A GDPR-Compliant Dynamic Consent Mobile Application for the Australasian Type-1 Diabetes Data Network

Abstract

Australia has a high prevalence of diabetes, with approximately 1.2 million Australians diagnosed with the disease. In 2012, the Australasian Diabetes Data Network (ADDN) was established with funding from the Juvenile Diabetes Research Foundation (JDRF). ADDN is a national diabetes registry which captures longitudinal information about patients with type-1 diabetes (T1D). Currently, the ADDN data are directly contributed from 42 paediatric and 17 adult diabetes centres across Australia and New Zealand, i.e., where the data are pre-existing in hospital systems and not manually entered into ADDN. The historical data in ADDN have been de-identified, and patients are initially afforded the opportunity to opt-out of being involved in the registry; however, moving forward, there is an increased demand from the clinical research community to utilise fully identifying data. This raises additional demands on the registry in terms of security, privacy, and the nature of patient consent. General Data Protection Regulation (GDPR) is an increasingly important mechanism allowing individuals to have the right to know about their health data and what those data are being used for. This paper presents a mobile application being designed to support the ADDN data collection and usage processes and aligning them with GDPR. The app utilises Dynamic Consent—an informed specific consent model, which allows participants to view and modify their research-driven consent decisions through an interactive interface. It focuses specifically on supporting dynamic opt-in consent to both the registry and to associated sub-projects requesting access to and use of the patient data for research purposes.