Skip to main content
Yearbook of Medical Informatics logoLink to Yearbook of Medical Informatics
. 2016 Nov 10;(1):138–145. doi: 10.15265/IY-2016-035

Building a Privacy, Ethics, and Data Access Framework for Real World Computerised Medical Record System Data: A Delphi Study

Contribution of the Primary Health Care Informatics Working Group

H Liyanage 1, S-T Liaw 2, C T Di Iorio 3, C Kuziemsky 4, R Schreiber 5, A L Terry 6, S de Lusignan 1,
PMCID: PMC5171555  PMID: 27830242

Summary

Background

Privacy, ethics, and data access issues pose significant challenges to the timely delivery of health research. Whilst the fundamental drivers to ensure that data access is ethical and satisfies privacy requirements are similar, they are often dealt with in varying ways by different approval processes.

Objective

To achieve a consensus across an international panel of health care and informatics professionals on an integrated set of privacy and ethics principles that could accelerate health data access in data-driven health research projects.

Method

A three-round consensus development process was used. In round one, we developed a baseline framework for privacy, ethics, and data access based on a review of existing literature in the health, informatics, and policy domains. This was further developed using a two-round Delphi consensus building process involving 20 experts who were members of the International Medical Informatics Association (IMIA) and European Federation of Medical Informatics (EFMI) Primary Health Care Informatics Working Groups. To achieve consensus we required an extended Delphi process.

Results

The first round involved feedback on and development of the baseline framework. This consisted of four components: (1) ethical principles, (2) ethical guidance questions, (3) privacy and data access principles, and (4) privacy and data access guidance questions. Round two developed consensus in key areas of the revised framework, allowing the building of a newly, more detailed and descriptive framework. In the final round panel experts expressed their opinions, either as agreements or disagreements, on the ethics and privacy statements of the framework finding some of the previous round disagreements to be surprising in view of established ethical principles.

Conclusion

This study develops a framework for an integrated approach to ethics and privacy. Privacy breech risk should not be considered in isolation but instead balanced by potential ethical benefit.

Keywords: Privacy, patient data privacy, biomedical ethics, health care ethics, Delphi technique

Introduction

Empirical health data is gaining increased acceptance as a reliable source of information for health care research [1]. However, the legal and ethical boundaries for collecting real world evidence often challenge data governance mechanisms and systems in several countries [2, 3, 4]. The handling of personal data is in fact disciplined by different layers of regulations in most countries. While privacy aspects of data processing are regulated according to an univocal multinational legislative framework in most countries, such as the European Union Data Protection Directive [5] or the Australian Privacy Principles [6], and ethical principles are codified in the internationally accepted Declaration of Helsinki [7], other aspects such as ethical approvals are handled at a more local or organisational level. Nevertheless, most major research projects are funded by global funding programmes and conducted by large consortia formed of public-private partnerships that operate in multinational settings. As a result, the landscape of potential privacy and ethics issues has grown very complex.

The need for a pragmatic approach for handling privacy, ethical, and data access issues has been well recognised in the health research community [8, 9]. An integrated way of dealing with project approvals will allow the acceleration of research by enabling the answer to research questions while making best use of real world evidence. This is especially required in the present climate where pandemics can potentially spread rapidly across borders due to increased mobility of the global population. The overall goal of this exercise is to develop a framework that balances individual privacy with the need for research/surveillance to support the social good or ‘health for all’.

The Delphi process draws on an evidence-based review leading to an expert consensus aiming at exploring the possibility of a combined set of principles and assessment criteria for dealing with ethics, privacy, and data access issues. The elements of the proposed ethics, privacy, and data access framework include (1) ethical principles, (2) ethical guidance questions, (3) privacy and data access principles, and (4) privacy and data access guidance questions.

Methods

Literature Review

We carried out a literature review to identify published research work related to privacy, ethics, and data access considerations. We searched PUBMED/Medline, Web of Science, CINAHL and the Cochrane Database for publications related to these topics. The search terms used included “privacy criteria”, “ethics criteria”, “privacy framework”, “ethics framework”, “privacy assessment”, and “ethics assessment”.

