Privacy and Security

Privacy-Preserving Technologies and Rights-Based Privacy Regulation Compliance

by Luna

There has been increased interest over the past decade over what to do with the growing volume of digital information collected on individuals that are potentially used or sold by companies and governments. This interest is even more heightened when health data is involved and how this data might be used in ways contrary to the interests or values of individuals. In parallel, new data protection laws have passed in many parts of the world and increasingly in several states within the United States that express the control of data privacy as a human right.

It is commonplace to merge the concepts of data privacy and security, even though each has a unique role. Data security is the step taken to prevent unauthorized access to data. A common security approach involves data encryption that requires user-specific information to decrypt the data back to its original form. Privacy-preserving technologies, or PPTs, are a newer class of technologies that support the distribution of encrypted data that can be selectively decrypted to reveal some or all of the data that is encapsulated. PPTs are especially exciting for the sharing of genomic data so that only some of the data is made available to a researcher, which presents a lower risk to the individual for subsequent data misuse.

A common data privacy policy is the right to rescind one’s consent and to have the individual’s data deleted, also known as the “right to be forgotten.”

Data privacy, in contrast to data security measures, is a set of policies that are applied to secure data. These policies typically govern the data collected, the purpose for which the data is collected, and the informed consent granted to the researcher to study the data. A common data privacy policy is the right to rescind one’s consent and to have the individual’s data deleted. This is also known as the “right to be forgotten.”

Security-based protections such as PPTs and privacy-based protections are very different in how they are implemented. With security-based approaches, data are distributed to researchers that are approved to access the data. Once access is granted, the control of the data is lost. Over time there can be many copies of the data that have been granted to multiple researchers, as shown in Figure 1A.

Figure 1A. Once permission is granted data is distributed to uncontrolled environment(s)

In contrast, privacy-based approaches maintain control of each piece of data within an environment that supports the removal of the data if an individual’s consent is withdrawn. Under the privacy-based approach, an individual has a virtual string on their data that supports the pulling back of their data at any time, as shown in Figure 1B.

Figure 1B. Use of permissive data is used within an environment that enforces privacy policies.

The question of which approach is better rests largely on the regulatory environment in which the research is being performed. In Europe, compliance with the General Data Protection Regulation, or GDPR, requires that the data rights of individuals persist when they share their sensitive personal data, such as health data. In states such as California, the California Privacy Rights Act (CPRA) that has come into law in 2023 requires similar protections for individuals. For historic datasets, databases, and biobanks that include genomic data, the use of PPTs has provided a more secure way to distribute such sensitive personal data.

About Luna

Luna’s suite of tools and services connects communities with researchers to accelerate health discoveries. With participation from more than 180 countries and communities advancing causes including disease-specific, public health, environmental, and emerging interests, Luna empowers these collectives to gather a wide range of data—health records, lived experience, disease history, genomics, and more—for research.

Luna gives academia and industry everything they need from engagement with study participants to data analysis across multiple modalities using a common data model. The platform is compliant with clinical regulatory requirements and international consumer data privacy laws.

By providing privacy-protected individuals a way to continually engage, Luna transforms the traditional patient-disconnected database into a dynamic, longitudinal discovery environment where researchers, industry, and community leaders can leverage a range of tools to surface insights and trends, study disease natural history and biomarkers, and enroll in clinical studies and trials.

Privacy and Security

Something Exciting Happened on October 6, 2022, Concerning Your Medical Records

by Luna

Editor’s note: This article is jointly authored by Luna and Greenlight Health Data Solutions.

The Information Blocking Rule, now in effect, is a new federal regulation we should all celebrate as a big win for control over our health information, a right that we should always have had.

Let’s take a step back in time and then fast forward to today. In recognition of the importance of digital health information for advancing precision medicine, the Information Blocking Rule was a provision of the 21st Century Cures Act which aimed to modernize healthcare data interoperability and update a component of HIPAA that was oriented to paper-based medical records, not Electronic Health Records (EHRs). Part of the motivation to connect EHRs was to improve the portability of one’s health data to multiple healthcare providers and to give direct access to one’s health data using online patient portals. The Information Blocking Rule requires that all healthcare organizations give patients access to their full health records digitally (via a patient portal)–without delays or cost.

