Abstract
Technological advances in the quality, availability and linkage potential of health data for research make the need to develop robust and effective information governance mechanisms more pressing than ever before; they also lead us to question the utility of governance devices used hitherto such as consent and anonymisation. This article assesses and advocates a principles-based approach, contrasting this with traditional rule-based approaches, and proposes a model of principled proportionate governance. It is suggested that the approach not only serves as the basis for good governance in contemporary data linkage but also that it provides a platform to assess legal reforms such as the draft Data Protection Regulation.
Keywords: Principles, rules, regulation, data, information, principled proportionate governance, research
I. Introduction
The era of eHealth is upon us.2 This forces a reconsideration of traditional approaches to information governance in light of a new and fluid landscape, one where the potential for medical research through secondary uses of data is particularly promising.3 Data linkages within and beyond the health sector have the opportunity to benefit the health and wellbeing of populations on a local, European and global scale. At present, however, governance is both the potential saviour and slayer of such promise. The legal landscape governing uses of data for research and the various obstacles have been discussed at length elsewhere.4 A very common conclusion is that it is a virtually impenetrable terrain, hostile to the research pioneer. Key challenges include:
Overlapping European and domestic laws that are subject to varying interpretations and which lead to a culture of caution with respect to data linkage for research;5
Multiple decision-makers in research approval mechanisms who apply diverse frameworks for decision-making;6
A sub-optimal deployment of governance tools and an over-reliance on consent to legitimate data linkage when this is neither necessary nor sufficient in itself;7
Disproportionate regulatory burden relative to the risks involved.8
The current governance framework for secondary uses of health data has been criticised for the ‘conservative culture of governance’9 that it has engendered. Our interest in this article is with how to improve the situation and in particular to assess the nature and suitability of a system of principle-based regulation (PBR). Principle-based regulation (PBR) can be contrasted with rules-based regulation (RBR) where the former relies upon broad and looser principles to guide action and the latter upon stricter pre- and proscriptive rules for framing approaches to governance and decision-making. We begin by unpacking these terms, drawing on lessons from the financial sector where PBR has been explored more fully. Our interim conclusion is that it is preferable to talk of a principles-based approach (PBA). The crucial advantage of such an approach is that it permits and fosters governance behaviours that embrace the reality that subtle judgements about the value and risks of data linkage must often be made within existing legal frameworks. Proscriptive rule-based approaches militate against this and, instead, perpetuate a governance culture based on compliance and caution when it is not clear that this either adequately protects interests in personal data or promotes the underlying public interest in research. We then explore what it means to adopt PBA and how this can be compared with RBR. In order to make our assessment, we offer illustrations of PBA at work at the level of law and practice in health-research information governance. We advocate a model of principled proportionate governance which includes appropriately designed risk-assessment provision. The model has been developed by the authors in the context of the Scottish Health Informatics Programme (SHIP) and we suggest that it has considerably wider application. Whilst space does not permit a robust analysis of Data Protection legislation or proposed reforms such as the draft Data Protection Regulation, we do briefly consider the implications of a principles-based approach with regard to proposed reforms, arguing that despite remaining short-comings, the proposals are at least moving in the right direction.
Ultimately, we argue in defence of a principles-based approach to information governance because, despite misgivings, this can bring substantial added value to the current regulatory landscape because it can assist in addressing each of the pressure points identified above. Thus:
PBA operates as an explicit statement of the core values and standards which underpin data sharing practices and arrangements (and so improves transparency, legitimacy and, hopefully, trust in systems that apply these);
PBA provides decision-makers with a common frame of reference, values and a language with which to make decisions (and so facilitates engagement and mutual recognition of governance arrangements which can reduce undue overlap);
PBA engages with the full range of governance tools to ensure that appropriate governance pathways are applied to each data linkage.
PBA involves robust risk-assessment ensuring that proportionate levels of governance are applied to data linkages based on the real risks involved.
II. Existing paradigms: Principle-based regulation (PBR) and rule-based regulation (RBR)
PBR is a well-recognised concept and, as evident from its name, it is a mode of regulation that relies upon principles as opposed to rules. Several different categories of PBR have been identified: including formal, substantive10, full and polycentric11, but overarchingly it is concerned with ‘broad-based standards in preference to detailed rules, outcomes-based regulation and increasing senior management responsibility.’12 Much of the PBR-related literature to date has centred on the regulation of financial markets. However, the philosophy is broad-reaching and many useful lessons can be translated into the health and information governance contexts.
As a result of our own experience of information governance, we envisage PBR as the use of broadly-stated objectives, standards and values by which individuals and institutions should conduct themselves when using data for research purposes. In contrast, rules-based regulation (RBR) relies on compliance with specific rules and gives rise to criticisms of rigidity; where one rule is in conflict with another, there is a lack of flexibility in determining which rule to follow. It is suggested that conflict of rules actually leads to the necessity of additional rules in order to clarify what must be done.13 Put otherwise, the versatility of rules is limited when the decision-maker is faced with a situation which may not have been anticipated by the drafters and thus no rule has been provided. PBR allows the decision-maker to reflect on broad-based values and commonly-agreed objectives to determine through deliberation and reflection what action best fits in accordance with the particular value(s) advanced, avoiding reliance upon detailed anticipatory drafting for every perceivable situation. In contrast, RBR can overlook the values and objectives of an organisation/background under regulation; it can encourage a tick-box mentality whereby individuals focus on fulfilling a specific task to facilitate compliance rather than thinking about what they are doing and why, cognisant of wider responsibilities. In terms of practice culture, rigid adherence to RBR tends to promote a culture of mere compliance, whereas PBR can foster a culture of reflection and justification. Discretion tends to be reduced or eliminated in the former and, contrariwise, takes central stage in the latter. This, of course, brings its own challenges (see below).
Different approaches will be suited to different sectors. In the health research sector the eternal dilemma is how to accommodate two central public interests: (i) the public interest in promoting scientifically sound, ethically robust research, and (ii) the public interest in securing adequate protection for citizens’ privacy when their data are used for such research. Seen in these terms, individualistic governance devices such as consent and anonymisation are inadequate on their own.14 Indeed, other devices within the legislation exist, for example the research exemption within the Data Protection Act,15 however the current legislative landscape has failed to take advantage of the flexibilities included within it and we are concerned with what has in practice resulted in an interpretation of the framework which implies that the default position is to rely on consent and anonymisation.16 Neither are suitable alone, because the former is concerned solely with individual interests and the latter is merely a technical security measure which cannot accommodate the nuanced judgments that are in play when considering issues at the level of the two central public interests.17 A suitable regulation and governance system must be able to achieve this, reflecting core social values in each category of public interest, and allow – and provide guidance for – the exercise of discretion where matters are not clear-cut. How well, then, do systems based on principles rather than rules assist here?
The term ‘principles’ is over-used and this is a particular challenge in a legal context. To be clear, in this article we use the term in three distinct but overlapping senses. First, in Part III, we are concerned with conceptual clarity and use the term ‘principles’ to mean starting points for deliberation and action. We distinguish this sense from prescriptive (legal) rules requiring action. In Part V.1, we explore potential confusion as between principles and rules in law. We give concrete examples whereby so-called ‘principles’ in legislation are, in fact, operating as rules or in a rule-like manner. Our conceptual contribution explains why this can be a problem. Finally, in Part V.2, we build on our conceptual view of ‘principles’ in a real life application in the health research context - the SHIP project - to illustrate how a more specified set of principles in the context of data sharing and linkage can work within an existing legal framework to assist decision-makers to bring about fully the value of such activities while protecting core personal interests of data subjects. In other words, our proposed principled approach complements existing rules and serves as necessary means to promote underlying values which cannot be done through a rule-based system alone.
