Symposium on Governance of Medical Research Databases

Seligman Theatre
Royal College of Physicians, London
Wednesday 27th October 2004

Background to meeting | Programme and presentations | Summary Report of Meeting

Report of Meeting

Executive Summary

The Symposium was hosted at the Royal College of Physicians, London, by the RCP Health Informatics Unit. The purpose of the meeting was to consider the governance framework which applies to medical databases used for research purposes, the degree to which the various components are consistent and co-ordinated, and what actions might be needed to improve the situation.

There was a general feeling that there was considerable uncertainty as to what constituted 'good practice', particularly over issues of consent and confidentiality, and that the administrative overheads of meeting differing regulatory requirements presented an excessive overhead which could delay or even deter research projects as well as adding unnecessarily to the costs of performing research - to the detriment of the public good.

Programme

Professor John Williams of Swansea University opened the meeting and welcomed the audience and speakers to the Royal College facilities. He then introduced Peter Singleton, who had organised the meeting and who would chair the meeting.

Peter Singleton provided the usual introductions, emphasising that the meeting was to address issues of 'governance' and the associated processes rather than to focus on the minutiae of definitions of consent and confidentiality - though the lack of accepted definition might well be raised as an issue.

The first part of the morning session was an 'Introduction to the issues' with presentations from Dr. Dipak Kalra from University College London (UCL) on the Clinical eScience Framework (CLEF) project, Ms. Sheila Casserly from UK BioBank, and Professor Joan Higgins, Chair of the Patient Information Advisory Group (PIAG).

The second part covered 'Balancing public good and individual protection' with - Dr. Jane Kaye from the Oxford Genetics Knowledge Park, Dr. Kirstine Knox from the National Translational Cancer Research Network (NTRAC), and Toto Gronlund of the NHS Information Authority.

After lunch, there was a session on ' Navigating/managing approval and regulation' with Dr. Peter Dukes from the Medical Research Council (MRC), Professor Terry Stacey, Director of the Council of Research Ethics Committees (COREC), and Peter Singleton presenting some notes provided by Marc Taylor of NHS Research & Development.

After coffee, Peter Singleton opened the session on 'Co-ordinating and integrating the regulation' presenting some possible areas for action based on earlier feedback.

Issues Raised

Issues raised at the meeting were:

Consent

• 'consent' as an approach for research databases is not 'scalable'
• There is a need for a debate on creating a 'consent culture' whereby patient wishes are accommodated where possible, rather than first seeking reasons not to inform nor provide choice.
• The position over 'broad consent' (viz. consent to future research purposes which cannot be established at present).
• 'Informed consent' was time-consuming and expensive and may not significantly add to patient choice if most were in favour. [A recent Citizens Council meeting organised by NICE had recommended that certain databases should continue without consent, though the public should be informed of their existence, even if there was no choice to withdraw]
• Consistency of definition and approaches to consent and confidentiality issues between bodies is a problem
• There is an issue surrounding 'consent for consent' whereby patients need to be contacted for consent to have researchers approach them for consent to partake in a particular research project. This seems convoluted and inefficient (for everyone, including the patient)
• It is important to ensure accuracy of data as well as gaining consent and assuring confidentiality
• There would be issues with taking data from private healthcare suppliers (be they providing healthcare privately or on behalf of NHS organisations). What would be the appropriate controls then?

Anonymisation

• 'anonymous data' needs a definition (c.f. HIPAA in USA) [This is being considered by the OIC at present]
• Approved 'anonymisation' or 'de-identification' processes need to be established and publicised for researchers to adopt and be approved by RECs, etc.
• It is important that researchers keep in mind the potentially real sensitivity of some of the data available (e.g. past termination of pregnancy or impotence information) particularly when used in a local context
• Is the use of a trusted third-party (TTP) [to anonymise the data before it reaches researchers] acceptable? [This was the option being explored in Scotland]

Research Ethics Committees

• RECs are unused to health informatics issues, being more focused on clinical research trials
• RECs and other regulatory bodies may be choosing to protect patients' interests without a clear mandate to do so (viz. they may be preventing research over consent issues, when the vast majority of patients would prefer the research to go ahead)
• RECs [and other bodies] and researchers seem to approach this from very different angles. Perhaps joint training sessions for researchers and new REC members would be helpful in understanding both sides of the issues.
• There can be pressure on researchers to destroy data after a project rather than to preserve the data for future use. [Discussions suggested rather that it was best for researchers to establish an 'end-of-life' policy for their data to ensure that there was a policy and funding if data was to be preserved or destroyed - this would allow patients and regulatory bodies to assess the risks appropriately]
• There can be too much emphasis on needing to destroy data at the end of research project rather than establishing an 'end-of-life' strategy which may include secure storage locally or as part of a wider repository
• Sometimes problems can occur when the REC has approved the project but a Trust Caldicott Guardian decides that it is not appropriate for their organisation to supply the data. There seems to be no route for appeal. [Escalation to the Trust Chief Executive was one suggestion; another was that perhaps RECs should take on more of an Information Governance (IG) role]
• There can be problems over established databases, which are prevented from continuing over issues of consent (and/or re-establishing contact to gain consent). [An example of a population lymphoma database having to stop in 2003 was given.]

The Law

• There are different legal positions in England & Wales, Scotland, and Northern Ireland, which not only leads to possible confusion, but makes UK-wide research databases difficult
• Current research practice is often short of legal requirements or accepted good practice - S60 exemption is sometimes perceived as a way of avoiding implementing necessary improvements
• There is additional uncertainty over status of records of deceased patients [need to check with Louise Parker as to where this comes from]
• If the data is 'anonymised [by whatever definition], what is the legal basis for its use? Is REC/PIAG approval still required?
• Should we have properly 'accredited' researchers rather than using 'honorary contracts' as a convenient fiction

Education and Leadership on the issues

• There is much 'red tape' and uncertainty. People need to assimilate a lot of different guidance or commentary and still have a number of 'grey areas' to deal with. There is a need to make life easier for researchers.
• It is not clear where researchers can go to get advice on best practice in this area. [RECs do not give legal guidance, though may make requirements on the research project before giving approval]
• Researcher often do not read the guidance provided properly before submitting REC applications. [This may suggest that better training of researchers is needed, and/or better signposting to the guidance available.]
• There is a need to facilitate 'best practice' across the research community, covering principles, guidance, and models of best practice. Without clear guidance, there will be an excuse for researchers 'not to change' poor practice
• If we are to achieve clarity and consistency in these areas, then first we need to establish who leads (MRC, DoH, ICO, ??)
• The question of balancing public and private interests needs to be debated more widely and a suitable compromise agreed.
• The arguments need to keep in mind the actual level of threat (point made by a patient representative)

Peter Singleton December 2004