A health worker collects a nasal swab sample from a man in a mobile testing van

Mobile COVID-19 testing in Amritsar, India. There are currently no internationally agreed rules on how researchers can access testing data in a pandemic.Credit: Narinder Nanu/AFP/Getty

The need for better pandemic preparedness before the world faces another outbreak is rising up the global agenda. Last week, the World Health Organization’s member states met virtually for the World Health Assembly and decided to reconvene for a special three-day session in November to discuss a pandemic treaty. If agreed, the treaty would be an international law that would bind its signatories to take swift, collective and evidence-based action in the event of an outbreak of an infectious disease with pandemic potential.

As Nature has previously reported, the jury is out on whether such a treaty is necessary. It is still not clear whether the idea has the support of a majority of nations, and it is being debated whether now is the time to be discussing a future pandemic, when so much remains to be done to end the current one. However, if there is to be such a treaty, it must include internationally agreed rules on accessing data in a pandemic — or any global emergency that has the potential to cause large-scale loss of life.

Discussions on pandemic data access are already taking place, and at some pace. The science academies of the G7 group of the world’s seven biggest economies — known as the S7 — have published a statement emphasizing the need for emergency data-access rules, including questions of governance (go.nature.com/2sjqj2v).

These will be discussed at this month’s G7 meeting in Cornwall, UK. Discussions have also been taking place among the G20 science academies and at the World Health Organization. These separate conversations need to converge. A pandemic treaty involving researchers and policymakers from every country could be where this happens. Once the rules are set — and a treaty will make them legally binding — countries can then enact them into national laws.

Researchers and policymakers have needed a range of types of data during the pandemic. These data, often reported daily, include updates on: COVID-19 test results and assessments of their accuracy; the number of people who have died; and how many people have been vaccinated. Some countries are tracking data on viral genome sequences, in part to unlock the identity of variants.

Mobile-phone data offer considerable power to understand in real time how a disease is spreading, as do data from Internet search results, and data from mapping applications, which allow researchers to see the movement of people. Payment data held by banks and credit-card companies can help to provide an accurate understanding of the impact of lockdowns on economies.

But access to such data are spotty, to say the least. Researchers in some countries have used these data to good effect, according to a November report on data readiness from an initiative called DELVE: Data Evaluation and Learning for Viral Epidemics, convened by the Royal Society in London (go.nature.com/3fymrcd). But there is no agreed, trusted mechanism for access.

Often, access depends on ad hoc relationships between researchers and government or private-sector data holders. In some countries, access has been prohibited for a range of reasons: because laws have not been updated to reflect the need for access in emergencies; because of concerns about the risks of people being identified; because of variations in technical standards; or because of risks to businesses of data potentially being shared with competitors.

Even when all parties concerned agree to share data, it can take more than a year for researchers to obtain access, according to the DELVE Initiative’s report. What’s needed, the authors say, are agreed rules and protocols, so that researchers, corporations, regulators and policymakers know exactly what to do when faced with an outbreak of a disease that looks to have pandemic potential.

Governments and corporations need researchers to tell them what kind of data are needed, and in what formats. Researchers need to know who to contact, and how to access data. All must take responsibility for ensuring that the necessary levels of security and privacy are maintained.

Countries could devise these rules individually, and many are no doubt doing so already. But it makes much more sense to do it globally — potentially by way of a treaty — so that everyone can benefit from collective expertise and experience. These rules would apply only in emergencies, in the event that ‘normal’ rules and regulations need to be suspended to save lives.

In an emergency, everyone needs to move quickly — much more quickly than usual. That is why it is so important to put a system in place so that all concerned know what to do, when to do it, and how. Now is the time to act, while experiences of the pandemic are still fresh. As we know, spending time drawing up a plan once an emergency is under way costs lives.