III. Bases for regulation: principles v. rules?
For the purpose of our current discussion, principles reflect the values that underpin an organisation or a process of decision-making or evaluation. As Arjoon suggests:
‘We need ethical principles at a high level and this should ‘permeate’ down to all levels -‘governance is a management question in terms of having the right ethical attitudes at the top; and it is a cultural question, by ensuring that the attitude permeates every aspect of business operation and conduct’.18
Within the information governance and health research context, we suggest that PBR provides a way of making explicit the values at stake and of aligning the attitudes of all actors involved in decision-making.
Principles should be seen as fundamental starting points to guide deliberation and action.19 Thus, their purpose is to point actors or decision-makers in the direction of the relevant values and considerations to be taken into consideration when a particular decision or course of action is being contemplated – in this case whether (personal) data should be linked for research purposes. This is in contrast with rules which, we would argue, are far more prescriptive20 (and often proscriptive) and are designed to indicate clearly to an actor or decision-maker what must be done (or not done) in each case.21 Put otherwise, principles are designed to help individuals reach a decision, whereas rules offer a specific diagnostic of actions to be taken22 or refrained from, as the case may be. Accordingly, we distinguish principles on a functional basis from so-called ‘hard and fast’ rules.
This is a distinction that is often ignored or collapsed in practice, including in the law itself. We maintain it is a helpful if not vital categorisation both to frame the debates and to construct effective legal and decision-making architectures. On this analysis, rules might provide a greater degree of certainty at the cost of flexibility; principles might provide greater flexibility but also far greater latitude which, we accept, might not always be welcomed in a regulatory environment. Accordingly, adopting and applying a principles-based approach can at times prove challenging and apparently antithetical to governance and regulatory objectives, as we discuss below. Notwithstanding, we argue that the value that principles can offer in decision-making outweighs the challenges that emerge in applying them. Indeed, latitude and flexibility are precisely what are required in the realm of information governance of health-related research. This is because many decisions about the appropriateness of data linkage to facilitate medical research necessarily rely on the exercise of judgment and discretion. Hard rules cannot cope with the myriad considerations, which include uncertain risks, uncertain futures and uncertain outcomes. Principles provide a mechanism for engaging with these uncertainties in ways that rules do not. Principles require reflection and justification for actions which, in themselves, are signals of ‘good governance’.23 Rules can lead merely to a drive for compliance with little accompanying reflection.
A clear obstacle in this analysis lies in the difficulty of distinguishing principles from rules: at times it can be unclear whether we are dealing with a principle or a rule. Beauchamp and Childress advocate a principles-based approach to decision-making in the context of medico-ethical dilemmas. The authors view the distinction between rules and principles as one resting on the level of specificity advanced:
[R]ules are more specific in content and more restricted in scope than principles. Principles are general norms that leave considerable room for judgement in many cases. They thus do not function as precise action guides that inform us in each circumstance how to act in the way more detailed rules and judgements do.24
However, despite their definitions, Beauchamp and Childress still appreciate the ‘loose distinction’ between the two.25 For our part, much of the value of this distinction lies in the respective ethos which each brings to the regulatory and governance environments.
Part of the difficulty relates to the language of principles; they can be considered as existing on a sliding scale, from a synonym with rules on one side to a vague statement of aspiration (unhelpfully) on the other. It is acknowledged that principles are capable of meaning too many things simultaneously. Space does not permit a more detailed exploration of this ‘sliding scale’ but we note the difficulty in distinguishing rules, principles and standards, particularly where the level of specificity offered within rules and principles and standards can vary from vague to prescriptive and might be set indistinguishably.26 This is not untypical in legal literature, and as we discuss presently, there are numerous instances in law where rules and principles are treated as synonyms. Such arbitrary usage overlooks an opportunity for conceptual clarity and better governance design. For these reasons it is important to explore further the relationship (and points of departure) between principles and rules as they are deployed in regulation and governance.
1. Application?
Some writers pinpoint the distinction as resting upon application whereby rules are applied through subsumption and principles through balancing.27 We are sceptical about this process of balancing, not least because so few authors offer meaningful insights into how it happens (see further below). None the less, we do agree insofar as principles necessitate further reflection to determine which action should be taken whereas rules require that the actions stipulated in the rule are followed and, if not, sanctions will apply. Principles – when seen as starting points for deliberation and action – are less amenable to sanctions because their deployment is needed when there is less obviously a single correct course of action. This suggests that the application of principles is better suited as a complement to rules in areas where there is genuine uncertainty or a need for the exercise of judgment between two or more defensible options. In turn it means that principles and rules are not mutually exclusive in their operation and that their deployment becomes a matter of good design rather than a preference for one over another.
2. Regulation or governance?
A further distinction is that between regulation and governance and the relationships with rules and principles. We distinguish broadly between these socio-legal responses thus: while regulation will tend to be a state-driven, vertically-oriented, top-down, command-and-control deployment of formal (hard law) instruments, governance is often a far more horizontally-oriented enterprise, more likely driven by local actors, and more reliant on soft law options such as guidance or professional codes.28 We suggest, accordingly, that rules and principles as conceived here might be more amenable to one environment than another. For these reasons, we suggest that it is preferable to talk of a principles-based approach rather than principles-based regulation; moreover, this approach can admit a role both for principles and rules, as appropriate on the distinction outlined above.
IV. The contours of a principles-based approach
There are three contours and possible areas of challenge concerning principles-based approaches.
1. Indeterminacy?
While for some, the vague nature of principles might be one of the most salient features of a principled approach to decision-making - in that principles should necessarily be flexible - to others this leaves principles exposed to the risk of misinterpretation and manipulation. It can also lead to inconsistency and further uncertainty. To this end, the process of specification, whereby principles are extrapolated to allow for more detailed guidance on what action should be taken, has been advanced to remedy the perceived problem.29 However, specification is not a panacea. Culver et al argue that:
‘…equally informed, impartial, rational persons can differ not only in how they specify a norm, but also in how they apply the same specified norm’.30
Thus, even with specification, we cannot escape the fact that the application of principles will be subject to varying interpretation. This, however, is not necessarily a problem if we see the proper realm for principles-based approaches (PBA) to be in promoting reflection on possible courses of action and requiring justification of actual courses of action by reference to the principles themselves. Assuming the principles reflect previously agreed or commonly accepted values within the given sector, a PBA provides a common framework or language which does not ensure a particular outcome but rather ensures that a particular range of considerations or issues are taken into account.31 Also, if any of these issues or considerations are to be excluded, this exclusion must be justified. An obvious retort here is that it is precisely the issue of indeterminacy that has generated a culture of caution in health research because existing laws are open to such variable interpretation.32 Why should it be any different with ever-less-clear principles? This, however, overlooks the prescriptive nature of rule-based approaches where the tendency is to assume that one’s own interpretation is immutable and non-negotiable. Precisely the opposite is true of a principles-based approach that encourages deliberation and dialogue and the search for overlapping consensus.33 Moreover, reasonable disagreement is permissible so long as it can be robustly justified.34 A principles-based approach fosters engagement over interpretation, whereas rule-based approaches do not. Consensus and a clear way forward is more likely to emerge as a result.
