Program
|
||||||||||||||||||||
Bios and Abstracts
Keynote
Mark A. Rothstein holds the Herbert F. Boehl Chair of Law and Medicine and is the Founding Director of the Institute for Bioethics, Health Policy and Law at the University of Louisville School of Medicine.
He received his B.A. from the University of Pittsburgh and his J.D. from Georgetown University.
Professor Rothstein has concentrated his research on bioethics, genetics, health privacy, public health law, and employment law. From 1999-2008, he served as Chair of the Subcommittee on Privacy and Confidentiality of the National Committee on Vital and Health Statistics, the statutory advisory committee to the Secretary of Health and Human Services on health information policy. He is past president of the American Society of Law, Medicine and Ethics.
He is the author or editor of 19 books and nearly 200 book chapters and articles in leading journals of bioethics, law, medicine, and public health.
Title: Reconsidering Privacy in the Genomic Era
Abstract: Privacy is a popular concept in the abstract, but one that eludes a consensus definition and quickly becomes contentious in its numerous applications. After attempting to simplify and demystify the concept of privacy, this talk will focus on the challenges to privacy raised by new genomic technologies. The talk will address whether it would be better to address genetic and genomic privacy by enacting special legislation or by having more general protections for informational health privacy. It also will discuss some of the specific privacy issues raised by genomics in research, electronic health records, and other areas.
____________________________________________________________________________
Panel 1A
Patricia Kosseim has recently joined Genome Canada on a two-year Executive Interchange arrangement to lead a national strategy for addressing ethical, economic, environmental, legal and social (GE3LS) issues related to large-scale genomics research. She joins Genome Canada from the Office of the Privacy Commissioner of Canada (OPC), where she has held the position of General Counsel since January 2005, responsible for the activities of the Legal Services, Policy and Parliamentary Affairs Branch.
Before joining OPC, Patricia spent five years building and heading up the Ethics Office of the Canadian Institutes of Health Research. During this period, she was briefly seconded to Canada Health Infoway Inc. to advise on privacy issues related to the development of pan-Canadian electronic health record systems.
Patricia worked in Montreal for over six years with the national law firm of Heenan Blaikie, practicing primarily in the areas of health law, human rights, labor & employment law, privacy law, administrative law, professional liability and civil litigation.
Called to the Québec Bar in 1993, Patricia holds degrees in Business (B.Com ’87) and Laws (B.C.L. / LL.B. ‘92) from McGill University, and a Master’s Degree in Medical Law and Ethics (M.A.’94) from King’s College, University of London (U.K.).
Yann Joly, Ph.D. (DCL), Lawyer, is an Assistant Professor at the Faculty of Medicine, Department of Human Genetics at McGill University, as well as an ethics and legal consultant in the private sector. He is the North American coordinator of the Association de recherche et de formation en droit medical (ARFDM). His research activities lie at the interface of the fields of intellectual property, health law (biotechnology and other emerging health technologies) and bioethics. Yann Joly is the current Data Access Officer of the International Cancer Genome Consortium (ICGC).
Title: Public Release of Genomic Data: Ethical and Legal Perspectives
Abstract: Data creation and release is exponential. The genomic research community understands that data sharing is a necessity for economic, scientific and ethical reasons. However, for all its promise, data sharing raises important ethical, legal and social challenges. This presentation will focus on two of the main issues in data sharing practices: 1) how can we motivate data producers to share their data in a timely manner with the rest of the scientific community? and 2) how can the confidentiality and the autonomy of research participants be respected in open release and access? These issues as well as some potential solutions will be contextualized by the use of a case study based on the model of the International Cancer Genome Consortium.
Laura Lyman Rodriguez, Ph.D., is the Acting Director for the Office of Policy, Communication, and Education and the Senior Advisor to the Director for Research Policy at the National Human Genome Research Institute (NHGRI), National Institutes of Health (NIH). Dr. Rodriguez works to develop and implement policy for research initiatives at the NHGRI, as well as trans-NIH programs. She is particularly interested in the policy and ethics questions related to the inclusion of human research participants in genomics and genetics research. Dr. Rodriguez is also interested in the policy and organizational issues associated with the development and establishment of strategic partnerships. Among other activities, Dr. Rodriguez provided leadership for many of the policy development activities pertaining to the Genetic Association Information Network (GAIN) as well as the development and implementation of the trans-NIH Policy for Data Sharing in Genome-Wide Association Studies (GWAS).
