Purpose
The aim of Metadvice is to provide an assistive solution that supports personalised diagnostics and treatment through access to a dynamically updated knowledge base of precision medicine. Our ultimate goal is enhancing innovative medical research, facilitating accelerated and improved patient diagnosis and supporting more efficient development and administration of life-saving therapeutics. Our Data Sharing & Protection Policy supports this mission by promoting the broad and responsible sharing of medical data collected and submitted by our Members (users), which to the best of our knowledge are certified physicians, healthcare providers or patients, while providing the utmost protection of patient privacy. Sharing will amplify the scientific value of data and complement multiple research efforts conducted world-wide for the benefit of science and of patients with urgent and unmet medical needs.
Patient Privacy
The protection of patients’ privacy and confidentiality is paramount, and this Data Sharing & Protection Policy reflects our continued commitment to responsible data stewardship, which is essential to uphold the public trust in medical research. Even if we allow users to capture personal identifiers such as name, address, and social security numbers, these are not used by us and Members should avoid sharing such data with us or other Members through our products and services. The collected data may, however, include medical records, clinical observations, test results, family history and other demographic information, which may be shared on an individual-level, in accordance with the access designation, as more fully described below, and in accordance with applicable HIPAA and EU data protection and privacy regulations. Individual-level data is coded in our data repositories and a corresponding unique case identifier number is provided to the submitting Member.
Protected Health Information (PHI)
In order to maintain the privacy of patient documents provided by clinicians and researchers, the Metadvice software employs technologies to automatically extract de-identified data from electronic medical records (EMR). Upon input, the EMR is analyzed to extract medical data, including laboratory tests, bio-markers and next generation sequencing (NGS) of tumours. This means that the original document that has been uploaded cannot be reverse engineered into an identifiable record.
It is only the patient’s de-identified medical record that interacts with the Metadvice learning system, where it is compared to thousands of known features, looking for correlating mathematical patterns between them. The Metadvice learning system provides the clinician or researcher with a list of best-matched diagnostics / therapies based on the comparative analysis.
While only de-identified data is accessed by the Metadvice learning system, personal identity / Protected Health Information (PHI) is encrypted and stored securely in a separate area of the Metadvice database which is available only to the individual clinician or researcher who submitted the case. If the Member chooses, he/she may elect to share access to case data with clinical team members or collaborators. When using Metadvice to work on cases privately or within your own clinical team, your institutional pconsent form is sufficient, as the patient’s PHI remains private to you and your clinical team. When sharing cases with collaborators outside your clinical team, it is the clinician’s or researcher’s responsibility to obtain appropriate consent from the patient or parent/guardian. The Member has the ability to delete personal identity information at any time.
The following data fields are treated as PHI within the Metadvice system: names, address, telephone, date of birth and the social security number. Since data in these fields is or may be identifiable, it is encrypted and stored securely in a separate area of the Metadvice database which is available only to the individual clinician or researcher who submitted the case. All digital communication links between Members and the Metadvice private cloud occurs over secure, encrypted communication protocols.
The Metadvice team is also working directly with clinical and research collaborators to facilitate a process for the capture of valuable data from clinical documents, including diagnoses, and genetic test results. In order to maintain patients’ privacy, a process of automatic PHI redaction and data extraction is employed. The resulting de-identified data can then be incorporated into the individual patient case, enabling the Member more effective use of the Metadvice software for clinical evaluation and/or research analysis. Meanwhile, the original clinical document(s) are encrypted and stored securely for the benefit of the Member, who may wish to access the document(s) at a later date. As with any other PHI data, the original document is available only to the individual clinician or researcher who submitted the case.
Tiered System for Data Collection and Sharing
Our Phenotype Data Sharing & Protection Policy is a four-tiered system for collecting, storing and sharing the data, based on the following incremental access rights designated by Members:
Data Repositories
In accordance with our four-tiered system, data will be stored in four separate designated data repositories, corresponding to the access level indicated by Members. Our data repositories are hosted in a secure private cloud environment and apply the appropriate technical protection measures necessary to comply with data security, confidentiality, and privacy laws and regulations. We audit our security policies and technical measures periodically to ensure compliance with applicable HIPAA and EU data protection and privacy regulations.
The four data repositories are:
Informed Consent
Designating data as either Private, Controlled, Collaborative or Open Access should be consistent with the original informed consent or permission under which the data were collected and submitted. It is each Member’s responsibility to determine whether a patient consent or permission is required or advisable in order to disclose, process, retrieve, transmit, and view the PHI, based on the laws and regulations of the Member’s jurisdiction and/or the policies of the Member’s institution. If applicable, it is the Member’s responsibility to obtain and maintain such consents or permissions. Click here to download a sample patient informed consent.
Member Certification
By uploading data to our products and services, Members certify and assure that the data has been collected in a legal and ethically appropriate manner and that patients’ identifiable PHI, which are not the minimum necessary to accomplish the intended purpose of such use, disclosure or request, respectively, have been removed or de-identified before submission. Members control whether the data will be submitted to a Private, Controlled, Collaborative or Open Access data repository and assure that: The data submission is consistent with applicable laws, regulations, and institutional policies, specifically such laws and regulations which are in effect in the patient’s jurisdiction; Data submission and subsequent data sharing (if applicable) are consistent with the informed consent or permission; Risks to individuals and their families associated with data submitted to the designated data repositories were considered; and, to the extent relevant and possible, risks to groups or populations associated with data submitted to designated data repositories were considered. If no indication is made, data will be designated as Private Access by default.
Data Withdrawal or Change in Access Designation
An access level may be increased by a Member, provided the consent obtained from the patient supports such change. If, at any time, a patient revokes his or her consent in whole or in part, the respective data may be removed from the data repository completely or transferred to another data repository, as applicable. To change the access designation or withdraw data from our repositories, Members may contact us in writing via e-mail to dpo@metadvice.net and clearly indicate the case identifier number and nature of the change. We will apply the change within 10 business days and certify such change in writing to the requesting Member. It is important to note that data already shared or disseminated in accordance with the original access designation before requesting a change in designation has been received and processed by us, may not be retrieved.
Requests for Data Access
Data stored in our designated repositories may be accessed either on an individual- or aggregate-level, based on the submitting Members’ designation of such data, the corresponding informed consents or permissions and applicable laws and regulation. Requests for access to data are reviewed by us on a case by case basis. Decisions are based primarily on conformance of the purpose described in the access request to the data use with the values and missions described in this Policy, as well as on the scope of data requested and the identity of the requesting entity. Generally, data will be shared with any entity or individual with a valid reason to request such data and will be limited to the minimum necessary to accomplish the intended purpose of such use. Third parties approved to access data from our repositories are expected to abide by terms and conditions specified in a separate agreement signed with us in accordance with HIPAA and EU data protection and privacy regulations, including:
If requests for access to data are submitted by entities or individuals for non-commercial / non-profit purposes only, we will consider, based on certain criteria, such as the identity of the requester, the purposes listed in the request and the scope of data requested, granting access to such data on a non-profit basis, and in certain cases, on a pro-bono basis (bearing all costs ourselves), and, as necessary, in accordance with applicable HIPAA and EU data protection and privacy regulations.
Acknowledgment Responsibilities
Anyone accessing datasets from our designated data repositories, whether on an individual- or aggregate-level, will be required to acknowledge our contribution in all resulting oral or written presentations, disclosures, or publications.