Inuvika selected to deliver secure access to the 100,000 Genomes Project
Genomics England Ltd. was established in 2013 to create a new genomic medicine service for the UK National Health Service (NHS). With the aim of enabling new scientific discoveries and medical insights, the 100,000 Genomes Project will ultimately sequence 100,000 genomes from around 70,000 NHS patients and their families with rare diseases and cancers. The project aims to enable new scientific discovery, medical insights and diagnostics. When completed, the NHS will be able to offer genomic medicine and personalized treatments to patient with conditions that are currently hard to treat. This will be achieved through the combination of genomic sequence data and patient health records. Today it is the largest national sequencing project of its kind in the world.
Genomics England is a company wholly owned by the UK Department of Health. In addition to being able to offer genomic medicine to transform the way people are cared for, it also has a mandate to kick-start the UK genomics industry. To be efficient, flexible and able to move quickly with market changes, the company is working with other organizations for sample collection, analysis and data storage. Crucially however, it maintains primary responsibility for data protection.
In 2014, Genomics England set about the design and building of a secure technology infrastructure for clinical genomics research by the contributing academic, industrial research and NHS clinical organizations. The design needed to facilitate secure data access and compute resources and define the software, interfaces and data processing resources necessary for scientific collaboration and the generation of ‘analysis ready’ datasets.
The main challenge was to provide an application environment required for the analysis and processing of genomic sequencing datasets for access to researchers and clinicians. The environment needed to meet security and patient confidentiality obligations set out by the NHS and the independent Access Review Committee of Genomics England. Researchers needed the ability to download the de-identified results of their analysis. Clinicians needed to be able to export audited data sets, such as clinical reports, but only on participants in their care. Any data leaving their systems is required to go through an ‘air-lock’, where checks are made to ensure that the data being exported is appropriate.
To ensure that no raw data could be exported, the processing and analysis of genomic data had to be entirely and securely contained within the Genomics England datacenters. The design required that system users be prevented from circumventing data policy. For example, users could not be allowed to ‘cut and paste’ raw data into their own systems. The design also required that the IT services be provided to approved academic, research and industry partners without the need to authorize, install and manage client side software.
Genomics England selected Inuvika’s Open Virtual Desktop Enterprise (OVD) platform to deliver the desktop environment, application access and management framework for the 100,000 Genomes Project. Through a “Reading Room”, users are provided with restricted, remote access to their research environment and to the de-identified datasets through the OVD HTML5 client gateway and a published Windows desktop.
No data is transferred or stored on the remote HTML5 enabled client. Only screen, mouse and keyboard data is sent over an encrypted connection. The policy based access capability of OVD ensures that no unauthorized transfer of data to the end user is possible. OVD disables connection of any client side storage devices, such as hard drives and USB storage, in addition to any cut and paste capabilities.
“We selected Inuvika’s Open Virtual Desktop for its ability to support the Windows and Linux app requirements of our research environment while being able to ‘airlock’ the project data securely within our datacentres.” said David Brown, Head of Informatics Infrastructure. “With no need to install client software on a user’s local device and no requirement for firewall intervention on remote client sites it makes secure access for researchers, clinicians, academia and data providers very simple.”