Dr. Rodriguez received her bachelor of science with honors in biology from Washington and Lee University in Virginia and earned a doctorate in cell biology from Baylor College of Medicine in Texas.
Title: Sharing Genomic Data in the Face of Advancing Technologies and Statistics
Abstract: In 2006 the U.S. National Institutes of Health (NIH) announced a draft policy to create a central repository of individual-level genotype and phenotype data that would serve as the foundation for the creation of a community resource database to support the emerging area of genome-wide association studies (GWAS). Under the final version of this policy, which was released in 2007 and effective in early 2008, genotype and phenotype data from any study submitted for funding to conduct GWAS was expected to be deposited to the NIH GWAS Data Repository, known as the database for Genotypes and Phenotypes, for subsequent data sharing for appropriate research purposes. The data access model developed for this new type (and considerably expanded volume) of data was two-tiered. Open Access portions of the database made summary level information about studies available to anyone, and Controlled Access portions of the database displaying the individual-level information contained within the raw genotype and phenotype data were made available only to users approved by NIH Data Access Committees (DACs) to conduct investigator-specified research projects. Included within the summary-level information accessible through the Open Access portions of the database were aggregate genomic statistical tables (allele frequencies, p values for measured SNPs, etc.), as well as aggregate phenotype data tables. Sharing data in these forms was a standard and long-held practice within the research community as the data types were commonly accepted to pose no risk to the privacy or confidentiality of individual participants in the original studies. However, in August 2008, Homer et. al published a seminal paper demonstrating innovative statistical methods to resolve a known DNA genotype from within a complex mixture of DNA samples. Although this new methodology did not enable the definitive identification of data contributors to aggregate genomic data collections (such as those made publicly available through dbGaP and other GWAS resources) unless a full genomic analysis was available from an already identified source, the NIH determined that there had been a sufficiently substantive change to the risks to individual confidentiality to warrant revising GWAS policy to move aggregate genomic data from the Open Access pages within dbGaP to accessibility only through Controlled Access mechanisms. An overview of the data access policy within the NIH GWAS data sharing model and the changes that were made following the publication of the new statistical methods will be provided.
Aled Edwards, Ph.D. is Banbury Professor of Medical Research at the University of Toronto, Canada, Visiting Professor of Chemical Biology at the University of Oxford and the Director and CEO of the Structural Genomics Consortium, an Anglo-Canadian-Swedish public-private partnership devoted to open-access drug discovery science.
Dr. Edwards co-founded Affinium Pharmaceuticals, a Toronto-based anti-infectives company and Scate Consultants Inc, a company that commercializes bioremediation intellectual property. He also served as the Scientific Consultant on the Canadian television drama ReGenesis. He has served in management and advisory capacities for several biotechnology companies, international research consortia and funding agencies.
Title: Open access clinical trials to achieve clinical proof-of-concept
Abstract: The release of genome sequence information is to some extent “yesterday’s news”; we must prepare for public release of data that link genotype to function. One area of science that could benefit immensely from open access to information is drug discovery. Drug discovery resources in academia and industry are currently not used efficiently. Duplication could be reduced, productivity could be increased, and fewer patients subject to harm by performing clinical proofs of concept within open access industry-academia partnerships. The power of these experiments is dependent on having access to patient metadata and genome data. Efforts are underway to launch such studies, and it would be great if the framework for data release and management could anticipate these studies.
____________________________________________________________________________
Session 1B
Bradley Malin is an Assistant Professor of Biomedical Informatics in the School of Medicine and an Assistant Professor of Computer Science in the School of Engineering at Vanderbilt University. He is the founder and director of the Vanderbilt Health Information Privacy Laboratory (HIPLab), which focuses on basic and applied research in a number of health-related areas, including primary care and secondary sharing of patient-specific clinical and genomic data. His research has received several awards of distinction from the American and International Medical Informatics Associations. For the past several years, he has directed a data privacy research and consultation team for the Electronic Medical Records and Genomics (eMERGE) project, a consortium sponsored by the U.S. National Human Genome Research Institute. He has served as a program committee member and workshop chair for numerous research conferences and has edited several volumes for Springer Lecture Notes in Computer Science, a special issue for the journal Data and Knowledge Engineering, and is currently on the editorial board of the journal Transactions on Data Privacy. He received a Bachelor’s in biology (2000), Master’s in knowledge discovery and data mining (2002), Master’s in public policy & management (2003), and a Doctorate in computation, organizations & society (2006) from the School of Computer Science at Carnegie Mellon University.