Why is this important? The new Information Blocking Rule unblocks access to Electronic Health Information (EHI), which Health and Human Services (HHS) defines as electronically Protected Health Information, or PHI. The significance of this rule has many threads–not least of which is bringing control and rights to the information much closer to the patient–the individual who the data is about, you! You can now review and research your own information to be a more informed patient. You can easily share your data with new healthcare providers if you relocate or change your insurance coverage. You can avoid time-consuming and costly duplication of diagnostic tests, which is commonplace whenever one engages with a new medical professional. You can also choose to share your data with a clinical research study or trial that is of interest to you to advance medical knowledge and health discoveries for society more broadly.

We’ve been advocates for individuals’ rights to access their health information for a long time. Greenlight Health was an early software platform specifically designed to offer patients online access to their health data. Luna has implemented Greenlight’s EHI data-sharing APIs which support connections to more than 90% of the U.S. provider market. This approach allows for the inclusion of EHR data, along with genomic and health survey data, for patient-centered research studies to understand and improve health outcomes. Gathering health information from multiple health systems, and across decades, provides convenience to individuals and their families while simultaneously providing a richness of data to researchers to unlock new insights for health improvements. Such patient-centered studies hold promise to enrich the standard of care more equally for individuals of all ethnic and racial backgrounds.

An essential aspect of inclusive clinical study participation requires that data shared by individuals is done with their informed consent and that the data is not used for other purposes outside the individual’s consent. Luna’s health data sharing and analysis platform uses rights-based data privacy measures to protect access to shared data so that a contributor (you) can remove their data from the platform and/or from any studies they joined with a simple click of a button. By implementing rigorous rights-based data protection and privacy that complies with all current privacy laws (such as GDPR in the EU), Luna provides a path to international clinical studies that can benefit from population diversity globally.

It’s no longer in the medical provider’s control to decide when to release a patient’s information. The Information Blocking Rule is really about information sharing and empowering the patient with ownership of their health data. Under HIPAA, healthcare providers are allowed 30 days to fulfill medical record requests; 60 days is permitted if the provider needs an extension. With this new rule and direct EHI access methods for patients, a healthcare provider cannot “interfere” with the flow of EHI, and it needs to flow without delay. When there are instances of interference, healthcare providers and EHR vendors are subject to financial penalties (up to $1 million per occurrence and/or reductions in Medicare and Medicaid reimbursement). Healthcare providers and vendors lobbied strongly against this rule being passed (in fact, the rule was held up for six years). Days before the rule became effective, 10 of the leading healthcare industry trade associations pushed HHS for a delay. As stated, the rule extends an individual’s right to access EHI through a patient portal. As the name implies, patient portals were designed to support functionality that allows individuals to connect to their medical records whenever needed. The intent of having immediate access to medical records through a patient portal is to provide a mechanism for sharing EHI with other healthcare providers, with family members, and for research.  

It’s no longer in the medical provider’s control to decide when to release a patient’s information.

This rule is one more step toward providing you with a comprehensive understanding of and access to your own healthcare information and, more importantly, control of how your health records are shared.

Taking the power of your health records to the next level, Greenlight Health and Luna combine capabilities to enable you to consolidate your records in one place and safely share your health records and other unique experiences in research studies that are of interest to you. You are in the driver’s seat now. The steps you take next could make a big difference in finding treatments and cures for those who need them most.

About Luna

Luna’s suite of tools and services connects communities with researchers to accelerate health discoveries. With participation from more than 180 countries and communities advancing causes including disease-specific, public health, environmental, and emerging interests, Luna empowers these collectives to gather a wide range of data—health records, lived experience, disease history, genomics, and more—for research.

Luna gives academia and industry everything they need from engagement with study participants to data analysis across multiple modalities using a common data model. The platform is compliant with clinical regulatory requirements and international consumer data privacy laws.

