The document discusses perspectives on handling 'sensitive' data within the eosc-hub, supported by the EU's Horizon 2020 funding. Key recommendations include adopting the FAIR principles for data management, implementing a '5 safes' approach for ethical data sharing, and building the necessary governance framework to support safe data practices. It highlights the importance of collaboration among various stakeholders to ensure that sensitive data is shared ethically and responsibly.

1. eosc-hub.eu
@EOSC_eu
EOSC-hub receives funding from the European Union’s Horizon 2020 research and innovation programme under grant agreement No. 777536.
Perspectives on “sensitive” data
Dr Rob Baxter, EPCC, the University of Edinburgh
Dissemination level: Public

2. 2
0. *Title of your talk.*
1. A 1–2 sentence short self-intro so I can introduce you
to the audience.
2. Let me know if there are any topics (in order of
priority, since time is limited) that you would like the
panel to discuss.
3. Share one piece of advice or nugget of wisdom that
the audience can take home with them.
4. Come up with one question for another panelist. Your
question will be anonymous :)
16/04/2019

3. 3
Working group on data sharing policy
- Rob Baxter (EPCC)
- Yin Chen, Yannick Legre (EGI.eu)
- Ilona von Stein, Frans Huigen (DANS)
- Susheel Varma (EMBL-EBI)
- Serena Battaglia, Christian Ohmann (ECRIN)
- Michaela Th. Mayrhofer (BBMRI)
Jan 2019: R. Baxter et al, EOSC-hub D2.8:
- First data policy recommendations
Building on:
- S. Battaglia et al, EOSCpilot D3.3: Draft Policy Recommendations
- S. Hodson, S. Jones et al, European Commission Expert Group on FAIR
Data, Turning FAIR into reality
16/04/2019
Background: EOSC-hub WP2.4

4. 4
Adopt 11 EOSCpilot recommendations…
- (a lot of good work already done; don’t reinvent the wheel!)
…as 22 practical suggestions for data sharing…
- (what steps can EOSC-hub service providers start taking?)
…best summarised as…
1. implement FAIR
2. build technical expertise in safe data and safe settings
3. support development of wider ethical and info gov
frameworks
16/04/2019
D2.8 TL;DR

5. 5
Take a “Web first” approach
Aim for good 3-star data *
- open, non-proprietary, machine-readable formats
Adopt resolvable persistent identifiers (PIDs)
- PIDs point to landing pages (emerging good practice†)
Standardise “findability” metadata
- OpenAIRE & DataCite guidelines, plus a DataTag
- embedded in landing pages using schema.org
Share open data using CC 4.0
* cf. 5stardata.info
† cf. www.freya-project.eu
16/04/2019
1. Implement FAIR

6. 6
FAIR ≠ Open, and not all data are open
- EOSC-hub (and Europe) have an opportunity to lead the
world in making sensitive data safely and ethically
available for research
Adopt the “5 safes” approach to data sharing:
- safe data, safe settings, safe people, safe projects, safe
outputs
EOSC-hub should build expertise in “safe settings”
- don’t send data to users, enable users to come to data
- develop Safe Haven services (later)
16/04/2019
2. Safe data and safe settings

7. 7
EOSC-hub should support wider information governance
needed for 5 safes
- safe settings (services) & safe data (tags etc.) are not
sufficient
- safe people, safe projects, safe outputs need governance
Engage in development of ethical oversight function
- EOSCpilot’s suggested Ethics and Legal Advisory Board
- part of “EOSC governance”?
Engagement with European Data Protection Board?
- should EOSC-hub propose a (“GDPR”) Code of Conduct?
16/04/2019
3. Ethics & info gov

8. 816/04/2019
A safe setting: the Scottish NDSH
Analytics
Zone
Network DMZ
Identifiable
Zone
De-identified
Zone
Loader Unmodified
DICOM
DICOM file
anonymiser
& server
Metadata
whitelister
Identifiable
metadata
De-identified
searchable metadata
Cohort
creation
Extractor
De-identified
image cohort
Researcher
virtual
desktop
PACS
ingest
Data
gateway
Virtual
desktop
gateway
Data landing
zone
Study-specific
data cohort
Linker
Researcher
Info Gov Team
National PACS
Firewall Study
workspace

9. 916/04/2019
Scottish NDSH info gov
De-Id
svcs
Information
Governance
Data
Owner
2
Data
Owner
1
Data
Owner
3
NHS & other
data owners
EPCC hosted
service
National Registers
of Scotland
NHS eDRIS research
coordination team
Researcher
De-Id
svcs
De-Id
svcs
no data transfer
de-identified data
identifiable data
coordination interactions
NDSH

10. 1016/04/2019
EOSC-hub Safe Haven info gov?
De-Id
svcs
Information
Governance
Data
Owner
2
Data
Owner
1
Data
Owner
3
Researcher
De-Id
svcs
De-Id
svcs
no data transfer
de-identified data
identifiable data
coordination interactions
Safe
Haven
EOSC-hub services EOSC-hub serviceEOSC Governance? EOSC Governance?

11. 11
Safe settings are well developed in social science
- and becoming joined up
§ e.g. International Data Access Network, https://idan.network
In life sciences?
- some regional/national safe haven services exist
- does the model make sense (as a pattern for expansion)?
- what about the suggestion: stop share-by-copy?
- do we have the e-Infra in place?
- how do we go about international info gov?
- Codes of Conduct? Ethics and Legal Advisory Board?
16/04/2019
Final thoughts & questions

12. eosc-hub.eu @EOSC_eu
Thank you
for your attention!
Questions?