Title: Surveying the Landscape of Privacy in Clinical Genomics Research Databases
Abstract: The increasing adoption of electronic medical record systems into healthcare, combined with decreasing costs of high-throughput and storage systems, has enabled the collection of detailed person-specific clinical and genomic data. Scientists can now data mine for relationships between complex disorders and genomic features, as well as environmental factors, but need to share records across institutional boarders to strengthen statistical power in complex association studies, allow verification of findings, and comply with a host of regulations. To support a data sharing culture and prevent stagnancy in biomedical research, it is crucial that organizations protect the anonymity and confidentiality of the corresponding research participants. In this talk, I will review various real-world policies and technologies that various organizations have developed to protect research participants in such environments. I will further review the extent to which such systems are resistant to emerging adversarial threats in the context of varying amounts of an adversary’s background knowledge. This talk will conclude with a discussion of recent research developments and challenges for data protection in emerging clinical genomics research databases.
Dr. Murat Kantarcioglu is currently an assistant professor of computer science at University of Texas at Dallas. He had a Ph.D. degree from Purdue University in 2005. He received his master’s in Computer Science from Purdue University in 2002 and his bachelor degree in computer engineering from METU, Ankara, Turkey in 2000. He is also a recipient of NSF CAREER Award.
His research interests lie at the intersection of Privacy, Security, Data Mining and Databases: Security and Privacy issues raised by data mining; Distributed Data Mining techniques; Security issues in Databases; Privacy issues in health care. His current research is funded by grants from NIH, NSF, AFOSR, ONR and IARPA.
Title: Privacy-preserving storage and querying of genomic data.
Abstract: In this talk, we present a novel cryptographic framework that enables organizations to support genomic data mining without disclosing the raw genomic sequences. Organizations contribute encrypted genomic sequence records into a centralized repository, where the administrator can perform queries, such as frequency counts, without decrypting the data. We discuss the evaluation results of our framework with existing databases of single nucleotide polymorphism (SNP) sequences and demonstrate that the time needed to complete count queries is feasible for real world applications. We further show that approximation strategies can be applied to significantly speed up query execution times with minimal loss in accuracy. The framework that is presented can be implemented on top of existing information and network technologies in biomedical environments.
Christopher Cassa, Ph.D., a graduate of the Harvard-MIT Division of Health Sciences and Technology, is a research fellow at the Children’s Hospital Informatics Program at Harvard Medical School in Boston, MA. He has researched a wide range of medical privacy and identifiability issues. Applying quantitative approaches, he has helped develop two anonymization techniques for geographical data and investigated the re-identification potential of geographical data shared in textual and map form. His most recent work has investigated the ability to infer genotypes from family members of research proband, and how readily research datasets can be used to identify family members and familial phenotypes.
Title: Privacy Implications for Rare Mutation Data
Abstract: Sequencing of an individual’s DNA may reveal single nucleotide variants that have not been documented or previously identified. These variants include nonsense and missense mutations, insertions or deletions, and other lesions. Presence of such mutation data in a shared or published sequence substantially increases the ability to identify the individual whose data are shared. In the case of a de novo germline mutation, I will discuss the privacy implications for carrying a specific mutation.
I will first explore general identifiability issues for mutant loci, and how likely a match would be among 1000 people. If a mutation is not de novo, I will show that it is necessary to adjust estimates using the effective population size and prevalence in the population.
____________________________________________________________________________
Session 1C
Mike Spear is Director of Corporate Communications, Genome Alberta. He cut his teeth in the media business as a journalist, Producer, Executive Producer, and Program Manager with the CBC. His background includes the prestigious CBC President’s Award, a media training mission to Croatia with the Washington D.C. based National Democratic Institute, lead on CBC Olympic coverage, and founder of CBC Radio’s “Business Network”. Mike moved over to other side of the journalist’s microphone in 2006 and is currently Director of Corporate Communications with the not-for-profit research funding organization, Genome Alberta.
