data_compliance_and_wsi
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
data_compliance_and_wsi [2022/10/20 12:10] rudy |
data_compliance_and_wsi [2023/11/09 17:19] (current) chris |
||
|---|---|---|---|
| Line 1: | Line 1: | ||
| - | **Privacy regulations and WSI** | + | ===== Privacy Regulations and WSI ===== |
| - | Whole Slide Imaging (WSI) is a relatively new category of patient data. As such, recently, some efforts have been made to better understand how WSIs (whole slide images) can be utilized in a balancing act: maximizing individual and public benefit, while at the same time, restricting and protecting its access, whenever such poses a potential privacy risk and non-compliance with data privacy laws (e.g. GDPR). Although by itself the patient’s photographic tissue image falls under the category of de facto anonymity (add note) of the GDPR, the existence of patient-ids and/or other tags attached to the WSI, increase the likelihood of patient identification, and potential privacy issues. (Holub et al., 2022). | + | Whole Slide Imaging (WSI) is a relatively new category of patient data. As such, recently, some efforts have been made to better understand how WSIs (whole slide images) can be utilized in a balancing act: maximizing individual and public benefit, while at the same time, restricting and protecting its access, whenever such access would pose a potential privacy risk and non-compliance with data privacy laws (e.g. GDPR). Although by itself the patient’s photographic tissue image falls under the category of de facto anonymity (https://www.lboro.ac.uk/data-privacy/resources/personaldata/ ) of GDPR guidance, the existence of patient-ids and/or other tags attached to the WSI increase the likelihood of patient identification, and raise potential privacy issues. (Holub et al., 2023). |
| {{:balance_data_and_security.jpg?400|}} | {{:balance_data_and_security.jpg?400|}} | ||
| - | The novelty of this type of personal data is revealed when histopathologists describe their knowledge and confidence when dealing with WSIs as personal data. In a survey (n=198) conducted by the Oxford University Hospitals, addressed to histopathologists members of major pathology associations in the UK, 41% of the respondents did not know when WSIs would fall under relevant legal frameworks, while 47% were not confident “At all” when it came to understand the WSI consent in a research context (Coulter et al.; 2022). | + | The novelty of this type of personal data is revealed when histopathologists describe their knowledge and confidence when dealing with WSIs as personal data. In a survey (n=198) conducted by the Oxford University Hospitals, addressed to histopathologists members of major pathology associations in the UK, 41% of the respondents did not know when WSIs would fall under relevant legal frameworks, while 47% were not confident “at all” when it came to understanding WSI consent in a research context (Coulter et al.; 2022). |
| - | Digital imaging Storage and management standards are widely adopted in the field of Radiology, which facilitates the adoption of sound data compliance practices. When it comes to digital pathology and data management standards adoption differences, alongside with workflow specificities and the novelty of the field, another major difference lies in the role of the pathology professional societies. The ARS took the lead and through the DICOM initiative managed to impose standards and provide clear guidelines for Radiologists and industry. The Pathology societies have not played such an active role yet, and previous efforts to make WSI part of DICOM have not been successful due to the complexity of WSI and differences in pathology clinical workflows. Despite the absence of reference literature from professional pathology societies, general guidelines and use cases published in the recent years focusing on how to lawfully and ethically process WSIs as patient data, point to pseudonymization as a relevant strategy to ensure data compliance, and perhaps most importantly, as a strategy to avoid data breaches and its negative consequences for both patients and organizations. In fact pseudonymization is often part of basic but sound strategies when it comes to protect personal data in general, as explained by Thomas Zerdick (2021). | + | Digital Imaging Storage and management standards are widely adopted in the field of Radiology, which facilitates the adoption of sound data compliance practices. |
| + | However, adoption of data management standards in digital pathology differs. Beside workflow specificities and the novelty of the field, another major difference lies in the role of the pathology professional societies. The Advanced Radiology Services Foundation (ARS) took the lead and imposed standard and clear guidance for radiologists and industry through the DICOM (Digital Imaging and Communications in Medicine) initiative.\\ | ||
| + | |||
| + | Pathology societies have not implemented a definitive framework yet, and previous efforts to make WSI part of DICOM were not successful due to the complexity of WSI and differences in pathology clinical workflows. Despite the absence of reference literature from professional pathology societies, general guidelines and use cases have been published in recent years. Articles focused on how to lawfully and ethically process WSIs as patient data point to pseudonymization as a relevant strategy to ensure data compliance, and perhaps most importantly, as a strategy to avoid data breaches and its negative consequences for both patients and organizations. In fact pseudonymization is often part of basic but sound strategies when it comes to protect personal data in general, as explained by Thomas Zerdick (2021):\\ | ||
| + | //"If you do not need personal data, do not collect personal data (…) if you really need personal data, then start by pseudonymising this personal data."// \\ | ||
| + | |||
| + | **References**\\ | ||
| + | Holub et al 2023: https://doi.org/10.1038/s41467-023-37991-y \\ | ||
| + | Coulter et al 2022: https://doi.org/10.1002/cjp2.251 \\ | ||
| + | Thomas Zerdick 2021: https://edps.europa.eu/press-publications/press-news/videos/ipen-2021-pseudonymous-data-introduction-thomas-zerdick_en | ||
| - | If you do not need personal data, do not collect personal data (…)if you really need personal data, then start by pseudonymising this personal data. Thomas Zerdick. | ||
data_compliance_and_wsi.1666257038.txt.gz · Last modified: 2022/10/20 12:10 by rudy
Page Tools
