Michigan genomic research lab protects data with de-identifier, multilayer platform

A researcher at University of Michigan explains how his labs and provider organizations keep massive amounts of patient genomic data secure.
By Bill Siwicki
10:18 AM
Share
genomic security

Thomas Kubisiak, MD, is a researcher at the Molecular and Behavioral Neuroscience Institute at the University of Michigan.

The ability to share massive amounts of anonymized human genomic data between accredited hospitals and medical centers is a tremendously important advancement in medicine. However, this genetic treasure trove unleashes a slew of concerns, including the potential for bad actors to hack databases.

Thomas Kubisiak, MD, is a researcher at the Molecular and Behavioral Neuroscience Institute at the University of Michigan, which works with the university’s hospitals and health centers. The institute is working to find genes involved in neurological and psychiatric diseases as well as behavior in general single-gene defects, human behavior and multiple genetic risk factors.

[Also: Is precision medicine a matter of national security?]

Kubisiak and his team discovered an association between a new gene that was not related to a specific disorder they were working on. Since then, they’ve had a number of additional successes and are working on publications describing these cases.

In their work, they have a lot of data, and keeping that data secure is a big part of what they have to do.

Patient samples are sent to the internal university server system in the form of raw sequence data, or FASTQ, after being sequenced; this data is uploaded directly to a technology platform from vendor Genoox for analysis, Kubisiak explained.

Internal data sharing is for sharing insights that may help with other cases. Sharing data with external stakeholders is not straightforward as there is no standard for what can be shared and what can’t. Today, Kubisiak and his team members share results with patients and their doctors.

"Genomic data, like other medical records, contains huge amounts of critical personal information that can be misused by unauthorized people in a variety of ways," he explained. "Our main concern is to comply with the strict protocols and guidelines assuring data privacy, security and integrity. Thus, dealing with genomic data, we are required to follow rigid guidelines that are HIPAA-compliant."

These guidelines have been established and are rigorously followed and enforced so that any and all patient’s genomic data is de-identified, firewalled and encrypted, he added.

"We are required to seclude any patient markers from genetic data and any data shared with outside collaborators are already de-identified, but, nonetheless, security is always and will always continue to be an utmost concern," he said.

The Genoox platform helps the team apply standards for both security policies and sharing data across the community, which has the benefit of increasing cooperation between organizations, he added. Further, the platform helps the team connect with public data and correlate it with the team’s patients' private data to increase insights.

"The platform is able to comply with our strict security requirements and applies a variety of security procedures and audits to ensure data privacy and protection accordingly, thus increasing our confidence in the platform," Kubisiak said.

Twitter: @SiwickiHealthIT
Email the writer: bill.siwicki@himssmedia.com