Ophthalmology researchers are becoming increasingly reliant on protected data sets to find new trends and enhance patient care. However, there is an inherent lack of trust in the current healthcare community ecosystem between the data custodians (i.e., health care organizations and hospitals) and data consumers (i.e., researchers and clinicians). This typically results in a manual governance approach that causes slow data accessibility for researchers due to concerns such as ensuring auditability for any authorization of data consumers, and assurance to ensure compliance with health data security standards. In this paper, we address this issue of long-drawn data accessibility by proposing a semi-automated “honest broker” framework that can be implemented in an online health application. The framework establishes trust between the data consumers and the custodians by:
1. improving the eiciency in compliance checking for data consumer requests using a risk assessment technique;
2. incorporating auditability for consumers to access protected data by including a custodian-in-the-loop only when essential; and
3. increasing the speed of large-volume data actions (such as view, copy, modify, and delete) using a popular common data model.
Via an ophthalmology case study involving an age-related cataract research use case in a community cloud testbed, we demonstrate how our solution approach can be implemented in practice to improve timely data access and secure computation of protected data for ultimately achieving data-driven eye health insights.