Skip to main content

Thank you for visiting nature.com. You are using a browser version with limited support for CSS. To obtain the best experience, we recommend you use a more up to date browser (or turn off compatibility mode in Internet Explorer). In the meantime, to ensure continued support, we are displaying the site without styles and JavaScript.

  • Correspondence
  • Published:

Secure cloud computing for genomic data

Nature Biotechnology volume 34pages 588–591 (2016)Cite this article

Subjects

A Corrigendum to this article was published on 11 October 2016

This article has been updated

To the Editor:

The 'cloud' offers scalable and competitively priced computing resources for the analysis and storage of data from large-scale genomics studies, but it must also ensure that human subject data are hosted in a context that is both secure and compliant with regulations. Concerns continue to surface in recent years regarding potential hacking and potential loss of patient privacy of data held within the cloud1,2,3. Security challenges for human genomics research in the cloud include researcher's and administrator's lack of familiarity with security features and inconsistent guidelines from different regulatory bodies for genomic datasets. These inconsistencies can cause confusion as to whether or not security requirements are being met on cloud for a particular human dataset. Ultimately, if a research environment in the cloud is not compliant with regulatory guidelines, this could mean that an investigator might lose access to a dataset. Here, we lay out a set of cloud security guidelines that meet a wide range of regulatory requirements. Our intent is twofold: first, to raise awareness regarding the variability and complexity of current guidelines; and second, to highlight how redundant security assessments that are currently carried out dataset by dataset in the cloud could be replaced by a 'do-once, use-many-times' framework. We envision that the do-once, use-many-times guidelines provided here will help researchers navigate various cloud solution providers and will ultimately yield savings in costs, time and staffing. Although the cloud technology stack will continue to evolve rapidly, which in turn will change the specifics of solution implementation, we believe that the security requirements presented here will be applicable for the foreseeable future.

This is a preview of subscription content, access via your institution

Relevant articles

Open Access articles citing this article.

Access options

Buy this article

  • Purchase on Springer Link
  • Instant access to full article PDF
Buy now

Prices may be subject to local taxes which are calculated during checkout

Figure 1: Security stack.

Change history

  • 11 August 2016

    In the version of this article initially published, the competing financial interests line should have been positive in the HTML as it was in the PDF (“The authors declare competing financial interests”). The statement “M.S. is a co-founder of Personalis and SensOmics and a member of the scientific advisory boards of Personalis, SensOmics and Genapsys” should also have appeared in the HTML. The errors have been corrected in the HTML and PDF versions of the article.

References

  1. Orcut, M. Hackers are homing in on hospitals. MIT Technol. Rev. http://www.technologyreview.com/news/530411/hackers-are-homing-in-on-hospitals/ (2 September 2014).

  2. Anonymous. Data Breach Industry Forecast. 2015 Second Annual Data Breach Industry Forecast https://www.experian.com/assets/data-breach/white-papers/2015-industry-forecast-experian.pdf (Experian, Dublin, 2015).

  3. Wilde Mathews, A. Hacked database included 78.8 million people. Wall Street Journal http://www.wsj.com/articles/anthem-hacked-database-included-78-8-million-people-1424807364 (24 February 2015).

  4. Guidance Regarding Methods for De-identification of Protected Health Information in Accordance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule http://www.hhs.gov/hipaa/for-professionals/privacy/special-topics/de-identification/index.html (US Department of Health and Human Services, 2012).

  5. Department of Health and Human Services, Office of the Assistant Secretary for Health, Office for Human Research Protections. Fed. Reg. 80, 53933–54061 (2015).

  6. Naveed, M. et al. Privacy in the genomics era. ACM Comput. Surveys 48 (1), 6 (2015).

    Article  Google Scholar 

  7. Anonymous. Participants in Personal Genome Project identified by privacy experts. MIT Technol. Rev. http://www.technologyreview.com/view/514486/participants-in-personal-genome-project-identified-by-privacy-experts/ (1 May 2013).

  8. Check Hayden, E. Nature 519, 400–401 (2015).

    Article  CAS  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Genetics, Stanford School of Medicine, Stanford, California, USA

    Somalee Datta, Keith Bettinger & Michael Snyder

Authors
  1. Somalee Datta
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Keith Bettinger
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Michael Snyder
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Somalee Datta.

Ethics declarations

Competing interests

M.S. is a co-founder of Personalis and SensOmics and a member of the scientific advisory boards of Personalis, SensOmics and Genapsys.

Additional information

Editor's note: This article has been peer reviewed.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Datta, S., Bettinger, K. & Snyder, M. Secure cloud computing for genomic data. Nat Biotechnol 34, 588–591 (2016). https://doi.org/10.1038/nbt.3496

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1038/nbt.3496

This article is cited by

Search

Advanced search

Quick links

Nature Briefing

Sign up for the Nature Briefing newsletter — what matters in science, free to your inbox daily.

Get the most important science stories of the day, free in your inbox. Sign up for Nature Briefing