Using routinely collected health data for surveillance, quality improvement and research: Framework and key questions to assess ethics and privacy and enable data access
De Lusignan S., Liyanage H., Di Iorio CT., Chan T., Liaw ST.
Copyright © 2015 The Author(s). Background The use of health data for public health, surveillance, quality improvement and research is crucial to improve health systems and health care. However, bodies responsible for privacy and ethics often limit access to routinely collected health data. Ethical approvals, issues around protecting privacy and data access are often dealt with by different layers of regulations, making approval processes appear disjointed. Objective To create a comprehensive framework for defining the ethical and privacy status of a project and for providing guidance on data access. Method The framework comprises principles and related questions. The core of the framework will be built using standard terminology definitions such as ethics- related controlled vocabularies and regional directives. It is built in this way to reduce ambiguity between different definitions. The framework is extensible: principles can be retired or added to, as can their related questions. Responses to these questions should allow data processors to define ethical issues, privacy risk and other unintended consequences. Results The framework contains three steps: (1) identifying possible ethical and privacy principles relevant to the project; (2) providing ethics and privacy guidance questions that inform the type of approval needed; and (3) assessing case-specific ethics and privacy issues. The outputs from this process should inform whether the balance between public interests and privacy breach and any ethical considerations are tipped in favour of societal benefits. If they are then this should be the basis on which data access is permitted. Tightly linking ethical principles to governance and data access may help maintain public trust.