40 ideas posted
Track data provenance and permissions, including IRB approvals and patient consent and be able to support different levels of permissions rather than insisting on uniform consent
Submitted by Community Member 4 months ago
Submitted by Lily Bradley 17 days ago
I'm in favor of everything here except IRB consent. Having such a component makes the cloud provider responsible for data they did not generate.
I'm of two minds on this one (although I voted for it). On one hand, tracking consent for the samples hosted in the cloud would allow more data to be hosted there. On the other hand, this could quickly get complex if samples have a myriad of different consent models - and delegating the enforcement to the cloud provider, as a previous commenter noted, could be problematic.
I think a reasonable compromise is to limit the data to a handful of consent models. Something like (although I recognize these are probably too vague):
* Total open (Portable Legal Consent-like)
* Free for academic/non-profit research use
* Available for commercial research
And lastly, we'd need to figure out how to give access to data. Would it be a dbGaP-style model to request access, with the attendant overhead? Or would it be a more honor system-like one where there is a license to read and approved?
Copyright © 2013
| RFI and Privacy Policies