Table 2.
The benefits of implementing the GA4GH Passport
| Infrastructure service providers | Data steward | Data users | |
|---|---|---|---|
| Role definition | Provides common data access support mechanisms on cloud infrastructure, including high-performance computing, and may model policy or regulatory frameworks via software services. | Organizes research initiatives, provides oversight, and authorizes data access for secondary use as a data steward (sometimes using infrastructure of approved 3rd party organizations). | Proposes studies and conducts research making use of shared data available from data stewards once their studies are approved for such use. |
| Challenge | Connects multiple layers of disparate systems that use different identity and permission models that may not be compatible. It can be challenging to carry the data access authorization from a DAC through these layers to apply to the data being stored. | A need to convey authorization across disparate infrastructure systems, sometimes hosted by external organizations, while maintaining data governance oversight of the data user’s use. Also may wish for a more secure and streamlined verification process during DAR reviews to ensure data users meet the consented restrictions agreed upon by the data donors using a policy and ethics framework. | Navigate policies and procedures to apply for data access and use data for custom data analysis with minimum hurdles while being able to leverage a variety of research infrastructure services available (e.g., data repositories, cloud computing, and home institution resources). |
| Passport benefit | Provides a mechanism that can securely collect and carry permissions to where they need to be checked at the data repository as part of software control layers while retaining digital proof of authority across systems and organizations. | Encodes access authorization to infrastructure service providers to verify that permission to access the data within a secure environment. Data users use the data in-place without the need to download and secure it separately. Infrastructure creates audit logs and other security features needed by data governance oversight. May carry digital signatures from data user organizations to the DAC to expedite the data use application. | Ability to communicate authority granted to a data user across organizational boundaries. The Passport carries this authority to data systems that provide secure access for users, and the same data access rights are implemented across computing environments. This removes the need to have copies of the data in local systems for processing, improving both data security and governance over the data. |
The use of the GA4GH Passport provides benefits across the stages of data sharing from providers to data users. A secure healthcare data sharing environment for research will include infrastructure service providers, data stewards, and DACs. Data users are researchers who use these services to access the shared datasets. The GA4GH Passport standard implementation for managing access to data will address challenges and provide benefits for each of these stages of the managed data access process.