For drug manufacturers and medical device designers, the GDPR is only one of dozens of legal frameworks to navigate if they hope to offer their products on the international market. Throughout the design and development process and beyond, there are clinical trial guidelines, medical devices regulations and more than just the GDPR to worry about when it comes to medical and other personal data. The HIPPA regime in the US dates to 1996, preceding the old EU data privacy directive, as well as the GPDR; there is nothing new about the regulatory burden on the life sciences sector.
What is new is the level of scrutiny around the quality of data being employed in the clinical and device trial process. This is often accompanied by calls for greater disaggregation of datasets to ensure that women and minority groups are properly represented both in the trial process and in the analysis of the data trials generate. However, the more broken down a data set is, the harder it is to ensure it is properly anonymised or pseudonymised because individuals featuring in a data set that provides details on gender and ethnicity will inevitably be more easily identifiable. This means better clinical outcomes can be seen as incompatible with good data privacy practices.
Deadly data
Caroline Criado-Perez's recent best-selling book, Invisible Women, highlights the very real danger of treating male and female data as interchangeable for clinical research purposes. One of numerous examples she provides relates to trials in 2014, of a cardiac resynchronisation therapy device (a device that corrects a delay in the heart's electrical signals, shocking it out of irregular rhythms and reducing the risk of heart failure).
In each trial the number of women included made up around 20% and disaggregating the data on the basis of sex would have revealed no statistically significant differences in outcome. It was found that overall, for patients whose hearts took more than 150 milliseconds to complete an electrical wave, the implantation of the device significantly increased the likelihood of early detection of heart failure.
However, when multiple studies were combined it was revealed that it took the women's hearts slightly less time on average (130 as opposed to 150 milliseconds) to complete a full electrical wave. Because the results were based largely on male outcomes, a significant number of women, who would have benefited from the device had the threshold been set lower based on their sex, were denied a potentially life-saving intervention.
Sex is not the only factor that can alter clinical outcomes when controlled for; different ethnic groups can also respond differently to treatments and devices. While there are significant litigation risks arising under the GDPR, the risk of clinical negligence claims stemming from a failure to analyse disaggregated data should not be disregarded.
There is a general push in favour of greater data transparency, particularly in the EU. Clinical Trial Regulation 536/2014, which came into effect in 2019 and will apply from mid-2020, creates an EU portal for publishing data once a Marketing Authorisation Application is submitted (even if the application is ultimately refused). However, ensuring that identifying data is fully cleansed prior to publication may be difficult, particularly in relation to small data sets.
So how to balance these conflicting pressures?
Since data needs to be disaggregated to ensure fair clinical outcomes, data controllers need to find better ways of meeting the enhanced requirements of the GDPR for sensitive medical data, while ensuring that there is no compromise to the proper analysis of data.
Unfortunately there are no simple solutions to these conflicting priorities but the application of the core GDPR principles of privacy by design and default is the best place to start. At the design stage of every trial process, sponsors will need to consider each aspect from a privacy perspective, including:
- The process they use to obtain patient consent to data processing (separate from consent to participate in a trial).
- When to carry out Data Protection Impact Assessments and at what level of detail.
- Whether there are procedures in place for data de-identification (removal of data which can identify individuals but lacking clinical values such as patient identifiers, free text entries or referral and other dates).
- Whether there is a separate anonymisation process to eliminate all links between de-identified data and the original datasets from which it was drawn.
When determining what data to collect and what to exclude, it is important to remember that even indirect identifiers such as a date of birth or height and weight data can, when combined in small enough datasets, lead to patient identification, so the size of the trial or study will be an important factor in determining the best course of action.
Representation as a solution?
Of course one way to avoid the inadvertent processing of data that is insufficiently anonymised because of sex-based disaggregation is to ensure greater representation for women in clinical trials in the first place. The inherent risk in disaggregating the data of 100 people on the basis of sex is obviously much lower if the people include 50 women rather than 5. In some jurisdictions, clinical testing regulations restrict testing of certain products and drugs on women of childbearing age and it is often harder to recruit women for clinical trials.
In the absence of rapid change in female representation in drug and medical device testing, proper analysis of the data that is gathered and the differences based on sex will be the next best thing. While there may be a temptation to resist such improvements under the pretext of GDPR requirements, proper trial planning should mean that the aims of better data and fairer data processing are far from incompatible.