An overview of the literature analysis is given in the adapted PRISMA flow chart shown in Figure 1. Research papers published between January 1990 and November 2015 were taken into consideration. We limited the literature search to publications written in the English language. The initial search results from all sources yielded 373 publications, which was then reduced to 359 after removing duplicates appearing across multiple databases. By conducting a title and abstract review, we further reduced the number of results to 193 by eliminating publications that did not have ethics or privacy as the main focus. We finally identified nine publications that contained explicit ethics, privacy, and data access principles and guidance questions. However, we used the 193 publications for the final in-depth review.

Fig. 1.

Fig. 1

Adapted PRISMA flow diagram

Development of a Baseline Framework

Based on the selected publications, we developed a baseline framework which contained four elements: ethics principles, privacy and data access principles, ethical guidance questions, and privacy and data access guidance questions (Box 1). The guidance questions are grounded on the identified ethical and privacy principles.

Box 1. Baseline framework for ethics, privacy, and data access.

Ethical Principles
  1. Autonomy

  2. Respect rights and dignity of patients

  3. Respect clinical judgment of clinicians

  4. Duty to provide care

  5. Protection of the public from harm

  6. Beneficence

  7. Justice

  8. Non-maleficence (obligation to not inflict harm intentionally)

  9. Reciprocity

  10. Solidarity

  11. Stewardship

  12. Trust

  13. Lawfulness

  14. Transparent project approval process

Privacy and data access principles
  1. Accountability of personal information

  2. Collection of personal information

  3. Consent

  4. Use of personal information

  5. Disclosure and disposition of personal information

  6. Accuracy of personal information

  7. Safeguarding personal information

  8. Openness/transparency

  9. Individual access to personal information

  10. Challenging compliance to ensure accountability is achievable

  11. Anonymisation process for secondary use of health data

  12. Lawfulness

  13. Deidentification process

  14. Data linkage

Ethical guidance questions
  1. What are the burdens and potential harms associated with the proposed initiative? Who bears them?

  2. Are burdens and potential harms justified in light of the potential benefits to participants and/or to society?

  3. Is the selection of participants fair and appropriate?

  4. Is individual informed consent warranted? Is it feasible? Is it appropriate? Is it sufficient?

  5. Is community engagement warranted? Is it feasible? What level of engagement is appropriate?

  6. What are the social justice implications of this initiative?

  7. What are the potential longer-term consequences?

Privacy and data access guidance questions
  1. Who is accountable for the data and where will it be stored?

  2. Who will have access to the data?

  3. Is there an audit trail to indicate that the data was obtained lawfully?

  4. Has sufficient level of anonymisation achieved?

  5. Are there any restrictions for the secondary processing of the data?

  6. Can the accuracy of the data be verified?

  7. Are the data processing/transformation processes documented and approved?

  8. Is there a method where individuals can opt out from having their data being re-used?

Consensus Exercise

We engaged the Primary Care Health Informatics Working Groups of the European Federation of Medical Informatics (EFMI) and the International Medical Informatics Association (IMIA) by conducting a three-round consensus development process. The process involved consulting an international panel of 20 experts from nine countries, including Australia, Belgium, Canada, Denmark, Netherlands, Spain, Switzerland, United Kingdom, and the United States.

  1. Round 1 – Review of the baseline framework and exploration of additional elements

    The objective of the initial round was to review the baseline framework developed in preparation of this study. We used an online survey instrument to disseminate the baseline framework and to collect feedback from health care professionals and informatics experts. For each of the four elements, we requested feedback using the following two questions:

    1. Comments about existing principles and guidance questions included in a particular element

    2. Suggestions for additional principles and guidance questions to be added to the element

  2. Round 2 – Rating of statements using the RAND/UCLA appropriateness method

    The comments and suggestions from Round 1 were used to revise the baseline framework. The principles of the baseline framework were expanded to statements that elaborate upon the principles. We used the expanded format to assist the respondents to better understand the context of the principles and to easily ascertain the appropriateness of the statements. The overall aim of this round was to assess the validity of the statements and to explore if there was agreement across the panel for each statement.

    In this round, ethical principles were categorised into three levels: clinician-patient, health system, and research/quality improvement. Similarly, we categorised the privacy and data access principles into individual, organisation, and technology levels.