2. Conflict and balance?
A further common objection to principles arises where more than one principle is engaged, and apparently a choice must be made as to which to follow or how one or more might be deployed. Traditionally, authors have suggested that the solution for conflicting principles lies in balancing them against each other.35 Yet, these advocates of balancing often fail to elaborate upon exactly how this can be achieved.36 Indeed the rationality of balancing principles has been contested.37 Alongside the lack of clear method, another problem is that of incommensurability in balancing itself,38 i.e. that we cannot attribute different weight to principles, as they are not comparable, thus rendering it impossible to organise them against one another. It is also argued that balancing compounds our first problem - lack of predictability - regarding what the outcome of the balancing exercise will be.39 Pulido offers an apt summary of this perplexity:
‘The result of balancing cannot be predicted owing to its lack of precision, and the main reason for the lack of precision is the fact that there is no common measure that makes it possible to determine the weights of the relevant principles’.40
We would argue that, in reality, principles are not balanced but rather, where principles seem to conflict, one is ultimately granted preference over any other. The exercise is thus not one of balancing but rather one of prioritising different principles, placing them in a hierarchy in the context of the particular decision to be taken.41 We would suggest further that a defensible basis for this process in health-related research is to conduct it relative to the risks involved. That is, PBA can be conducted through a robust assessment of the nature, degree and likelihood of risks to the core principles and the values that they reflect. We offer an example of this in practice in section V(2). For now we note that a PBA can prove most valuable when it requires an agreed set of principles to be taken into account in ways that are cognisant of the likelihood of, and relative threats to the principles and the values that they promote. The basis for prioritisation should be explicit and it should be recognised that any hierarchy will necessarily change for each and every decision. Moreover, as to method, granularity of understanding only emerges when principles are applied to context, such as an application to use particular types of patient data for a particular kind of health research. Thus, after agreed principles must come a clear determination of material facts (including likely consequences). Thereafter, context also requires us to test any assumptions we might harbour about certain principles, for example whether consent to data use is a valuable or feasible mechanism to deploy. All of this should be done to promote reflexivity and case-by-case justification of action. These techniques, albeit fluid, are a strength and not a weakness of the approach. PBA can promote more responsibility on the part of decision-makers to demonstrate the credibility of their conduct and to engender trust in their processes.42
3. Threat of sanction
We have suggested above that sanctions are more suitably attached to rule-based approaches rather than principles-based approaches. The importance of this is further emphasised by Shwarcz who argues that where individuals are exposed to unpredictable liability they tend towards a more conservative interpretation of principles:
‘…unless protected by a regime enabling one in good faith to exercise judgement without fear of liability, such a person would effectively act as if subject to a rule and, even worse, an unintended rule.’43
Thus, there is a danger that the purpose of employing principles rather than rules is lost if application is too closely associated with sanction. We must therefore be wary of principles becoming too rule-like. This is not to suggest, however, that principles-based approaches be instances of unfettered discretion. Rather, it emphasises the need to recognise the discretionary element in PBA and to provide decision-makers with sufficient guidance and support to temper discretion while also promoting an appropriate culture of reflection and justification. This must begin with a common understanding of principles and how they should be applied, as suggested in this section.
Having considered the contours of a PBA approach and suggested how it can work in practice, it is important now to consider how far PBA is reflected in the existing legal architecture regulating data linkage and whether there is room for improvement. The principal legal regime in this area is data protection law.
V. Principles-based approaches in action: law and practice
1. Principles in law: the Data Protection Directive and the draft Data Protection Regulation
The Data Protection Directive44 embodies eight over-arching Data Protection Principles (the Principles), which, in turn, have been incorporated into domestic laws around the European Union. As the above analysis indicates, however, these Principles are a misnomer, because although the term ‘principles’ is used, the clear legislative intention is that they operate in a rule like manner. They are in fact rules in the Dworkinian “all-or-nothing fashion”, albeit broad-based; unless one of the exemptions applies, derogation from any of the Principles represents a clear breach of the law. For example, Part 1 Section 4(4) of the UK Data Protection Act 1998 (DPA) imposes an obligation on the Data Controller to comply with the Principles:
‘…it shall be the duty of a data controller to comply with the data protection principles in relation to all personal data with respect to which he is the data controller’.45
If the data controller fails to comply with the Principles, then they may be subject to sanctions. Most notably, within the UK, the Information Commissioner has recently been allocated powers to impose monetary penalties on data controllers of up to £500,000 46 by virtue of s55 (A) of the DPA. Further, if we simply look at the definitive language employed within the Principles, the word ‘shall’ is used throughout;47 implying that observation of the Principles is obligatory rather than simply desirable: these are necessary conditions for processing data
The Data Protection Principles are open to potentially varied interpretation in their implementation and operation in domestic systems. In particular, the UK Data Protection Act 1998 has been criticised for being overly restrictive,48 whereas Swedish interpretations have been considered much more accommodating to the promoting of uses of medical data for research.49 Notwithstanding, their function mandates observation and compliance. The Principles embody a number of the problems identified above with respect to attempts to operationalise Principle-based Regulation. First, the conceptual confusion between principles (as starting points to guide deliberation) and prescriptive rules (attached to clear sanctions) has, arguably, fuelled a culture of caution with respect to data sharing. This is seen most particularly in what we call the ‘fetishisation of consent’,50 which is the design of information governance models around a purported need for consent and the default use of anonymisation processes to take processing outside the remit of data protection law if consent cannot be obtained. The problem is that for many types of health-related research neither consent nor anonymisation are possible nor practicable. Thus, this dualist approach acts counter to the public interest in promoting scientifically-sound research. Even more worrying, neither consent nor anonymisation are necessary nor sufficient to protect the range of individual interests at stake, and this itself is a matter of public interest as we have argued above and one which any governance system must duly address. Consent is merely one of a number of lawful bases upon which processing of personal data can occur.51 The tendency to treat consent as a necessary rule requiring compliance has meant that other lawful bases for processing, such as “substantial public interest”, are not deployed or even contemplated.
The latest draft of the Data Protection Regulation,52 if adopted in its present form, would affirm the centrality of a principles-based approach as found in the Directive while acknowledging the need to address problems of fragmentation and legal uncertainty.53 This is part of the justification for moving to a Regulation. Whilst this piece is not dedicated to offering a robust analysis of the current and proposed legislation, in terms of regulatory devices, some important observations can be made. For example, draft Article 4.8 makes it clear that:
‘“…the data subject’s consent” means any freely given specific, informed and explicit indication of his or her wishes by which the data subject, either by a statement or by a clear affirmative action, signifies agreement to personal data relating to them being processed.’
This would mean that neither implied nor opt-out options would be a valid basis for processing data by consent and some form of positive act by the participant, such as signing a written consent form, would always be required. Such provisions might drive the consent culture all the more strongly. By the same token, if this type of consent is likely to be difficult or impossible to obtain – for example, in the context of prospective, longitudinal projects such as biobanks – this will not mean that processing of data cannot be lawfully conducted. Rather, it means that consent cannot be the basis for this. To proceed without consent would require conformity with draft Articles 81 and 83 that allow processing of data concerning health for research purposes so long as a series of requirements are met. This therefore means that there is an opportunity to move away from the culture of consent, so long as the alternative provisions are sufficiently clear and facilitative.
