Computerized cancer registries solutions - a systematic review (Preprint)

BACKGROUND A cancer registry (CR) is typically a standardized tool to produce population-based data on cancer incidence and survival. Cancer registries aim to retrieve and store information on all cancer cases occurring in a defined population. The main sources of data on cancer cases usually include treatment, diagnostic facilities (oncology centres or hospital departments, pathology laboratories, or imaging facilities etc.) and the official territorial death registry. OBJECTIVE The aim of this study is to assess the actual solutions for cancer registries and determine and understand its main requirements. METHODS To achieve this goal, we have made a systematic review based on a comprehensive qualitative research, following the PRISMA statement framework. Four distinct databases were searched: Medline; ISI Web of Knowledge, IEEE Xplore and Scopus with the query “cancer registries” [All Fields] AND computerized [All Fields]. The inclusion criteria include references from five key-concepts: data collection; standards; quality control, data protection and data exploration. For the process final review, we have involved the participation of three medical informatics professionals. RESULTS From a total of 54 articles, 10 accomplished the inclusion criteria and were included in the analysis. Cancer registries systems had in general problems related to the lack of a fully automatic integration of data from different sources, difficulty in automatize data quality control routines and a lack of harmonization in terms of standards (both communication and terminologies standards). Many tasks are still performed manually implying an extra effort from the human resources team that results in a substantial delay in survival and incidence reports production and more data inconsistencies and errors. CONCLUSIONS It is essential to automatize the data linking integration between different healthcare institutions. However, it is important to consider a balance between the preservation of data integrity and the patient’s privacy, whilst enabling meaningful state of the art continuous research to improve people’s health and the general quality of care. Healthcare institutions must abide and comply with the changes imposed by the much more stringent data privacy protection regulations imposed by the GDPR (General Data Protection Regulation), resulting on new rigorous compliance obligations on privacy and security that all CRs across Europe must be ready to comply.

Download Full-text

Pseudonyms for Cancer Registries

Methods of Information in Medicine ◽

10.1055/s-0038-1634649 ◽

1996 ◽

Vol 35 (02) ◽

pp. 112-121 ◽

Cited By ~ 11

Author(s):

M. Miller ◽

I. Schmidtmann ◽

J. Michaelis ◽

K. Pommerening

Keyword(s):

Pilot Study ◽

Data Storage ◽

Data Privacy ◽

Cancer Registries ◽

Population Based ◽

Error Rates ◽

Cancer Registration ◽

Privacy And Security ◽

Permanent Storage ◽

German Legislation

AbstractIn order to conform to the rigid German legislation on data privacy and security we developed a new concept of data flow and data storage for population-based cancer registries. A special trusted office generates a pseudonym for each case by a cryptographic procedure. This office also handles the notification of cases and communicates with the reporting physicians. It passes pseudonymous records to the registration office for permanent storage. The registration office links the records according to the pseudonyms. Starting from a requirements analysis we show how to construct the pseudonyms; we then show that they meet the requirements. We discuss how the pseudonyms have to be protected by cryptographic and organizational means. A pilot study showed that the proposed procedure gives acceptable synonym and homonym error rates. The methods described are not restricted to cancer registration and may serve as a model for comparable applications in medical informatics.

Download Full-text

A Layered Approach to Jurisdiction

10.1093/oso/9780198795674.003.0010 ◽

2017 ◽

Author(s):

Dan Jerker B. Svantesson

Keyword(s):

Data Protection ◽

Data Privacy ◽

General Data Protection Regulation ◽

Legal Rules ◽

Privacy Laws ◽

Scope Of Application ◽

General Data ◽

Layered Approach ◽

Substantive Law

This chapter observes how it may be inappropriate to apply a single jurisdictional threshold to diverse instruments such as data privacy laws. In the light of this observation, a proposal is outlined for a ‘layered approach’ under which the substantive law rules of such instruments are broken up into different layers, with different jurisdictional thresholds applied to each such layer. This layered approach is discussed primarily as a technique to be utilized in legal drafting, but it may also be applied in the interpretation and application of legal rules. Article 3 of the European Union’s General Data Protection Regulation, which determines that regulation’s scope of application in a territorial sense, provides a particularly useful lens through which to approach this topic and, thus, the discussion is largely centred around that Article.

