A five-safes approach to a secure and scalable genomics data repository

Chih Chuan Shih; Jieqi Chen; Ai Shan Lee; Nicolas Bertin; Maxime Hebrard; Chiea Chuen Khor; Zheng Li; Joanna Hui Juan Tan; Wee Yang Meah; Su Qin Peh; Shi Qi Mok; Kar Seng Sim; Jianjun Liu; Ling Wang; Eleanor Wong; Jingmei Li; Aung Tin; Ching-Yu Cheng; Chew-Kiat Heng; Jian-Min Yuan; Woon-Puay Koh; Seang Mei Saw; Yechiel Friedlander; Xueling Sim; Jin Fang Chai; Yap Seng Chong; Sonia Davila; Liuh Ling Goh; Eng Sing Lee; Tien Yin Wong; Neerja Karnani; Khai Pang Leong; Khung Keong Yeo; John C Chambers; Su Chi Lim; Rick Siow Mong Goh; Patrick Tan; Rajkumar Dorajoo

doi:10.1016/j.isci.2023.106546

A five-safes approach to a secure and scalable genomics data repository

iScience. 2023 Mar 31;26(4):106546. doi: 10.1016/j.isci.2023.106546. eCollection 2023 Apr 21.

Authors

Chih Chuan Shih¹, Jieqi Chen¹, Ai Shan Lee¹, Nicolas Bertin¹, Maxime Hebrard¹, Chiea Chuen Khor^{1

2}, Zheng Li¹, Joanna Hui Juan Tan¹, Wee Yang Meah¹, Su Qin Peh¹, Shi Qi Mok¹, Kar Seng Sim¹, Jianjun Liu^{1

3}, Ling Wang¹, Eleanor Wong¹, Jingmei Li¹, Aung Tin^{2

3

4

5}, Ching-Yu Cheng^{2

4}, Chew-Kiat Heng^{6

7}, Jian-Min Yuan^{8

9}, Woon-Puay Koh^{10

11}, Seang Mei Saw^{2

4

12}, Yechiel Friedlander¹³, Xueling Sim¹², Jin Fang Chai¹², Yap Seng Chong^{3

11}, Sonia Davila¹⁴, Liuh Ling Goh¹⁵, Eng Sing Lee^{16

17}, Tien Yin Wong^{2

4

5}, Neerja Karnani^{11

18}, Khai Pang Leong¹⁹, Khung Keong Yeo^{4

14

20}, John C Chambers^{21

17

22}, Su Chi Lim^{12

17

23

24}, Rick Siow Mong Goh²⁵, Patrick Tan^{1

4

21

26}, Rajkumar Dorajoo^{1

4}

Affiliations

¹ Genome Institute of Singapore (GIS), Agency for Science, Technology and Research (A∗STAR), 60 Biopolis Street, Genome #02-01, Singapore 138672, Republic of Singapore.
² Singapore Eye Research Institute, Singapore National Eye Centre, Singapore, Republic of Singapore.
³ Yong Loo Lin School of Medicine, National University of Singapore, Singapore, Republic of Singapore.
⁴ Duke-NUS Medical School, Singapore, Republic of Singapore.
⁵ Singapore National Eye Centre, Singapore, Republic of Singapore.
⁶ Department of Paediatrics, Yong Loo Lin School of Medicine, National University of Singapore, Singapore, Republic of Singapore.
⁷ Khoo Teck Puat - National University Children's Medical Institute, National University Health System, Singapore, Republic of Singapore.
⁸ Department of Epidemiology, Graduate School of Public Health, University of Pittsburgh, Pittsburgh, PA, USA.
⁹ UPMC Hillman Cancer Center, University of Pittsburgh, Pittsburgh, PA, USA.
¹⁰ Healthy Longevity Translational Research Programme, Yong Loo Lin School of Medicine, National University of Singapore, Singapore, Republic of Singapore.
¹¹ Singapore Institute for Clinical Sciences (SICS), Agency for Science, Technology and Research (A∗STAR), Brenner Centre for Molecular Medicine, 30 Medical Drive, Singapore 117609, Republic of Singapore.
¹² Saw Swee Hock School of Public Health, National University of Singapore, Singapore, Republic of Singapore.
¹³ Braun School of Public Health, Hebrew University of Jerusalem, Jerusalem, Israel.
¹⁴ SingHealth Duke-NUS Institute of Precision Medicine, Singapore, Republic of Singapore.
¹⁵ Molecular Diagnostic Laboratory, Tan Tock Seng Hospital, Singapore, Republic of Singapore.
¹⁶ Clinical Research Unit, National Healthcare Group Polyclinics, Singapore, Republic of Singapore.
¹⁷ Lee Kong Chian School of Medicine, Nanyang Technological University, Singapore, Republic of Singapore.
¹⁸ Bioinformatics Institute (BII), Agency for Science, Technology and Research (A∗STAR), 30 Biopolis Street, Matrix #07-01, Singapore 138671, Republic of Singapore.
¹⁹ Personalised Medicine Service, Tan Tock Seng Hospital, Singapore, Republic of Singapore.
²⁰ Department of Cardiology, National Heart Centre Singapore, Singapore, Republic of Singapore.
²¹ Precision Health Research, Singapore, Republic of Singapore.
²² School of Public Health, Imperial College London, London, UK.
²³ Clinical Research Unit, Khoo Teck Puat Hospital, Singapore, Republic of Singapore.
²⁴ Diabetes Centre, Admiralty Medical Centre, Singapore, Republic of Singapore.
²⁵ Institute of High Performance Computing (IHPC), Agency for Science, Technology and Research (A∗STAR), 1 Fusionopolis Way, #16-16 Connexis (North Tower), Singapore 138632, Republic of Singapore.
²⁶ Cancer Science Institute of Singapore, National University of Singapore, Singapore, Republic of Singapore.

Abstract

Genomic researchers increasingly utilize commercial cloud service providers (CSPs) to manage data and analytics needs. CSPs allow researchers to grow Information Technology (IT) infrastructure on demand to overcome bottlenecks when combining large datasets. However, without adequate security controls, the risk of unauthorized access may be higher for data stored on the cloud. Additionally, regulators are mandating data access patterns and specific security protocols for the storage and use of genomic data. While CSP provides tools for security and regulatory compliance, building the necessary controls required for cloud solutions is not trivial. Research Assets Provisioning and Tracking Online Repository (RAPTOR) by the Genome Institute of Singapore is a cloud-native genomics data repository and analytics platform that implements a "five-safes" framework to provide security and governance controls to data contributors and users, leveraging CSP for sharing and analysis of genomic datasets without the risk of security breaches or running afoul of regulations.

Keywords: Data encryption; Data storage representation; Genomics.