A five-safes approach to a secure and scalable genomics data repository
Chih Chuan Shih, Jieqi Chen, Ai Shan Lee, Nicolas Bertin, Maxime Hebrard, Chiea Chuen Khor, Zheng Li, Joanna Tan, Wee Yang Meah, Su Qin Peh, Shi Qi Mok, Kar Seng Sim, Jianjun Liu, Ling Wang, Eleanor Wong, Jingmei Li, Tin Aung, Ching‐Yu Cheng, Chew‐Kiat Heng, Jian‐Min Yuan, Woon‐Puay Koh, Seang‐Mei Saw, Yechiel Friedlander, Xueling Sim, Jin Fang Chai, Yap Seng Chong, Sonia Dávila, Liuh Ling Goh, Eng Sing Lee, Tien Yin Wong, Neerja Karnani, Khai Pang Leong, Khung Keong Yeo, John C. Chambers, Su Chi Lim, Rick Siow Mong Goh, Patrick Tan, Rajkumar Dorajoo
Abstract
Genomic researchers increasingly utilize commercial cloud service providers (CSPs) to manage data and analytics needs. CSPs allow researchers to grow Information Technology (IT) infrastructure on demand to overcome bottlenecks when combining large datasets. However, without adequate security controls, the risk of unauthorized access may be higher for data stored on the cloud. Additionally, regulators are mandating data access patterns and specific security protocols for the storage and use of genomic data. While CSP provides tools for security and regulatory compliance, building the necessary controls required for cloud solutions is not trivial. Research Assets Provisioning and Tracking Online Repository (RAPTOR) by the Genome Institute of Singapore is a cloud-native genomics data repository and analytics platform that implements a "five-safes" framework to provide security and governance controls to data contributors and users, leveraging CSP for sharing and analysis of genomic datasets without the risk of security breaches or running afoul of regulations.