By providing privacy-protected individuals a way to continually engage, Luna transforms the traditional patient-disconnected database into a dynamic, longitudinal discovery environment where researchers, industry, and community leaders can leverage a range of tools to surface insights and trends, study disease natural history and biomarkers, and enroll in clinical studies and trials.

newborn feet
Health

Use of Genomics in Newborn Screening Offers New Insights and Decisions

by Luna

Newborn screening (NBS) in the United States has been used for more than 50 years and is often touted as the world’s most successful public health program. Some 99% of the nation’s children are screened at birth for treatable genetic conditions caused in whole or in part by variations in their DNA sequence. Screening has saved infants, and their families, from enormous suffering.  

Recently the NBS program has garnered even more attention and interest thanks to the groundbreaking work by Rady Children’s Hospital to leverage genomics more broadly in the screening and treatment of infants.  Recently, clinicians have pushed to expand the NBS list of treatable genetic conditions.  

The price of genomic testing has continued to come down and innovations in understanding genetic disorders have also been demonstrated to relieve financial pressures on the healthcare sector. In fact, rapid and effective treatment early in life has been shown to be less costly than chronic conditions that would otherwise require ongoing intervention by the health system. 

What is newborn screening?

In the United States, small blood samples are collected from every infant shortly after birth and analyzed for treatable genetic disorders. Newborn screening was pioneered in 1963 by Robert Guthrie, MD, for diagnosing phenylketonuria, a genetic disorder that affects metabolism leading to toxicity that damages the brain.  

Today, it has become a public health practice in all States to screen newborns for a minimum of 29 treatable disorders to detect inherited genetic disorders. The Advisory Committee for Heritable Disorders in Newborns and Children recommends screening for 61 conditions, 35 of which are conditions that are screened in all 50 states. Over the past decade, the use of low-cost DNA sequencing to diagnose and treat sick children suggests that expanding the Recommended Uniform Screening Panel from 35 treatable conditions to a much more comprehensive set is both possible and affordable for the U.S. healthcare system. 

Long-term follow-up is key to ensuring the information learned through DNA sequencing of newborns is appropriately communicated and integrated into clinical care with the family’s pediatrician.  

The path to genomic screening in infants 

Funding of the sequencing of 100,000 patients in England by the U.K. Department of Health in 2013, Genomics England piloted the use of whole genome sequencing (WGS) in 4,660 children suspected of having rare genetic conditions.1 In parallel, Stephen Kingsmore, MD, and Rady Children’s Institute of Genomics Medicine championed ultra-rapid WGS to diagnose affected newborns within 13 hours.2 These efforts, in conjunction with other programs around the world, established the use case of WGS delivering precision care to pediatric practice and set the stage for use of WGS to screen newborns earlier in life and before symptoms appear. 

It is believed there are currently roughly 600 conditions for which early-life intervention will improve the longer-term health of the child. This motivated the National Health Service in the U.K. to begin piloting newborn screening using WGS in 2021. In the U.S., New York is funding the GUARDIAN initiative to offer WGS NBS for 100,000 newborns in the state to screen for 250 conditions and to characterize the diagnostic benefits to the child and the health economic impact on the health system. 

Long-term follow-up is key to ensuring the information learned through DNA sequencing of newborns is appropriately communicated and integrated into clinical care with the family’s pediatrician.  

Luna, in collaboration with the American College of Medical Genetics, Genetic Alliance, and various medical systems, is engaged in a study to understand the follow-up needs of families and children affected by spinal muscular atrophy and other conditions who receive their diagnosis through NBS. This study uses Luna’s Community Driven Innovation™. This participant-led methodology addresses long-standing problems with traditional research approaches while providing an unbiased, clear understanding of the priorities, values, and challenges of individuals, families, and communities. One of the objectives of this study is to understand the impact of both NBS and long-term follow-up for children impacted by one of the conditions covered with current screening programs and potentially recommend changes in patient care. The NBS study may prove the feasibility of one path to improved care moving forward. 

