By Julie Nixon
I have blogged previously about issues surrounding genetic privacy and ownership of tissue, so it was interesting to see last month that a Canadian court ruled that biopsied human tissue is the private property of the institution that holds it, not the person it came from. There is of course a huge need for researchers to have access to patient records and tissue samples to find more effective methods of treatment, but data protection regulations have been broken in the past few months, and patient anonymity needs to be assured.
Not my biopsy then?
The Canadian ruling centered on a small block of liver tissue taken from a woman named Snezana Piljak in a biopsy at a Toronto Hospital in 2009. Ms. Piljak was diagnosed with colorectal cancer that year and died in 2011. Ms. Piljak’s estate sued doctors who had performed a colonoscopy on her in for negligence. As part of that suit the doctors petitioned the court for the right to examine the liver biopsy taken in 2009. The doctors needed the court to rule the biopsy counted as “personal property” of the hospital before they could get access to the sample.
In the end the judge ruled that “Ms. Piljak’s excised tissue is … owned by Sunnybrook hospital, whose pathology department performed the diagnostic tests and in whose archives the tissue is kept”. However the doctors were not allowed to test the biopsy.
Although a Canadian ruling, this largely follows a trend seen in American courts which have generally held that patients give up rights to their tissue once it has been excised. Perhaps a UK court will at some point have to make a ruling now that personal medical data and cell lines are becoming valuable commodities. But even where a court rules that an institute owns human samples, it will not necessary mean the institute will have free rein to do as they please where there are privacy issues at stake.
Google my medical records?
The digitization of patient records provides the health industry incentive to compile and exchange information in the form of “Big Data”. The pharmaceutical industry in particular is keen to have access to patient genetic and medical-record data in this era of personalised medicine. However the danger of how this personal data can be mishandled was highlighted back in March when management consultants acquired the hospital admission and treatment records of every NHS patient in England and Wales and uploaded it to Google servers based outside the UK. Although the data was not publically available online, patient groups have questioned what safeguards are in place to protect privacy and have called for full disclosure of which organisations have acquired medical records to date.
Monetising your medical data
NHS England announced in February it was going to delay its Care.data scheme linking GP records and hospital data, amid criticism of how it has run the public information campaign about the project. The proposed data base will contain a person's NHS number, date of birth, postcode, ethnicity and gender. Researchers, insurers and drug companies will be able to apply to the new Health and Social Care Information Centre (HSCIC) to gain paid access to the database, but campaigners are concerned that not enough personal identifiers have been removed to make the information completely anonymous.
With the potential to harness medical and genetic data for improving health and providing a revenue stream, Israeli startup DNA.Bits has announced plans to store genetic and medical record data using block chain technology similar to that which underpins the bitcoin network. The company plans to make medical data accessible to the researchers who need it, while preserving privacy and individual anonymity.
I can see the benefit of schemes such as Care.data, improved quality in patient care can benefit from the statistics the scheme was intended to provide. And using anonymised patient data as a revenue generator could help our beleaguered NHS if revenues are used correctly. But as I have written before, the public should be able to trust those bodies that hold their medical data/ tissue samples. UK data protection laws are all about transparency and health organisations need to act responsibly.