As part of his efforts to better understand genomics and to find a novel way of raising the profile of the science Mike has had his own personal genome sequencing done by 23andMe, deCODE, Navigenics, and the DNA Ancestry Project. He blogs about the experience at www.genomealberta.ca/blogs ,uses Twitter extensively as @mikesgene to talk about many aspects of genomics and has developed a Facebook news application called GenOmics ( http://facebook.genomealberta.ca ) to collect and distribute news, video, and blogs to people interested in many of the ‘omics’ sciences. Drawing from online experience that goes back to his early involvement with CompuServe and the Electronic Frontier Foundation, Mike speaks extensively at social media conferences and workshops.
Title: Meome, Myome, Let’s Share Our Genome
Abstract: In 1953 colour TV was just making it into our homes, cell phones were a dream, and Watson and Crick were letting the world know about the Double Helix structure of DNA. It is now 2010 and you can have a personal genome sequencing done for under a thousand dollars, store it on your phone while watching colour TV on the same phone, use the iPhone Merck Manual app to learn about some of the conditions you may have, and Tweet your followers about the results.
Once back at your computer you can run the raw data through a 3rd party SNP database to get even more information, find a group of people online who share a common interest, trait or disease, and do a more detailed comparison with people you have never met. With the help of Google, SNPedia, and Facebook you dig into the information in more detail, figure out a diet and exercise regime, and make an appointment with your doctor for some tests.
Is this useful or is it even accurate? You’ll get a lot of different answers depending on your role and alliances in this online game of Risk. In this presentation you’ll be prompted to think seriously about where research and policy should position themselves in the game as an incredible amount of health information is swirling around a growing number of people.
Rose Geransar has a B.Sc. in Biochemistry and is currently a Ph.D. Candidate in the Department of Community Health Sciences at the University of Calgary and Office of Medical Bioethics. Her dissertation is in the area of consent as part of the broader framework of governance in public umbilical cord blood banking, funded by CIHR. She is an active member of the Canadian Bioethics Society and a part of the Genome Canada community of researchers in the area of genomics-related ethical, economic, environmental, economic and social issues (GE3LS). She was the recipient of the 2008 Douglas Kinsella Award for Research in Bioethics.
Farah Mohamed recently completed a Bachelor of Health Sciences (B.HSc. Hons) at the University of Calgary, and is currently studying law at the University of Alberta. She has been involved in research in rehabilitation medicine, mental health, and direct-to-consumer genetic testing.
Title: Online direct to consumer advertising for genetic testing: An examination of credibility markers, consent and privacy provisions
Abstract: Rose Geransar and Farah Mohamed will present a study they conducted in conjunction with Farah Mohamed, B.HSc., of the Faculty of Law, University of Alberta.
Findings. Two strategies were most frequently used by companies to frame risk: underlining the basis of the condition, often with genetic determinist and essentialist undertones, and stressing the commonality of the conditions. Major credibility and trust markers employed were indications of organizational professional accreditation/ recognition and credentials of company executives and staff. The company websites provided limited, vague or misleading information about disease etiology and promoted tests for use in broader at-risk populations than is normally indicated in clinical practice. Available consent forms were varied in the elements of consent that they covered, and were available on only one third of the websites examined. Privacy policies were more widely available, but varied tremendously in both the scope and depth of their content. Implications of these trends for Canadian consumers and clinicians are discussed.
Companies engaging in online direct-to-consumer advertising (DTCA) for genetic testing are continuing to expand and specialize in the types of tests they offer, and are developing more sophisticated websites for communicating with consumers. Because of the long-distance nature of the communicative transactions involved in the provision of services, the communication and handling of issues pertaining to establishing trust and credibility, protecting consumer privacy and obtaining consent are of particular interest. This presentation will summarize the findings of two key studies using samples of companies engaged in internet direct-to-consumer (DTC) advertising for genetic testing. The studies pertain to: 1) the way in which genetic risk information is framed to consumers, including strategies to establish trust and credibility in this context, 2) the information content in the companies’ online privacy statements and consent forms.
Methods. Key words specific to genetic test DTC advertising were entered into popular internet search engines to arrive at the respective samples of companies. Representations of benefits and risks on company websites were coded and themes were developed across advertisements. Available consent forms and privacy policies were coded and analyzed for themes.