    The second round of the study focused on achieving consensus about the appropriateness of the revised framework statements. Forty-three statements and questions across the four elements were included in this round. We achieved a 75% response rate from the panel for this round. We replaced the standard terms used in the UCLA/RAND appropriateness scale, “Highly inappropriate” and “Highly appropriate”, with “Strongly disagree” and “Strongly agree” to improve the usability of the instrument. The list of statements grouped according to the feedback received is given in Box 2.

  3. Round 3 – Discussion of findings by the expert panel

    The final round of the consensus process was conducted in the form of an online panel discussion. Two separate online meetings were organised, in order to engage panel members in different time zones. Nine experts who were aware of the results of the prior two rounds participated in this final round. This acted as the basis for the round three discussions. The discussion section of this paper incorporates the feedback received during this round.

Box 2. Revised framework categorised according to responses from Round 2 – Ethical elements.

Ethical principles

AGREEMENT

EP-01) Autonomy (Individual Liberty) is very important for patients and carers. Only in very special circumstances (e.g. Mental Health, Public Health) is this overturned. (Mean=7.6)

EP-02) Patients have a right to equitable and fair treatment and can choose not to be treated. (Mean= 8.3)

EP-05) The duty to provide appropriate care and to respond to suffering is inherent to all health care professionals’ codes of ethics, even where personal risk is present. (Mean= 7.3)

EP-06) Management of clinical problems should be characterised by Beneficence (Favourable benefit-risk ratio) and Non-maleficence (an obligation not to inflict harm intentionally). (Mean= 7.7)

EP-07) Trust is an essential element of the relationship between clinicians and patients. (Mean= 8.4)

EP-08) Reciprocity should be provided to health care workers who take risks to treat others (e.g. support if injured through their duties). (Mean= 8.2)

EP-09) Protection of the public (and individuals) from harm may involve citizens comply with imposed restrictions in order to ensure public wellbeing or safety. (Mean= 8)

EP-12) Stewardship of material and human resources should take place in an ethical manner. (Mean= 8.5)

EP-15) Ethical research conduct includes prohibition against fraud, fabrication of data, or plagiarism. (Mean= 8.7)

DISAGREEMENT

EP-03) Patient and carers should respect clinical judgment of clinicians.

EP-10) Equitable access requires that decision makers must act with equity to ensure fair and just access to services, and that provision is proportionate.

EP-11) There should be open sharing of risks and problems in all health systems

EP-13) Lawfulness is desirable but whether to apply it should be considered carefully – as not all law is good law.

EP-14) Transparency is open sharing of data, protocols, and funding/conflicts of interest.

EQUIVOCAL

EP-04) Clinical judgment is a central element of medical and clinical professions, essential for the performance of clinicians, and potentially generating information for other clinicians, scientists, and health care managers.

Ethical guidance questions

AGREEMENT

EQ-1) There should be a clear statement of the potential/ immediate burdens and harms associated with the proposed initiative and who bears them?

EQ-2) Are potential/ immediate burdens and harms justified in light of the potential benefits to subjects and/or to society?

EQ -7) What are the potential longer-term consequences to the subjects involved?

DISAGREEMENT

EQ-4) Why shouldn’t individual informed consent apply? Is it feasible? Is it appropriate? Is it sufficient?

EQ-5) Is community collaboration possible? Does the initiative have mutual benefits? What are the practicalities of community engagement? What represents appropriate representation of the community?

EQUIVOCAL

EQ-3) Is the selection of subjects fair and appropriate by the standards defined in the study protocol?

EQ-6) What are the implications for the most socially disadvantaged members of the community of this initiative?

Results

Literature Review

The literature review, conducted as illustrated in Figure 2, included six papers concerned with ethical principles and ethical assessment criteria [10 – 15], and three that reviewed privacy and data access principles and criteria [16-18]. These publications are briefly summarised in Table 1. The paper authored by Beauchamp et al [10]. is of particular importance with respect to their discussion of autonomy, non-maleficence, beneficence, and justice as the four core ethical principles in biomedicine. We also found the 10 ethical values presented by Thompson, et al., to be considerably useful [11]. The context of their ethical framework (i.e., preparation for pandemics) was particularly relevant to the use cases that we selected to test our framework.

