Skip to Content
COVID-19 Resources
Cancer Imaging Program (CIP)
Contact CIP
Show menu
Search this site
Last Updated: 10/28/16

Breakout Group 4 — Summary and Discussion

Access to databases — security, confidentiality, ownership, integrity

Bernie Huang, Larry Schwartz, Chris Carr, Mel Greberman, Richard Hanusik, Mary Lou Ingeholm, Eliot Siegel, and John Perry

Cancer Imaging Informatics Sept 27, 2002 (footer on all slides)


  • Management of Data Access Rights
  • Portable Clinical Imaging Records
  • Individual Access to their own Images
  • Images in Clinical Trials, Just Another form of Data?
  • Teaching Files


  • Management of Data Access
  • Security
  • Ownership
  • Portable Clinical Imaging Records
  • Teaching Files
  • Recommendations

Management of Data Access

  • Individual patients should have access to their own data
  • Should investigators have exclusive access rights to clinical trials data?
    • Is access a necessary incentive for participation?
    • Staged access for research data/timing
  • PIs
  • All participating investigators
  • All US investigators
  • All International investigators
    • Who should investigators make it available to?
  • Compulsory
  • Prohibited

Management of Data Access

  • Depends upon purpose of data-Spectrum from anonymizedteaching files to clinical trials data to an individual’s images in an ePR
  • For NCI research should NCI set rules for accessibility of data?-What rules apply after completion of trials?-Should NCI just take over management of data?-Set guidelines for sharing APIs, schemas, etc?-How important is the data? For how long?
  • Mammo
  • Chest
  • Others-Seven year rule like paper world?


  • HIPAA: Does it change the rules?
  • "Common Rule" applies
  • Should there be a single, clear federal standard for security in clinical trials (enforced by NCI?)


  • HIPAA takes a "good practice" approach
  • Integrity: necessary to guard against falsified data?
    • Watermarking
    • Encryption
    • Digital image signatures
  • Does security for clinical trials need to be more stringent than for clinical care?


  • Who owns patient images?
  • Who owns clinical trials data?
    • Researchers
    • Institutions gathering data
    • Patients: can demand that copies be made available to them
    • NCI or other sponsors
    • Public
  • Does ownership = publication rights?
  • Who is responsible if the information is lost?
    • Institution


  • Uncertainty about rules and burden of security policies a barrier to clinical trials participation?
    • Federal/Private/International

Portable Clinical Imaging Records

  • Privacy/confidentiality/integrity concerns of patient data
  • Same rules should apply as for other electronic data
  • HIPAA rules
  • Proper use depends on to whom the record is given (physician, patient)

Teaching Files

  • Rules more relaxed than clinical trials
  • Confidentiality: anonymized; but relevant demographics not scrubbed
  • Access: "owner" determines
  • Security: sufficient to control access
  • Integrity: author/institution responsible for policies
  • Ownership: -Author responsible for securing permission for any borrowed materials-Fair use allows reproduction for educational purposes

Recommendations to NCI

  • Commission study of security practices and access policies of current NCI trials
  • Generate good practice guidelines
    • Coordinate discussions with other groups working on standards/security
  • Review specifics of recommendations for lung nodule study, BIRN


  • Agree upon guidelines for encryption, watermarking, etc.
  • Consider requiring new studies to maintain images for public access
    • Policy on legacy databases
  • Consider funding specific trial studies for standardized access mechanisms
  • Evaluate additional costs of any access and security requirements on investigators

Thank you