Brenda Wilson, M.B., Ch.,B., F.F.P.H., trained as a physician at the University of Edinburgh, and as a public health physician at the University of Newcastle-Upon-Tyne. She is an Associate Professor in Epidemiology & Community Medicine at the University of Ottawa, and conducts public health and health services research relating to genetics. Her research has spanned a range of issues, including genetics education and knowledge tools for non-genetics professionals, the impacts of genetic testing for late onset disorders, outcome measures for genetics health services, family communication and disclosure of genetic information, and the integration of ethical, legal and social issues into genetics technology assessment processes. Her most recent work investigates the empirical value of family health history in complex disease risk prediction, and lay and professional reactions to the (hypothetical) extension of genomic profiling into public health screening programs.
Title: Psychological impacts of pre-dispositional genetic testing: possible lessons for direct to consumer advertising
Abstract: There are a range of potential benefits from knowing one’s genetic predisposition for common disorders, most notably the possibility for improving health outcomes by reducing disease risk and detecting disease early enough for effective intervention. Achieving these outcomes often requires changes in health behaviour. This talk will focus on the current evidence of the effect of genetic testing for predisposition to common adult onset conditions on emotional state, personal risk perception, and health behaviour. It will examine the implications of these findings for DTC marketing of genetic tests, including the issue of offering tests without the requirement for preliminary genetic counselling.
_______________________________________________________________________
Session 2A
Liam Peyton, Ph.D., P.Eng., is a principal investigator for the Intelligent Data Warehouse Laboratory and Associate Professor at the University of Ottawa. He is a member of the Hospital Data Warehouse Association and an active research collaborator with The Ottawa Hospital around issues related to the collection, protection and dissemination of healthcare data for improving quality of care. He has degrees from Aalborg University (Ph.D. 1996), Stanford University (M.Sc. 1989), and McGill University (B.Sc. 1984).
Andrew Borthwick is Principal Scientist at Intelius, Inc., where he works primarily on information extraction (finding information about people from the web), person matching (is the “John Smith” on web page A the same as the “John Smith” on web page B?), and people search. Prior to Intelius, Dr. Borthwick worked for Spock Networks in these areas up until its acquisition by Intelius and founded a company, ChoiceMaker Technologies, which focused on person matching. Dr. Borthwick’s credentials in the field of person matching include two U.S. patents, multiple published papers and invited talks, and serving as the principal investigator of a series of Small Business Innovation Research Grants from the National Science Foundation. He was retained as an expert witness on person matching issues in two voting rights cases by the Brennan Center for Social Justice and by American Express in a major commercial case. Dr. Borthwick received his Ph.D. in Computer Science in 1999 from New York University.
Title: Data Linkage and Privacy at a People Search Engine
A great deal of public information is available about a large fraction of the population. Examples of such public information sources include the telephone white pages, real estate transactions, criminal convictions, records of civil suits, and information posted on the Internet. While all of this information is theoretically available to anyone, people search engines add value for consumer and business clients by linking this information together into a single profile for each individual.
Once this information is linked, it can be tremendously valuable. For instance, a woman can learn before going out on a date whether a man has a criminal background. A prospective employer can avoid unpleasant surprises before extending a job offer.
Achieving this linkage poses many technical and ethical challenges, however. This talk will first give a high level description of how Intelius is able to match this information using modern information extraction and machine learning technologies. We will then turn to some of the ethical and business challenges surrounding data linkage, including:
- Tolerance for error.
- Representing uncertain information
- “Privacy by obscurity” is now impossible
- Benefits of modern linkage technologies
- Privacy hazards of data linkage
- Steps that can be taken to mitigate privacy loss
Dr. Frederick R. Bieber serves as Medical Geneticist at Brigham and Women’s Hospital and as Associate Professor of Pathology at Harvard Medical School in Boston, MA. His work focuses on the forensic aspects of DNA-based human identification, leading to his involvement in hundreds of civil and criminal cases. He has participated in the publication of over 100 articles, chapters, and books in human genetics, pathology and forensic medicine. He has testified as an expert witness in state, federal, and military courts in the U.S. and abroad, providing pro bono service to Innocence Projects representing clients who were convicted before the modern era of DNA testing and now seek exoneration by testing old evidence. He has expertise in firearms and ballistics and firearms injuries and lectures on this subject to physicians and medical students in various courses at Harvard. Dr. Bieber serves on advisory boards of the Federal Bureau of Investigation, the Royal Canadian Mounted Police, and the United States Department of Defense.
