4
Life Science Data Governance in Practice

The fourth workshop, held on June 8, 2023, focused on eliciting real-world experiences with data governance in the context of life science research in Kazakhstan, Kyrgyzstan, Uzbekistan, and Tajikistan. Additionally, the workshop explored practical approaches to informing data management and governance. Trisha Tucholski, U.S. National Academies of Sciences, Engineering, and Medicine, and Lusine Poghosyan, Columbia University (United States), opened the workshop by reviewing definitions of several key terms and concepts relevant to the workshop series.

Pointing to a recently published paper on the topic, Tucholski defined data governance as “the principles, procedures, frameworks, and policies that ensure acceptable and responsible processing of data at each stage of the data life cycle . . . [to] maintain data integrity, quality, availability, accessibility, usability, and security and define data controllership (also known as stewardship)” (Eke et al., 2022, p. 600-601). Each stage of the data life cycle—including data collection, storage, processing, curation, sharing, application and use, and deletion—has unique considerations that impact data governance (Figure 1). For instance, during data collection, researchers consider whether informed consent has been obtained to share and use the data, whether biases exist for sampling, and whether there are legal and regulatory differences that affect sharing the data between localities. During data storage, researchers consider how long data should be preserved, who owns the rights to the data, who pays for data storage, and how to minimize risks of data leaks as technology changes over time. In the application and use of data, researchers consider how to communicate incidental findings that pertain to the health of study participants, how to ensure that the minimal amount of data is used to minimize risk to participants, how

to ensure data are not misused, and how to ensure data are used responsibly for civil and military applications or for economic gain (Eke et al., 2022).

Tucholski also drew a distinction between the concepts of data management and data governance. Data management is the technical and practical implementation of data governance, which by itself is just documentation, akin to a recipe that results in food through the act of cooking (Everett, 2023). Therefore, to be useful to researchers, data governance policies must be translatable to real-life situations, she said. Frameworks such as the FAIR (Findability, Accessibility, Interoperability, Reusability) guidelines, along with governmental regulations and ethical principles, have been constructed to help ensure equitable access to and benefits from science and innovation.

The workshop aimed to review existing policies, practices, and norms related to sharing and protecting life science data in Kazakhstan, Kyrgyzstan, Uzbekistan, and Tajikistan; discuss their challenges; understand how they translate to real-life field, clinic, and laboratory work; and explore improvements to maximize safe data sharing with multiple stakeholders.

LIFE SCIENCE DATA GOVERNANCE IN CENTRAL ASIA

Tucholski moderated a discussion of the laws and policies applicable to data sharing and protection in Kazakhstan, Kyrgyzstan, Uzbekistan, and Tajikistan.

Ensuring Information Security in Kyrgyzstan

Damira Ashiralieva, National Scientific-Practical Center, Ministry of Health of Kyrgyzstan, discussed the importance of data security broadly, as well as the specific structures that support data security and data governance in Kyrgyzstan. Information security involves several immutable principles, she said, including professional independence, impartiality and objectivity, accuracy and reliability, consistency, clarity and transparency, statistical confidentiality, and relevance. Supporting these principles is central to protecting confidentiality, integrity, and accessibility in science.

The Constitution of Kyrgyzstan and a variety of organizations and laws describe and regulate not only information security but also data governance principles and the right to research, access, receive, and disseminate information. For example, the National Statistical Committee has a communication strategy for improving data dissemination, receipt, and storage. This structure helps to ensure that data are available, authentic, deidentified, and distributed to users in a relevant, timely, objective, accessible, and confidential manner. In addition, the Ministry of Digital Development is launching a database to improve communication, cooperation, data management, efficiency, and information protection for the public, government, and research institutions. The Law on Electronic Governance defines the rights, protections, access, and obligations of the information owner, and the Law on the Conflict of Interest prioritizes public interests and national security, ensures transparency and control, and emphasizes personal responsibility and liability. Other laws cover personal information, biometric registration, and cybersecurity strategies.

Kyrgyzstan, which has a mandatory medical insurance fund, is also creating a modernized, central eHealth hub for its citizens based on the data governance principles of legality, immutability, personalization, verification, and traceability. Access and authori-

zation are treated very carefully within this framework, Ashiralieva said, and research conducted using repository data is coordinated through the National Ethical Committee to rule out conflicts of interest and ensure legal compliance.

Despite these structures, Kyrgyzstan still faces many information security challenges. One important gap is that data are often not available quickly enough to inform decision-making, Ashiralieva said. To address this, she suggested, the country would need more well-qualified staff and improved coordination between the public administration and socioeconomic spheres.

Biological Data Sharing in Uzbekistan

Shakhlo Turdikulova, Ministry of Higher Education, Science, and Innovation and Center for Advanced Technologies (Uzbekistan), described practices and rules involved in biological data sharing in Uzbekistan. As many workshop participants pointed out, technology is generating huge amounts of life science data that hold great potential to advance biology and medicine but also create a need for proper data handling, sharing, and protection, Turdikulova said. Recognizing the importance of life science research to advance the nation’s economic prospects, the government of Uzbekistan has made significant investments in scientific centers, universities, and research clinics. Two recent presidential decrees—to improve educational quality and performance in chemistry and biology, and to develop and improve biotechnologies and biological safety systems—also support this work.

Uzbekistan’s National Council on Biological Safety is charged with protecting life science data throughout its entire life cycle, and the country is in the process of developing policies, practices, and norms on sharing and protecting biological data. The work has been challenging, Turdikulova noted, but proper planning, related to the collection, storage, sharing, and preservation of research data improves the efficacy, transparency, and dependability of research results. Appropriate forethought is necessary to support regulatory compliance, delineate the responsibilities of involved parties, and ensure that data are securely managed to prevent loss or misuse, she said. In addition, Turdikulova posited that researchers who adopt good data management practices can increase their visibility and influence.

