LAUSR

Health care systems around the world are increasingly using the large amount of routinely collected health data to understand health and disease processes better and to drive continuous improvement [1]. Critical care medicine has been at the forefront of these efforts, with several commercial and non-commercial ICU databases having been developed in a number of countries [2]. Such databases have the potential to be socially very valuable, supporting research, education, and quality improvement initiatives [3]. Linking databases across centres and countries can also increase their generalisability and accelerate knowledge discovery [2]. While activities that effectively utilise routine data to optimise and individualise care are urgently needed, efforts to create and link such databases can be undermined by concerns about data protection. These concerns are only likely to intensify as available data for research becomes more finely grained and more diverse (e.g. medical images, physiological waveforms etc.). Patients have legitimate interests in controlling access to and use of their health data, and their informed consent will often be required for the use of their data for purposes other than they were collected. However, requiring individual informed consent for pseudonymised (de-identified) data to be used in healthcare databases and registers can lead to large increases in costs and create major selection biases that undermine the data representativeness [4]. Nevertheless, many jurisdictions allow for an ethics committee to waive the requirement for consent for such secondary uses of health data if specific conditions are met. For instance, one of us (L.A.C.) is involved in the well-known MIMIC (Medical Information Mart For Intensive Care) database, which contains clinical data acquired during the routine hospital care of patients admitted to critical care units at the Beth Israel Deaconess Medical Center in Boston [3]. MIMIC has had the requirement for individual patient consent waived by the local institutional review board for over 10 years because the project does not impact clinical care and the data are de-identified by removing all protected health information in accordance with the Health Insurance Portability and Accountability Act before being included [3]. However, numerous efforts with international collaborators to set up other critical databases (e.g. in Brazil, Belgium and Spain) or to link MIMIC with other established critical care databases (e.g. in the United Kingdom and France) have so far been thwarted by local ethics committees suggesting that individual patient consent may be required. In an era of increasing global collaborative health research efforts, such variations in data consent requirements are problematic. There is a need for more