Security & Privacy aspects of OpenClinica – the

Download Report

Transcript Security & Privacy aspects of OpenClinica – the 

Security & Privacy aspects of
OpenClinica – the CTMM-TraIT experience
Jacob Rousseau – TraIT, VU University Medical center
&
Marinel Cavelaars – TraIT, the Hyve
Version 0.5 21-05-2015
Content of presentation

Introduction CTMM / TraIT

Data-flows between applications

Hosting & operations

Privacy & security

Performance
©
#OC15Europe
2
CTMM-TraIT

Center for Translational Molecular Medicine - CTMM

Translational Research IT - TraIT

Public partners, private partners, patient foundations
and charities

CTMM 2009-2015

TraIT Oct 2011 - 2016

CTMM merges with TI Pharma as of January 1st
2016
©
#OC15Europe
3
TraIT partners
©
#OC15Europe
4
TraIT applications & work-packages
©
#OC15Europe
5
Statistics - OpenClinica

Number of studies: 151

Number of users: 900

Number of unique sites: 157
©
#OC15Europe
6
OpenClinica uptake
136 studies
157 sites
852 users
150
140
130
120
Number of Studies
110
100
90
80
Other multi-center
studies Dutch
UMC’s
70
60
50
Pre TraIT-effect
Multi-center
VUmc studies
40
30
20
10
July 2008
Start DeCoDe
OpenClinica
Q4
Q3
Q2
2015 - Q1
Q4
Q3
Q2
2014 - Q1
Q4
Q3
Q2
2013 - Q1
Q4
Q3
Q2
2012 - Q1
Q4
Q3
Q2
Q4
2011 - Q1
Q3
Q2
2010 - Q1
Q4
Q3
Q2
2009 - Q1
Q4
Q3
Q2
2008 - Q1
0
October 2011
Start TraIT
OpenClinica
©
#OC15Europe
7
Number of visits per month to OpenClinica.nl
Number of Visits
since april 2014
1800
1600
1400
1200
Number of Visits
1000
800
600
400
200
0
Apr
May
Jun
Jul
Aug
Sep
Oct
Nov
Dec
Jan
Feb
Mar
Source: AWStats
©
#OC15Europe
8
TraIT: step by step guides
Web site: http://www.ctmm-trait.nl/
©
#OC15Europe
9
Content of presentation

Introduction CTMM / TraIT

Data-flows between applications

Hosting & operations

Privacy

Security provisions

Performance
©
#OC15Europe
10
Clinical Research data flows
All steps have
to be reviewed
for security
©
#OC15Europe
11
OCDataImporter

Developed by Cuneyt Parlayan, VUmc, CTMM-DeCoDe

Source:
https://github.com/cuneytparlayan/trait_open_clinica_upload_tool_2

Executable available via the TraIT service-desk

What does it do?



Converts text (CSV) files to ODM taking subject, events, groups and
repeats into account
Automated mapping of columns to ODM-items
Creates SQL-insert files to create subjects and to schedule events
(not needed with improved web services)
©
#OC15Europe
12
OCDataImporter
©
#OC15Europe
13
Link to clinical or digital pathology image

Add a 'parameterized link' in the Excel-CRF in the
left/right column text:
<a
href="https://www.example.com:123/ContextRoot?images=/${
item['IMAGE_ID_ITEM_ID']}" target="_blank">Click here to
see this subjects slides in tEPIS</a>

Links to an image for which the review results must be
entered in the CRF
©
#OC15Europe
14
Link to digital pathology image
©
#OC15Europe
15
Schedule Appointment
Logis
 Developed by MEMIC, center for data- and information
management, Maastricht University Medical Center, Dirk
Veldman
 Date and time of visits entered in Logis; the
corresponding visit / event is scheduled in OpenClinica
using web services
©
#OC15Europe
16
Export to Transmart
 OpenClinica (ODM) to ETL (csv) to tranSMART (I2B2)
Developed by Ward Blondé
©
#OC15Europe
17
Content of presentation

Introduction CTMM / TraIT

Data-flows between applications

Hosting & operation

Privacy & Security

Performance
©
#OC15Europe
18
Hosting

Hosting partner Vancis

4 environments at Vancis





Sandbox; for study & CRF development
Archive; for inactive studies
Acceptance; to solve technical problems
Production
Philips environments for technical R&D and
upload testing
©
#OC15Europe
19
Deployment setup
Hosting provider Vancis
AJP
Apache
web
server
Tomcat
application
server
JDBC
Postgres
database
server
©
#OC15Europe
20
Content of presentation

Introduction CTMM / TraIT

Data-flows between applications

Hosting & operations

Privacy & security





Legislation
Technical measures
Process
Operational
Performance
©
#OC15Europe
21
Legislation


