Nordic platform for sensitive biomedical data

The Tryggve project

Antti Pursula

https://wiki.neic.no/wiki/Tryggve

Tryggve project – platform for sensitive biomedical data

2

• Nordic 3-year collaboration on sensitive biomedical data funded by NeIC and the ELIXIR nodes in Denmark, Finland, Norway & Sweden

• Main goals– Facilitate sharing and combining sensitive data between

countries– Enable projects to store and process sensitive data securely

• Project will advance through connecting existing capacities and resources in Nordic countries

3

Motivation and Goals

• Motivation: Enable and strengthen biomedical research

• Overall goals:

Enable processing and cross-border sharing of sensitive biomedical data for research

Digitalize the routines for sharing sensitive data

Transfer of knowledge between Nordic developers and service providers

4

Nordic platform ?

• Objective: “The result of the project is a set of e-infrastructure capacities, software tools and common processes that together form a Nordic secure platform for providing services to share and process sensitive biomedical data in effective and legally consistent manner. “ (from the Project Plan)

• Platform = + E-infrastructure+ Software and tools+ Processes+ Competence

Enables operation of services

5

Sensitive biomedical data ?

• Tryggve provides solutions for sensitive biomedical data

• All health related data, including genetic data, is regarded as sensitive data according to Nordic data protection laws,

• Pseudonymous data is also regarded as personal data and subject to data protection law

• Data sources include personal data collected under informed consent, public registers, health registers, biobanks.

• Sensitive data can be used in research under consent from data subject and/or permission from an ethical board or there has to be another separate legal basis for processing the data– Legislation and practices differ in different countries– Secondary use of sensitive data from. e.g. public population based

registries is governed by freedom of information law and data protection law

6

Expected results

1. Secure storage distributed in Nordic countries.2. Secure processing capacity connected to storage.3. Research software provided in the secure

environment. 4. Trusted method to move data between the systems.5. Searchable register to discover the data.6. Digital process and tool for applying and managing access

to data.7. Common legal standards for sharing of sensitive

data.

• Minimum requirements are described by items 1-4 and 7.

7

Tryggve whiteboard sketch

Storage and processing instances with portable virtual machines

Searchable data catalogue

Authorization management (REMS)

FIRST PRIORITY

8

“Building blocks” of sensitive data platform

• TSD 2.0 service at USIT Oslo (in operation)• Mosler service at BILS (to be opened for pilot users in Mar

2015)• ePouta IaaS at CSC (to be opened for pilot users in May

2015)• REMS authorization management service at CSC (in

operation)• Bioinformatics tools registry at DTU (in operation)

9

Tryggve - Added value for the users

• The end product:

Trusted platform for services on sensitive data in Nordics

– Store, share and process sensitive data for research

– Simple way to apply for permission and get access to data

– Facilitate powerful projects on the Nordic level

Platform shown to comply with legal framework

10

Use cases help to focus development

• Development driven by use cases from the research communities

• Use case presents an actual and specific need at a research group

• Cases can be submitted continuously during the project. – Prioritization of use cases decided by Tryggve Steering group

• Work within a use case is collaboration between Tryggve project (implementation, technical support, etc.) and researchers (requirements, testing, pilot use, …)

11

Thank you

• For updates check project web pagewiki.neic.no/wiki/Tryggve

• ContactProject Manager Antti Pursulaantti.pursula@csc.fi