Legal obstacles jeopardise research in personalised medicine – experiences from a Nordic collaboration within rheumatology

Aims: Personalised medicine in chronic complex diseases such as rheumatoid arthritis (RA) is within reach but requires international multi-stakeholder collaboration. We exemplify how national implementations of the General Data Protection Regulation (GDPR) have introduced administrative delays and c...

Full description

Saved in:
Bibliographic Details
Published in:Scandinavian journal of public health 2024-12, Vol.52 (8), p.1019-1025
Main Authors: Glintborg, Bente, Hansson, Mats, Hammer, Hilde Berner, Klareskog, Lars, Saevarsdottir, Saedis, Westerlind, Helga, Rönnelid, Johan, Gehring, Isabel, Benson, Mikael, Esbensen, Bente Appel, Hetland, Merete Lund, Padyukov, Leonid, Kragstrup, Tue Wenzel, Hauge, Ellen-Margrethe, AxnÄs, Barbara Bislawska, Krogh, Niels Steen, Johannesson, Martina, Askling, Johan
Format: Article
Language:English
Subjects:
Arthritis, Rheumatoid
Biomedical Research
Computer Security - legislation & jurisprudence
Denmark
Humans
Information Dissemination
International Cooperation
Norway
Precision Medicine
Registries
Rheumatology
Sweden
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Aims: Personalised medicine in chronic complex diseases such as rheumatoid arthritis (RA) is within reach but requires international multi-stakeholder collaboration. We exemplify how national implementations of the General Data Protection Regulation (GDPR) have introduced administrative delays and created disincentives for data sharing and collaborative research. Methods: Our Danish/Swedish/Norwegian research collaboration (the 3-year NordForsk-funded “NORA” project) aims to develop a personalised medicine approach for the management of RA, built on the exploitation of unique existing data sources: longitudinal data from clinical rheumatology registries, research cohorts, nationwide health care registries, and biobank material from >20 sample collections. Data and results are shared and accessed remotely by collaborators at secure servers. New biomarker assays and patient-centric implementations of the results are to be explored, validated, and disseminated to patients and health care via the development of digital tools. Results: Following the advice of legal experts at the involved academic or public institutions and private companies, GDPR compliance resulted in >20 legal documents to govern the collaboration (consortium-, joint controller-, research collaboration-, data sharing-, and a series of unique two-way data processing-, and material transfer agreements). Lack of agreed-upon templates, policies, procedures, and a shortage of legal resources have caused considerable delays. Thus, our research consortium has spent more time ensuring GDPR compliance than on actual research activities. Conclusions: The current interpretation and implementation of the legal premises (rather than the GDPR per se) for research collaborations caused unnecessary barriers and delays. Our experiences call for Nordic trust-based code-of-conduct-like framework agreements, and for harmonisation of procedures and templates, lest the Nordic advantage in research be lost.
ISSN:1403-4948
1651-1905
DOI:10.1177/14034948231212711