The focus groups were designed to elicit participants’ views on a number of issues that can arise in the conduct of GWAS, including when re-consent and the return of individual research findings may be appropriate. This report focuses on our results with regard to wide data sharing; other findings are being prepared for publication. Summary findings are presented in . All quoted text in this section represents participants’ words.
Overall, participants endorsed the value of data sharing and, while they recognized some risks, most considered the potential benefit of high-throughput genomic research to outweigh the possible harms. As one participant put it, “At the same time as I can see some tremendous assets to having [dbGaP], because you can really do something powerful, I think there’s always risk. In this case, I tend to think, well, with that potential of where we are in terms of understanding the genome, maybe that’s a benefit and maybe, if it’s securely regulated and actually looked after, maybe that’s a risk worth taking.”
Acceptability of Wide Data Sharing and Willingness To Participate
Most participants saw the pooling of research resources as a reasonable approach to enhancing efficiency, avoiding duplication of effort, hastening the development of outcomes that would benefit public health, and creating a reference of “historical value” for future generations. Participants told us, “I think there does have to be an open exchange of information in order for some of these really significant things to happen for people’s benefit,” “I think some very interesting things may turn up because of that. That vast amount of information has got to have some really positive effects for everybody,” and “I think the whole thing’s just a marvelous idea.” One participant remarked, “To me, the more information researchers have, the better, as long as you [can protect against discrimination]. I mean, that’s what research is, and you’re crippling it by not allowing them to share. And they can’t make advances, you know, if they can’t – I mean, they can advance quicker [if they share], I would think. I would hope.” Participants believed that the value of such resources lies in (1) the completeness and accuracy of the data and (2) its accessibility to many different researchers investigating many different questions.
We asked participants whether knowing that study data would be deposited in dbGaP would affect their willingness to participate in a genetic study. Most did not see data sharing as a reason not to participate, and some said that it would encourage them to sign up. As one person commented, “It would be another reason to do it.” Some told us that they would be gratified to know that their contribution would continue to be useful: “It’s rewarding to know that I didn’t just dabble a bit, got in the one study, but … roses keep on growing.” Others saw a practical benefit to participating in a study that would maximize the utility of their contributions. The longitudinal and ever-growing nature of dbGaP was also viewed favorably by most participants. This was especially so in Groups A and E, in which older participants spoke of the continued use of their research data as a “legacy, living on in the lab,” and a way to contribute to society even after death. Another participant said, “It makes me a little less mortal. Not immortal, but a little less mortal.”
There was general agreement among surrogate decision-makers (Group B) that the ACT Study participants they represented would have had no problem with having their study data sent to dbGaP. “I’m the power of attorney for a family friend who is in the late states of dementia, and she actually volunteered for this study, recognizing that her father had dementia, she wanted to participate and, you know, have her body donated in any and all research to gain more information. So I think she would have been very supportive of this.” Another said, “I know my mother would say fine. She definitely would have gone for it.” In another exchange, one participant said, “My aunt would have helped,” and another responded, “My mother-in-law too.” Surrogates were able to separate their own views and preferences from those of their charge: while some Group B participants said that while they personally may have misgivings about GWAS participation, these concerns were not shared by the ACT Study participants they knew. As described below, the surrogate decision-makers’ perceptions of ACT enrollees’ views were consistent with what we heard directly from ACT Study participants (Group A).
A minority of focus group participants considered having research data deposited in dbGaP as a reason not to take part in GWAS. These individuals saw research involving data sharing as a qualitatively different, and riskier, activity compared with other kinds of studies. One participant remarked, “It’s a leap of faith to go from a bunch of researchers to a Federal database, and it’s not one – if I knew, I would never have signed up for that [hypothetical] study if I thought even any of that information was going to go off …”
Who Should Have Access to Data
ACT Study participants (Group A) were largely in favor of data-sharing with researchers outside of Group Health in the name of efficiency. The surrogate decision-makers in Group B, most of whom were not Group Health members, were more cautious about the potential sharing of their own data, and they expected to be informed if their loved one’s information were to be widely shared. The youngest group we spoke with, Group C, expressed a range of opinions, from no concern about data sharing to requiring detailed information as part of the informed consent process (and the possibility that data sharing would be a reason not to participate in research). In Group D, there was some disagreement about whether any sharing not specifically described in the consent form was acceptable, even within Group Health. Participants in Group E generally felt that data sharing was a good thing and noted that even international sharing should be encouraged, both because “the same diseases affect us here in this country that affect people around the world” and because of an expectation of reciprocity: “If everybody keeps secrets … They may know something that will save my great-grandkids, and if I don’t share mine, why should they share theirs? So it’s in everybody’s interest to have as much information [as possible] out there in the pool.”
