NIGB Legal requirements for use of personal data in research OnCore UK / NRES Training workshop Ethical Principles relating to consent for use of samples & related data in research Karen Thomson Information Governance Lead NATIONAL INFORMATION GOVERNANCE BOARD

Interaction with the Human Tissue Act NIGB Governing use of tissue Human Tissue Act 2004 Governing use of personal & confidential data Data Protection Act 1998 Common law duty of confidentiality Human Rights Act 1998 NATIONAL INFORMATION GOVERNANCE BOARD The point of intersection is identifiable tissue InformationTissue

Interaction with the Human Tissue Act NIGB De-identified tissue only comes under HTA Identifiable tissue comes under both HTA and information law. Use of identifiable tissue therefore requires a legal basis both for its use i.e. the purpose and for its provision in identifiable form (disclosive of personal information) NATIONAL INFORMATION GOVERNANCE BOARD

What are we going to cover? NIGB NATIONAL INFORMATION GOVERNANCE BOARD Role of the NIGB Legal and policy requirements for processing of personal data for research – Section 251 & the Health Service (Control of Patient Information) regulations 2002/1438 Interaction between data & tissue legislation – Section 251 & how it applies to tissue Issues

Role of the NIGB NIGB Established by Health & Social Care Act 2008 To promote higher standards for information governance across health and social care Members either publicly appointed or represent Health and Social Care stakeholders The NIGBs Ethics and Confidentiality Committee advises Secretary of State on Section 251 (not REC) Territorial extent – England, Section 251 England & Wales NATIONAL INFORMATION GOVERNANCE BOARD

Legal requirements NIGB Legal requirements for processing confidential personal data Common law duty of Confidentiality Data Protection Act 1998Human Rights Act 1998 NATIONAL INFORMATION GOVERNANCE BOARD

Common Law of Confidentiality NIGB Information must be confidential in nature Information that is communicated in confidence as part of the relationship Confidentiality survives death May be limited by –Consent (Informed, with capacity, freely given) –Statute/Court order –Public interest favours disclosure See the NHS Confidentiality Code of Practice NATIONAL INFORMATION GOVERNANCE BOARD

Human Rights Act 1998 NIGB Right to privacy (Article 8) BUT breaches by the state may be justified provided they are necessary [for]…public safety… [or] the protection of health Disclosures must be proportionate based on the particular circumstances of individuals 3 tests considered –has there been interference with privacy? –is there justification? –is the justification proportionate to the breach? NATIONAL INFORMATION GOVERNANCE BOARD

Data Protection Act 1998 NIGB DPA defines personal data as data which relate to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of the data controller… In other words if it is identifiable, its personal If data are effectively anonymised then they are no longer personal data and can be used without restriction. NATIONAL INFORMATION GOVERNANCE BOARD

Data Protection Act - 8 principles NIGB 1)Fairly and lawfully; 2)Obtained for specific purposes and only used for compatible purposes; 3)Adequate, relevant & not excessive; 4)Accurate; 5)Only kept for as long as necessary for the agreed purpose; 6)In accordance with the rights of the subject; 7)Kept securely; 8)Only transferred outside European Economic Area (EEA) with equivalent protections. NATIONAL INFORMATION GOVERNANCE BOARD

NIGB Section 33 provides exemptions for research: Further processing for research is to be regarded as a compatible purpose But this does not remove onus on NHS bodies to inform patients about the use for research purposes; And it only applies where research is a secondary purpose. Data can be kept indefinitely Exemption from subjects access rights NATIONAL INFORMATION GOVERNANCE BOARD Data Protection Act Research exemptions

NIGB Section 251 & the Health Service (Control of Patient Information) Regulations 2002 [SI 1438] permit the common law duty of confidentiality to be set aside for medical purposes where: - anonymised data cannot be used - and where consent is not practicable. Medical purposes include medical research. These powers can only be used to improve patient care, or in the public interest. NATIONAL INFORMATION GOVERNANCE BOARD Exemption from the duty of confidentiality

Human Tissue Act 2004 NIGB HT Act is not retrospective, differentiation between existing and new holdings For existing holdings (living or deceased) consent not required to use the tissue for research but the CoP and Schedule 1 indicate consent should be sought where practicable; From an information law perspective, if there is no consent then must be anonymised. NATIONAL INFORMATION GOVERNANCE BOARD

