Medical data exchanges - A pipe dream or a nightmare? 

Data exchanges promise us fruits of the future. For medical data, these exchanges are meant to
accelerate innovation, speed the pathway to personalised medicine, finding cures for long dreaded
diseases, extending life and the quality of life. There’s just one problem – and it’s summarised easily in
one question: “Which of you would like to post your medical data for the world to see?”

Even if it meant curing cancer? No, didn’t think so.

But the promise of a medical data exchanges is real enough to want to try to solve this problem. For instance, all over the world, Singapore included, legislative and regulatory initiatives are underway to promote safe and secure data sharing.

Consider Singapore’s proposed Health Information Bill. The premise of it is promising as it is ambitious. Create a legal framework where patients and medical professionals can interact with or have access to a wider set of medical data.

But where we start “cooking with gas” is to consider the promise it holds for companies on the frontline
of finding cures and medical therapies – companies in the pharmaceutical and life science industries.

We are not only referring to data for clinical trial development and clinical studies, we are also speaking
of achieving more accurate value-based pricing for specific categories of patients or even individual
patients. Imagine a drug regimen suited to your gut biome, medical history, family history and DNA –
personalised medicine.

This promise is not lost on Singapore. The Bill is promulgated by the Ministry of Health, and is to support
collaborations such as between the Ministry, the Smart Nation and Digital Governance Office (SNGDO),
Government Technology Agency (GovTech) and Synapxe have jointly developed TRUST which is a
health data exchange platform.

TRUST can provide access to a rich amount of data sets that comprise largely of anonymised datasets
relating to population, clinical data, lifestyle data, chronic disease screening data and genomic data.

However, the TRUST Partners are currently only limited to “public sector users and researchers from
Singaporean public health institutions, institutes of higher learning and publicly funded institutions”.

It seems that public-private data sharing will only be looked at during the second half of 2024. Let’s take
the opportunity to review the challenges that public-private data sharing can pose under the current
framework.

Beneficial to the public - must this benefit be primary? 

Every application for research project that seeks to access the data held by TRUST will have to be
reviewed by a data access committee (“DAC”) that will have to make an assessment from a “scientific,
clinical, health value of requests before concluding if the purpose of use is beneficial to the public and
can generate social benefit”. This seems to preclude project requests from private institutions that may
have both commercial and social benefits or where commercial benefits are primary whereas the social
benefit can be ancillary.

The review is further circumscribed by the health and human potential domain’s focus and priorities
which are currently limited to cancers and neoplasms, cardiovascular, eye, infection, mental health,
metabolic and endocrine and neurological. Though a sizeable list, not all research scope will necessarily
fall within the list of disease listed as priorities.

To be sure there are laws that can already provide a good framework. But the Human Biomedical
Research Act 2015 functions in relation institutions with an IRB, and its ultimate governance framework
is based on a licensing regime that does not necessarily apply to pharmaceutical and life science
companies.

Your intellectual property or mine? How about ownership of the data?

And then there are the debates over ownership of “property rights” in data. Unlike in the EU, where are
there are database rights, property rights are less clear for row entries of data. Whilst there is usually a
case for copyright to exist in data schemas, designs of databases, and interfaces, the Yellow Pages
litigation shows us that the case is not as robust when it comes to data entries themselves.

Sure, one could explore rights in trade secrets but this depends on a web of interconnected protection
systems, NDAs, and notices. Much work in every exchange and for every contributor.

But without proprietary rights, the licensing and financial valuation and the commercial case for
contribution is less easy to see. Financial investments might stall on the lack of a proper ecosystem of
returns for all stakeholders. For instance, how does one price an exclusivity period? Why risk exposing
data for no financial return or ROI?

Would a data requestor be at the mercy of the data contributor if the requestor does not own any
intellectual property rights over the outcome of the research? Might the contributor may be at the mercy
of the requestor if the requestor chooses to execute data mining to enrich its own data sets?

The TRUST framework currently says that TRUST owns any fused datasets arising from research that
is contributed to the TRUST environment and within control of TRUST. Is that a recipe to encourage
contribution?

Company’s undertaking is now my undertaking

And then there is the personal undertaking a user must submit with the data request form. This is in
addition to the organisational undertaking the Data Requestor provides. Leave aside the chilling effect
of personal liability. Is it effective to deter abuse? Would bad acting foreign users safely outside the
reach of local legal action be deterred?

Conclusion

Perhaps these are teething issues. They are not insurmountable. But to encourage private institutions
to really participate in TRUST, we need open dialogue.

Stakeholders such as initiators of TRUST, the pharmaceutical and life science companies (including the Singapore Association of Pharmaceutical Industries) should each be heard.

The promise of medical data exchanges is certainly worth the effort in engagement.