Title: Privacy and Policy Considerations in Use of DNA Data Banks
Abstract: Dr. Bieber will present an overview of the rationale and utility of forensic DNA testing, with an introduction to the issues relevant to DNA profiling of convicted offender registries in the U.S., Canada and other countries. The presentation will highlight the most compelling contemporary policy considerations relating to genetic privacy, disposition of DNA samples and use of new electronic data searching algorithms. He will comment on the evolving and expanding categories for inclusion in offender registries.
Stanley Trepetin is the Chief Information Security Officer at the New York City Department of Health and Mental Hygiene (DOHMH). At DOHMH he sets organizational IT security strategy and policy. Stanley completed his PhD at MIT in Health Informatics in 2006. At MIT, he designed new ways to anonymously match data and quantify the benefit of implementing information privacy within health organizations. Prior to MIT he worked for IBM for 10 years where he provided large systems software support to Fortune 500 clients and was a software developer and project manager. He has a Master’s Degree from Duke University focusing on patent usage within biotechnology and an undergraduate degree from Cornell in computer science and mathematics.
Title: Anonymous fuzzy string comparisons in healthcare record linkage applications
Abstract: Medical privacy continues to be a key issue as policy research continues to show people’s demand for health organizations to protect patients’ personal data. Health organizations need personally identifiable data for unhampered decision making; yet, identifiable data are often the basis of information abuse if such data are improperly transmitted, stored, or disposed. This talk shows how health organizations may use de-identified data for some strategic organizational operations.
Mr. Trepetin will demonstrate a new idea for anonymous record linkage. For a variety of health applications there is a need to perform linkage among data set records to connect data about the same individual or event so that further analysis becomes possible. However, the privacy of the individuals in the records must also be better protected. He will show how linkage can be effectively performed based not on the actual data but on an anonymous form of the data, without diminishing the ability to link records whose identifiers are only “close” to each other, not equal, because of typical recording errors. Mr. Trepetin will show how to embed additional information from a record into the anonymization process to increase the security and error-handling during string comparisons.
Finally, Mr. Trepetin will discuss how the proposed technique was tested on a real record linkage platform, IBM’s QualityStage, with real person-level data. The matching results were essentially the same when compared to matching results using personally identifiable data.
____________________________________________________________________________
Session 2B
Philip AbdelMalik is currently an Epidemiologist and Senior GIS Analyst at the Public Health Agency of Canada’s Office of Public Health Practice.
Prior to joining the Agency, Philip was a research coordinator at the Clinical Genetics Research Program, at the University of Toronto / Centre of Addiction and Mental Health, where his work focused on the epidemiology and genetics of schizophrenia, particularly in relation to head trauma.
Since joining the Agency in early 2004, Philip’s primary research focus has been the use and promotion of Geomatics in epidemiology and public health, with particular emphasis on issues of location-privacy. Philip completed his M.H.Sc. in Community Health and Epidemiology at the University of Toronto, and is currently a Ph.D. candidate in Public Health Informatics at the Peninsula Postgraduate Health Institute in the UK.
Anita Fineberg, LL.B., CIPP/C is the President of Anita Fineberg & Associates Inc., a recently incorporated consulting company with a mandate to provide superior, cost-effective and practical privacy solutions for the private sector, government and other public sector entities. She is both a lawyer and a CIPP/C (Certified Information Privacy Professional/Canada). Anita has:
- Close to 20 years of experience providing advice on complex access to information and privacy issues with a specialization in health information privacy
- Expertise in the interpretation and application of all Canadian privacy legislation, including the Personal Information Protection and Electronic Documents Act (PIPEDA), provincial private and public sector laws and health information privacy legislation
- As Corporate Counsel & Chief Privacy Officer at IMS Health Canada and Latin America, successfully managed all internal compliance privacy matters and government advocacy initiatives
- Advised the Ontario Ministry of Health and Long-Term Care on government privacy compliance and the privacy implications of new legislation and technologies: the former Smart Systems for Health Agency, Smart Cards, Public Key Infrastructure and the development of health information privacy legislation
- Acted as Counsel to the Ontario Information and Privacy Commissioner
Anita is a frequent speaker and course leader at privacy conferences and workshops both domestically, in the U.S. and around the world. She holds a B.A. (Hons.) degree in psychology from Queen’s University and an LL.B. from the University of Toronto.
