Seven focus groups were conducted from May to July 2019: five in English, one in Mandarin, and another in Malay. Each focus group lasted between 90 and 120 minutes and had six to eleven people, totalling 62 participants for the study (see Figure 1 for demographic description of participants). The median age range of 38-45 years. The majority were ethnic Chinese (49), with Malay (7) being the next largest group, and Indian (5) and others (2) making up the rest. The majority of participants were female (63%) and most had either a diploma (37.1%) or university degree (48.4%).
Despite efforts made to make clear the distinction between personal and de-identified data, and to avoid the term anonymous, participants regularly reverted to discussing personally identifiable data and anonymity. For example, immediately following a discussion where participants explicitly acknowledged that data would be de-identified, another expressed their concern that “It can be misused. It's my personal information so I would like to guard it” (FG0521_P1). Although initially out of scope, some comments relating to the sharing of personal information are included in the results as they reflect the participants’ concerns about data sharing, and it was impossible to completely disentangle conversations about personal and de-identified data.
The following results are organised around four key themes: nuanced understandings of data security and data sensitivity; trades-offs between data protection and research benefits; trust (and distrust) in the public and private sectors; and governance and control options.
Nuanced understandings of data security and sensitivity
While participants were generally comfortable with the idea of storing and sharing de-identified data, concerns were raised about data security. The primary concern was about the potential misuse of data (e.g. for malevolent purposes, such as bioterrorism, discrimination or profiteering) and the resulting harm that might arise from a data breach. However, some participants appeared to have a good understanding of the various security measures that could be put in place to protect the identity of volunteers in a PM program and to reduce the likelihood of an unauthorised breach. Some drew on their experiences and knowledge of previous data breaches with references to SingHealth and the HIV registry cases arising frequently and without prompting. These events gave participants a reference point for exploring the issues of data sensitivity and security. They also recognised that no data security systems were impervious to attacks and no data holders, including trusted government agencies, can guarantee data security.
Participants were generally more worried about the security of what they perceived to be sensitive data. People suffering stigmatised conditions in Singapore, such as infectious disease like HIV or mental illness, were viewed as being more vulnerable to an unauthorised disclosure than someone who is in good health or is suffering conditions such as cancer.
If I have like generic health condition, perhaps like high cholesterol or heart issues, I wouldn't be so worried about my information being shared. But if […] I have HIV or things like that, that are more sensitive, then I would be concerned. But if its generic health situations, I, for me, personally, I won't be that concerned. (FG0530_P4)
However, opinions varied on the sensitivity of genetic health information. Some participants were relatively unconcerned about sharing genetic data. Others were worried about insurers, employers or school selectors using (personally identifiable) genetic data against the interests of the data donor:
[If you] happen to have some genetic diseases that could result in you having a higher risk of a certain disease and what happens if this information is sold to the insurance companies and then you will be anti-selection, you won't be covered for a certain disease or when your coverage will be very high. Then that would be a concern. (FG0530_P7)
Participants also recognised that some people might be vulnerable to unauthorised data breaches due to their environment or circumstances, rather than the sensitivity of the data itself. Public figures (e.g. celebrities and politicians) were viewed as greater targets for ‘hackers’ than ordinary citizens.
Trades-offs between data protection and research benefits
There was broad support for sharing data with researchers at academic and healthcare institutions (both local and international) as they were perceived as conducting socially valuable research. Participants recognised and articulated the implicit trade-offs between protecting data from a breach, on the one hand, and promoting access to the data to generate potential benefits on the other hand.
We have to think about the benefits that you can reap from this programme, having the genomic data and sharing it through the national body as well as at an international level. That is basically for the goodness of humankind in the world. So the issue of transfer of information, stolen data, hackers, either for political use or used by pharmaceutical companies. They're bad, unfortunately […] that is a general concern. But I feel that the benefits, weighing the pros and cons, it is better to have this data. (FG0521_P2)
The purpose of data sharing was an important factor in the discussions. The introductory video provided examples of possible health benefits to individuals and their families. However, participants also went on to highlight a wider range of societal benefits for what was frequently termed, unprompted, the “greater good” (e.g. FG0527_P3&P6, FG0524_P2&P3, FG0530_P6&P2]. These benefits included the development of new medicines, improved or more affordable healthcare, and improved understanding of genetic diseases (including hereditable cancer). Participants recognised the genomic research in Singapore could be especially valuable to minority ethnic groups in Singapore and Asia who may not be well represented in other PM initiatives.