Consider privacy issues with newborn screening research 

As new medical approaches are implemented, parents have important decisions to make prior to enrolling their newborn into WGS studies. Consider the risk and benefits involved regarding further use of DNA data after screening for genetic conditions. They should ask how their child’s data will be used in research, by whom, over what period, and for what types of research. Who makes these decisions is a function of the data privacy and protection regulations in various states and countries.  

One’s genome uniquely identifies them—and their family—for their entire life, so understanding the impact of early decisions such as these is critical. 

As new medical approaches are implemented, parents have important decisions to make prior to enrolling their newborn into WGS studies. Consider the risk and benefits involved regarding further use of DNA data after screening for genetic conditions.

About Luna

Luna’s suite of tools and services connects communities with researchers to accelerate health discoveries. With participation from more than 180 countries and communities advancing causes including disease-specific, public health, environmental, and emerging interests, Luna empowers these collectives to gather a wide range of data—health records, lived experience, disease history, genomics, and more—for research.

Luna gives academia and industry everything they need from engagement with study participants to data analysis across multiple modalities using a common data model. The platform is compliant with clinical regulatory requirements and international consumer data privacy laws.

By providing privacy-protected individuals a way to continually engage, Luna transforms the traditional patient-disconnected database into a dynamic, longitudinal discovery environment where researchers, industry, and community leaders can leverage a range of tools to surface insights and trends, study disease natural history and biomarkers, and enroll in clinical studies and trials.

data rights
Privacy and Security

Know your Rights Around Health Data Privacy

by Scott Kahn

Evolving privacy regulations, changing legal interpretations, and security breaches make it hard to keep up with our rights and risks these days. People are looking for resources to help them cut through the technical jargon regarding personal health data protection. Many simply want to use the technology they have come to enjoy while keeping their health information safe and secure. 

What are health data rights?

To unpack these questions, it’s helpful to review where your health information was first accessed and what your rights are currently. When individuals in the United States consider their health information,  they may be aware that the law regulates how healthcare providers (also known as “covered entities”) use their data. First passed in 1996, the Health Insurance Portability and Accountability Act (HIPAA) limits third-party access to personally identifying information stored within the healthcare system. 

Many people may not be aware that this information is used outside the healthcare system for research and other uses beyond medical care. Eighteen data types were established as protected health information (PHI) in the HIPAA Privacy Rule, finalized in 2000. PHI includes types of data such as names and addresses, but it also covers “any other characteristic that could uniquely identify the individual.” However, the HIPAA Privacy Rule only applies to healthcare settings. HIPAA does not protect the privacy of our data held by app providers, government bodies, biotech companies, and other entities that don’t provide healthcare services.

“Health discovery relies on health data. Luna advocates that the most reliable, representative health data comes directly from people. This is why, from Day 1, we’ve built privacy-by-design so that we can protect people and accelerate better health interventions.”

Scott Kahn, Chief Privacy and Information Officer

Since the passage of HIPAA, the amount of information that can be gathered about us has increased exponentially, and data science has advanced significantly. Remember, we just started using email in 1996! Today, computer science methods can combine non-identifying information—as few as two to three pieces of data—into very accurate assignments of a person’s identity. Put differently, the privacy protections that HIPAA gave us two decades ago were not designed with today’s information and science in mind. 

This simple observation has motivated some states and federal legislators to enact data privacy laws that focus on a set of rights for individuals, not institutions.

Read “How Modern Data Privacy Laws Enables Research
Scott Kahn
Scott Kahn, PhD, Chief Information and Privacy Officer, Luna

You have a right to data privacy

Today, as health and tech consumers, we have rights to data privacy. Modern laws define a person’s rights when it comes to data. They require companies, governments, and organizations to respect these rights when collecting and analyzing data about consumers. We can give permission, known legally as informed consent, for the use of our data, and we have a right to know who is using our data for what, such as a clearly defined public benefit.  