Human Tissue Act 2004 NIGB New holdings for the living - consent from the individual is needed but tissue may be used without consent where it has been de- identified for the researcher - it is needed for identifiable tissue. New holdings for the deceased – the consent of the individual prior to death, or the consent of the family is required, irrespective of identifiability; NB Vital status is at the point tissue is collected. NATIONAL INFORMATION GOVERNANCE BOARD

Implications for research NIGB Given the need to adhere to both HTA and information law requirements this raises questions: How to select and obtain relevant samples? How to link data and tissue? How to obtain consent to use data and tissue for research? NATIONAL INFORMATION GOVERNANCE BOARD

How S251 can apply to tissue NIGB All of the above involve processing data prior to obtaining consent for use of the tissue. Support under the Section 251 regulations has a role in addressing these questions where prior consent has not been obtained for the disclosure of confidential patient information or where identifiable tissue is needed. NATIONAL INFORMATION GOVERNANCE BOARD

How S251 can apply to tissue NIGB Use of tissue only Permitting disclosure of personal data to select relevant patients and request their tissue samples. At the point the tissue is received by the researcher it should be de-identified and the researcher should no longer hold the identifiable data used to request the samples. But this does not override the requirements for consent under the HTA NATIONAL INFORMATION GOVERNANCE BOARD

How S251 can apply to tissue NIGB Linking data and tissue Permitting disclosure of confidential data both to allow requests for suitable tissue samples and to link the tissue samples and patient information together. Both the data and tissue should be de- identified but using a common pseudonym or code to allow linkage in de-identified form. But this does not override the requirements for consent under the HTA. NATIONAL INFORMATION GOVERNANCE BOARD

How S251 can apply to tissue NIGB Identification to seek consent Permitting disclosure of confidential patient information to allow researchers to select and identify patients in order to seek their consent to participate in research either directly or through the use of data or tissue or both. Key principles include that the first point of contact comes from an organisation which has provided relevant care to the individual (ie their GP or hospital clinic). NATIONAL INFORMATION GOVERNANCE BOARD

Issues NIGB Consent – blanket, generic consent is of questionable validity - how to get the balance right? Is this an area where data and tissue are different? S.251 cannot be used to facilitate contacting family members / person in a qualifying relationship to seek their consent. Personal data has a broad definition so when is data or tissue effectively de-identified? NATIONAL INFORMATION GOVERNANCE BOARD

De-identification NIGB When is anonymised data anonymous? Personal data data which relate to a living individual who can be identified from those data, or from those data and other information which is in the possession of, or is likely to come into the possession of the data controller… –i.e. combination of identifying data items or other information available which makes data identifiable and therefore personal. –To cease being personal data all means of identification should be removed prior to disclosure. NATIONAL INFORMATION GOVERNANCE BOARD

De-identifying data NIGB Sufficient identifiers should be removed or where they are needed encrypted so that they are machine readable but not human readable – still personal & confidential data. NB - This should be done before researcher receives it, where consent is absent. NATIONAL INFORMATION GOVERNANCE BOARD Strong Identifiers NHS number Date of Birth Date of Death Postcode Name Address GP practice code Other Identifiers Ethnicity Local patient identifier Other geographic identifiers – Local Authority area – PCT Gender

Is pseudonymised data anonymous? NIGB Pseudonymised data –data that has been coded so that it is not identifiable to the recipient but which can be linked longitudinally and across different sources if a common pseudonym is used. The pseudonymisation key must NOT be held by the receiving body, otherwise identifiable There remains a degree of risk as to the identity of some individuals, therefore still personal data but can be used with safeguards: –data disclosure / sharing contracts which require the recipient not to seek to identify individuals and not to disclose the data to 3rd parties. Apply pseudonymisation techniques & evaluate identifiability before release & withhold or redact. NATIONAL INFORMATION GOVERNANCE BOARD

Key messages NIGB Consent is needed for use of data and tissue but exemptions for both HTA governs consent for use of tissue Information law governs consent for use of personal data Identifiable tissue comes under both and consent is needed both for use and disclosure –support under S.251 regulations can be sought where consent is not practical NATIONAL INFORMATION GOVERNANCE BOARD

NIGB for ECC: Tel: NATIONAL INFORMATION GOVERNANCE BOARD