Uzbekistan also prioritizes data sharing, open science, and international collaboration to improve upon its domestic expertise. On the premise that data should be secured, but not restricted, the government of Uzbekistan hopes to establish a Central Asian Genomic Center, an open access platform for plant, animal, and human genomic data like the One Health Initiative of the World Health Organization (WHO).

Looking ahead, Turdikulova identified several key priorities for further enhancing data sharing and data governance in Uzbekistan. First, she said that artificial intelligence techniques are needed to extract insights quickly and accurately from increasingly large and complex datasets; accelerate scientific discovery; and improve the overall understanding of science’s most fundamental questions. Incorporating artificial intelligence has been a challenge, but Turdikulova said that the government is committed to supplying the needed specialists, infrastructure, and funds. In addition, she suggested that Uzbekistan needs a more robust digital data management infrastructure to properly store, share, and protect life science data, complemented by stronger regulations and guidelines around data privacy, informed consent, property rights, and ownership. Finally, she said that advancing

progress in these areas will require coordination and cooperation among researchers, institutions, and governmental organizations.

Biological Data Sharing in Tajikistan

Zulfiya Davlyatnazarova, Institute of Botany, Plant Physiology, and Genetics of the Tajikistan National Academy of Sciences, described the research environment in Tajikistan and several data protection laws that affect research practices there. The country’s Law on Protection of Personal Data; Law on Ensuring Biological Safety, Biological Security, and Biological Protection; and Law on Genetic Resources establish frameworks for data collection, management, and use of individual data, as well as of biological and genomic research, to protect Tajikistan’s unique biodiversity resources. The country also has a Healthcare Code for protecting patients’ rights.

Scientific research in Tajikistan starts with a proposal, hypothesis, and goal setting; following this, resources, collaborations, and funding are established, and data are collected and analyzed, Davlyatnazarova said. The results are published, typically in Russian and Tajik, with English summaries. Although some data are classified, which confers access limitations, Davlyatnazarova said that most research is open and internationally available and accessible.

International collaborations are an important part of research in Tajikistan, Davlyatnazarova continued, and the country has worked with researchers in China, Japan, and Norway, as well as with the Global Biodiversity Information Facility. Tajikistan shares its genetic data in accordance with national laws, the Nagoya Protocol, and international frameworks to prevent unintended or malicious data use. However, Davlyatnazarova noted, researchers from Tajikistan can find it difficult to obtain the documentation and government approval that international collaborations require. She added that preventing unauthorized access to data, such as taking seeds or genetic materials without permission, is one challenge Tajikistan is attempting to address through clear definitions of what protections certain data types need so that they can be shared securely.

LIFE SCIENCE DATA GOVERNANCE IN PRACTICE

Rita Guenther, U.S. National Academies, moderated a discussion among experts examining how existing policies, practices, and norms translate to real-life scenarios in the field, in clinics, and in laboratories in Central Asia. The panelists—who included Pavel Tarlykov, National Center for Biotechnology (Kazakhstan); Eastwood Leung, International University of Central Asia (Kyrgyzstan); and Elmira Utegenova, Scientific and Practical Centre for Sanitary-Epidemiological Expertise and Monitoring (Kazakhstan)—also explored how existing data governance policies, practices, and norms could be improved or standardized to optimize data sharing.

Tarlykov highlighted the connections between data sharing and the funding mechanisms that support life science research. Like many scientists in Kazakhstan, he depends on research funding from the Kazakhstan Ministry of Science and Higher Education, which requires that research results be published in journals that in turn require data sharing. Furthermore, the national Ethics Committee ensures that proper data management, including deidentification, is in place before funding is granted. If data are collected or shared incorrectly, the research is unpublishable. Tarlykov said that researchers from Kazakhstan com-

monly use international repositories, such as the National Center for Biotechnology Information and the European Nucleotide Archive, although he noted that Kazakhstan lacks the specialists needed to perform appropriate quality controls.

Utegenova said that in her view, unauthorized access is not a major problem in Kazakhstan. For example, at the National Reference Laboratory for Control of Viral Infections, every sample undergoes ciphering that follows international best practices and protocols. While the effort is ongoing, she said she has not experienced any serious breaches, whether transferring data within Kazakhstan or externally with researchers in other countries or the WHO. She noted that there could be ethical issues if the data are used without referencing the original source, however. She also added that for Kazakhstan to launch a timely, cross-disciplinary response to novel infections, the country needs an improved data exchange platform with appropriate access and sharing protocols.

Leung stated that in Kyrgyzstan, resources are also very limited, and research is expensive. He stressed the importance of establishing consensus on proper procedures before any experimentation begins so that research can proceed in the most efficient way possible. Leung noted that for international collaborations, it is important for the security at every data center to be checked to ensure that the proper jurisdictional procedures and data governance standards are followed, and while work is done increasingly in the cloud, results can also be downloaded onto local servers. Overall, following General Data Protection Regulation stipulations for data transfers would help to address issues of unauthorized access, Leung noted.

SUMMARY

The workshop illuminated a range of existing biological data sharing policies, practices, and protections in Kazakhstan, Kyrgyzstan, Uzbekistan, and Tajikistan. Several participants emphasized the importance of improved coordination, education, infrastructure, and collaboration; described challenges in data availability, expertise acquisition, and unauthorized access; and stressed the importance of following international frameworks and agreements.