Learn how GA4GH helps expand responsible genomic data use to benefit human health.
Learn how GA4GH helps expand responsible genomic data use to benefit human health.
Our Strategic Road Map defines strategies, standards, and policy frameworks to support responsible global use of genomic and related health data.
Discover how a meeting of 50 leaders in genomics and medicine led to an alliance uniting more than 5,000 individuals and organisations to benefit human health.
GA4GH Inc. is a not-for-profit organisation that supports the global GA4GH community.
To guide our collaborative, globe-spanning alliance, GA4GH relies on a Standards Steering Committee and an Executive Committee.
The Funders Forum brings together organisations that offer both financial support and strategic guidance.
The EDI Advisory Group responds to issues raised in the GA4GH community, finding equitable, inclusive ways to build products that benefit diverse groups.
Distributed across four Host Institutions, our staff team supports the mission and operations of GA4GH.
Curious who we are? Meet the people and organisations across six continents who make up GA4GH.
More than 500 organisations connected to genomics — in healthcare, research, patient advocacy, industry, and beyond — have signed onto the mission and vision of GA4GH as Organisational Members.
These core Organisational Members are genomic data initiatives that have committed resources to guide GA4GH work and pilot our products.
This subset of Organisational Members whose networks or infrastructure align with GA4GH priorities has made a long-term commitment to engaging with our community.
Local and national organisations assign experts to spend at least 30% of their time building GA4GH products.
Anyone working in genomics and related fields is invited to participate in our inclusive community by creating and using new products.
Wondering what GA4GH does? Learn how we find and overcome challenges to expanding responsible genomic data use for the benefit of human health.
Study Groups define needs. Participants survey the landscape of the genomics and health community and determine whether GA4GH can help.
Work Streams create products. Community members join together to develop technical standards, policy frameworks, and policy tools that overcome hurdles to international genomic data use.
GIF solves problems. Organisations in the forum pilot GA4GH products in real-world situations. Along the way, they troubleshoot products, suggest updates, and flag additional needs.
NIF finds challenges and opportunities in genomics at a global scale. National programmes meet to share best practices, avoid incompatabilities, and help translate genomics into benefits for human health.
Communities of Interest find challenges and opportunities in areas such as rare disease, cancer, and infectious disease. Participants pinpoint real-world problems that would benefit from broad data use.
See all our products — always free and open-source. Do you work on cloud genomics, data discovery, user access, data security or regulatory policy and ethics? Need to represent genomic, phenotypic, or clinical data? We’ve got a solution for you.
All GA4GH standards, frameworks, and tools follow the Product Development and Approval Process before being officially adopted.
Learn how other organisations have implemented GA4GH products to solve real-world problems.
Help us transform the future of genomic data use! See how GA4GH can benefit you — whether you’re using our products, writing our standards, subscribing to a newsletter, or more.
Help create new global standards and frameworks for responsible genomic data use.
Align your organisation with the GA4GH mission and vision.
Solve your real-world data problems with support from this valuable network of global institutions.
Work with like-minded groups committed to better data use in areas like rare disease, cancer, and infectious disease.
Share your thoughts on all GA4GH products currently open for public comment.
Solve real problems by aligning your organisation with the world’s genomics standards. We offer software dvelopers both customisable and out-of-the-box solutions to help you get started.
Learn more about upcoming GA4GH events. See reports and recordings from our past events.
Speak directly to the global genomics and health community while supporting GA4GH strategy.
Be the first to hear about the latest GA4GH products, upcoming meetings, new initiatives, and more.
Questions? We would love to hear from you.
Read news, stories, and insights from the forefront of genomic and clinical data use.
Attend an upcoming GA4GH event, or view meeting reports from past events.
See new projects, updates, and calls for support from the Work Streams.
Read academic papers coauthored by GA4GH contributors.
Listen to our podcast OmicsXchange, featuring discussions from leaders in the world of genomics, health, and data sharing.
Check out our videos, then subscribe to our YouTube channel for more content.
View the latest GA4GH updates, Genomics and Health News, Implementation Notes, GDPR Briefs, and more.
Discover all things GA4GH: explore our news, events, videos, podcasts, announcements, publications, and newsletters.
