Health-RI wiki v4.0 -> consultatie (open tot 03-12-2024)

Storyline: Central analysis

Owned by Health-RI
Nov 18, 2024
3 min read

DATE: 13-11-2024 STATUS: FOR REVIEW

This article describes the central analysis storyline.

This storyline describes how a researcher analyses the requested data in a secure processing environment . The data is made available via a Data exchange platform or directly to theSecure processing environment , after which an analysis approved during the data request process as described in Storyline: Request data is performed on the data.

 

Comments

Governance plays an important role in how a secure processing environment is used, in particular the choice of who is the controller (Data Holder or Data User, see Roles) and from this role controls what happens in the environment, who has access and which data may enter and leave the environment. We distinguish the following models:

  • A researcher from organization A works on data from organization A in the secure processing environment of organization A and invites a researcher from organization B to the secure processing environment of organization A to analyze the data together

  • A researcher from organization B requests data from organization A for a research project. After approval, organization A grants access to the data to the researcher from organization B in the secure processing environment of organization A. The researcher can analyze the data here and download the results after permission from organization A.

  • A researcher from organization C requests data from organizations A and B for a research project. After approval, organizations A and B deliver the data minimized and pseudonymized to the data exchange platform under the direction of a trusted data broker. After the data is linked, the broker grants access to the data to the researcher from organization C in the secure processing environment under the supervision of the broker.

  • The data user has submitted a data request (see Storyline: Request data), and this has been approved by the respective review committees.

  • The analysis carried out by the central analysis processing environment has been established by the data user and approved in the Research data request service in Storyline: Request data

  • The data user may have generated data himself.

  • The contracts have been signed

  • A secure processing environment has been set up (see Storyline: Grant access to data) and processing responsibility has been established (see Roles).

  • The requested data has been made available by the data provider for the secure processing environment in Storyline: Grant access to data

  • The data user is authorized to access the secure processing environment.

Process model

  1. The data user identifies himself in the central analysis processing environment.

  2. The central analysis processing environment checks whether the data user is authorized to access the central analysis processing environment.

  3. The data user requests to duplicate self-generated data as described in the Storyline: Generating research data to the desired central analysis processing environment (for the duration of the research).

  4. The data user combines self-generated data with the requested data.

  5. The data user instructs the desired central analysis processing environment to perform the analysis determined and approved by the data user on the input data.

  6. The central analysis processing environment performs the analysis defined and approved by the data user on the input data and generates analysis results.

  7. The data holder checks the analysis results for the presence of personal data.

  8. De central analysis processing environment makes the analysis results available for the researcher

  9. The data user generates research results by means of the process described in Storyline: Generating research data

  10. The data user makes the newly generated research results available within the Health-RI ecosystem by means of the process described in Storyline: Making data available at the desired data holder.  

  11. The data user makes the used analysis workflow available in a trusted software repository.

  12. The data user has completed the investigation and the authorized role cleans up the used secure processing environment (including the content) according to established or applicable agreements.

Postcondition

  • The investigation has been carried out and the results have been secured.

  • The data management plan has been updated

  • The research project has been completed and the safe processing environment has been cleaned up.

  • In the case of a data supply for one study, the supplied dataset has been removed from the data exchange platform.

  • The study is documented in such a way that it is repeatable.

 

image-20241113-075415.png
Process diagram “central analysis”