Participants generally agreed that sharing with other Group Health investigators and close collaborators (such as those at local academic institutions) would be acceptable, as would sharing with non-profit, public-interest research organizations (e.g., the American Cancer Society). Such organizations were viewed as “more legitimate,” because participants believed that these kinds of institutions conduct “pure science” aimed at benefiting the general public and advancing knowledge, rather than generating financial returns. (Some participants identified exceptions to this rule, e.g., corporately funded non-profit organizations, such as research institutes funded by the tobacco industry, whose financial interests could be advanced or impeded by certain research results.) A few people expressed misgivings about the potential for insurance discrimination to occur within Group Health, which has functions in clinical care, insurance, and research.
Current research participants, who generally expressed altruistic motivations for research participation as well as strong trust in Group Health, were willing to rely on Group Health’s internal review processes and trusted Group Health to “be selective” about granting access to outside entities. For most participants, concerns began to arise as they considered more “distant” users of the data. Many participants expressed misgivings about sharing data with for-profit entities; in half of the sessions (A2, B1, B2, D1, D2) participants raised the issue before we asked about it. These participants often perceived a mismatch between the altruistic motivations of research participants and the fiscal goals of for-profit companies, as reflected in this comment from a person who had participated in a breast cancer study: “I gave all my medical records, I signed permission – ‘Use anything you want.’ It was in a Group Health context. Yes, they could have gone to [a local cancer research institute], yes, they could have gone to [a local research university], yes! Could they have gone to [a large pharmaceutical company]? No!”
We also heard that some participants felt that genetic information should not be patentable, and that it would be unethical to use public resources in “profit-seeking” activities. Although our questions were generic (we asked about sharing with “for-profit organizations”), participants in all groups expressed distrust of the motives, ethics, and research and marketing practices of pharmaceutical companies. Some thought it was unfair that research participants could be made to “pay twice” (or more) for commercial products resulting from the use of their data, once through their study contributions, and again through their taxes, pocketbooks, or insurance. There were counterbalancing opinions on this point, with some noting that industry partners are needed in order to translate research results into tangible products: “I don’t see how you could avoid giving this out to for-profit companies. If this study is of any use at all, they are going to have to make it available to a wide group of experimenters, and there are no wide groups of experimenters that don’t have something to do with for-profit companies.” Several participants commented that perhaps for-profit users could be required to pay NIH or Group Health for data access.
While some participants trusted the Federal government to manage dbGaP and similar repositories in a responsible manner, others worried about the potential for abuse. Distrust with regard to the possibility of Federal agencies’ obtaining research data for purposes other than research was expressed in every session. In some sessions, strong trust in Group Health was contrasted with a lack of trust in the Federal government. As one participant stated, “This is the privacy issue: that there’s no failsafe, as far as I’m concerned. And I would trust researchers, but I don’t trust the insurance industry, and I don’t trust the government.” Participants voiced two kinds of concerns. One was with regard to inappropriate use of data by law enforcement or national security agencies, and the other was regarding the possibility of a “tyrannical government” using such data for eugenics or other objectionable purposes: “I don’t really have a problem with it as it stands now, however, the future thought of Big Brother watching you and the government getting involved in doing all these things is scary, just because I think … trust in the government isn’t real high right now, and if they were to, I mean, if government really got involved and insisted on doing this stuff, I mean, I could see where they could genetically do everything they wanted to do. And it’s scary.”
Participants saw a need for trustworthy governance to ensure that both practical and ethical goals – advancing science and protecting research participants – would be achieved. As one participant noted, “I think the key is finding the right balance between letting science and research go along and make great discoveries and not throttling them back with public policy issues. Ideally, we could kind of work them together so that science could move ahead and the Congress and other bodies could work alongside to make sure the protections are there.” Another said, “I would want to do more than trust [the managers of the data repository]. I would hope that the Group Health institution and the National Institutes of Health and others would also be very aggressive about safeguards.” A related concern had to do with what participants saw as the inevitability of changes in law and regulations. “You just don’t know what your ‘yes’ really means down the line. We’ve all grown up realizing how nothing seems to be sacred, and how the most secure information somehow gets found and used and abused,” according to one participant.
The obligations of users of shared data came up without prompting from the facilitators, with concerns about whether such users would be held to the same standards as Group Health: “My question would be, do the rules that the first group signed on with, apply to the group that gets handed the new information? If we sign consent information forms and all that kind of stuff, what’s the obligation of the second group to follow those guidelines?”
Inclusion of Data from Participants’ Electronic Medical Records
One focus of the eMERGE Network is to assess the feasibility of GWAS using EMR-derived phenotypes, requiring the sharing of some clinical information with the dbGaP repository. Participants understood the research value of such information. However, many participants saw medical record information as potentially more sensitive than genetic data, in part because of the potentially stigmatizing nature of information that could be contained in the EMR, such as reproductive health information and mental health history: “I can see [that] your personal health record, if it’s a carte blanche to share anything that’s in there, a lot of us might have reservations.” Some participants were uncomfortable with the idea that information they had shared confidentially with their healthcare provider could be made available to researchers.