In general, these newer laws require that we are provided the purpose, such as the kind of research being done, for why our data is being collected. One example of these laws in practice is the numerous cookie notifications you receive on practically every website you encounter on the internet. You have the right to change your mind about sharing your data—also known as revoking consent—and the right to confirm that the company destroyed your data. 

We live in a time where data creation is incredibly astounding. Suppose we can use that data to advance causes that matter to us. In that case, we can change the quality and velocity of health interventions. 

At Luna, we appreciate the evolution of these consumer data privacy laws and have operated since Day One to exceed their requirements.

Read about Luna’s Data Protection Impact Assessment.

About Luna

Luna’s suite of tools and services connects communities with researchers to accelerate health discoveries. With participation from more than 180 countries and communities advancing causes including disease-specific, public health, environmental, and emerging interests, Luna empowers these collectives to gather a wide range of data — health records, lived experience, disease history, genomics, and more – for research.

Luna gives academia and industry everything they need from engagement with study participants to data analysis across multiple modalities using a common data model. The platform is compliant with clinical regulatory requirements and international consumer data privacy laws.

By providing privacy-protected individuals a way to continually engage, Luna transforms the traditional patient-disconnected database into a dynamic, longitudinal discovery environment where researchers, industry, and community leaders can leverage a range of tools to surface insights and trends, study disease natural history and biomarkers, and enroll in clinical studies and trials.

Scott Kahn, Ph.D.

Scott Kahn, Ph.D.

CHIEF INFORMATION + PRIVACY OFFICER

Scott is the former CIO and VP Commercial, Enterprise Informatics at Illumina. At Luna, he’s integrating data privacy and security provisions that keep member data safe, private, and secure.

data security mobile phone
Privacy and Security

The Evolution of Data Privacy: A Q&A with Bojil Velinov, Head of DevOps & Automation at Luna 

by Luna

Bojil Velinov, Head of DevOps & Automation at Luna, talks about the evolution of data privacy and how Luna is addressing privacy and data security at the company.

From your perspective, how has the conversation on data privacy evolved, and how are you addressing it at Luna?

Data privacy is moving more and more into mainstream conversation, from breaches of social media sites and data leaks to ransomware attacks at medical institutions. Some of our utmost personal information is stored in these places, so it becomes very intimate when such information falls outside of our control. 

Bojil Velinov
Bojil Velinov, Head of DevOps & Automation at Luna

On the professional side, at the last Amazon Web Services annual re:Invent conference, the people I met with and the talks I attended combined my interests in healthcare, regulatory compliance, and data governance. The apparent perspective is that the industry is increasingly focusing on protecting the data subject, which is the technical term for whom the collected data is about. I want to see this topic continue to get more attention.

How are you addressing data privacy at Luna?

We address data privacy and security in multiple ways. We operate by embedding “privacy-by-design” as part of our core values, and we recognize that online privacy needs to be built upon a foundation of data security measures. 

For example, one best practice we have is conducting yearly penetration tests, a type of security test that ensures our application stack is well protected against some of the most common attacks on the internet. It’s one of the ways we work to secure our platform. 

We also assess the risk(s) for every software feature, such as a login button, entry for one’s username, file uploads, and such. As part of our development process, we ask ourselves: “How do we prevent this feature from being vulnerable to attack?” Implementing detection, prevention, and recovery pieces into each assessed feature is part of our development life-cycle. By exercising due diligence in our design, development, and release processes, we keep the application stack more secure–and ultimately guard privacy.

How do you operationalize privacy-by-design at Luna?

It’s good to think outside the box, such as what possible future attacks on the software could occur. For example, how do we architect a way to be resilient to future vulnerabilities? One way is to utilize continuous integration and deployment (CI & CD) coupled with monitoring tools, security brainstorming sessions and vulnerability scans. 

We’ve taken privacy and security into account very seriously, and from the inception of the platform, one approach we utilize, for example, is envelope encryption–it’s a way to encrypt something in multiple layers. You can envision this as putting a box within a box, but imagine if each was locked within each one, and they have separate keys to unlock them. 

