Article written by Samah Jaber, FAIR Office Austria
On Wednesday 23 March 2022, more than 45 participants, many of them researchers from the health domain, took the opportunity to learn about managing sensitive data.
In the two-hour webinar, speakers from SBA Research, FAIR Office Austria and TU WIEN introduced tools that can be used for data anonymization, privacy-preserving processing, generation of synthetic data, etc. Furthermore, the participants learnt about the WellFort platform that integrates these tools and provides novel means for consent management. The webinar welcomed participants from different research fields.
Topics that were covered
Sensitive data and the FAIR principles
Tomasz Miksa started the webinar by providing an overview of the FAIR principles. The key message of the webinar was that the sensitivity of data is not a showstopper to apply the FAIR principles. The main focus was on the principle “Accessible: A1.2”, where clear access conditions should be specified and made understandable for machines.
Sensitive data analysis
Rudolf Mayer presented general threats of privacy as well as privacy-preserving data analysis methods and how they can be used in practice. He also showed anonymization techniques for privacy preserving data publishing & computation.
Tanja Šarčević gave a live demo of the tool ARX Anonymization Toolkit. She went into detail for the generation/modeling/evaluation and privacy risks for synthetic data and demonstrated a Trusted Research Environment – DataSHIELD. She showed in another demo a project on Opal data storage and how to access it through DataSHIELD functions under R environment.
Legal aspects in data sharing
Gerald Sendera explained the GDPR applications for sensitive data, synthetic data, pseudonymization and anonymization, as well as GDPR privileges for scientific research. He also pointed out the data sharing and access limitations outside the European Union.
Consent Management for personal data processing
Fajar Juang Ekaputra explained how data privacy vocabulary and W3C standardization represent user consent, then he presented OWL2 reasoning & SHACL constraint mechanisms to check compliance of data handling against consent.
Laura Waltersdorfer addressed what can be achieved by data audit and introduced an audit analysis process in a privacy-preserving manner.
Andreas Ekelhart concluded the webinar by presenting an overview of the WellFort project – a recently finished FFG-BRIDGE project that aimed at creating a trusted-platform (a Proof of concept was implemented for this platform) for auditable, privacy-preserving data analysis which provides secure storage for users’ sensitive data. It furthermore aimed at combining data from different companies for analysis while respecting user privacy and consent. Most of the concepts presented in the webinar were included in this project.
Discussion with participants and future research work
There were plenary questions from the audience around DataSHIELD and whether it can be considered as an example of FAIR for sensitive data. DataSHIELD doesn’t have this functionality at the moment as it does not provide any discovery methods or provide metadata about data in the repository, but this might be extended and adapted in the future.
Materials for download
For further reading, and for all those who were not able to attend the webinar, the video recording of the event and the presentation slides are available for download:
• Presentations and video recording
• Recording available on Youtube