Also of Interest -- Title Page -- Authors -- Copyright Page -- Preface -- Table of Contents -- About the Authors -- 1 Introduction -- 2 Study Modes -- 2.1 Screening Mode - Pharmacogenetic Information for Screening -- 2.2 Pre-Unspecified Mode - Pharmacogenetic as Part of a Study -- 2.3 Possible Approaches, Summary - Clinical Trial With Genetic Part -- 2.4 Biobanks - What do we Mean by That? -- 3 Protection Masks and Procedures -- 3.1 Identified Samples/Data -- 3.2 De-identified Samples/Data -- 3.3 Anonymized Samples/Data -- 3.4 Re-identification -- 4 Coding Methods for De-identified Samples/Data -- 4.1 Single-coded Samples/Data -- 4.2 Double-coded Samples/Data -- 4.3 Triple-coded Samples/Data -- 5 Relationships Among the Protection Masks -- 6 Data Types -- 7 Anonymization -- 7.1 Basic Terms and Ideas -- 7.2 Masking -- 7.2.1 A Way to Detect Variables to be Masked -- 7.3 Discarding the Key -- 7.3.1 From Sample Collection to Sample Registration -- 7.3.2 Ethical Committee Restrictions -- 7.3.3 The Last Check Prior to Discarding the Key -- 7.3.4 What Happens When "Discarding the Key"? -- 7.4 Maintaining the Reliability of Stored Data -- 7.5 Security Measures -- 8 Validation - a Brief Introduction -- 8.1 Preliminaries -- 8.2 Basic Definitions & Terms -- 8.3 General Principles of Computer System Validation -- 8.4 Primary Validation - Specification Phase -- 8.4.1 Introduction -- 8.4.2 Preparing User Requirements -- 8.4.3 Developing - Functional Requirements -- 8.4.4 System Design Specification -- 8.4.5 Software Design Specification - System Programming -- 8.5 Primary Validation - Preparing Operational Use -- 8.5.1 Introduction -- 8.5.2 Training -- 8.5.3 Security Management -- 8.5.4 Service and Support -- 8.5.5 Monitoring -- 8.5.6 Error Handling - Problem Management -- 8.5.7 Backup and Restore Management -- 8.5.8 Archiving -- 8.5.9 Availability Management.

8.5.10 Change Control Management -- 8.5.11 Periodic Review of Computer Systems -- 8.5.12 Decommissioning of Computer Systems -- 8.6 Primary Validation - Testing Phase -- 8.6.1 Installation Qualification -- 8.6.2 Operational Qualification - Functional Testing -- 8.6.3 Performance Qualification - User Acceptance Testing -- 8.6.4 Off the Shelf Systems -- 8.6.5 Risk Analysis -- 8.6.6 Traceability of Results -- 8.6.7 Validation Report -- 9 Request Management -- 9.1 Genetic Review Board (GRB) -- 9.2 Request Specification -- 9.3 Subrequest Specification -- 9.4 Involvement of External Service Providers -- 10 Legal Requirements & Regulations -- 10.1 Basic Ideas -- 10.2 Data Protection in the European Union (EU) -- 10.3. Transfer of Personal Data to Third Countries -- 10.4 Binding Corporate Rules -- 10.5. Data Protection in the United States (U.S.) - a Brief History -- 11 Informed Consent -- 11.1 Sections Mandatory for a Genetic Informed Consent -- 11.1.1 Purpose of the Study -- 11.1.2 Introduction to Genetics -- 11.1.3 Expected Benefits to the Subject and the Community -- 11.1.4 Possible Results -- 11.1.5 Potential Risks -- 11.1.6 Storage of Samples and Derived Data -- 11.1.7 Data Protection and Data Security -- 11.1.8 Access to Personal Data -- 11.1.9 Risks if Security Measures are Breached -- 11.1.10 Withdrawal - Options and Timelines -- 11.1.11 Independent Review by Ethics Committees -- 11.1.12 Financial Compensation -- 12 Selected Data Protection & Medical Sites -- 12.1 Germany -- 12.2 Europe -- 12.3 US -- 12.4 Global Initiatives -- 13 Impact of External Services on Data Protection -- 13.1 Introduction -- 13.2 Scenario 1 - Using GDI Throughout -- 13.3 Scenario 2 - Replacing GDI by nGDI Upon Sample Registration, Performed by regCRO -- 13.4 Scenario 3 - Replacing GDI by nGDI Upon Sample Registration, Performed by Sponsor.

13.5 Scenario 4 - Sample Registration by CRO, Proprietary Labeling with CROSID -- 13.6 Scenario 5 - Barcoded Label bSID at Study Site -- 13.7 Overall Summary -- 13.8 External Statistical Evaluation -- 13.9 External Biobanking -- 14 Practical Approach to Clinical Trials with SupplementaryGenetic Parts -- 14.1 Introduction -- 14.2 Overall Project Topology -- 14.3 Checklist - Trial Set-up -- 14.4 Checklist - System Topology -- 14.5 Checklist - Sample Management -- 14.6 Checklist - ICs, Ethics Committees Restrictions -- 14.7 Checklist - Anonymization -- 14.8 Checklist - Statistical Evaluation -- Appendix -- 15 Appendix 1: Data Protection in the European Union -- 15.1 Council of Europe (COE) -- 15.2 EU Privacy Directive - Definitions -- 15.3 Tasks of the Article 29 Data Protection Working Party -- 16 Appendix 2: Data Types -- 16.1 EU Privacy Directive (October 24, 1995) -- 16.2 Council of Europe (COE) Definition of Data Types -- 16.3 Federal Data Protection Act (GER) as of 1. Jan. 2003 -- 17 Appendix 3: Protection Masks -- 17.1 EMA definition of anonymous sample/data -- 17.2 Germany -- 17.2.1 Anonymization (Rendering anonymous) and De-Identification (Aliasing) -- 17.2.2 Further Recommendations, not yet Regulations -- 17.3 Spain -- 17.4 US -- 17.4.1 William W. Lowrance, Privacy and Health Research -- 17.4.2 HIPAA Privacy Rules -- 17.4.3 Summary of the HIPAA Privacy Rule -- 17.4.4 General Principles in the context health research -- 18 Appendix 4: Informed Consent (IC) -- 18.1 The Nuremberg Code -- 18.2 EU Privacy Directive (October 24, 1995) -- 18.3 COE - Rec No. R (97) 5, Explanatory Memorandum to Rec (97) 5 -- 18.3.1 5. Information of the data subject -- 18.3.2 6. Consent -- 18.3.3 7. Communication -- 18.3.4 8. Rights of the data subject -- 18.3.5 12. Scientific Research -- 18.4 Oviedo Convention.

18.5 UNESCO Universal Declaration on Bioethics and Human Rights -- 18.6 Key Issues in Informed Consent for Pharmacogenomics Research -- 18.7 International Declaration On Human Genetic Data -- 18.8 CIOMS - Ethical Guidelines for Biomedical Research -- 18.9 Human Genetic Examination Act (Genetic Diagnosis Act - GenDG) -- 19 Appendix 5: Security -- 19.1 EU Privacy Directive (October 24, 1995) -- 19.2 Federal Data Protection Act (Germany) -- 19.3 Council of Europe Recommendation No. R (97) 5 -- 19.4 US - Privacy Act of 1974 (Comments from William W. Lowrance, cf. (42)) -- 19.5 Safe Harbor Privacy Principles (2000) -- 19.6 UN - ICCPR International Covenant on Civil and Political Rights -- 20 Abbreviations -- 21 References -- Index.