Intertrust Talk: Setting Up a Data Fiduciary for Genomic Data


We’re proud that Intertrust’s David Maher and Knox Carey were selected to speak at an event on March 11, 2016 called “Genomics and Patient Privacy Conference 2016.” Held at Stanford University, the event brought together experts in both genomics and privacy to discuss how technology companies and genetic researchers can cooperate developing genomics research and collaboration tools that also protect privacy. Mr. Maher and Mr. Carey’s talk focused on Genecloud, Intertrust’s foray into this field.

  The Genecloud platform architecture as presented by Dave Maher and Knox Carey

 

The Genecloud platform architecture as presented by Dave Maher and Knox Carey

A “Data Fiduciary” for Genomic Data

In the presentation, Maher and Carey introduced Genecloud as an example of what Intertrust is calling a “data fiduciary.” A fiduciary is a person or entity that has a trust relationship with an individual to responsibly take care of that individual’s assets. While a fiduciary generally takes care of financial assets, in today’s digital world an individual’s data assets are increasingly becoming more valuable and of course, vulnerable to misuse. A data fiduciary is an entity given the responsibility for helping an individual manage their data in such a way that protects their privacy and interests while ensuring the data can be used in beneficial ways. “In a data fiduciary, you provide your data while maintaining ownership. The data fiduciary helps you govern its use, execute transactions and makes your data more productive,” (Maher).

Genecloud is designed to be a data fiduciary for personal genetic data held by research institutes. Already in trials, Genecloud is an application program designed to allow genetic researchers to create managed research programs that are brought over the Internet to repositories of genetic data information held by other research institutes. The Genecloud platform is designed to manage these programs to avoid privacy and security infringement as well as provide a secure data platform for the data itself. “Genecloud seamlessly handles data management so customers can focus on doing what do best; science,” (Carey).

No Need to Move the Data

Much of the presentation was focused on the pros and cons of the main three methods of cloud based analytics of DNA data, Genecloud’s approach of moving computations analytics to the data, moving the data to a cloud based repository or allowing analytics programs to use a managed API to access the data. Moving the data tends to be the easiest one to implement but requires a massive amount of bandwidth and also means the owner loses direct control over the data. The managed API approach avoids data movement and allows for auditing, authentication and authorization but limits the research program to whatever approaches are programmed into the API. Moving the analytics computation gives the same benefits as the managed API approach, with more flexibility and the ability to enforce privacy and other policies. The disadvantage is that the execution environment must be protected from third-party software attacks, something Genecloud is designed to do

The presenters ended the presentation on the note that they and others working in the field need to continue to focus on the end game, helping researchers to bring about the full promise of precision medicine that use of genetic data could result in. “We want to reduce the pain points of innovators in the field as much as is possible,” (Maher).