Cloud Security and Privacy

Aims to develop recommendations for secure and privacy-protecting use of cloud services

Large-scale distributed computing services — also known as cloud computing services — are widely used for storing and analysing genomic and health data. The use of cloud services, and outsourced services in general, poses legal, ethical, and technological challenges in terms of data transfer and processing. The GA4GH Data Security Work Stream aims to develop recommendations and guidelines — for the GA4GH Cloud Work Stream and other interested parties — that promote secure and privacy-conscious use of cloud services.

Jump to...


  • Reduces the likelihood of security vulnerabilities in Cloud Work Stream outputs
  • Signposts the key considerations for secure use of cloud services

Target users

Data custodians, developers, and security officers

Work Stream
Product Lead
  • David Bernick
Staff Contact

Community resources

Dive deeper into this product! A growing number of GA4GH research efforts rely on cloud services. The Data Security Work Stream is exploring the development of a Cloud Security and Privacy policy that will outline a common security technology framework for systematically assessing Cloud Work Stream products from a security perspective. These products help the community conduct federated analysis, enabling researchers to bring their algorithms to distributed datasets.

Don't see your name? Get in touch:

  • Dixie Baker
    Martin, Blanck and Associates
  • Jaime Delgado
    Universitat Politecnica de Catalunya (UPC)
  • Jean-Pierre Hubaux
  • Madeleine Murtagh
    University of Glasgow
  • Heidi Sofia
    NIH National Human Genome Research Institute (NHGRI)
  • Jing Su
    Wellcome Sanger Institute (WSI)
  • Adrian Thorogood
    Terry Fox Research Institute