Draft Article 81 obliges Member States to ensure specific safeguards for processing for health purposes. Draft Article 83 sets out specific conditions for processing personal data for historical, statistical and scientific research purposes. Draft Articles 81 and 83 are unified by their acknowledgement of the importance and need to process data for certain objectives in the public interest. These include reasons of public health in cross-border situations, quality and safety of medicines and devices (81.1.b), and the establishment of disease registries to improve diagnosis and further research (81.2). Draft Article 83 deals with research and merits repetition in full:
1. Within the limits of this Regulation, personal data may be processed for historical, statistical or scientific research purposes only if:
(a) these purposes cannot be otherwise fulfilled by processing data which does not permit or not any longer permit the identification of the data subject;
(b) data enabling the attribution of information to an identified or identifiable data subject is kept separately from the other information as long as these purposes can be fulfilled in this manner.
2. Bodies conducting historical, statistical or scientific research may publish or otherwise publicly disclose personal data only if: (a) the data subject has given consent, subject to the conditions laid down in Article 7; (b) the publication of personal data is necessary to present research findings or to facilitate research insofar as the interests or the fundamental rights or freedoms of the data subject do not override these interests; or (c) the data subject has made the data public.
Albeit indirectly, these provisions demonstrate an appreciation of the fact that consent is neither a necessary nor sufficient governance device to legitimate data linkage and use for research. It is required only if published research results will identify the individual data subject and there is no overriding public interest in such publication. Moreover, this draft Article places the onus on those seeking to use personal data for research to demonstrate that other – less risky – options are not available, such as processing data from which individuals cannot be identified. This reflects our earlier commentary of the importance in principles-based approaches in fostering a culture of justification of action. Additionally, and as we suggest in our practice example in the next section, it reflects a proportionate risk-based approach to data management which, we believe, is entirely appropriate.54
It is too early to know or say whether such provisions will become law, let alone whether they will be effective as law. The draft Regulation reflects a very traditional view of consent as ‘informed’ consent. This might serve the stated purposes of assigning a more suitable role to consent and facilitating more research based on public interest grounds,55 but equally we must be alive to the lessons from recent history and mindful that it threatens to create two parallel approval pathways for research. If this happens it will simply add to the regulatory burden. Furthermore, the draft Regulation embodies principles that remain very rule-like. Fear of sanction remains a very real inhibiting factor.
Notwithstanding, draft Article 86 allows the legislator to delegate power to the Commission to adopt measures to further specify a range of requirements in the draft Regulation,56 including those relating to draft Articles 81 and 83. While many have concerns about the power that such provision potentially affords to the Commission, equally, this could be a measure to mandate developments that promote the core public interests at stake and an opportunity to specify with more detail which limitations and safeguards ought to be taken into account in the pursuit of public interest research aims. Thus, while the draft Regulation might provide a broad framework within which lawful processing takes place, there is room within to foster more principles-based approach to interpretation in the day-to-day and case-by-case application of the framework.
We suggest that a legal architecture such as this must be complemented by information governance mechanisms that more closely resemble the PBA we outline above. In particular, mechanisms are needed to help decision-makers and institutions embrace the spirit of the Regulation while also adding value to their practices, chiefly in providing more transparency and guidance to determine how to exercise the considerable discretion that the legal framework provides. Equally, to be effective and legitimate discretion must be tempered. A well-designed principles-based approach can deliver on each of these objectives. We offer the following example of how this might work in practice. This is the example of the Scottish Health Informatics Programme (SHIP) which has adopted a principled proportionate governance approach. We demonstrate how this reflects the fore-going analysis to suggest that this kind of principles-based approach can operate well as a model for future adoption.
2. Principles in practice: SHIP (Scottish Health Informatics Programme)
SHIP is a Scotland-wide initiative funded by the Wellcome Trust aimed at better facilitating secondary uses of health data for research. Scotland has a long-standing tradition of maintaining excellent health records (and associated data) meaning that its systems are a very rich research resource, particularly for epidemiological studies, pharmacovigilance and linkage between health and non-health datasets.57 The programme is a consortium of a diverse range of stakeholders including universities, researchers and NHS Scotland, and involving on-going public engagement with the aim to build an infrastructure to deliver a national research facility to allow rapid and secure access to health data for research purposes.58 Scotland, like so many other countries, has however faced the considerable regulatory challenges involved in data linkage for health-related research. These include (i) lack of clarity on existing legal mechanisms, rules and lines of accountability for various decision-makers who are involved in data linkage requests, (ii) absence of clear and helpful decision-making frameworks that assure and inform decision-makers not only that their actions are lawful but also that discretion and judgment is at the heart of this enterprise, (iii) mechanisms for carrying out effective, robust and safe data-linkages in appropriate environments and by appropriate persons, and (iv) means to determine the relevant issues at stake in any given request for data linkage, to weigh these considerations and to reach justifiable decisions that are lawful and ethical and socially robust.
To address these unmet needs, SHIP has developed a unique one-stop-shop research portal for researchers to gain access to the robust health datasets held by those data controllers participating in the initiative, most notably NHS Scotland – the custodian of the richest datasets in the country. The Programme delivers a research Infrastructure that has three key components consisting of an indexing service of anonymised identifiers managed via a separate linkage agent to facilitate safe and highly effective linkages between datasets. It also offers safe havens to minimise data travel and allows linkages in highly secure environments; it requires accredited researcher status for those who wish to use the system, achieved via distance learning training. What SHIP cannot do, however, is change the legal position whereby legal liability rests with data controllers. Rather, the system is designed to encourage data controllers of all kinds of datasets, not simply those that are health-related, to buy-in to the service for the high standards and streamlined processes that it provides. Most particularly, our research revealed considerable confusion and caution among data controllers with respect to their responsibilities and to the flexibilities available in law when it comes to data sharing for research. Many data controllers and other decision-makers in approval processes were unclear about what was at stake, how to proceed and how to reduce regulatory burden. To address this, and to support the technical features and advantages of the SHIP infrastructure, we developed the SHIP Good Governance Framework (GGF) after a survey of the existing legal landscape and national and international problems.59 The GGF was developed within the existing legal framework and adopts a principles-based approach – following the elements of PBA outlined above. It consists of four features:
An account of responsibilities of key actors and decision-makers (largely a matter of clarifying who is a data controller)
A capacity building facility for researcher training & accreditation and wider awareness-raising (delivered through distance learning)
A statement of Principles and Best Practices to guide decision-making
A mechanism of principled proportionate governance in granting research access
Space does not permit a full account of these elements and this can be found elsewhere.60 Of particular interest in the current context are the principles-based approaches embodied in the third and fourth features of the Framework.
a. Principles and Best Practices
This feature of the GGF sets the standards according to which SHIP will be governed and against which users will be held accountable. It is an expression of commitment to promote the public interest in scientifically sound, ethically robust research while appropriately protecting the privacy and other interests of the people whose data are used. It is a guide to those involved in SHIP and for others involved in data sharing and information governance both within and beyond the health sectors. It is not intended to cover exhaustively all aspects of governance, nor is it a statement of legal rules. It is assumed that all parties involved in data sharing and linking in the SHIP project are aware of their legal responsibilities and comply with them.61 Rather, the Framework provides assistance for data controllers, regulators and others involved in assessing data linkage requests to identify the core issues at stake and to work with an agreed framework of considerations to assist in the decision-making processes which require discretion and judgment to be exercised.
