Policy

European Journal of Human Genetics (2015) 23, 1271–1278; doi:10.1038/ejhg.2014.196; published online 24 September 2014

Genomic cloud computing: legal and ethical points to consider
EJHGOpen

Edward S Dove1, Yann Joly1, Anne-Marie Tassé2, Public Population Project in Genomics and Society (P3G) International Steering Committee, International Cancer Genome Consortium (ICGC) Ethics and Policy Committee and Bartha M Knoppers1,2

  1. 1Centre of Genomics and Policy, McGill University, Montreal, QC, Canada
  2. 2Public Population Project in Genomics and Society, McGill University, Montreal, QC, Canada

Correspondence: ES Dove, Centre of Genomics and Policy, McGill University, 740 Dr. Penfield Avenue, Suite 5200, Montreal, QC H3A 0G1, Canada. Tel: +1 514 398 8187; Fax: +1 514 398 8954; E-mail: edward.dove@mcgill.ca

Received 13 May 2014; Revised 4 August 2014; Accepted 19 August 2014
Advance online publication 24 September 2014

Top

Abstract

The biggest challenge in twenty-first century data-intensive genomic science, is developing vast computer infrastructure and advanced software tools to perform comprehensive analyses of genomic data sets for biomedical research and clinical practice. Researchers are increasingly turning to cloud computing both as a solution to integrate data from genomics, systems biology and biomedical data mining and as an approach to analyze data to solve biomedical problems. Although cloud computing provides several benefits such as lower costs and greater efficiency, it also raises legal and ethical issues. In this article, we discuss three key ‘points to consider’ (data control; data security, confidentiality and transfer; and accountability) based on a preliminary review of several publicly available cloud service providers’ Terms of Service. These ‘points to consider’ should be borne in mind by genomic research organizations when negotiating legal arrangements to store genomic data on a large commercial cloud service provider’s servers. Diligent genomic cloud computing means leveraging security standards and evaluation processes as a means to protect data and entails many of the same good practices that researchers should always consider in securing their local infrastructure.