[目的/意义]总结国外医学科学数据隐私保护实践经验,为我国医学科学数据隐私管理提供借鉴和启示。[方法/过程]采用网络调研法和内容分析法,对PhysioNet、TCIA、BioLINCC、N3C、SAIL、Brain-CODE 6个典型的医学科学数据仓储进行调研,从数据政策、数据收集、数据保存和数据使用4个方面对其开展的隐私保护措施进行比较分析。[结果/结论]所调查的数据共享仓储根据相关政策法规,采取符合自身特点的医学科学数据隐私保护措施,并不断优化和完善。我国可借鉴国外医学科学数据仓储的隐私保护经验,加快医学科学数据隐私保护政策落地,提高数据去隐私化处理水平,强化数据基础设施安全保障,完善数据访问控制机制。
[Purpose/Significance] To summarize the practical experience of foreign medical scientific data privacy protection, and to provide reference and enlightenment for the privacy management of medical scientific data in China. [Method/Process] Six typical medical scientific data repositories including PhysioNet, TCIA, BioLINCC, N3C, SAIL and Brain-CODE were investigated and analyzed by using the methods of network investigation and content analysis. Their privacy protection measures carried out by them were compared and analyzed from the four aspects of data policy, data collection, data storage and data access. [Result/Conclusion] According to relevant policies and regulations, the investigated data sharing repositories have taken measures to protect medical scientific data privacy in line with their own characteristics, and have been continuously optimized and improved. China can learn from the privacy management experience of foreign medical scientific data repositories, accelerate the implementation of medical scientific data privacy protection policies, increase the level of data de-privacy processing, strengthen the security of data infrastructure and improve the data access control mechanism.
[1] PACKER M. Data sharing in medical research[J]. British medical journal, 2018,360: k510.
[2] WILLIAMS C M, CHATURVEDI R, CHAKRAVARTHY K. Cybersecurity risks in a pandemic[J]. Journal of medical internet research, 2020, 22(9): e23692.
[3] 盛小平,焦凤枝.国内法律法规视角下的数据隐私治理[J].图书馆论坛,2021,41(6):85-99.
[4] Talend. What is data privacy? [EB/OL]. [2022-03-20]. https://www.talend.com/resources/data-privacy/.
[5] HOLZINGER A. Machine learning for health informatics [M]. Cham: springer international publishing, 2016:1-24.
[6] WALTERS K M, JOJIC A, PFAFF E R, et al. Supporting research, protecting data: one institution’s approach to clinical data warehouse governance[J]. Journal of the American Medical Informatics Association,2022,29(4):707-712.
[7] THORAL P J, PEPPINK J M, DRIESSEN R H, et al. Sharing ICU patient data responsibly under the society of critical care medicine/European society of intensive care medicine joint data science collaboration: the Amsterdam university medical centers database (AmsterdamUMCdb) example[J]. Critical care medicine, 2021,49(6):e563-e577.
[8] 刘宁远,成福春,冯佳,等.重症监护医学信息数据库隐私保护技术探讨[J].医学信息学杂志,2020,41(2):29-33.
[9] DESMET C, COOK D J. Recent developments in privacy-preserving mining of clinical data[J]. ACM/IMS transactions on data science, 2021,2(4):28.
[10] JONES M, JOHNSON M, SHERVEY M, et al. Privacy-preserving methods for feature engineering using blockchain: review, evaluation, and proof of concept[J]. Journal of medical internet research, 2019, 21(8):e13600.
[11] 魏明月,陈敏,胥婷,等.临床科研场景下医疗数据安全开放共享平台设计[J].中国数字医学,2021,16(7):27-32.
[12] LEA N C, NICHOLLS J, DOBBS C, et al. Data safe havens and trust: toward a common understanding of trusted research platforms for governing secure and ethical health research[J]. JMIR medical informatics,2016, 4(2):e22.
[13] WIRTH F N, MEURERS T, JOHNS M, et al. Privacy-preserving data sharing infrastructures for medical research: systematization and comparison[J]. BMC medical informatics and decision making, 2021, 21(1):242.
[14] 劳动报.全国政协委员陈红专:加强临床研究受试者个人信息数据保护[EB/OL]. [2022-03-30]. http://oppo.yidianzixun.com/article/0TNdEvP3.
[15] Re3data.org. About [EB/OL]. [2022-03-20]. https://www.re3data.org/about.
[16] PhysioNet. About [EB/OL]. [2022-03-20]. https://physionet.org/about/.
[17] National Cancer Institute. About The Cancer Imaging Archive [EB/OL]. [2022-03-20]. https://www.cancerimagingarchive.net/about-the-cancer-imaging-archive-tcia/.
[18] National Heart, Lung, and Blood Institute. About BioLINCC [EB/OL]. [2022-03-20]. https://biolincc.nhlbi.nih.gov/about/.
[19] National Center for Advancing Translational Sciences. National COVID cohort collaborative (N3C) [EB/OL]. [2022-03-20]. https://ncats.nih.gov/n3c.
[20] SAIL Databank. About us [EB/OL]. [2022-03-20]. https://saildatabank.com/about-us/.
[21] Brain-CODE. About Brain-CODE [EB/OL]. [2022-03-20]. https://www.braincode.ca/content/about-brain-code.
[22] DataONE. Data life cycle[EB/OL]. [2022-03-30]. https://www.dataone.org/data-life-cycle.
[23] 刘瑞爽.GDPR对我国医学研究伦理审查的启示[J].医学与哲学,2019,40(3):29-33.
[24] 金涛,谢安明,陈星,等. GB/T 37964-2019信息安全技术 个人信息去标识化指南[S].北京:中国标准出版社, 2019.
[25] DICOM standards committee. DICOM PS3.15 2021d - security and system management profiles [EB/OL]. [2022-03-30]. http://dicom.nema.org/medical/dicom/current/output/html/part15.html#chapter_E.
[26] 宋午阳,姜霞.网络传输中数据安全及加密技术分析[J].网络安全技术与应用,2022(9):30-31.
[27] HAENDEL M A, CHUTE C G, BENNETT T D, et al. The national COVID cohort collaborative (N3C): rationale, design, infrastructure, and deployment[J]. Journal of the American Medical Informatics Association, 2021, 28(3):427-443.
[28] PRIOR F W, CLARK K, COMMEAN P, et al. TCIA: an information resource to enable open science[C]//Annual international conference of the IEEE engineering in medicine and biology society. Osaka: IEEE Engineering in Medicine and Biology Society,2013:1282-1285.
[29] 闫树,吕艾临.隐私计算发展综述[J].信息通信技术与政策,2021,47(06):1-11.