Title: Sharing Personal Health Information for Syndromic Surveillance: Lessons Learned in Ontario
Abstract: This presentation will initially describe the privacy issues that needed to be addressed in the development of a data sharing agreement between hospitals and a public health unit for the purposes of a Syndromic Surveillance project. While such an agreement is not legally required, the hospitals were reluctant to disclose personal health information in the absence of written assurances with respect to how the public health unit would subsequently use and manage the hospital data.
During the development of the agreement, it became clear that several misunderstandings and misperceptions exist within the healthcare community with respect to the sharing of personal health information for “public health purposes”. Questions were raised relating to the circumstances in which an agreement was needed, as well as the timing and scope of mandatory reporting requirements of personal health information. Healthcare professionals were also uncertain as to whom discretionary disclosures could be made for these purposes.
Changes were made to both Ontario’s public health and personal health information privacy legislation – respectively, the Health Protection and Promotion Act and the Personal Health Information Protection Act, 2004 – as a result of the report issued by Mr. Justice Campbell, the Commissioner investigating The Introduction and Spread of SARS in Ontario. These changes were made in order to facilitate necessary sharing of personal health information. However, the experience of drafting the Syndromic Surveillance agreement revealed that these changes have not been communicated effectively to those within the healthcare community who need to know.
Using the agreement prepared for the Syndromic Surveillance project as a baseline, the presentation will review the “lessons learned in Ontario” with respect to the spectrum of disclosures for “public health purposes” which may and must be made by health information custodians in the province.
Jay Mercer divides his time between family medicine in a fully automated office in Ottawa, as Medical Director of Practice Solutions Inc., the Canadian Medical Association’s group of technology companies, and as a Senior Physician Advisor to the CMA in the area of practice technology. Previously, he spent several years in a combined family medicine and emergency practice in Midland, Ontario. Jay speaks and writes frequently about practice automation for physician groups across Canada. Previously, he was the project leader for the CMA’s Physician Website and Patient Portal initiatives, as well as several other activities which integrate technology into patient care. Trained initially as a strategist, Dr. Mercer completed an MD degree in 1993, followed by training in Rural Family Medicine and Emergency Medicine. Prior to working with the CMA, Dr. Mercer’s was a consultant involved in assisting governments, large organizations and private companies with healthcare strategic planning and program development in the areas of information management, security and privacy.
Title: Real time privacy assessment in H1N1 reporting: Protecting privacy in an evolving clinical scenario
Abstract: In response to the H1N1 pandemic, a team composed of clinicians, industry, researchers, public health officials and a privacy specialist came together to carry out a project that would permit physicians with electronic medical records to report cases of influenza on a near real time basis, while protecting patient privacy. As the project progressed, the reporting requirements changed numerous times in response to developing understanding of the illness. Real time evaluation of privacy implications became a critical part of keeping the project on track. This presentation will describe the process that was used to develop the project, and also explain the role and importance of including a privacy specialist on the development team when the project is being conducted in a highly dynamic environment.
Khaled El Emam, PhD, is an Associate Professor at the University of Ottawa, Faculty of Medicine and the School of Information Technology and Engineering. He is a Canada Research Chair in Electronic Health Information at the University of Ottawa. Previously Khaled was a Senior Research Officer at the National Research Council of Canada, and prior to that he was head of the Quantitative Methods Group at the Fraunhofer Institute in Kaiserslautern, Germany. In 2003 and 2004, he was ranked as the top systems and software engineering scholar worldwide by the Journal of Systems and Software based on his research on measurement and quality evaluation and improvement, and ranked second in 2002 and 2005. He holds a Ph.D. from the Department of Electrical and Electronics, King’s College, at the University of London (UK). His lab’s web site is: http://www.ehealthinformation.ca/.
Title: Can patients be re-identified from emergency department data?
____________________________________________________________________________
Session 2C
Michael Power is a Toronto-based legal advisor/consultant on privacy and information risk management, serving both public and private sector clients. He previously served as Vice-President, Privacy and Security, at eHealth Ontario. Prior to that, Michael was a partner at Gowling Lafleur Henderson LLP (Gowlings), advising on privacy and other information risk issues, where he also acted as Chief Privacy Officer.