Fig. 2.

Fig. 2

Evolution of the framework during the study

Table 1.

Key publications used for developing the baseline framework.

First Author Year Brief title Contribution Step of framework
1 Beauchamp 1994 Methods and principles in biomedical ethics [10] Text book with an emphasis on the four core ethical principles (respect for autonomy, non-maleficence, beneficence, and justice). Ethical principles
2 Thompson 2006 Pandemic influenza preparedness: an ethical framework to guide decision making [11] Proposes a framework including 10 ethical values in the context of influenza epidemics. Ethical principles
3 Tangwa 2009 Ethical principles in health research and review process [12] Reports ethical principles and related case studies. Ethical principles
4 Malin 2011 Identifiability in biobanks: models, measures and mitigation strategies [13] Discusses several key privacy characteristics specifically focusing on identifiability. Privacy principles
5 Faden 2013 An ethical framework for a learning health care system [14] Describes an ethical framework with seven ethical obligations in learning health care systems. Ethical principles
6 Di Iorio 2013 Cross-border flow of health information: is ‘privacy by design’ enough? [15] Proposes a privacy assessment framework with 11 privacy factors. Privacy principles
7 Babu 2014 An appraisal of the tuberculosis programme in India using an ethical framework [16] Summarises a set of five ethical issues associated to public health initiatives. Ethical principles
8 Willison 2014 What makes public health studies ethical? [17] Provides ethical guiding questions for public health studies. Ethical guidance questions
9 O.E.C.D 2015 Health data governance: privacy, monitoring, and research [18] Provides key health data governance mechanisms to maximise privacy risks and societal benefits. Data governance and privacy guidelines

Consensus Process

Round 1: Respondents indicated that the abbreviated or concise form in which the principles were presented made it difficult to determine their true meaning. In order to untangle the ambiguity, panel members investigated the contexts of each principle. In some cases, participants suggested to merge certain statements (e.g., beneficence and non-maleficence). Several principles related to privacy and data access were removed because they were considered more suitable as concepts or techniques than principles (e.g., consent is considered suitable as a concept, whereas de-identification is a technique). Principles were defined as a set of statements across several themes in each section.

Round 2: The consensus achieved for the statements in round 2 is summarised in Boxes 2 and 3. For ethical statements, the panel agreed on nine statements, disagreed on five, while one was found equivocal. In contrast, the panel agreed on nine privacy and data access statements and disagreed on four. There was no equivocation on any privacy and data access statements. For ethical guidance questions, there was an agreement of the panel on three statements, disagreement on two, and equivocation on two. The panel was in agreement on all privacy and data access guidance questions.

Box 3. Revised framework categorised according to responses from Round 2 – Privacy and data access elements.

Privacy and data access principles

AGREEMENT

PP-02) Patients should be made aware of confidentiality providing knowledge that personal data is collected and treated accordingly. (Mean=7.7)

PP-03) Challenging compliance to ensure accountability is achievable emphasising the need for all health care workers to audit and evaluate systems. (Mean=6)

PP-07) Implementation of policies to ensure lawful processing of data. (Mean=7.6)

PP-08) Safeguarding personal information utilising appropriate technical and organisational measures. (Mean=8.6)

PP-09) Openness/ transparency about how data is being managed or processed. (Mean=8.5)

PP-10) Use of an anonymisation (de-identification including pseudonymisation) processes for secondary use of health data to minimise data re-identification risks. (Mean=7.7)

PP-11) Addressing special risks associated to scenarios where data linkage is necessary. (Mean=8)

PP-12) Ensuring proper data quality procedures is enforced to ensure accuracy of data. (Mean=8.2)

PP-13) Aggregation of data where acceptable in order to minimise data re-identification risks. (Mean=7.6)

DISAGREEMENT

PP-01) Consent to use data and individual access providing control of personal information.

PP-04) Established methods of disclosure and storage of personal information to minimize identification risks that facilitate integrated care scenarios.

PP-05) Limiting collection of personal data to what is required for the purpose it is being collected.

