This page will help users understand the Data Governance processes in place for the Health Data Nexus, and how we use and protect data as part of this exciting initiative.
Health Data Nexus
The Health Data Nexus is a data environment built to facilitate research and education initiatives. The platform is built on the principles of respecting individuals’ privacy and the security of the information we hold. It also provides researchers with transparent, inclusive, and timely access to de-identified data to facilitate flexible, frictionless and responsible data discovery and analysis.
The Health Data Nexus receives de-identified data from partner institutions, including hospitals, universities, research centres, and private companies, based in Ontario, Canada, and around the world. Some data has already been made publicly available and its holders have given permission to share it on the platform. Other data is newly collected and curated for the Health Data Nexus. The Temerty Centre for Artificial Intelligence Research and Education in Medicine (T-CAIREM) of the University of Toronto, which oversees the Health Data Nexus, is offered no money to put data on the Health Data Nexus, nor does T-CAIREM charge any partner institutions a fee for data sharing and hosting.
Data Governance refers to the processes and policies we have put in place to maximize the effective use and security of data. We take a layered approach to protecting the data we hold, and have established a Data Governance Proposal, Data Transfer Agreement, Code of Conduct, Data Use Agreement, Data Governance Committee Terms of Reference, and Deidentification Policy. The governance and use of data on the Health Data Nexus platform has also been independently evaluated in a Privacy Impact Assessment (PIA) conducted by external legal counsel as well as a Threat Risk Assessment (TRA) conducted by an outside information security firm. For a copy of the PIA report, a summary of the TRA report, or any of the Health Data Nexus governing documents, please contact the Data Steward at email@example.com.
Personal Health Information (PHI)
PHI is defined under PHIPA (Ontario’s Personal Health Information Protection Act, 2004) as identifying information about an individual that relates to their physical or mental health, including diagnoses, testing, treatments, demographic information, and payment information related to health care.
The Health Data Nexus does not allow PHI to be stored on the platform. Data hosted on the Health Data Nexus is provided to us in de-identified form, according to strict protocols. This means that any information which could foreseeably—either alone or with other information—be used to identify any individual has been removed prior to transfer, in compliance with the De-identification Policy; it is then reviewed by the Data Steward. If in the rare event PHI is missed or is inadvertently placed on the platform, the Health Data Nexus has processes in place to immediately flag and delete this information. These protections are detailed in the Data Transfer Agreement, Code of Conduct, and Data Use Agreement.
Research Ethics Board (REB)
An REB ensures that research meets ethical standards to protect human participants in research, in compliance with PHIPA and the Tri-Council Policy Statement (TCPS2): Ethical Conduct for Research Involving Humans. Datasets that are not already publicly available include a research plan describing the creation of a deidentified dataset—this research plan is approved by an appropriate REB, either through the University of Toronto or as affiliated with the data holder. If the research plan was approved outside of the University of Toronto, it must be submitted for administrative review to the University of Toronto’s Human Research Ethics Unit (HREU).
Datasets that are already publicly available and for which no research plan exists (e.g., if the dataset was created prior to enactment of TCPS2) are reviewed by U of T’s HREU.
Once a dataset has been stripped of any PHI by the data holder and transferred to T-CAIREM for hosting on Health Data Nexus, it may be hosted on the Health Data Nexus for secondary use by researchers, without individual patient consent. However, each research study is subject to REB review. This is allowed under PHIPA and TCPS2 for the following reasons:
- It is not feasible to seek consent for large numbers of individuals after they have been discharged from hospital, especially if a long period of time has passed;
- Using data for research without PHI carries little risk given the range of protections put in place for Health Data Nexus;
- The activities of researchers on the Health Data Nexus do not directly influence a person’s clinical care;
- The risk of re-identification is negligible;
- The creation of the secondary data resource receives REB approval, and the REB is given a list of any researchers accessing the dataset.
This approach is consistent with research initiatives across Canada and around the world.
Using and Sharing Data
De-identified data on the Health Data Nexus is only available to credentialed users who have signed the Code of Conduct, completed specific research training, and signed the appropriate Data Use Agreement. Researchers can be access the de-identified data only in a cloud-based analytics environment; technical and legal safeguards prevent data from being download or removed from the platform.
In addition, the Health Data Nexus includes three zones of data access, each of which is subject to the safeguards set out above:
Zone 1 requires user credentialing, appropriate research training, and a signed Data Use Agreement. This is the baseline zone of access on the platform.
Zone 2 includes Zone 1 requirements, and additionally, requires the submission of a research plan to be approved by the data holder, allowing for greater control over research using the data.
Zone 3 includes the same requirements as Zone 2 and additionally requires that the submitted research plan be approved by an REB. The zoned data access on the platform provides additional protection for data holders who wish to provide potentially sensitive data.
The Health Data Nexus does not share data with, nor sell data to, third parties. Research using data on the Health Data Nexus cannot be for commercial purposes. Any intellectual property resulting from research using Health Data Nexus data must be negotiated directly between the data user and the data holder, and will not be facilitated by T-CAIREM nor the Health Data Nexus.
Data Governance Committee
In addition to the policy documents mentioned above, the Health Data Nexus is also governed by a Data Governance Committee, which reviews the appropriateness of newly acquired datasets for placement on the platform and to provide oversight to any new developments that engage the platform. To ensure that a diverse set of voices are heard, the Data Governance Committee includes patient representatives, members with ethical and legal backgrounds, and student and trainee representatives.
For any questions or concerns about data governance, use, and security, please contact the Data Steward at firstname.lastname@example.org.
Each dataset on the platform is uploaded under its own license, in this standard form:
The Health Data Nexus Contributor Review Health Data License
Copyright (c) 2022 Temerty Centre for Artificial Intelligence Research and Education in Medicine
The Temerty Centre for Artificial Intelligence Research and Education in Medicine (T-CAIREM) wishes to make data available for research and educational purposes to qualified requestors, but only if the data are used and protected in accordance with the terms and conditions stated in this License.
It is hereby agreed between the data requestor, hereinafter referred to as the "LICENSEE", and T-CAIREM, that:
- The LICENSEE will not attempt to identify any individual or institution referenced in Health Data Nexus restricted data.
- The LICENSEE will exercise all reasonable and prudent care to avoid disclosure of the identity of any individual or institution referenced in Health Data Nexus restricted data in any publication or other communication.
- The LICENSEE will not share access to Health Data Nexus restricted data with anyone else.
- The LICENSEE will exercise all reasonable and prudent care to maintain the physical and electronic security of Health Data Nexus restricted data.
- If the LICENSEE finds information within Health Data Nexus restricted data that they believe might permit identification of any individual or institution, the LICENSEE will report the location of this information promptly by email to email@example.com, citing the location of the specific information in question.
- The LICENSEE will use the data for the sole purpose of lawful use in scientific research and no other.
- The LICENSEE will be responsible for ensuring that they maintain up to date certification in human research subject protection
- The LICENSEE agrees to contribute code associated with publications arising from this data to a repository that is open to the research community.
- This agreement may be terminated by either party at any time, but the LICENSEE's obligations with respect to Health Data Nexus data shall continue after termination.
THE DATA ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE DATA OR THE USE OR OTHER DEALINGS IN THE DATA.