22 Oct 2019
The Data Security Infrastructure Policy (DSIP) was developed as a foundational policy of the Global Alliance for Genomics and Health (GA4GH) by the Data Security Work Stream to facilitate the responsible sharing and processing of genomic data.
Image Credit: Stephanie Li, GA4GH
Trust is necessary for effective, responsible genomic data sharing. But without a safe, robust, and trustworthy technology infrastructure, it is difficult for stakeholders to trust one another, for users to trust the platforms within which standards are implemented, and for patients and participants to trust their personal data will be handled responsibly and respectfully.
The Data Security Infrastructure Policy (DSIP) was developed as a foundational policy of the Global Alliance for Genomics and Health (GA4GH) by the Data Security Work Stream to facilitate the responsible sharing and processing of genomic data. Originally published in 2014, the DSIP outlines basic security best practices for standards development and implementation within the GA4GH ecosystem. The GA4GH Steering Committee has now approved an updated version of the document, which provides guidelines for safely and securely handling sensitive information.
The DSIP was developed in accordance with the Framework for Responsible Sharing of Genomic and Health-Related Data, and is updated periodically as the needs and innovations in genomic data sharing change. As with all GA4GH standards, the DSIP is focused on forming a foundation of trust in the genomics and health data sharing community.
“This standard isn’t a physical or functional implementation,” said Dixie Baker, primary author of the original document. “Rather, it is a set of recommended best practices and security standards to guide the implementation and operation of a trustworthy and federated environment for sharing data and genomic standards.”
The most recent update defines the roles and responsibilities GA4GH stakeholders play in maintaining security technology best practices. By defining and differentiating between data contributors, controllers, and processors, the authors of the DSIP were able to clarify comprehensive and specific responsibilities of each entity in ensuring a trustworthy community for data sharing and data processing.
“GA4GH Work Stream contributors rely on a set of common data security values and expectations to ensure the standards produced will interoperate within the overarching GA4GH ecosystem,” said Jean Pierre Hubaux, co-lead of the GA4GH Data Security Work Stream and lead on the DSIP revision.
The DSIP holds developers to a high caliber; it outlines protocols for typical security technologies—authentication, authorization, access control, and audit—but also helps developers build systems that are durable against threats to data integrity, confidentiality, and service availability. “This framework underlies every standard developed by GA4GH contributors,” said Hubaux, who is a full professor in the Laboratory for Data Security at L’Ecole Polytechnique Fédérale de Lausanne (EPFL).
Designed in response to risks of data breach, unwarranted destruction of data, disrupted access, and other unethical or illegal actions against data security controls, the DSIP provides recommendations for appropriate responses on behalf of each defined stakeholder.
“We view the DSIP as a list of suggestions for maximizing the security of GA4GH standards,” said David Bernick, co-lead of the DSWS and an author on the DSIP V4.0, who is the Data Security Officer at the Broad Institute of MIT and Harvard.
While the DSIP was written with GA4GH standards developers in mind, the document is also pertinent to anyone using or creating software held to high security standards. The framework is closely aligned with security technology frameworks imposed by international governments and industry, but offers most value to software developers seeking an internationally standardized, genomics-centric security framework. The DSIP authors anticipate a future wherein all organizations implementing a GA4GH standard will construct their code in compliance with the DSIP framework.
Many of the GA4GH standards have already been aligned with this policy framework, such as the recently-approved Crypt4GH file format for secure data storage.
“The security framework is a good foundation on which to build GA4GH standards,” said Robert Davies, Senior Scientifc Manager at the Wellcome Sanger Institute, who contributed to the development of Crypt4GH. “Thanks to feed-back from the GA4GH Data Security Work Stream, we were able to make many improvements to our encrypted format proposal based on the DSIP as it went through the approval process.”
The DSIP is crucial to the development of standards for international genomic data sharing — a high priority of the Global Alliance for Genomics and Health — particularly because of its guidance on dealing with private, personally-identifiable information such as genomic and health-related data.
Davies said, “I would recommend anyone handling sensitive data to read the policy document, as it includes lots of useful information on handling data in a safe and secure manner.”