Download Full-text

Biobanking for Neurodegenerative Diseases: Challenge for Translational Research and Data Privacy

The Neuroscientist ◽

10.1177/10738584211036693 ◽

2021 ◽

pp. 107385842110366

Author(s):

Emilia Giannella ◽

Valentino Notarangelo ◽

Caterina Motta ◽

Giulia Sancesario

Keyword(s):

Neurodegenerative Diseases ◽

Translational Research ◽

Data Protection ◽

Biological Samples ◽

Data Privacy ◽

Neurological Diseases ◽

Great Effort ◽

General Data Protection Regulation ◽

In Silico Studies

Biobanking has emerged as a strategic challenge to promote knowledge on neurological diseases, by the application of translational research. Due to the inaccessibility of the central nervous system, the advent of biobanks, as structure collecting biospecimens and associated data, are essential to turn experimental results into clinical practice. Findings from basic research, omics sciences, and in silico studies, definitely require validation in clinically well-defined cohorts of patients, even more valuable when longitudinal, or including preclinical and asymptomatic individuals. Finally, collecting biological samples requires a great effort to guarantee respect for transparency and protection of sensitive data of patients and donors. Since the European General Data Protection Regulation 2016/679 has been approved, concerns about the use of data in biomedical research have emerged. In this narrative review, we focus on the essential role of biobanking for translational research on neurodegenerative diseases. Moreover, we address considerations for biological samples and data collection, the importance of standardization in the preanalytical phase, data protection (ethical and legal) and the role of donors in improving research in this field.

Download Full-text

Data Privacy and Security Law

10.1093/oxfordhb/9780198800682.013.20 ◽

2021 ◽

pp. 327-347

Author(s):

Fred Cate ◽

Rachel Dockery

Keyword(s):

Data Protection ◽

Data Privacy ◽

Critical Infrastructure ◽

Government Information ◽

Economic Data ◽

Privacy And Security ◽

Practical Matter ◽

Personally Identifiable Information ◽

Protection Legislation ◽

New Challenges

This chapter discusses cybersecurity laws. Many measures employed to enhance cybersecurity pose a risk to privacy. In addition, data protection laws focus only on personally identifiable information, while cybersecurity is also concerned with securing economic data such as trade secrets and company databases, government information, and the systems that transmit and process information. As a practical matter, despite the prominence of security obligations in data protection legislation, these were often downplayed or ignored entirely until recent years. Only as cybersecurity threats became more pressing did regulators begin actively enforcing the security obligations found in most data protection laws. More recently, legislative bodies and regulators have begun adopting cybersecurity-specific obligations. However, even these have often mirrored or been combined with privacy protections, sometimes to the detriment of effective cybersecurity. The chapter describes major categories of cybersecurity law, including unfair or deceptive practices legislation, breach notification laws, and data destruction laws. It also considers the new focus on critical infrastructure and information sharing, the China Cybersecurity Law, and the new challenges to data privacy and security law.

Download Full-text

A Data Privacy Governance Model

International Journal on IT/Business Alignment and Governance ◽

10.4018/ijitbag.2019010105 ◽

2019 ◽

Vol 10 (1) ◽

pp. 74-93

Author(s):

Margareth Stoll

Keyword(s):