Another approach we have taken is not storing the data in the same location. We keep data fragmented. This way, if one particular location is compromised, it doesn’t reveal the complete picture of what the data represents. 

People who contribute to the Luna platform see how their data is utilized and to some degree magnified. That starts with our language and how we talk about it, it goes through how we implement the guards of that data and finishes with the granular controls of the data we give to each individual. All this establishes trust and demonstrates transparency. 

People have become increasingly aware of the importance of data security and how it affects data privacy. The volume of personal data people generate on the internet pertains to their privacy and their ownership of that particular data. I think what we do often try to put ourselves in the user’s perspective. People who contribute to the Luna platform see how their data is utilized and to some degree magnified. That starts with our language and how we talk about it, it goes through how we implement the guards of that data and finishes with the granular controls of the data we give to each individual. All this establishes trust and demonstrates transparency. 

Can you share more about the penetration test?

There are various ways of having a good posture from a security perspective. For example, how do we ensure our domain or company email is not used by a third party for spoofing? 

Pretend that a bad actor is phishing, for example. In phishing, a technique of fraudulently obtaining private information, email is the most common media. Nowadays there are some “geeky” mechanisms at our disposal, such as using specific signatures in the domain name system (DNS) records. Historically, DNS are the servers that help us find things on the internet. They are the ones knowing where you need to “land” when typing a website name in your browser’s address bar. Now, the same system is utilized to protect us from spam and phishing by allowing the receiver to check that an email claimed to have come from a specific domain was indeed authorized by the owner of that domain. This is technically known as DomainKeys Identified Mail (DKIM).

Here’s how it works:  You send an email from lunadna.com to a recipient using Gmail, for example. Upon receiving that email, the Gmail server checks for a setting in the lunadna.com  domain system. It says, “I am receiving this from this particular email service/server, can you confirm the server is authorized to send emails on your behalf?” Simple, yet powerful. I highly recommend any engineer involved with their company’s email and DNS to set this up. 

Many sites today use multi-factor authentication. What are the concepts here?

The concepts are evolving in multi-factor authentication. The tools around them are evolving. At Luna, we try to balance the impact of “extra steps” the member must take and their overall sign-in experience. At the same time, be upfront in explaining why we are putting such controls in place. In short, it’s because we really care for your data security, and we want to ensure that the person entering the platform is indeed you.

Take, for example, the case of ransomware attacks. The breaches in most of these security incidents, at various companies or individual accounts, happen because the password was compromised. That’s really the weakest link in the chain. It’s best not to reuse your passwords! Try using password manager technology to be most data safe. If one of your accounts gets compromised, bad actors can try it on other sites. If you did not reuse your password, you’d be less vulnerable. If you did, then you are out of luck.

Multi-factor authentication, in some cases referred as 2FA, can be leveraged in different ways, such as using email verification, text message, etc. It’s that additional control you put in place that, to some degree, provides another layer of protection. It also has its vulnerabilities, though. 

A practical way to think about multi-factor authentication is to balance the work required for authenticating the user to keep the bad guys out while keeping the process user-friendly. You don’t want to annoy your new participants with a slew of controls before they can see the benefit of your application. A little friction goes a long way, and it’s certainly better than the pain associated with sensitive data loss. 

Read about Luna’s Data Protection Impact Assessment.

About Luna

Luna’s suite of tools and services connects communities with researchers to accelerate health discoveries. With participation from more than 180 countries and communities advancing causes including disease-specific, public health, environmental, and emerging interests, Luna empowers these collectives to gather a wide range of data — health records, lived experience, disease history, genomics, and more – for research.

Luna gives academia and industry everything they need from engagement with study participants to data analysis across multiple modalities using a common data model. The platform is compliant with clinical regulatory requirements and international consumer data privacy laws.

By providing privacy-protected individuals a way to continually engage, Luna transforms the traditional patient-disconnected database into a dynamic, longitudinal discovery environment where researchers, industry, and community leaders can leverage a range of tools to surface insights and trends, study disease natural history and biomarkers, and enroll in clinical studies and trials.