PP-06) Accountability of personal information involves providing access to data by healthcare organisations and providers so they can be accountable for treatment outcomes.

EQUIVOCAL

*No equivocal privacy principles

Privacy and data access guidance questions

AGREEMENT

PQ-01) Who is accountable for the data and where will it be stored?

PQ-02) Who will have access to the data?

PQ-03) Is there an audit trail to indicate that the data was obtained lawfully and ethically?

How is the audit trail safeguarded to ensure that it has not been manipulated?

PQ-05) If secondary use is permitted, what safeguards are implemented to protect the individuals whose data is being shared?

PQ-06) Can the accuracy of the data be verified?

PQ-07) Are the data processing/transformation processes documented and approved?

PQ-08) Is there a method by which individuals can opt-out from having their data re-used (or opt-in from being excluded)? Is this opportunity provided at the point of collection, or later, or both?

PQ-09) Are there clearly identified data owners, data controllers, and data processors?

DISAGREEMENT

*No disagreed questions

EQUIVOCAL

*No equivocal questions

Round 3: The Delphi panel reviewed the consensus results and attempted to interpret the results based on their professional experiences. The discussion was mainly focus on statements that resulted in disagreement of equivocation. The key points raised are summarised in the discussion section of this paper.

Use Cases

Use cases are frequently helpful in health informatics to capture and understand scenarios of how various systems are employed in actual practice [19, 20]. They describe typical scenarios of a system and its associated actors and processes. Based on the literature review and the results of the consensus process we have developed several use cases for the ethical framework described in this study. The purpose was to enable different researchers, in disparate contexts, to utilize a coherent and inclusive set of principles that has garnered international acceptance through the consensus process. The high level use case is described in Figure 3.

Fig. 3.

Fig. 3

Overall use case diagram for utilising the privacy and ethical framework indicates potential actors that will benefit from the framework and possible contexts that the framework can be applied within. The box indicates the system in concern and the oval within correspond to inter-related processes within the system. The actors that interacted with the system (and its processes) are drawn around the perimeter of the box.

Discussion

Main Findings

The Delphi panel recognized that the integrated approach for dealing with ethical and privacy issues is a key strength of the study. This is beneficial in real world projects where both privacy and ethics have to be considered to make sound decisions during approval processes. The framework was also recognised as a useful resource for primary investigators as guidance to ensure that privacy and ethics are duly taken into account in carrying out health research.

The highest disagreement in the panel was in respect to statements EP-03 (respect of clinical judgement), EP-13 (lawfulness), PP-01 (consent for data use) and PP-06 (accountability of personal information). The panel found that most disagreements may have been due to cultural bias or differences in demographics or professional groups. It was also noted that disagreement or equivocation appears to be in the areas of paternalism, societal issues such as equity and legality, or information sharing. This entails a discussion on the pros and cons of a principlist or communitarian approach to making ethical decisions. The disagreement or equivocation in the privacy section may reflect the disputed issue of ownership of data within the context of clinical practice and liability issues. It was agreed that certain principles would have benefited from rephrasing or the addition of further explanations as the agreement/disagreement would vary based on the context in which the principle is applied. For example, controversies around the American Academy of Pediatrics (AAP) policy to question patients about firearms in households has resulted in principles such as EP-13 (which states lawfulness is desirable but whether to apply it should be considered carefully), requiring more contextual details [21, 22].

Implications of the Findings

The privacy and ethical principles identified in the “Privacy, Ethics, and Data Access Framework” are enshrined in many international and European union (EU) conventions, legislations, regulations, and guidelines, and are fully recognized in most countries. However, those guidance principles are unevenly implemented across countries due to the different contexts in which they are implemented and applied [17] Since research projects are often carried out at the international level, involving multiple partners from different jurisdictions, the harmonization of practices is crucial to allow researchers to deliver and make results applicable across different societies. To overcome this issue, this study proposes a new method aimed at assessing the adherence to privacy and ethics standards of research projects handling personal data.

The provision of privacy and ethics questions, linked to the above principles, can be used as guidance in the implementation of common principles in practical settings and can help different participants make informed and sound decisions over approval processes and over the conduct of research. This method could help guarantee that privacy and ethics are ensured across the lifetime of research projects.

