Biomedical research has long relied on broad consent models where participants provide a one-time, open-ended consent for their data to be used across a wide array of future studies. However, this traditional approach faces major ethical limitations especially with technology like genetic sequencing becoming more commonplace, generating rich yet sensitive datasets of genomic information with or without clinical annotations.

In a broad consent approach, participants have limited ability to understand and control how their genetic data gets used after the initial consent, despite the profound implications to their health, families, and privacy. Furthermore, unexpected secondary uses of their genetic data can emerge over time that participants would not have initially agreed to.

Therefore, robust and secure yet flexible systems of genomic data management that enables informed consent and reconsenting is crucial to maintain participants' trust and data sovereignty. The key challenge of developing such robust systems lies in the balancing of data protection and ethical practices with the need for efficiency and access across research, clinical, and population health contexts.

Our Proposal: ConsentGuardian

To address this challenge, we proposed ConsentGuardian, a conceptual framework for secure and ethical genomic data management. The heart of ConsentGuardian, a dynamic consent (DC) model, represents a paradigm shift in the approach to consent in genomic data management for research and clinical applications.

The DC model puts participants at the centre of the decision-making by facilitating dynamic two-way communication between researchers/clinicians and the participants. This DC approach emphasises engagement and participant control, leveraging digital systems for efficiency while ensuring data security.


Key Components of ConsentGuardian:

  1. Self-Sovereign Identity (SSI): ConsentGuardian leverages SSI to enable participants to control their data assets with verifiable credentials and presentations. This empowers participants to manage their digital identities and data access rights to independent organisations and/or studies, making it particularly valuable when multiple organisations seek access to their genomic data for different use cases.
  2. Decentralised Dynamic Consent: ConsentGuardian incorporates a decentralised dynamic consent platform, enabling participants to track, manage and change their consents in real-time.
  3. Future-Proof Encryption: ConsentGuardian proposes the use of post-quantum cryptographic methods to encrypt participants' genomic data, aiming to ensure long-term security against next-generation quantum computing attacks.
  4. Interoperability: ConsentGuardian aims to seamlessly integrate with existing and future healthcare systems by leveraging HL7 FHIR standards for its internal data model. While research systems currently use different standards (e.g., OMOP), ConsentGuardian anticipates future convergence towards healthcare standards and aims to bridge these gaps.
"Genomic data represents the most private information about the past, present, and future of an individual"

Dr Bertalan Mesko, the Medical Futurist

This quote by Dr Bertalan Mesko highlights the comprehensive and deeply personal nature of genomic data, underscoring its sensitivity and the crucial need for stringent privacy and security measures when dealing with such data.

While this blog focussed mostly on consent, genomic data management is multifaceted and is subjected to complex external pressures including governance and law. Our comprehensive review paper, published in GigaScience, provides a more in-depth analysis, covering the technological innovations that underpin ConsentGuardian and other approaches to genomic data and consent management.

It's important to note that ConsentGuardian is in continuous development and the concepts and technologies we've described are being actively worked on and refined. As we continue to progress ConsentGuardian, we welcome input and collaboration from stakeholders in genomic research and healthcare communities to create a system that truly serves the needs of participants, researchers, and healthcare providers alike.

References

Adrien Oliva, Anubhav Kaphle et al. Future-proofing genomic data and consent management: a comprehensive review of technology innovations 2024. DOI: 10.1093/gigascience/giae021.