Ethical and governance considerations for genomic data sharing in the development of medical technologies for melanoma

It’s the ethical imperative of medical providers and researchers to improve the health outcomes of either their patients or the general public.

A large part of this work is innovative—developing new treatments, diagnostic tools, and preventative measures. But this ethical imperative is increasingly coming into conflict with another: the obligation to protect patient privacy and security.

In short, the problem is simple. New technologies are being developed which greatly improve patient outcomes. These technologies rely in part on genomic data, which contains sensitive, private information about patients. To date, there is no comprehensive regulatory framework governing the way this data ought to be shared, protected, and utilised. Scientists and academics conducting potentially life-saving research are hamstrung by this issue, which undermines the tools they develop and prevents the uptake of their findings in healthcare settings.

In detail, the issue gets a bit more complex. Read on to hear how the iToBoS project, which aims to create an Artificial Intelligence-assisted diagnostic tool for the early detection of melanoma using genomic data, addresses these complex social and ethical questions.

What is genomic data? What are the risks associated with its use?

Genomic data is sensitive, personal information drawn from analysis of an individual’s biological samples, usually DNA or RNA. This data can tell researchers about a person’s genetic background, including their family history, predisposition to certain diseases, and relationships to others.

With such a rich source of personal information comes risks. What if genomic data is used to discriminate against people from certain backgrounds? What if this data is used in other research projects, which subjects don’t consent to or support? If these risks go unaddressed, projects like iToBoS, which pair genomic data with machine learning, could lead to the creation of biased algorithms and perpetuate differential and discriminatory treatment in healthcare. At the same time, though, genomic data has been so useful at improving health outcomes that it can’t be abandoned entirely. Here, the tension between healthcare practitioners’ ethical imperatives is clear.

The EU Regulatory Framework

Complex questions require complex answers, and in the case of genomic data, the EU’s regulatory framework makes things trickier still. The European Commission encourages open data sharing. In its proposed Digital Strategy, the EC states that open data will foster a digital transformation that “rethinks policymaking, has a single digital government mindset, and optimises business and administrative processes.” This strategy is supported by the creation of the European Health Data Space. Throughout these initiatives, the EC has paid special attention to genomics data, which carries more security risks due to its sensitivity, publishing a health data Regulation, an open-sharing roadmap, and a formal opinion on specific data sharing.

However, researchers agree that these initiatives don’t provide adequate security for genomic data sharing. The data is simply too high-risk, contains too much identifying information, and is used in technology that is evolving too fast for policymakers to keep up. Instead, researchers across the field agree that a specific Code of Conduct for using and sharing genomic data is needed to guide research and ensure collaboration across jurisdictions while maintaining compliance with the GDPR and other regulations.

Genomic data, ethics, and the iToBoS project

In the eyes of the iToBoS team, the only way to manage the complexities surrounding genomic data use is to confront them head on. That’s why the project’s primary goal is not only to produce the diagnostic tool, but to do so ethically, in a manner that is socially responsible and compliant with regulations such as the GDPR.

The first element to ensure best practices in the iToBoS project is the Privacy Impact Assessment + (PIA+). This process considers risks using the ISO PIA methodology, which flags current risks and identifies ones which may occur in the future. Our approach goes a step further, though, to consider ethical and social concerns. Ethical considerations such as autonomy, beneficence, and non-maleficence are weighed against the project’s risks, which include privacy violations, discrimination, and financial exploitation.

iToBoS also creates protocols to ensure patients are fully informed about the risks and limitations of genomic data sharing before their samples are collected. Pre-test genetic counselling is provided to participants to discuss the pros and cons of the testing, as well as the anticipated outcomes of the test, which screens for high penetrative family melanoma genes. Further, to ensure accessibility and transparency, patients will be given their genetic data in a readable format, rather than as a raw data set. Finally, all of the genomic data collected for the iToBoS project can only be used for the iToBoS project, and researchers must obtain separate, specific consent if they’d like to use the data for further research.

Overall, the iToBoS team is meeting the challenge of operating in this uncharted regulatory and ethical territory by committing to transparency, playing close attention to the complexities of results, and staying informed about and involved in debates surrounding the regulation of genomic data. The consortium echoes the research community’s calls for the development of a Code of Conduct governing genomic data, and urges a rethinking of medical ethics in this era of disruptive technology, one which centres patients’ rights and the obligations of medical officials.

Niamh Aspell.