Corporate Governance ◽

Data Protection ◽

Data Privacy ◽

Business Processes ◽

Management Systems ◽

Legal Compliance ◽

Legal Requirements ◽

General Data Protection Regulation ◽

Governance Model ◽

Information Security Governance

The importance of data privacy, information availability and integrity are increasingly recognized. The new EU general data protection regulation 679/2016 obligates stringent legal requirements with high sanctions for noncompliance. Most organizations worldwide are affected directly or indirectly. It requires overall a risk and evidence-based data privacy management as part of corporate governance. More than 1.6 million organizations worldwide are implementing a standard-based management system, such as ISO 9001 or others. To implement the new data protection regulation in an effective, efficient and sustainable way, the author provides design-oriented guidelines on how to integrate the legal requirements into standard based management systems. The holistic data privacy governance model integrates different information security governance frameworks with standard based management systems in order to comply the regulation. In that way data privacy is part of all strategic, tactical and operational business processes, promotes corporate governance, legal compliance and living data protection.

Download Full-text

Delegation-Based Personal Data Processing Request Notarization Framework for GDPR Based on Private Blockchain

Applied Sciences ◽

10.3390/app112210574 ◽

2021 ◽

Vol 11 (22) ◽

pp. 10574

Author(s):

Sung-Soo Jung ◽

Sang-Joon Lee ◽

Ieck-Chae Euom

Keyword(s):

Data Processing ◽

Data Protection ◽

Data Privacy ◽

Personal Data ◽

General Data Protection Regulation ◽

Personal Data Protection ◽

Compliance Audit ◽

General Data ◽

Data Controller ◽

Data Subject

With the growing awareness regarding the importance of personal data protection, many countries have established laws and regulations to ensure data privacy and are supervising managements to comply with them. Although various studies have suggested compliance methods of the general data protection regulation (GDPR) for personal data, no method exists that can ensure the reliability and integrity of the personal data processing request records of a data subject to enable its utilization as a GDPR compliance audit proof for an auditor. In this paper, we propose a delegation-based personal data processing request notarization framework for GDPR using a private blockchain. The proposed notarization framework allows the data subject to delegate requests to process of personal data; the framework makes the requests to the data controller, which performs the processing. The generated data processing request and processing result data are stored in the blockchain ledger and notarized via a trusted institution of the blockchain network. The Hypderledger Fabric implementation of the framework demonstrates the fulfillment of system requirements and feasibility of implementing a GDPR compliance audit for the processing of personal data. The analysis results with comparisons among the related works indicate that the proposed framework provides better reliability and feasibility for the GDPR audit of personal data processing request than extant methods.

Download Full-text

Epidemiology of Childhood Cancer in Indonesia: Study of 14 Population Based Cancer Registries

Journal of Global Oncology ◽

10.1200/jgo.18.75200 ◽

2018 ◽

Vol 4 (Supplement 2) ◽

pp. 67s-67s

Author(s):

J. Agustina ◽

D.T. Sinulingga ◽

E. Suzanna ◽

E. Tehuteru ◽

R. Ramadhan ◽

...

Keyword(s):

Quality Control ◽

Childhood Cancer ◽

Cancer Registries ◽

Population Based ◽

Quality Data ◽

Lower Percentage ◽

Cancer Center ◽

Ministry Of Health ◽

Cancer Burden ◽

National Quality

Background: Childhood cancer was about 3%-5% cases of all cases. Dharmais National Cancer Hospital was pointed out by Ministry of Health as National Quality Control of Cancer Burden Data in 2016. To provide national cancer burden data, Ministry of Health established 14 population based cancer registries in 2016, located in 14 provinces in Indonesia. The coverage area was 26 districts/municipalities in each selected provinces with total coverage number of population was 14% of Indonesia. Aim: This study was to describe quality data of 14 population based cancer registries in Indonesia and to describe the epidemiology of childhood cancer during 2008-2012. Methods: We used 14 population based cancer registries data that collected in Office of National Quality Control of Cancer Burden Data, Dharmais National Cancer Center, within age 0-19 years old during 2008-2012. We analyzed quality data of 14 population based cancer registries data based on WHO-IARC rules for cancer registry data. Results: There were 4156 cases. The average of percentage microscopic verification was 59%, 7 out of 7 provinces had lower percentage of microscopic verification. The highest was South Sulawesi (98%) followed by Central Java (92.9%), and East Borneo (79.4%). Most of them had over 25% of DCO. DKI Jakarta had the highest incidence age-standardized rate (7.1) followed by Bali (4.9) and North Sulawesi (4.8). The most frequent childhood cancer cases were in male (57%), between 10-14 years old. Both in male and female had similar rank of the most frequent cases, other malignant epithelial (22.4%: 17.2%), leukemia (19.3%: 14.3%), and other and unspecified malignant tumor (9.4%: 8.4%). Conclusion: The coverage and quality data of childhood cancer in 14 population based cancer registries data were low. Each population based cancer registries should improve the process of cancer registration.

