Learn how GA4GH helps expand responsible genomic data use to benefit human health.
Learn how GA4GH helps expand responsible genomic data use to benefit human health.
Our Strategic Road Map defines strategies, standards, and policy frameworks to support responsible global use of genomic and related health data.
Discover how a meeting of 50 leaders in genomics and medicine led to an alliance uniting more than 5,000 individuals and organisations to benefit human health.
GA4GH Inc. is a not-for-profit organisation that supports the global GA4GH community.
To guide our collaborative, globe-spanning alliance, GA4GH relies on a Standards Steering Committee and an Executive Committee.
The Funders Forum brings together organisations that offer both financial support and strategic guidance.
The EDI Advisory Group responds to issues raised in the GA4GH community, finding equitable, inclusive ways to build products that benefit diverse groups.
Distributed across four Host Institutions, our staff team supports the mission and operations of GA4GH.
Curious who we are? Meet the people and organisations across six continents who make up GA4GH.
More than 500 organisations connected to genomics — in healthcare, research, patient advocacy, industry, and beyond — have signed onto the mission and vision of GA4GH as Organisational Members.
These core Organisational Members are genomic data initiatives that have committed resources to guide GA4GH work and pilot our products.
This subset of Organisational Members whose networks or infrastructure align with GA4GH priorities has made a long-term commitment to engaging with our community.
Local and national organisations assign experts to spend at least 30% of their time building GA4GH products.
Anyone working in genomics and related fields is invited to participate in our inclusive community by creating and using new products.
Wondering what GA4GH does? Learn how we find and overcome challenges to expanding responsible genomic data use for the benefit of human health.
Study Groups define needs. Participants survey the landscape of the genomics and health community and determine whether GA4GH can help.
Work Streams create products. Community members join together to develop technical standards, policy frameworks, and policy tools that overcome hurdles to international genomic data use.
GIF solves problems. Organisations in the forum pilot GA4GH products in real-world situations. Along the way, they troubleshoot products, suggest updates, and flag additional needs.
NIF finds challenges and opportunities in genomics at a global scale. National programmes meet to share best practices, avoid incompatabilities, and help translate genomics into benefits for human health.
Communities of Interest find challenges and opportunities in areas such as rare disease, cancer, and infectious disease. Participants pinpoint real-world problems that would benefit from broad data use.
See all our products — always free and open-source. Do you work on cloud genomics, data discovery, user access, data security or regulatory policy and ethics? Need to represent genomic, phenotypic, or clinical data? We’ve got a solution for you.
All GA4GH standards, frameworks, and tools follow the Product Development and Approval Process before being officially adopted.
Learn how other organisations have implemented GA4GH products to solve real-world problems.
Help us transform the future of genomic data use! See how GA4GH can benefit you — whether you’re using our products, writing our standards, subscribing to a newsletter, or more.
Help create new global standards and frameworks for responsible genomic data use.
Align your organisation with the GA4GH mission and vision.
Solve your real-world data problems with support from this valuable network of global institutions.
Work with like-minded groups committed to better data use in areas like rare disease, cancer, and infectious disease.
Share your thoughts on all GA4GH products currently open for public comment.
Solve real problems by aligning your organisation with the world’s genomics standards. We offer software dvelopers both customisable and out-of-the-box solutions to help you get started.
Learn more about upcoming GA4GH events. See reports and recordings from our past events.
Speak directly to the global genomics and health community while supporting GA4GH strategy.
Be the first to hear about the latest GA4GH products, upcoming meetings, new initiatives, and more.
Questions? We would love to hear from you.
Read news, stories, and insights from the forefront of genomic and clinical data use.
Attend an upcoming GA4GH event, or view meeting reports from past events.
See new projects, updates, and calls for support from the Work Streams.
Read academic papers coauthored by GA4GH contributors.
Listen to our podcast OmicsXchange, featuring discussions from leaders in the world of genomics, health, and data sharing.
Check out our videos, then subscribe to our YouTube channel for more content.
View the latest GA4GH updates, Genomics and Health News, Implementation Notes, GDPR Briefs, and more.
Discover all things GA4GH: explore our news, events, videos, podcasts, announcements, publications, and newsletters.
