"All depends on patient consent"
Susanne Driessen, president of swissethics, talks about the ethical questions that arise when genetic data on pathogens are linked to patient data.
Researchers of NRP 72 are developing a national platform that will routinely bring together the genetic data of pathogens (human, animal and environmental) with patient data (such as age and symptoms). Their aim: recognise in greater detail the spread of dangerous pathogens that are resistant to antibiotics - and stop them from spreading more efficiently. This entails ethical and legal questions, explains Susanne Driessen, president of swissethics, the umbrella organisation of Swiss ethics commissions for research on humans.
Ms Driessen, where do ethics come into play when we link the genetic data of bacteria, viruses and fungi with medical data of their human carriers?
As soon as such data allows you to make inferences, we need to ask questions regarding confidentiality and human dignity. Because it is possible that individuals may experience negative consequences.
What do you have in mind?
For example, if someone is linked to a sexually transmitted disease. This is a very private piece of information and not everyone would like it to be shared.
Are we talking about data protection?
Reliable data protection is important but a mostly technical challenge. The ethical dimension is more fundamental. When we do research on humans, we always need to consider the four bioethical principles: safeguard human autonomy, do something beneficial, non-maleficience and doing justice to the individual while respecting society.
But isn't this a simple matter of data protection? If data are protected, nobody should experience any harm and at the same time we all benefit from the surveillance.
This is also more or less my view. But there is one key challenge: we can only use these data sets for research if patients have given their consent. As giving consent is a decision every patient can take independently, it is an expression of the ethical autonomy principle.
What happens if data are encrypted?
If a hospital passes encrypted data to this platform, it will be possible, if necessary, to swiftly identify a person should there be a real threat for society. Identification would happen via the hospital. That's part of the concept and it needs to apply. Patient consent must include the permission to use their sample and data in this way.
Does this mean that you have to obtain special consent from each patient?
There are two ways of approaching this. They either give so-called specific consent as it is often done for a given research project. This implies that researchers inform patients how they intend to use the data and ask them for their permission to do so. In the area of surveillance, this isn't realistic. First and foremost because you want to enter patient data before you even know whether someone carries a resistant pathogen.
So what's the alternative?
You obtain general consent. Everyone who receives treatment in a hospital, whether as an outpatient or an inpatient, can give general consent to their data and samples being used for research purposes. This has nothing to to with a particular project. General consent is governed by clear rules, one of them is that all data has to be encrypted.
At the conference "One health meets sequencing", researchers said that this approach leads to gaps in surveillance because not every patient gives this type of consent.
At university hospitals, we are observing that the majority of patients receiving treatment give general consent. In Zurich, around 70 per cent of admitted patients are asked and around 80 per cent of those give consent so that their data and samples can be used. Figures for other large hospitals are similarly high. Theoretically we could already use the data and samples of those people for surveillance. The current legal framework allows us to do so.
Is it conceivable that we adopt the reverse approach in the interest of public health: it is assumed that all samples and data can be used for research. Those who wish to withdraw consent, need to do so. It looks as if we will adopt such an approach in the area of organ donation in the forseeable future and it has already been put into practice in other countries.
The Human Research Act includes provisions to introduce such a dissent solution in terms of non-genetic personal health data - specifically to help researchers. But when it comes to using genetic data, the matter is much more complex. Patients would have to make the distinction between genetic and non-genetic data and samples, always in relation to the degree of anonymisation. This means that they would have to agree and disagree to specific things. Our experience shows that this is going too far because it is difficult to explain. In addition, we have to think about the question whether it is at all possible to consider genetic information as anonymous.
At the conference, researchers also raised the question whether it was possible to do without consent, as Article 34 of the Human Research Act makes provisions to do so in exceptional circumstances.
I don't think that you can base routine surveillance on an article regulating exceptional circumstances. If at all, you could apply Article 34 to a clearly defined project that looks at all data retrospectively. Based on this, we would be able to make comparisons with today, where we can analyse around 70-80 per cent of data.
If this or another route would prove that extending surveillance would be of significant value to public health, what would be required from an ethical and legal perspective?
In view of the threat of antimicrobial resistance, good surveillance would certainly make sense. If it were to be really comprehensive, we would need national regulations that apply to all cantons. The Federal Office of Public Health could elaborate such regulations and create a statutory basis for them. But there needs to be the possiblity of an opt-out, if you ask me. Unfortunately, I haven't got a cover-all solution that could be implemented in practice.