Participants were concerned about parties with authorised access using the data for purposes contrary to the intentions or expectations of the data donors. Hence, it was important for them to understand the reasons why data would be shared with anyone inside or outside of the institution holding the data:
I guess, for me I think it's not so much the party accessing the data, but rather how is the data being used for and for what purpose. So knowing that, then I'm able to make a better decision as in whether I want to participate. …if it's from a big pharmacy company, then I think it may be for a commercial gain, but again it still help people. So I guess it's still the purpose, how the data being used, the purpose what is it used for. (FG0524_P11)
As indicated in the quote above, many participants expected that they would be notified prior and/or asked for consent for data-sharing. Some mentioned Singapore’s personal data protection laws (i.e. the PDPA) and expressed in strong terms that their consent should be sought before data were shared for any purpose. However, many others were willing to trust the institution storing the data to only allow access to trustworthy third parties for worthwhile purposes of generating benefit, and would not need to provide new consent to each research project.
So, if I [..] give you all my data, ok, so actually I trust you enough. (FG0530_P10) Trust (and distrust) in the public and private sectors
When asked about who they would trust to hold the data, participants suggested academic research institutions, and healthcare providers. Government agencies came through as trusted entities for ensuring data security. Given the health-relatedness of the data being stored, the Ministry of Health (MOH) specifically was frequently mentioned. This was despite some recognition that MOH had jurisdictional responsibility for data accessed in previous breaches. In addition to MOH, government defence and security agencies were also mentioned along with statutory boards and public-private partnerships that regulate digital and information technologies in Singapore (e.g. iHIS43 and GovTech44). Trust was not absolute, but rather participants expressed a nuanced approach, differentiating between different government agencies and difference functions (e.g. data security, use and oversight).
On the other hand, there was significant debate amongst participants about sharing data with researchers at private or commercial entities, such as pharmaceutical companies. Some participants highlighted the fact that the pharmaceutical industry contributes to social value by developing new medicine; others were more ambivalent about the high costs of some medications in Singapore. Furthermore, participants were uncertain as to how the government could ensure that individuals or the public healthcare system would benefit from data-sharing with industry.
Commercial companies, ultimately they […] make money, so […] they [may] take your information, develop a certain diagnostic kit and then sell it off to other companies without benefitting the whole of Singaporeans and we are actually providing them with the data to come up with the kit, so I think […] they must bring some of the benefits back to the Singapore community. (FG0530_P7)
Overall, there was strong reluctance to share health data with private insurance companies. There was much discussion about the potential for insurance companies to use data to deny coverage to certain ethnic groups and/or increase the cost of insurance plans. By comparison, some participants supported sharing health data with insurance companies, arguing that they could use the data to benefit patients by tailoring plans for specific diseases or expanding coverage for patients not currently covered. Others did not see the need to share the data with insurance companies at all, noting that they could instead work with public research institutions as trustworthy actors to develop equitable insurance plans based on aggregated data.
Governance and control options
Participants were asked to suggest strategies to ensure responsible and trustworthy approaches to storing and sharing health data. Participants made numerous suggestions for data security measures that would help to alleviate their concerns, such as block chain technology, data masking, two-step verification, and tiered access restrictions. The need for a strong regulatory environment was acknowledged. Some participants also felt that data should not be accessed without the specific consent of volunteers, although it is unclear if they were talking about personally identifiable data or de-identified data. Being able to withdraw from the PM initiative appeared to be important for many participants; although exactly what that meant (e.g. severing all links to data, deleting all records from the database, declining participation in a particular study) was not explored.
In addition, some participants suggested that independent oversight of data sharing in Singapore across sectors and agencies would be an important component of a trustworthy governance system. Several options were proposed to fulfil this oversight function, including non-government organisations or an intergovernmental agency within Singapore. Some suggested cross-sectorial “semi-government, private sector” (FG0528_P5) collaborations. International oversight bodies were also suggested in the context of government agencies gaining access to data:
Who is watching the watchdog? […] there has to be checks and balances from all different agencies… Or even, not even the agency, I think even bigger body. A bigger international body. … Like a United Nations or some nations right? Or Interpol, for example, I do not know. Beyond just our country. (FG0527_P8)
Thus, although there was a general sense that government agencies could be trusted to regulate the research institutions and private entities that access and use data within Singapore, there was also some unease with how the government itself might use the data in the absence of external oversight or checks and balances. The reasons for the apparent distrust were not probed and preferences for particular oversight mechanisms were not explored in any further depth.