B1MG D4.2 Secure data access demonstrator

The aim of the 1+MG initiative with coordination and support from the Beyond 1 Million Genomes (B1MG) project  is to recommend technologies, methodologies, and governance models for the 1+MG signatories (member states) that support cross-border data access to both genetic and phenotypic data. Prospective users are researchers and clinicians who facilitate the development of personalised medicine across the European Union. 

The 1+MG data infrastructure needs to be defined to ensure data managed within the federated network are compliant with the European and national legislation on data protection, security, and ELSI principles agreed in 1+MG. At the same time the aim is to maximise the Findability, Accessibility, Interoperability and Reusability of the 1+MG data, according to FAIR principles. 

In this deliverable a Proof of Concept (PoC) was built using existing standards, applications, and services to demonstrate cross border data access for two 1+MG use cases; rare disease and cancer. The intention is to create a technical infrastructure baseline and advancement for the next iteration of implementation data protection principles according to the GDPR, and agreed in discussion with B1MG WP2. The work is not complete, and  will continue during 2022-2027 in the European Genomics Data Infrastructure project. As these data are envisioned to be located in distributed nodes hosted in different 1+MG signatory countries, these nodes must be interoperable with each other. Ideally, compatibility with other infrastructures or data spaces in Europe can be maximised as well, while considering the timelines to achieve the ambition of the 1+MG initiative, and hence the user stories described here do not necessarily correspond to the user stories required to conform with the 1+MG data governance. Global standards were chosen, where possible, within the PoC to maximise interoperability between the PoC, the 1+MG data infrastructure (as provided by organisations such as CSC in Finland), and with other European-level data infrastructures and data spaces. In 1+MG the applications or services utilised within the PoC to construct the infrastructure service functionalities and the data analysis workflows are strongly recommended to be open-source to enable security review, as well as have permissive software licence allowing redistribution and modifications. The Genome Phenome Analysis Platform, which was used to demonstrate the ‘processing’ functionality via visualisation for the rare disease use-case,  does not yet comply with this overall recommendation, but the underlying infrastructure does not restrict the applications that can be used by the use of common open source standards to facilitate communication between components. Applications and services, where possible, are utilised by users in service production environments across organisations providing existing (research) data  infrastructures or resources, again to maximise interoperability and leverage existing or previous developments. Additionally, all applications needed to provide the five functionalities of data reception, data discovery,  access management, storage and interfaces, and processing (data analysis) are in active development within their respective communities. Input into the PoC was taken from both WP/WG2 and WP3 / WGs 3 & 4, as well as other related projects such as TEHDAS, CINECA, EJP-RD, as well as the European Health Data Space. The PoC demonstrates cross border data access for secondary use by a researcher for both use cases as demonstrated by a video uploaded to Youtube and a presentation to the 1+MG Special Group meeting in November 2022 (Link).