Data for Decisions uses University of Melbourne software to ethically and safely extract data from general practice computer systems
GRHANITE is University of Melbourne developed computer software that works in any environment where data is routinely collected. Its first prototype was developed by Associate Professor Douglas Boyle in 2007 and has been used extensively in the primary care arena; it is currently installed in many GP clinics throughout Australia.
GRHANITE addresses many complex legal, ethical, organisational and technical barriers that can hinder the use of sensitive, routinely collected data. It can interface with many GP practice management computer software systems, including Medical Director, Best Practice, GENIE, Zedmed, Communicare, MedTech32 and others. GRHANITE provides GPs or practice managers with easy access to a patient ‘opt-out’ checkbox and has the capability to provide privacy-protecting record linkage. For more about record linkage click here.
GRHANITE optimises patient and health provider privacy by ensuring person-identifying information (i.e. patients, practitioners or other staff) is not included in the data extracted. If necessary, the data originating from a GP practice can be re-identified by sending it back to that practice and using a re-identification ‘key’. Such re-identification might be done if a practice agrees to participate in a clinical trial (pending appropriate data and ethical approvals) where the practice may contact patients with certain characteristics to determine their interest in participating. (N.B. Involvement in clinical trials may include financial incentives and benefits to GPs and patients through access to new treatments.)
The Patron data repository is physically housed within the University of Melbourne environment. Nectar Cloud eResearch infrastructure facilitate secure storage of the large Patron dataset. The University of Melbourne is Nectar’s lead agent. No data within the Patron dataset is stored within an off-shore server or outside of the University controlled server environment.
Our team at HaBIC R2 Health Informatics Unit, within the Department of General Practice, are experts in cross-sectoral data capture, consent management and privacy-protecting record management. We employ international best practice policies and procedures in our data warehousing and curation to ‘future proof’ against risk, and we adhere to all national legislation around privacy and data security. Our active risk mitigation strategies are regularly reviewed.
No Patron datasets will ever be publicly accessible, but findings from the research, using aggregate data, will be made available through publications and reports. Every researcher that accesses the datasets can do so only after showing that they will meet strict ethical, legal and data governance standards. It is a legal requirement that any notifiable data breaches are reported to the Australian Information Commissioner within three days.
Anonymous record linkage
GRHANITE has a mechanism for supporting anonymous record linkage. This mechanism ensures names or other person-identifying information of patients never leave the general practice. This is done using a technique known as cryptographic hashing. This mechanism generates ‘signatures’ that are derived from identifiable information but do not contain it. Because the signature does not contain identifying information, the signature can never be reversed. .
The Australian data use context
Making more effective use of existing data is widely considered integral to enhance consumer and business outcomes, better inform decision-making and policy development, and facilitate greater efficiency and innovation.
The following links provide detailed material about the ethical, legal and regulatory provisions of data sharing in the Australian context.
- Productivity Commission, Data Availability and Use: Productivity Commission Inquiry Report - Overview & recommendations Report No.82. 2017, Canberra.
- Menzies Foundation, Public support for data-based research to improve health: A discussion paper based on the proceedings of a Menzies Foundation Workshop 16th August, 2013. 2013, Melbourne