The GGF takes as its foundational cornerstone the dual aim to further: (1) the public interest in promoting scientifically sound, ethically robust research, and (2) the public interest in securing adequate protection for citizens’ privacy when their data are used for such research. This makes it incumbent on decision-makers to strive to accommodate both of these interests in decisions that they reach on requests for data linkage. It accepts that trade-offs might be necessary, such as increased threats to privacy. More specifically, the GGF identifies fifteen key sub-areas of responsibility and accountability. These are: (i) public interest, (ii) privacy, (iii) consent, (iv) anonymisation, (v) authorising/advisory bodies, (vi) governance, (vii) access, (viii) trusted Third Parties, (ix) data controllers and data processors, (x) clinical trials, (xi) cross sector sharing, (xii) data sharing agreements, (xiii) public and stakeholder engagement, (xiv) sanctions and (xv) benefit sharing. For each area more specification is given, ie - the guiding principles are articulated and accompanied with instances of associated best practice.
As the Framework makes clear, ‘principles’ are fundamental starting-points to guide deliberation and action. Importantly, it highlights explicitly that principles are not rules. It acknowledges that principles sometimes conflict and this is why they must be seen as starting points for deliberation or action. Because of their fundamental importance, however, it is expected that they are taken into account where they are relevant to a given data use, storage, sharing or linkage practice. Any departure must be fully and appropriately justified. ‘Best Practices’ are examples of principles in action. These are instances of optimal governance and in that sense they are aspirational. As with principles, where instances of best practice are not or cannot be followed, clear justification should be offered. Taken together, this statement of principles and best practices gives decision-makers a common framework and language with which to address requests for data linkage with datasets included within the SHIP infrastructure. The principles and instances of best practice were developed from reviews of existing literature, iterative engagement with key stakeholders (including those involved in current governance) and from results of the SHIP public engagement programme (which have revealed, for example, that consent remains an important consideration for many people).
The following examples illustrate some of the associated principles and instances of best practice:
a. Public interest
Principles
“Scientifically sound and ethically robust research is in the interest of protecting the health of the public… The responsible use of health data should be a stated objective of all organisations adhering to this instrument.”
Best Practice
“It is the data controller’s responsibility to ensure the development of transparent policies that demonstrate their understanding of public interest and the basis upon which they will use and disclose health data;”
b. Consent
Principles
“Personal data must not be used without consent unless absolutely necessary… where obtaining consent is not possible/practicable, then (a) anonymisation of data should occur as soon as is reasonably practicable and/or (b) authorisation from an appropriate oversight body/research ethics committee should be obtained.”
Best practices
“Where there is the prospect of future use of data that is unknown at the time of consent, then data subjects should be informed of the broad purposes for which the data might be used. These purposes will delimit the appropriateness of any future use… where consent is not to be obtained, the reasons for this must be clearly articulated and adequately justified.”
c. Cross-sector sharing
Principles
“Where ethical & legal standards are met, data should be made accessible to trusted researchers across disciplines. The value of such cross-sector sharing should be recognised…along with the potential benefits, risks should also be identified and appropriately addressed. In particular, assurance of reciprocal privacy standards across sectors is necessary…the unnecessary duplication of approval procedure(s) and governance mechanisms should be avoided. Mutual recognition of equivalent standard and procedures should be sought.”
Best practice
“Clear and easy to understand specifications covering confidentiality, security and privacy, and which define roles and protocols, should be agreed prior to cross-sector data sharing taking place…”
The principles are intended to operate at the level of decision-making on questions of access and data linkage, including at the level of design of institutional information governance systems. They are likely to be valuable to data controllers when deciding whether to allow data sets to be used for research, to researchers when considering whether their institutional arrangements meet the requisite standards, and also to publics who can see very clearly the standards to which the SHIP enterprise operates, including any data controllers who are using SHIP as a safe and efficient means to allow access and sharing of their data.
We have suggested in the previous section that common critiques of PBA are likely to relate to indeterminacy, resolution of conflict/challenges of balance, and the lack of sanctions. We have sought to address these in the GGF. As to the last point on sanctions, we would argue that sanctions can be accommodated within a PBA towards data linkage and access decisions, albeit that this is best directed to post-access considerations rather than pre-access decisions. We further suggest that the articulation of examples of best practice helps to address the indeterminacy charge in that they are concrete instances of principles at work. Equally, nothing is set in stone and best practices are merely illustrative and not prescriptive. This is a strength of approach in that specific principles or examples of best practices can be added depending on context. None the less, it might still be challenged that this PBA is too abstract and high-level.62 We see similar criticisms of prima facie principles for decision-making in healthcare, where these principles when taken alone are seen to lack sufficient guidance on determining ‘concrete outcomes’.63 This is addressed in part by offering best practice examples alongside over-arching principles. Moreover, the principles are not designed to operate within a vacuum. They will be operationalised in the context of specific requests to use specific datasets for specific ends. Thus each application must be judged on its own merits. To expect more runs the risk of turning a principles-based approach into one that is too rule-like.
Finally for this section, what of potential conflict and the challenges of considering multiple principles together in a balancing exercise? We have already argued above that balance can often be a misleading metaphor and that what is required is a reasoned and justified preference for one position over another, relative to the values and objectives in play. In the context of SHIP our evidence base suggests, for example, that consent continues to be an important consideration even if this is not legally required nor ethically sufficient to protect individual interests. Accordingly, our principle on consent begins with a strong imperative to respect individual autonomy by seeking consent. This, however, is merely the starting point for deliberation by reference to other principles. To illustrate: when the public interest in research is not clear-cut then deliberations might conclude that specific consent is required. Thus, even if we accept that governance devices such as consent and anonymisation cannot be expected to do all of the necessary work on their own, a principles-based approach might rely on one or both more heavily depending on the range of considerations at stake in a given scenario; e.g., where significant privacy risks are involved and research does not require identifiable data, then processes of anonymisation might be deployed. Equally, if privacy risks are demonstrated to be low, consent too impracticable and public interest in health-research high, then governance arrangements might forego consent and anonymisation and research might proceed on other bases, such as authorisation by research ethics committees.
Once again, this illustrates that where subtle and nuanced judgements must be made a principles-based approach provides a framework for robust decision-making without prescribing any given outcome. If outcomes are to be mandated, then rules should be deployed. If discretion is required, then PBA provides the tools to exercise this responsibly and transparently.
b) SHIP’s principled proportionate governance model
Principles and Best Practices in the SHIP model are complemented by its approach to proportionate governance. Proportionate governance identifies the most appropriate research governance pathway for each research application. It is principled in its design by building the above principles into its fabric. Thus principled proportionate governance engages the right people and the right principles at a timely and effective moment in the governance process and reduces regulatory burden without diluting appropriate scrutiny. To do this, SHIP employs a bespoke risk assessment mechanism to uncover the benefits, burdens of risks of each application and uses this to determine how the principles might be deployed in any given situation to decide whether data linkage should take place and if so on which terms and conditions.