Download Full-text

Bulgarian public sector data breach reveals EU trend

Emerald Expert Briefings ◽

10.1108/oxan-db245651 ◽

2019 ◽

Keyword(s):

Public Sector ◽

Data Privacy ◽

Public Attention ◽

Data Breach ◽

Privacy And Security ◽

Content Type ◽

General Data Protection Regulation ◽

High Profile ◽

General Data ◽

Sector Data

Subject Public sector and GDPR. Significance Public attention before and since the EU’s General Data Protection Regulation (GDPR) came into effect in May 2018 has largely focused on high-profile corporate data breaches and fines, such as recently at British Airways and the hotel chain Marriott. However, the data breach at the Bulgarian National Revenue Agency last month put public sector agencies, and their obligations under GDPR, under the spotlight. Impacts The upsurge in data breach notifications will stabilise as GDPR implementation progresses. Local public sector agencies are beginning to take data privacy and security seriously. Outsourcing of public services to private contractors is complicating cybersecurity.

Download Full-text

Data Protection and the Patient’s Right to Safety

European Journal of Health Law ◽

10.1163/15718093-12341322 ◽

2014 ◽

Vol 21 (3) ◽

pp. 260-270

Author(s):

Jean Herveg

Keyword(s):

Quality Control ◽

Information Systems ◽

Data Quality ◽

Data Protection ◽

Legal Framework ◽

General Data Protection Regulation ◽

Patient’S Rights ◽

Control Procedures ◽

Efficient Information ◽

General Data

The article investigates the issue of knowing whether or not the proposal for a general data protection regulation could improve the patient’s safety. This has been analyzed through the four main contributions that should be expected at least from data protection to the patient’s safety. In our view, data protection should help supporting efficient information systems in healthcare, increasing data quality, strengthening the patient’s rights and drawing the legal framework for performing quality control procedures. Compared to the current legal framework, it is not sure that the proposal might improve any of these contributions to the patient’s safety.

Download Full-text

Anonymization, tokenization, encryption. How to recover unrecoverable data

Computer Science and Mathematical Modelling ◽

10.5604/01.3001.0010.8235 ◽

2018 ◽

Vol 0 (6/2017) ◽

pp. 9-13

Author(s):

Olga Dzięgielewska

Keyword(s):

Risk Analysis ◽

Data Protection ◽

Data Privacy ◽

Personal Data ◽

Insider Threat ◽

General Data Protection Regulation ◽

Analysis Phase ◽

Data Layer ◽

General Data ◽

Financial Consequences

The data privacy is currently vastly commented topic among all the organizations which process personal data due to the introduction of the European Union’s General Data Protection Regulation. Existing methods of data protection are believed to be sufficient as they meet the risk-based approach requirements in every mature organization, yet the number of publicly known data breaches confirms that this assumption is false. The aftermath of such incidents in countless cases prove that the risk-based approach failed as the reputational and financial consequences by far exceed the original estimations. This paper stressed the importance of the data layer protection from the planning, through design, until maintenance stages in the database lifecycle, as numerous attack vectors originating from the insider threat and targeting the data layer still sneak through unnoticed during the risk analysis phase.

Download Full-text