, reusable data repositories of anonymised medical data (eg, UK Biobank and the Scottish GO-SHARE—Survey of Health, Ageing and Retirement in Europe—project30 31). Developing and using such platforms also provide an opportunity for in-depth and sustained collaboration between research teams and the public in the design, governance and delivery of informatics research in a way that may not be possible with multiple standalone projects.