As demonstrated in a recent Organisation for Economic Cooperation and Development (OECD) study an expanded use of health information and communication technologies (ICTs) can help to deliver better quality of care, reduce medical errors and streamline administration [23]. However, the ever-increasing use of data from multiple sources is a threat to privacy and may raise ethical concerns. Hence, there is a need to reconcile the legitimate concerns of citizens to protect their ethics and privacy with the use of health data to improve health sector performance and the quality of care. The privacy and ethics framework provided could be used as means to reach a right balance between the right to privacy and the right to the higher attainable level of health. The approach is also in line with the latest work carried out by the OECD which developed key data governance mechanisms to minimize societal risks and maximise societal benefit [15].

Limitations of the Method

During the panel discussion, it was recognised that the Delphi survey did not provide an opportunity to provide feedback about the statements provided in the final consensus round. As a result the panel recommended conducting a further round of the study to improve the clarity of the statements (particularly for statements where disagreement occurred). Privacy and ethics questions could be further expanded and grouped as subsets of the agreed principles in order to increase the level of understanding and implementation of principles among users. This further step would increase the evidence base of the privacy and ethics assessment methodology.

Conclusions

The integrated approach towards ethics and privacy developed through this literature review and the Delphi consensus exercise might be more effective than current research processes, which rely on complex, often separate or disjointed, approval processes. The integration of these approaches would facilitate the global assessment of benefit-risk, i.e. weighing up the ethical benefits as compared to privacy breach risks. This may be particularly important for research based on real world data where a wider range of data may need to be accessed in order to find what is required for a particular study. The downside of this integrated approach includes the difficulty in bringing together the range of skills that would be needed to assess projects against such a framework. Notwithstanding the challenges of implementation, we consider the explicit consideration and the balance between ethical benefit and privacy risk as key issues to maintain public trust in the use of routine health data. This framework takes a further small step towards generating an integrated ethics and privacy framework.

Acknowledgements

This paper is an academic exercise conducted by the Primary Health Care Informatics Working Groups of EFMI and IMIA. We would like to acknowledge Amy Waugh, Anthony Yeo, Carlos Saez Silvestre, David Mullett, Geoff Delaney, Rev. Gwilym Henry-Edwards, Hanne-Dorthe Emborg, Jessie Tenenbaum, Jorgen Bauwens, Kate Fultz Hollis, Larry Ozeran, Lieke van der Aa, Michael Tam, Stephen Morgan, Tom Chan, Tyra Grove Krause, and Vincent Bauchau for their contribution by participating in the study. This paper and its contributions are the work of volunteers.