Mr. Power writes and speaks extensively on privacy and information security issues and is the author of the Access and Privacy Title of Halsbury’s Laws of Canada, co-author of the American Bar Association best-seller Sailing in Dangerous Waters: A Director’s Guide to Data Governance. He is a member of the Nova Scotia Barristers Society and the Law Society of Upper Canada; is active in the Cyberspace Committee of the ABA’s Business Law Section and is a member of the senior advisory board of the IEEE magazine, Security & Privacy. Michael Power received his LLB and MBA degrees from Dalhousie University.
Peter McLaughlin is senior counsel with Foley & Lardner LLP and a member of the firm’s Privacy, Security & Information Management Practice. His experience as a corporate lawyer and business advisor includes international, health & financial privacy compliance, as well as data security and IT transactions. Prior to joining Foley, Mr. McLaughlin was in-house counsel for over eight years, including two years as Assistant General Counsel (Privacy and Security) and the first global privacy leader for Cardinal Health, Inc., a Fortune 20 company. Mr. McLaughlin received his J.D. from Georgetown Law Center and his bachelor’s degree from Columbia University.
Title: US Data Security Requirements in EHRs
Abstract: Identity theft and fraud have been increasing in the US. The health sector must confront a two-fold challenge of reducing the financial impact as well as protecting the integrity of patient health records. In the US, recent legislation and rules specify the administrative, technical and physical requirements to protect the security and integrity of patient health and financial records. US attorney Peter McLaughlin, former Assistant General Counsel – Privacy and Security, for Cardinal Health, Inc., will discuss current technical and compliance requirements applicable to providers of electronic health records.
Mike Gurski is the Director of the Bell Privacy Centre of Excellence and the Privacy Strategist for Bell Information & Communications Technology Solutions. In his responsibilities at the Centre he leads a comprehensive privacy professional services arm for enterprise customers. Mike also heads a research arm focused on developing privacy technologies in areas that include: wireless health care environments, identity theft solutions, and Internet censorship circumvention software. As well Mike is a founding member of the ‘The Privacy Network (www.theprivacynetwork.org): a knowledge exchange network that links various privacy communities in Canada.
Mike is also on the Board of Directors for the International Security Trust and Privacy Alliance which is developing a privacy framework to assist organizations in implementing privacy from a systems and technology perspective. Prior to joining BSSI Mike chaired the international Privacy Enhancing Technology Testing and Evaluation Project, to develop privacy technology evaluation standards and was the founding Chair of the Wroclaw Foundation: an international data protection commissioners’ vehicle to facilitate international privacy technology standards. He also served as the Senior Technology Advisor to Ontario’s Office of the Information and Privacy Commissioner for five years. Currently, he is on the Board of the Privacy Enhancing Technology (PET) Research Workshop; an international research symposium, and chairs both the international PETs Executive Briefing and the University of Waterloo’s annual Centre for Applied Cryptographic Research, Privacy and Security Conference (www.cacr.math.uwaterloo.ca).
Mike has written published articles on e-mail encryption, misconceptions of privacy and security, wireless, and P3P (Platform for Privacy Preferences), a privacy specification for the Web: this latter work while a member of W3C team developing P3P. As well he has written papers on Privacy Design Principles and Privacy Impact Assessments for Integrated Justice Technology Systems. This was done in partnership with the United States Justice Department’s Office of Justice Programs.
Mike is a frequent speaker on privacy issues and a guest lecturer at number of MBA schools and universities in Canada and abroad. Mike holds degrees from the University of Waterloo’s School of Architecture and the Faculty of Arts, St. Jerome’s University.
In his spare time Mike pursues research on megalithic architecture and organizes bike trips in Europe.
Title: The Economics of Privacy in Health Care
Abstract: Based on a Whitepaper, now published by the IEEE and a Think Tank for MOHLTC this session will explore a way to invest strategically in privacy in health care environments. Thus, cost reductions can accrue at the same time as the efficacy of privacy management can grow. Examples of organizations who have begun to adopt components of this privacy investment framework will be cited. The costs of not following this model will also be discussed. At the end privacy professionals should have a privacy story that any senior executive wants to know and can endorse.
___________________________________________________________________________
