A large group of international experts has developed the GA4GH Passport standard for digital identity and access permissions. It defines a machine-readable digital identity that conveys roles and data access permissions (called "visas") of the authorized researcher. CSC participated in the standard creation and provides services for the national researchers with GA4GH Passport visas.
Human biomedical research data sets often contain sensitive information about individuals who consented their data for the research project. Sharing of these data for the secondary research use must comply with legal, ethical, and informed consent rules and regulations. The GA4GH Passport standard defines a machine-readable digital identity. It can be used to communicate the roles and granted data access rights of the researcher holding the identity. It is designed to enhance interoperability between data repositories by allowing services to provide safe and scalable access to the authorized data sets by enforcing standardized data access permissions locally.
GA4GH Passport standard is combined with other GA4GH standards
The GA4GH Passport standard can be used jointly with other global standards, such as the Data Use Ontology (DUO). DUO is a machine-readable standard vocabulary of data use terms. It aims to describe data use conditions for research and to automate the matching of specific data sets against the data access requests.
Combination of DUO and GA4GH Passport defines a transparent mechanism for establishing permissions and authorizing data access across national or commercial service platforms. Uptake of the standard will streamline the processes of data access framework for granting researchers permission to reuse datasets. Early implementors include ELIXIR Europe, National Institutes of Health in the United States and the Autism Sharing Initiative.
Dr Mikael Linden, a Senior Application Specialist from CSC is contributing the GA4GH Passport development work.
– GA4GH Passport standard is an important milestone for managing access to sensitive data in a federated environment. ELIXIR AAI, operated by the Finnish and Czech ELIXIR Nodes, was the first one to implement Passports. The Passport standard is also supported by the REMS tool that ELIXIR Finland has implemented for managing data access permissions, says Linden.
CSC Sensitive Data (SD) services are among the early adopters of GA4GH Passport standard.
– This allows us to provide a streamlined data access control on sensitive data for each authorized researcher separately. That will not only work for our national sensitive data sets but includes also those international reference data sets important for the Finnish researchers. Our new SD services are also easier to use as the control of data access permission on our platform is enforced automatically during service login process, says Senior systems specialist Jaakko Leinonen from CSC.
Second issue of Cell Genomics features GA4GH
The Global Alliance for Genomics and Health (GA4GH) takes center stage in the second issue of the new journal, Cell Genomics. Ten papers make up this special issue describing the current state of the global standards relevant for research and health sectors. Three of these publications focus on streamlining the data access process based on the data use and researcher identity, spearheaded by the GA4GH Data Use and Researcher Identities Work Stream. Two of these papers, “The Data Use Ontology [DUO] to streamline responsible access to human biomedical datasets” (first authors Jonathan Lawson and Moran Cabili) and “GA4GH Passport standard for digital identity and access permissions,” (first authors Craig Voisin, Mikael Linden, Stephanie Dyke, and Sarion Bowers) are the first publications to formally introduce the standards for the scientific community.