This diagram demonstrates the stratified approach that involves four possible governance pathways for any given research application depending on the outcome of assessments at stages one and two of the model. The possible outcomes range from a high-impact assessment to a low-impact assessment and include a fourth category whereby information is already in the public domain and no further governance oversight is required. With respect to the remaining three pathways the impact assessment is directly linked to regulatory burden: for example, high impact applications would always be considered by a privacy advisory committee, medium-impact might be dealt with by chairman’s action of such a committee, and low-impact might be dealt with cursorily with no need for further scrutiny of the application. Suitable terms and conditions attach to each governance pathway.
Stages one and two provide the risk filter that is crucial both to the application of principles and to the appropriate categorisation of a given application. Stage one asks five key questions: (i) is the research in the public interest?, (ii) does it involve safe people, (iii) safe data and (iv) a safe environment?, and (v) is there cumulative risk from these elements coming together? If there is any reason to doubt any of these factors, an application would automatically be assigned to the high-impact route. If stage one is successfully passed – and a paradigm example of this would be SHIP-accredited researchers, using SHIP-linked data within SHIP’s safe haven mechanism and operating according to SHIP’s principles and best practices – then stage two involves a further risk assessment concerning the possible risk outcomes of the data linkage. For example, are the outcomes potentially disclosive of individual identity and/or does the research involve particularly sensitive data? Equally, are there reputational risks related to this linkage, eg – insurance-related or controversial research?
The association between this risk assessment and the operation of the principles & best practices is that that the former allows decisions to be taken about how to weight and possibly prioritise respective principles. For example, where outcomes are non-sensitive, privacy risks are low and public interest is high, it might be justifiable to proceed without consent. Conversely, where outcomes are sensitive or controversial and/or privacy risks high, then decision-makers might decide that the need for consent must take priority.
Our position is that the principle of promotion of the public interest in research should be a starting point for deliberation and a risk assessment would aid us in determining whether to proceed from this. Such assessment also enables us to determine the most suitable measures which will correspond to the perceived risk such processing might carry. Such a model cannot operate in isolation. It is also essential to construct an appropriate research culture around data linkage practices. This is where the two remaining elements of SHIP’s GGF come into play: (i) SHIP provides an account of decision-makers’ responsibilities, especially about when they acquire (and shed) the legal status of data controllers, and (ii) online training is available for data controllers and researchers alike both to raise awareness of legal and ethical regimes and to dispel some myths in this domain while offering opportunities to engage with the Good Governance Framework itself. We must appreciate that alongside the careful drafting of principles, dialogues and training are crucial to ensure that individuals understand the spirit of the principles set before them and that these are necessary components in the realisation of good governance.
In sum, the added value of the SHIP principled proportionate governance approach lies in:
◻ High standards of governance and technical processes
◻ Clarity around governance and processes for researchers adopting a principles-based approach
◻ Reduction in regulatory burden in securing access working within the legal framework
◻ Proportionate approach to assessing benefits and risks
◻ Better data security and less data travel
◻ Register of approved researchers and bespoke online training
◻ National one-stop-shop for guidance and advice on applications
◻ Statistical disclosure control to protect patient confidentiality
◻ Excellent research that has a beneficial impact on society and the economy
VI. The added value of principles-based approaches in information governance
We have suggested that principles-based approaches to governance have considerable merit when seen as an opportunity to complement rule-based approaches. The distinction between principles and rules can at times be difficult to discern, but we posit that it is essential to do so for both the conceptual clarity and improvements in governance design that this can bring. First and foremost, PBA offers the opportunity to cultivate a more holistic approach to governance which focuses on the values of the organisation and a commitment to core objectives, such as protecting patient privacy while also promoting research, when the routes to these objectives are not clear and when a one-size-fits-all approach is inappropriate. It embraces the fact that discretion and judgment are key in an entire gamut of possible – and lawful – decisions to link data for research purposes. It counters the traditional rule-based approach which can provoke a tick box mentality, where individuals assume their responsibilities have been discharged simply by adherence to a rule. Secondly, PBA involves critical engagement with the values of an organisation and requires justification of action. It provides decision-makers with the tools to reach ethically justifiable decisions in the instances where there are no clear cut rules-based answers to the decisions which have to be made. Thus, PBA can help to move us from a culture of compliance and caution to a culture of engagement and justification. Thirdly, PBA promotes a reflexive approach, ie - mutual learning and engagement in the governance exercise and not merely a ‘Them and Us’ culture of regulation. PBA offers space for discussion and negotiation of ways forward - promoting partnership in governance and also an acceptance that there might be many pathways to be explored. Per contra, RBR suggests a chosen path and punishes deviation. Finally, PBA allows for flexibility and prioritisation of principles relative to the actual risks involved in a given situation. Where a principle has been derogated from, there is more room for this derogation to be justified with recourse to other principles which can be shown to have take primacy. Principled proportionate governance reduces regulatory burden but not at the expense of diluting appropriate scrutiny.
Acknowledgments
This work was supported by the Wellcome Trust through the Scottish Health Informatics Programme (SHIP) Grant (Ref WT086113). SHIP is a collaboration between the Universities of Aberdeen, Dundee, Edinburgh, Glasgow and St Andrews and the Information Services Division of NHS Scotland. Graeme Laurie is Professor of Medical Jurisprudence and Founding Director of the Mason Institute for Medicine, Life Sciences and Law at the University of Edinburgh. Nayha Sethi is Research Fellow and Deputy Director of the Mason Institute.
References
- 2.See for example; Communication from the Commission for a Digital Agenda for Europe, COM(2010) 245 final/2, at p.29; Directive 2011/24/EU of the European Parliament and of the Council of 9 March 2011 on the application of patients’ rights in cross-border healthcare (OJ L 88, 4.4.2011, p.45) and Commission Decision 2008/49/EC of 12 December 2007 concerning the implementation of the Internal Market Information System as regards the protection of personal data, (OJ L 13, 16.1.2008, p. 18); ; Stroetmann Karl A., Artmann Jörg, Stroetmann Veli N., et al. European Countries on their journey towards national eHealth infrastructures: Final European Progress Report. 2011 [Google Scholar]; ; ; Williams James, Kuziemsky Craig. Institutional Liability in the E-Health Era. Canadian Journal of Law and Technology. 2011;9 pp. 185 et sqq. at p. 192. [Google Scholar]
- 3.Lowrance William. Privacy, confidentiality and health research. Cambridge University Press; 2012. [Google Scholar]; ; ; Lowrance William. Learning from experience : privacy and the secondary use of health data in research. J Health Serv Res Policy. 2003;8:2–7. doi: 10.1258/135581903766468800. [DOI] [PubMed] [Google Scholar]; ; ; Willison Don. Privacy and the secondary use of data for health research : experience in Canada and suggested directions forward. J Health Serv Res Policy. 2003;8:17–23. doi: 10.1258/135581903766468837. [DOI] [PubMed] [Google Scholar]; ; ; Law Margaret. Reduce, Reuse, Recycle : Issues in the Secondary Use of Research Data. Spring IASSIST Quarterly. 2005 pp. 5 et sqq. at p. 7. [Google Scholar]; ; ; Brown Julia, Semradek Joyce. Secondary Data on Health-Related Subjects: Major Sources, Uses and Limitations. Public Health Nursing. 1992;9:162. doi: 10.1111/j.1525-1446.1992.tb00095.x. [DOI] [PubMed] [Google Scholar]; ; ; Lelliot Paul. Secondary Uses of Patient Information. Advances in Psychiatric Treatment. 2003;9 pp. 221 et sqq. at p. 226. [Google Scholar]
- 4.Thomas Richard, Walport Mark. Data Sharing Review Report. 2008. ; ; ; Academy of Medical Sciences. A new pathway for the regulation and governance of health research. 2011. ; ; ; Fortin Sabrina, Knoppers Bartha. Secondary uses of personal data for population research”. Genomics, Society and Policy. 2009;5:80. [Google Scholar]; ; ; Organisation for Economic Co-operation and Development. Report on the cross-border enforcement of privacy laws. 2006. ; ; ; Organisation for Economic Co-operation and Development. The Evolving Privacy Landscape; 30 Years After the OECD Privacy Guidelines. OECD Publishing; 2011. (OECD Digital Economy Papers, No.176). [Google Scholar]; ; ; Bloomrosen Meryl, Detmer Don. Advancing the Framework: Use of Health Data – A Report of a Working Conference of the American Medical Informatics Association. Journal of the American Informatics Association. 2008;15:715–722. doi: 10.1197/jamia.M2905. [DOI] [PMC free article] [PubMed] [Google Scholar]; ; ; Laurie Graeme, Sethi Nayha. Information Governance of Use of Health-Related Data in Medical Research in Scotland: Current Practices and Future Scenarios. University of Edinburgh School of Law; 2011. (Working Paper No 2011/26). [Google Scholar]
- 5.The House of Lords Report on Genomic Medicine offers an account of the regulatory hurdles which must be surpassed by researchers in order to gain approval. See: ; House of Lords Science and Technology Committee. Genomic Medicine, Volume 1: Report. 2009. (HL Paper 17-I).