Legislation – National level
 Medical Research (Human Subjects) Act (Wet Medischwetenschappelijk Onderzoek bij mensen, WMO)
 Dutch Personal Data Protection Act (Wet Bescherming
Persoonsgegevens, WBP)
European level
 European Data Protection Directive - Directive 95/46/EC
©
#OC15Europe
22
Future legislation
National Level

Mandatory to report data breaches to Dutch Data Protection Authority
(amendment to the WBP – ‘Meldplicht Data Lekken’)
European level

General Data Protection Regulation (GDPR)

Clear definition of responsibilities data processors and controllers
Challenges are:






Data Protection Officer
Strict administration
Subject agreement (Informed Consent)
Right to be forgotten / right for erasure
Substantial fines
Amendments by Committee for Civil Liberties, Justice and Home Affairs
(LIBE)
©
#OC15Europe
23
Technical measures
 Separation of modules in different Virtual Machines
 Separate Web-module (Apache Webserver)
 Separate access and performance logging
 Automatic redirect to /OpenClinica
 Separate location for static content of studies (e.g. images)
https://www.openclinica.nl/static/biomarkers/arthri
tis_skeleton_highlighted.jpg
 Possibility of load-balancing with multiple Tomcat instances
 Caching
 Avoid caching of secure content on disk using headers
©
#OC15Europe
24
Technical measures





Transport-layer encryption (HTTPS)
Access logging
Firewalls
Export logging for non-repudiation
Log retention
Two additional technologies:

Trusted Third Party & Single Sign-On
©
#OC15Europe
25
Trusted Third Party - TTP

Pseudonymisation of Subjects
 Encryption using symmetric keys; only source
(hospital) and TTP have keys
 One key per site or one key per study
 Two types of ID's:



National Identification number (BSN)
Hospital Information System ID (HIS)
Various technical implementation strategies
tested:



Client-side with Java-script
Client-side with Java Applet
Server-side ( for HIS-numbers only )
©
#OC15Europe
26
Single Sign-On SAML 2.0

Developed in cooperation with Daniel Pletea –
Philips and Paul van Dijk - SURFnet

SAML (Security Assertion Markup Language)

Only for authentication

Intended deployment (using OpenConext at
Vancis) with SURFconext / eduGAIN
©
#OC15Europe
27
Processes
 User management
 PI is responsible to remove user from study if he / she is no
longer active
 Periodical reminders for studies to verify if users are still
active or affiliated
 User administration via the TraIT service-desk
 Password expiration
©
#OC15Europe
28
Processes
 Checks on directly identifiable information before study
is promoted from sandbox to production
 SQL scripts to scan database for directly identifiable
information
 Standard Operating Procedures
©
#OC15Europe
29
Operations
 Standard operating procedures for administrative
personnel
 Periodic review of vulnerabilities in components (e.g.
US-CERT)
 Secure connections to servers for administrative
operations
©
#OC15Europe
30
Content of presentation

Introduction CTMM / TraIT

Data-flows between applications

Hosting & operations

Privacy & security

Performance
©
#OC15Europe
31
Number of users
per hour
20
18
16
14
12
Number of users
per hour
10
8
6
4
2
0
From 27th of March to 4th of May
©
#OC15Europe
32
Monitoring
 Tools at hosting-provider (e.g. Nagios) to monitor
availability
 Periodic database scripts to register number of users
logged-in (performance)
 AWStats for statistics (performance)
 Selenium-scripts deployed at 2 sites to register the
duration of common user actions (performance)
 Presentation: CRF Performance and System Scalability
by Annelies Rotte gives all details on performance
©
#OC15Europe
33
Final words
 Privacy / security / risk assessments must have on-going
attention
 Due care and due diligence
 Multi-faceted: technology, legislation, operations,
development
©
#OC15Europe
34
Thanks

OpenClinica LLC: Alicia Goodwin, Cal Collins, Krikor Krumlian, Ben Baumann

The Hyve: Marinel Cavelaars, Kees van Bochove

Trial Data Solutions: Gerben-Rienk Visser, Annelies Rotte

CTMM: Jan-Willem Boiten

NKI: Gerrit Meijer, Gwen Dackus

VUmc: Henk Verheul, Jeroen Beliën, Rene Breet, Cuneyt Parlayan, Ward Blondé, Rinus
Voorham, Sander de Ridder

Philips: Wim van der Linden, Daniel Pletea, Cees de Jonge

Memic: Alfons Schroten, Dirk Veldman, Robert Klinkenberg

Netherlands eScience Center: Rita Azevedo, Ruud Ross

Maastro: Johan van Soest, André Dekker

Vancis: Kees Louwen, Marcel Bunte, Auke Abbekerk

SURFnet: Paul van Dijk
©
#OC15Europe
35
©
#OC15Europe
36