References

  • 1.De Lusignan S, Crawford L, Munro N. Creating and using real-world evidence to answer questions about clinical effectiveness. J Innov Health Inform 2015;22(3):368-73. [DOI] [PubMed] [Google Scholar]
  • 2.Ohrt C, Roberts KW, Sturrock HJ, Wegbreit J, Lee BY, Gosling RD. Information systems to support surveillance for malaria elimination. Am J Trop Med Hyg 2015. Jul;93(1):145-52. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 3.Degeling C, Johnson J, Kerridge I, Wilson A, Ward M, Stewart C, et al. Implementing a One Health approach to emerging infectious disease: reflections on the socio-political, ethical and legal dimensions. BMC Public Health 2015. Dec 29;15(1):1307. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 4.Kaye J. The tension between data sharing and the protection of privacy in genomics research. Annu Rev Genomics Hum Genet 2012;13:415-31. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 5.European Union. EU Directive 95/46/EC – The Data Protection Directive. Available from http://www.dataprotection.ie/docs/EU-Directive-95-46-EC--Chapter-2/93.htm. Accessed on 8 Feb 2016.
  • 6.Australian Privacy Principles. Available from https://www.oaic.gov.au/privacy-law/privacy-act/australian-privacy-principles. Accessed on 8 Feb 2016.
  • 7.World Medical Association. World Medical Association Declaration of Helsinki: Ethical Principles for Medical Research Involving Human Subjects. JAMA 2013;310(20):2191-4. [DOI] [PubMed] [Google Scholar]
  • 8.McCarthy RL. Ethics and patient privacy. J Am Pharm Assoc 2008;48(6):e144-52; quiz e153-4. [DOI] [PubMed] [Google Scholar]
  • 9.Wright D, Friedewald M. Integrating privacy and ethical impact assessments. Science and Public Policy 2013;40(6):755-66. [Google Scholar]
  • 10.Beauchamp TL, Childress JF. Principles of Biomedical Ethics, fourth edition New York: Basic Books; 1994. [Google Scholar]
  • 11.Thompson AK, Faith K, Gibson JL, Upshur RE. Pandemic influenza preparedness: an ethical framework to guide decision-making. BMC Med Ethics 2006;7:E12. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 12.Tangwa GB. Ethical principles in health research and review process. Acta Tropica 2009;112(Suppl 1):S2-7. [DOI] [PubMed] [Google Scholar]
  • 13.Malin B, Loukides G, Benitez K, Clayton EW. Identifiability in biobanks: models, measures and mitigation strategies. Human Gen 2011;130(3):383-92. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 14.Faden RR, Kass NE, Goodman SN, Pronovost P, Tunis S, Beauchamp TL. An ethics framework for a learning health care system: a departure from traditional research ethics and clinical ethics. Hastings Cent Rep 2013;S16-27. [DOI] [PubMed] [Google Scholar]
  • 15.Di Iorio CT, Carinci F, Brillante M, Azzopardi J, Beck P, Bratina N, et al. Cross-border flow of health information: is ‘privacy by design’ enough? Privacy performance assessment in EUBIROD. Eur J Public Health 2013;23(2):247-53. [DOI] [PubMed] [Google Scholar]
  • 16.Babu GR, Tn S, Bhan A, Lakshmi JK, Kishore M. An appraisal of the tuberculosis programme in India using an ethics framework. Indian J Med Ethics 2014;11(1):11-5. [DOI] [PubMed] [Google Scholar]
  • 17.Willison DJ, Ondrusek N, Dawson A, Emerson C, Ferris LE, Saginur R, et al. What makes public health studies ethical? Dissolving the boundary between research and practice. BMC Med Ethics 2014;15:61. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 18.OECD, Health Data Governance: Privacy, Monitoring and Research, OECD Health Policy Studies, Paris: OECD Publishing, 2015. Available from http://dx.doi.org/10.1787/9789264244566-en. Accessed on 8 Feb 2016. [Google Scholar]
  • 19.Liyanage H, de Lusignan S, Liaw ST, Kuziemsky CE, Mold F, Krause P, et al. Big Data Usage Patterns in the Health Care Domain: A Use Case Driven Approach Applied to the Assessment of Vaccination Benefits and Risks. Contribution of the IMIA Primary Healthcare Working Group. Yearb Med Inform 2014. Aug 15;9:27-35. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 20.Liyanage H, de Lusignan S, Liaw ST, Kuziemsky CE, Mold F, Krause P, Fleming D, Jones S. Big Data Usage Patterns in the Health Care Domain: A Use Case Driven Approach Applied to the Assessment of Vaccination Benefits and Risks. Contribution of the IMIA Primary Healthcare Working Group. Yearb Med Inform. 2014. Aug 15;9:27-35. [DOI] [PMC free article] [PubMed] [Google Scholar]
  • 21.Ahmann E. Guns in the home: nurses’ roles. Pediatr Nurs 2001;27(6):587-90, 605. [PubMed] [Google Scholar]
  • 22.Swanson JW, Bonnie RJ, Appelbaum PS. Getting serious about reducing suicide: More “how” and less “why”. JAMA 2015;314(21):2229-30. [DOI] [PubMed] [Google Scholar]
  • 23.OECD. Strengthening Health Information Infrastructure for Health Care Quality Governance: Good Practices, New Opportunities and Data Privacy Protection Challenges (2013) OECD Health Policy Studies. Available from http://www.oecd.org/publications/strengthening-health-information-infrastructure-for-health-care-quality-governance-9789264193505-en.htm Accessed on 8 Feb 2016.

Articles from Yearbook of Medical Informatics are provided here courtesy of Thieme Medical Publishers

RESOURCES