7 Apr 2017
In a paper recently published in the Journal of the American Medical Information Association, a team of GA4GH security experts put forth three new strategies for mitigating the risks of cyber attacks on Beacon datasets.
In the United States in 2015, the number one target for cyber-attackers was health data. While that number is shrinking thanks to efforts by the security and privacy research community, health data are still a very common target of cyber-attacks. “Maybe not for the health information per se, but for the identity information they contain,” said Dixie Baker, co-chair of the GA4GH Security Working Group (SWG) and a partner at Martin, Blanck and Associates. “Genomic data are identity data,” she said. That’s why it’s incredibly important that, as it moves forward in its mission to advance data sharing, GA4GH takes great care to develop solutions that protect participants’ privacy and security.
In a paper recently published in the Journal of the American Medical Information Association, Baker and a team of GA4GH volunteers led by genomics security expert Jean-Pierre Hubaux put forth three new strategies for mitigating the risks of cyber attacks on Beacon datasets.
Beacon is a GA4GH demonstration project which offers a lightweight approach to determining whether a dataset contains a particular allele of interest. While the approach inherently limits the risk of sensitive information being leaked, there are still theoretical opportunities for an attacker to verify that an individual’s data are included in a Beacon and thereby infer characteristics associated with that dataset. Such attacks depend on the adversary already having access to genomic information about an individual or a close relative.
“Attacks like these are unlikely in practice,” said Paul Flicek, SWG co-chair and Head of Genes, Genomes and Variation Resources at European Bioinformatics Institute. “If you have someone’s whole genome, it is unlikely that your first or even your fiftieth point of call would be a Beacon, but that doesn’t mean that it’s impossible. And therefore we should be realistic about understanding what the risks are and where the limits of the risks are.”
The work is the result of an international collaboration among volunteer security experts around the globe who have dedicated their time to the GA4GH SWG. The SWG is currently expanding and actively recruiting new volunteer members.
Each mitigation strategy tackles the problem from a different angle, and together they provide Beacon owners a collection of solutions to choose from when determining how best to secure their particular datasets, said Hubaux, a professor of computer science at École Polytechnique Fédérale de Lausanne.
For instance, using one strategy, the Beacon would respond with a “yes” to the question of whether an allele is contained in a Beacon only if the allele were present in two or more genomes in the dataset. This approach would work well for many Beacons, as it introduces noise into the original data and significantly decreases the power of the attack. Another approach uses a privacy budget that tracks the information disclosed about each individual in the data set.
“A Beacon for rare variants, for example, might rely on the privacy budget strategy. You would not want to limit discoverability by requiring multiple matches,” said Knox Carey, a member of the SWG and Vice President of Healthcare Initiatives at Intertrust Technologies Corporation and General Manager of it’s Genecloud project. “On the other hand, requiring multiple matches is a very simple approach that is suitable for many other data sets. Our paper proposes different models for different circumstances.”
Genomic and health-related data hold great potential to advance human health. But in order to make good on that promise, researchers need access to datasets that are larger than any single institution can collect on its own. “In the GA4GH, our mission is to make data sharing easier,” Carey said. “Our hope is that risk mitigation efforts like this will encourage even more data sharing and discovery.”
As the GA4GH expands its offerings for genomic data sharing, including evolving the Beacon project, guidance from the genomic privacy and security research community will be critical. “It is known that personalized health raises a number of security and privacy concerns,” said Hubaux. “This paper shows that it is possible to devise reasonable countermeasures, with modest overhead. It’s of particular relevance because it brings together contributions from several teams around the globe in a field that demands rigorous collaboration and coordination.”
Researchers are invited to get involved with the GA4GH Security Working Group and Beacon Project by contacting the SWG coordinator today. In addition, the 4th International Workshop on Genome Privacy and Security (GenoPri’17) will be held in Orlando, Florida, USA in October 2017 and researchers with expertise in this field are strongly encouraged to attend.
1Morgan, Steve. “Top 5 Industries At Risk Of Cyber-Attacks.” Forbes. 13 May 2016.
2 IBM Security. “IBM X-Force Threat Intelligence Index 2017.” IBM. March 2017.