- 6.For example, in contrast to the Privacy Advisory Committee for Scotland, which advises on health data linkages despite a lack of statutory authority, in England and Wales, by virtue of section 251 of the NHS Act 2006,the Ethics and Confidentiality Committee (under the auspices of the National Information Governance Board) enjoys the statutory authority to take such decisions. Additional decision makers charged with overseeing the appropriate sharing of health data include Caldicott Guardians and Research Ethics Committees. This is all in addition to the legal responsibilities to which Data Controllers are subject under the European Data Protection Directive.
- 7.The Academy of Medical Science. Personal data for public good: using health information in medical research. 2006. p. 3.
- 8.For further discussion, ; Laurie, Sethi Information Governance of Use of Health-Related Data. supra note 3.
- 9.The Academy of Medical Sciences. Personal data for public good. p. 29. supra note 6.
- 10.Kern Alexander, Maoloney Niamh. Law Reform and Financial Markets. Edward Elgar Publishing; Cheltenham: 2011. p. 8. [Google Scholar]
- 11.Black Julia. The Rise, Fall and Fate of Principles Based Regulation. LSE Law Society; 2010. (Economy Working Papers 17/2010). [Google Scholar]
- 12.Black Julia, Hopper Martyn, Band Christa. Making a success of Principles-based regulation. Law and Financial Markets Review. 2007;13:191. [Google Scholar]
- 13.Arjoon Surendra. Striking a Balance Between Rules and Principles-based Approaches for Effective Governance: A Risk-based Approach. Journal of Business Ethics. 2006;68 pp. 53 et sqq. at p. 65. [Google Scholar]
- 14.See for example: ; Kaye Jane, et al. From patients to partners: participant-centric initiatives in biomedical research. Nature Review Genetics. 2012;13:371. doi: 10.1038/nrg3218. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 15.UK Data Protection Act 1998 (section 33).
- 16.The Academy of Medical Sciences. Personal data for public good. p. 4. supra note 6.
- 17.We recognise the limitations of anonymisation. For further discussion, see in particular: ; Ohm Paul. Broken Promises of Privacy : Responding to the Surprising Failure of Anonymization. UCLA Review. 2010;57:1701. [Google Scholar]; and ; Lowrance William. Privacy, Confidentiality and Health Research. Cambridge University Press; 2012. pp. 93–99. [Google Scholar]
- 18.Arjoon Striking a Balance. p. 55. supra note 12.
- 19.Honderich Ted., editor. The Oxford Companion to Philosophy. Oxford University Press; Oxford: 1995. p. 719. [Google Scholar]
- 20.Braithwaite John. Rules and Principles: A Theory of Legal Certainty. Australian Journal of Legal Philosophy. 2002;27 pp. 47 et sqq. at p. 51. [Google Scholar]
- 21.Raz Joseph. Legal Principles and the Limits of Law. Yale Law Journal. 1972;81 pp. 823 et sqq. at p. 838. [Google Scholar]
- 22.Alexander Larry, Sherwin Emily. Demystifying Legal Reasoning. Cambridge University Press; 2008. p. 11. [Google Scholar]
- 23.On the guiding principles of good governance itself, see: ; Independent Commission on Good Governance. The Good Governance Standard for Public Services. 2004. p. 4.
- 24.Beauchamp Tom, Childress James. Principles of Biomedical Ethics. 5th ed. Oxford University Press; 2001. p. 13. [Google Scholar]
- 25.For a worked example of principles in action and more commentary on ‘specification’, see: ; Gordon John-Stewart, Rauprich Oliver, Vollman Jochen. Applying the four-principle approach. Bioethics. 2011;25:293–300. doi: 10.1111/j.1467-8519.2009.01757.x. [DOI] [PubMed] [Google Scholar]; ; ; Beauchamp Tom. Making Principlism practical: a commentary on Gordon, Rauprich and Vollman. Bioethics. 2011;25:301–303. doi: 10.1111/j.1467-8519.2011.01908.x. [DOI] [PubMed] [Google Scholar]
- 26.Black Julia. The Rise Fall and Fate. p. 7. supra note 10.; ; ; Korobkin Russell. Behavioral Analysis and Legal Form: Rules vs. Standards Revisited. Oregon Law Review. 2000;79 pp. 23 et sqq. at p. 26. [Google Scholar]; ; ; Schauer Frederick. The Convergence of Rules and Standards. New Zealand Law Review. 2003;79 pp. 303 et sqq. at p. 305. [Google Scholar]; ; ; MacCormick Neil. Reconstruction after Deconstruction: A Response to CLS. Oxford J. Legal Stud. 1990;10 pp. 539 et sqq. at p. 545. [Google Scholar]
- 27.Alexy Robert. In: A Theory of Constitutional Rights. Rivers Julien., translator. Oxford: 2002. p. 44. [Google Scholar]
- 28.Lyall Catherine, Papaioannou Theo, Smith James., editors. The Limits to Governance: The Challenge of Policy-making for the New Life Sciences. Ashgate: 2009. pp. 1–17. [Google Scholar]
- 29.Beauchamp and Childress. Principles in Biomedical Ethics. pp. 15–19. supra note 21, particularly.; ; ; Richardson Henry. Specifying, Balancing, and Interpreting Bioethical Principles. Journal of Medicine and Philosophy. 2000;25 doi: 10.1076/0360-5310(200006)25:3;1-H;FT285. pp. 285 et sqq. at p. 287. [DOI] [PubMed] [Google Scholar]
- 30.Gert Bernard, Culver Charles, Clouser Danner. Bioethics: A Return to Fundamentals. Oxford University Press; 1997. p. 89. [Google Scholar]
- 31.Daniels Norman. Accountability for Reasonableness. British Medical Journal. 2000;321:1300. doi: 10.1136/bmj.321.7272.1300. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 32.See: ; House of Lords Science and Technology Committee. Genomic Medicine. supra note 4 and text above.
