Big Data, Big Responsibility! Building best-practice privacy strategies into a large-scale neuroinformatics platform IJPDS (2017) Issue 1, Vol 1:343 Proceedings of the IPDLN Conference (August 2016)

Main Article Content

Christina Popovich
Francis Jeanson
Brendan Behan
Shannon Lefaivre
Published online: Apr 19, 2017


The Ontario Brain Institute (OBI) has begun to catalyze scientific discovery in the field of neuroscience through its’ large-scale informatics platform, known as Brain-CODE (Centre for Ontario Data Exploration). Brain-CODE manages the acquisition, storage, processing, and analytics of multidimensional data collected from patients with a variety of brain disorders. Our vision is for the platform to act as an informatics catalyst; encouraging multidisciplinary research collaboration, data integration, and innovation in neuroscience research. Brain-CODE’s infrastructure was designed with best-practice privacy strategies built at the forefront to enable secure data capture of sensitive patient information in a manner that abides by government legislation while fostering data sharing and linking opportunities.

Privacy and security features have been incorporated into the very foundation of Brain-CODE’s comprehensive guidelines, which are reinforced by our state-of-the-art approaches to keep patient data safe. To ensure clarity for study participants, we have developed standard consent language outlining how sensitive patient data will be collected, entered, de-identified, and shared using Brain-CODE. Moreover, our tiered approach to data accessibility enables the storage of encrypted Ontario Health Card Numbers as well as other patient information, secure long-term storage of de-identified data, and data sharing opportunities by request from third parties following risk-based analysis re-identification techniques. OBI has also established a comprehensive Information Security Policy and Informatics Governance Policies, as well as a carried out a Privacy Impact Assessment and Threat Risk Assessment for Brain-CODE.

Brain-CODE is proudly named a "Privacy by Design" Ambassador by the Office of the Information and Privacy Commissioner of Ontario, Canada. Moreover, approximately 200 neuroscience researchers and 35 institutions from across Canada have adopted our standard consent language to enable secure data sharing within and across neurological disorders as well as linkage opportunities with national and international databases in a secure environment.

OBI’s rigorous approach to data sharing in the field of neuroscience maintains the accessibility of research data for big discoveries without compromising patient privacy and security. We believe that Brain-CODE is a powerful and advantageous tool; moving neuroscience research from independent silos to an integrative system approach for improving patient health. OBI’s vision for improved brain health for patients living with neurological disorders paired with Brain-CODE’s best-practice strategies in privacy protection of patient data offer a novel and innovative approach to “big data” initiatives aimed towards improving public health and society world-wide.


The UK MS Register is a large scale observational research platform, capturing data from patients, NHS and carries out linkage with routine data from the SAIL databank.

We have 14,000 People with MS (PwMS) submitting Patient Reported Outcome Measures (PRoMS) quarterly and over 3000 patients consenting at NHS Sites around the UK

A differentiating factor between Register and previous attempts to capture PRoMS and clinical data was the goal that it be paperless. One area, where paper had to be used, was obtaining informed consent. Clinical participants are consented using a triplicate consent form, one copy for the patient, one for medical notes and one for the Register

It's desirable for patients to be able to electronically consent, providing the following benefits:

  • Tablet computers already in use to collect PRoMS

  • Printing costs

  • Participant expectations

  • Improved content and user experience: improved feedback, of multimedia elements about informed consent

  • Increased familiarity with tablets


Changing consent methodology is complex, all documentation, processes and changes are reviewed by the ethics committee. A privacy protecting, secure software package (iConsent) was developed by modifying an existing package from Welsh Cancer Bank.

The software is server based, running on a Secured MS SQLServer 2014 and developed in .net to iOS/Android tablets

The practitioner taking consent explains the process, participants then see the approved documentation and materials. Finally they fill in their email address and name, and are presented with the consent form, the participant uses a stylus to sign. The practitioner then countersigns.

Once completed a digitally signed, secure pdf is generated on the server. Links are sent by email to the participant, the Register and unit administrator. The pdf is functionally identical to the paper.


The South West Central Bristol ethics committee approved the software following guidance on security and documentation design. Staff were trained in system usage.

A number of patients were successfully e-consented, Of note was a potential issue with some patients and how MS impacts their ability to sign without resting a hand on the screen.


Patients who have been e-consented have expressed satisfaction in the ease of use and security of the software. Patients being unable to rest their hands on the screen is being examined. Newer tablets can ignore inputs other than the stylus.

The MS Register intends to use the software in additional centres to capture patient consent.

Article Details

Most read articles by the same author(s)