Participants in Group A and E agreed that there were no specific parts of the medical record that they would like to withhold, and some mentioned that sharing the entire medical record without reservation would be of greatest utility to research. Group B participants had a range of opinions regarding the use of EMR data. Some were comfortable with allowing open access to the complete record, while others questioned the utility of such access. Some individuals were agreeable to making their records freely available, while others would not personally consent to such access. (“I doubt that I would participate in a study that involved universal access to my healthcare records.”) Participants in Group C, the youngest group we spoke with, advocated direct control over how much and which parts of their medical records would be available for research purposes (“I think it would also be helpful to have some way of my being able to take control of that process and being able to check boxes of, like, ‘It’s fine to have this information, but you don’t have permission – when it comes to, like, you don’t have the right to my reproductive health [information], but you do to my blood pressure.”) Others noted that it could be difficult to operationalize such an approach, particularly given that researchers may not know in advance which variables would prove to be needed for a future study for research purposes. In Group D, several participants thought that the sharing of physician’s notes would not be appropriate; even the most altruistic participant thought that the text of patient-provider conversations held in confidence should be off limits.
Notwithstanding these concerns, most participants were generally willing to have some EMR data shared for research purposes, provided that the data were fairly limited (e.g., if only “strictly scientific things … like diagnostic codes and medications” were included), well defined (e.g., if they knew ahead of time what data would be extracted for research use), and de-identified (with links to personal identifiers maintained at Group Health): “If it’s anonymized, and Group Health is the protector, I wouldn’t have a problem.”
Privacy and Confidentiality Concerns
Although we did not raise the issue of privacy directly, it was an underlying theme throughout the discussions, and most participants had at least some privacy concerns. Participants in Groups A and E were substantially less worried about privacy and confidentiality than other groups. Many of those we talked with, however, said that they believed the potential benefits of wide data sharing outweighed potential risks: “I guess it comes down to a balance. How much good is expected from it, against that extreme risk that might – might – happen. You can’t weigh that. I’d say you can’t even weigh it today, let alone 5 years from now. So you just kinda take it on faith, and do it.”
A recurring theme in all groups was the inevitability of “protected” data being accidentally released (several participants mentioned stolen laptops containing confidential data) or otherwise accessed by unauthorized persons. Focus group participants simply did not believe that data security can be guaranteed, despite researchers’ good intentions: “There’s no realistic way of controlling [the data], once you share it. Let’s face it.” and “Unless we go back to working out of a shoebox, there’s no security at all.” At the same time, most people felt that the risk of breach of confidentiality is commonplace in modern life, as demonstrated by this exchange in Session B1:
SPEAKER 1: “As soon as there’s a database, and it’s on a computer, sooner or later there is a thing where bank records all of a sudden get lost, or somebody steals them, or somebody hacks them, or somebody’s personal computer gets stolen out of their home, and all of a sudden it’s gone. And it’s bank records or it’s hospital records, and this happens several times a year, it’s in the paper. There’s ten thousand records that were supposed to be private, are now unaccounted for.”
SPEAKER 2: “However, having said that, and knowing that this happens, we don’t stop using banks! No, we don’t. We don’t stop those kinds of things. We do everything we can to divorce our personal information from uses we haven’t authorized, but we still, just because of the complexity of life, are involved with insurance companies and banks and employers – and, hopefully, health research.”
Some participants believed that health information would be a less attractive target for ill-intentioned individuals than other kinds of data (such as financial records or credit-card information). To a number of participants, a confidentiality breach regarding banking information or other personal information that could be used for purposes of identity theft would be a greater cause for concern than would unauthorized access to their de-identified genetic information.
Some participants saw the very large size of typical GWAS (and associated databases) as conferring a certain degree of privacy protection, citing “safety in numbers” as reducing the risk that they would be personally identified or harmed as a result of research participation. “You know, there’s something that feels more comfortable about a huge study. You’re kind of lost in that huge sea of information, and it really seems like fewer risks.” “It seems to me, as you increase the amount of data, your individuality is really getting more and more lost. You are just a much smaller part of a large data pool.” But not all participants agreed with this idea: “If I were to share my DNA and medical record, I would add one drop to this ocean of statistics. But if something were to go wrong, that would have a great effect on my life.”
Participants felt that robust privacy protections would be necessary to ensure the quality of the data to be deposited, for two reasons: first, enrollment would be higher and the ultimate value of the resource maximized if potential participants believed that appropriate steps would be taken to protect the data (acknowledging that such protections are not absolute). One person commented, “Don’t you think that if the safeguards get lessened, people will stop saying, ‘Ok, I’ll give my DNA?’ They’ll stop being a part of the study if they perceive it isn’t safe, and then our information will be just kind of dead-ended, because they’re going to have to have information over a long period of time to see what changes. It’s never going to be static. It’s going to have to go on and on and on.” Second, research participants may be tempted to hedge or withhold potentially important self-reported information if they do not trust that it would be kept confidential: “One of the thoughts that comes to mind is the validity of the data somewhat could depend on the confidentiality, because a person might be a little hesitant to be really honest and outright if they felt uncomfortable about it.”