One of the most prominent examples of breakthroughs in biomedical research is also a cautionary tale for biobanking. Henrietta Lacks checked into Johns Hopkins in January of 1951 where she was diagnosed with epidermoid carcinoma of the cervix. She was treated using an early form of radiation therapy, which did not successfully kill the cervical cancer. Biopsies were taken for testing, and additional biopsies were taken of cancerous and normal cervical tissue without Henrietta’s knowledge or consent.
The cells from the cancerous tissue were used to make the very first human immortalized cell line called HeLa. It’s hard to understate the significance of HeLa. HeLa was used to develop the first polio vaccine. It has been used in countless life sciences experiments, and the knowledge gained from HeLa is used every time someone immortalizes a human cell line, a major component of human tissue biobanking.
However, the tissue was taken without permission. The resulting chaos, pain, and confusion in Henrietta’s family may have been avoidable using modern informed consent practices. Using Henrietta’s tissue without permission did not violate any laws, nor any research ethics as they were understood at the time, but since then laws have changed significantly, as has our understanding of biobank ethics. A major component of informed consent is tracking what research participants have consented to and how it applies to the material or data they have contributed.
A Simple Consent Case
Let’s say that Henrietta were being treated for exactly the same disease today, and her doctor thought her sample should be saved for future research. We call people like Henrietta contributors. The data and biospecimens that they contribute are contributions. Henrietta would be asked to sign a form that looks a lot like the ones recommended by the World Health Organization. She would be able to give consent at a few different levels:
If any of the (TYPE OF SAMPLE i.e. blood, tissue) I have provided for this research project is unused or leftover when the project is completed (Tick one choice from each of the following boxes)
I wish my [TYPE OF SAMPLE] sample to be destroyed immediately.
I want my [TYPE OF SAMPLE] sample to be destroyed after ____ years.
I give permission for my [TYPE OF SAMPLE] sample to be stored indefinitely
AND (if the sample is to be stored)
I give permission for my (TYPE OF SAMPLE) sample to be stored and used in future research but only on the same subject as the current research project : [give name of current research]
I give my permission for my [TYPE OF SAMPLE] sample to be stored and used in future research of any type which has been properly approved
I give permission for my [TYPE OF SAMPLE] sample to be stored and used in future research except for research about [NAME TYPE OF RESEARCH]
I want my identity to be removed from my (TYPE OF SAMPLE) sample.
I want my identity to be kept with my (TYPE OF SAMPLE) sample.
This is the meat of a sample storage informed consent, and electronic systems that need to manage that consent will need to store it in the originally-agreed to form that was signed (such as a scanned PDF), but also in a form that can be acted upon. They also need to allow contributors to modify (while preserving older versions) and revoke consent, and other people need to be able to verify that the consent was actually given. This generally needs to occur regardless of how the consent is represented, but some forms are easier to manage than others.
1. Alternate Representations of Consent
In many cases, the information stored in a database will be represented differently than the document that was actually signed and scanned into the computer. Even if the agreement was signed electronically, the text of the document will be very different from the records stored in a database. These are alternative manifestations of the same expression, that is, there are multiple ways of creating a physical pattern, whether it is a set of paper, bits on disk, or records in a database. Systems that deal with representing consent documents in multiple formats will need to relate how these different manifestations relate to their common expressions.
2. Modification (and Revocation) of Consent
Contributors are well within their rights to modify their consent in any way, including revoking it entirely. Generally, when consented use leaves a scope, any existing uses do not have to be thrown out, but further use of that contribution for that purpose can’t proceed. As as result of this, consent document management systems need to be able to track how different versions (expressions of content) of a consent document relate to the document regardless of version, or work. This implicit hierarchy of manifestation, expression, and work, is well-supported using the Functional Requirements for Bibliographic Records (FRBR). I have helped to map FRBR for use in describing electronic information resources as well, and we mapped that hierarchy onto the W3C’s Provenance Ontology, PROV-O, creating a new model called Functional Requirements for Information Resources (FRIR), to create provenance traces for accessing information from the web. The FRIR framework allows for revision and revocation of all sorts of information resources through a combination of FRBR and PROV.
3. Cryptographic Validation
Validation of consent documents is often left out of biospecimen management systems because those systems use an honest broker policy - it is assumed that data entered into the system is trusted to be true and the person who entered that data is an inherently honest person. This is not strictly necessary, and in many cases undesirable. Fortunately, the FRIR allows for the creation of cryptographically secure identifiers for expressions and manifestations. It would therefore be possible to check that the electronic signatures that were collected actually match up to the content stored in the database.
We are working on a system that makes management of consent documents easy and transparent, where older versions of consent are recorded, but not used to compute what has been consented to, and where users can cryptographically sign consent forms and researchers can prove that their use of any given contribution was consented to at the time of use. This will reduce the need to trust information systems that may be managed by organizations that do not necessarily have the contributor’s best interests in mind when they attempt to use their contributions.