- 33.Rawls John. A Theory of Justice. Clarendon Press; 1971. [Google Scholar]; ; ; Rawls John. Political Liberalism. Columbia University Press; 1993. [Google Scholar]
- 34.See futher: ; Daniels Accountability for Reasonableness. supra note 28.
- 35.Beauchamp and Childress. Principles in Biomedical Ethics. supra note 21.; ; ; Chambers Tod. The Fiction of Bioethics: cases as literary texts. Routledge; York: 1999. p. 30. [Google Scholar]
- 36.Selgelid Michael. Universal Norms and Conflicting Values. Developing World Bioethics. 2005;5 doi: 10.1111/j.1471-8847.2005.00125.x. pp. 267 et sqq. at p. 269. [DOI] [PubMed] [Google Scholar]
- 37.See in particular: ; Pulido Carlos Bernal. The Rationality of Balancing. Archiv für Rechts- und Sozial Philosophie. 2006;92:195. [Google Scholar]; and ; Richardson Specifying, Balancing and Interpreting. supra note 26.
- 38.Beauchamp and Childress. Principles of Biomedical Ethics. supra note 21.; ; ; Aleinikoff Thomas Alexander. Constitutional Law in the Age of Balancing. Yale Law Journal. 1987;96:983. [Google Scholar]
- 39.Harris John. In praise of unprincipled ethics. J Med Ethics. 2003;29:303. doi: 10.1136/jme.29.5.303. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 40.Pulido The Rationality of Balancing. supra note 34.
- 41.Richardson Specifying, Balancing and Interpreting. p. 288. supra note 26.; ; ; Callahan Dan. Principlism and Communitarianism. J Med Ethics. 2003;29 doi: 10.1136/jme.29.5.287. pp. 287 et sqq. at p. 289. [DOI] [PMC free article] [PubMed] [Google Scholar]; ; ; Campbell Alistair. The virtues (and vices) of the Four Principles. J Med Ethics. 2003;29 doi: 10.1136/jme.29.5.292. pp. 292 et sqq. at p. 294. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 42.Black notes that the rhetoric of PBR ‘invokes, not deregulation but a re-framing of the regulatory relationship from one of directing control to one based on responsibility, mutuality and trust’. She continues that the relationship between regulator and regulatee evolves; regulatees ‘adopt a self-reflective approach’ and regulators ‘apply principles’ predictably. See: ; Black Julia. Forms and Paradoxes of principles-based regulation. (LSE Law Society and Economy Working Papers 13/2008 2008). pp. 1 et sqq. at p. 8.
- 43.Schwarcz Steven. The “Principles” Paradox. European Business Organization Law Review. 2009;10 pp. 175 et sqq. at p. 176. [Google Scholar]
- 44.Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal data and on the free movement of such data, OJ L 281, Nov. 23, 1995.
- 45.UK Data Protection Act Part 1 s4(4)
- 46.Section 55(A) Data Protection Act 1998
- 47.UK Data Protection Act Schedule 1 – The Data Protection Principles
- 48.Ministry of Justice. [last accessed on 12 April 2012];Call for Evidence on EU Data Protection Proposals. 2012 Available on the Internet at https://consult.justice.gov.uk/digital-communications/data-protection-proposals-cfe/supporting_documents/eudataprotectionproposalscallforevidence.pdf.; ; ; Wong Rebecca. Assessing the Status of Medical Information in the light of the UK Data Protection Act 1998. Web Journal of Current Legal Issues. 2008;5 [Google Scholar]; ; ; Grant Hazel. United Kingdom. In: Noorda Catrien, Hanloser Stefan., editors. E-Discovery and Data Privacy : A Practical Guide. Kluwer Law International BV; The Netherlands: 2011. pp. 295 et sqq. at p. 297. [Google Scholar]
- 49.Rynning Elisabeth. Processing of Personal Data in Swedish Health Care and Biomedical Research. In: Beyleveld Deryck, Townend David, Rouille-Mirza Segolene, et al., editors. Implementation of the Data Protection Directive in Relation to Medical Research in Europe. Ashgate Publishing; England: 2004. pp. 381 et sqq. at p. 402. [Google Scholar]
- 50.Laurie Graeme. Evidence of support for biobanking practices. British Medical Journal. 2008;337:337. doi: 10.1136/bmj.a337. [DOI] [PubMed] [Google Scholar]
- 51.It is important to remember, and often forgotten, that consent is but one lawful basis for processing, even when data are sensitive and require both schedule 2 and schedule 3 of the Data Protection Act (1998) must be satisfied.
- 52.Proposal for a new Regulation of the European Parliament and of the Council on the protection of individuals with regard to the processing of personal data and on the free movement of such data (General Data Protection Regulation) Brussels, 25.1.2012 COM(2012) 11 final.
- 53.Draft Recital. 7 supra note 46. [Google Scholar]
- 54.In fact, proportionality is emerging as a key concept within the regulatory landscape and features in the proposal for a new EU Data Protection Regulation, supra note 46. Note mention of proportionality also appears in draft recitals 133 and 139 and also draft Article 22(4).
- 55.See draft Recitals 22, 53, 123, 125 and 126.
- 56.Pursuant to Article 290 TFEU.
- 57.The following publications offer examples of the research which SHIP has facilitated: ; Logue Jennifer, et al. Do men develop type 2 diabetes at lower body mass indices than women? Diabetologia. 2011;54:3003–3006. doi: 10.1007/s00125-011-2313-3. [DOI] [PMC free article] [PubMed] [Google Scholar]; ; ; Walker Jeremy, et al. Effect of Socioeconomic Status on Mortality Among People with Type 2 Diabetes; A study from the Scottish Diabetes Research Network Epidemiology Group. Diabetes Care. 2011;34:1127–1132. doi: 10.2337/dc10-1862. [DOI] [PMC free article] [PubMed] [Google Scholar]
- 58.SHIP. [last accessed on 12 April 2012];A Blueprint for Health Records Research in Scotland. 2011 Dec; Available on the Internet at: http://www.scot-ship.ac.uk/publications.
- 59.Graeme Laurie and Nayha Sethi, ‘SHIP Working Paper 1: Information governance of use of health-related data in medical research in Scotland: current practices and future scenarios’, available via SSRN Graeme Laurie and Nayha Sethi, ‘SHIP Working Paper 2: Information governance of use of health-related data in medical research in Scotland: Towards a Good Governance Framework’, available via SSRN.
- 60.See all, supra note 42.
- 61.SHIP demonstrates how it complies with the Data Protection “Principles” in its Privacy Impact Assessment. See: ; SHIP. SHIP Privacy Impact Assessment. 2012 Jan; Available on the Internet at: http://www.scot-ship.ac.uk/sites/default/files/Reports/SHIP_PIA_v1_040112.pdf.
- 62.Sama Linda, Shoaf Victoria. Reconciling Rules and Principles: An Ethics-Based Approach to Corporate Governance. Journal of Business Ethics. 2005;58:1. [Google Scholar]
- 63.Beauchamp Tom. The ‘Four Principles’ approach to health care ethics. In: Dawson Angus, Draper Heather., editors. Richard Ashcroft. Principles of health care ethics. 2nd ed. John Wiley and Sons; Chichester: 2007. pp. 1 et sqq. at p. 8. [Google Scholar]