2FA-SF: Two-Factor Assessment-Based Secure Framework for Clinically Distributed Multicenter Study

When using personal information, researchers face difficulty complying with Korea's Personal Information Protection Act. Therefore, a clinical common data model (CDM)-based research methodology for multi institutional sharing of code and statistical analysis results has been used. However, the current multi institutional CDM study environment lacks the considerations of personal information protection or institutional arrangements. Therefore, we propose a two-factor secure framework for the clinical distributed multicenter study environment. In this framework, two-factor (security status and security awareness) are considered. The security status is based on applying objective security factors and technologies to the clinically distributed multicenter study infrastructure and related systems. The security awareness is based on objective security factors for a user-oriented security application to a clinically distributed multicenter study environment. This two-factor assessment-based approach identifies objective factors for complex clinically distributed multicenter study environments, research procedures, and users, as well as applies security factors in detail. The proposed framework investigates the thoughts of users who use the CDM and are known to be safe so far. It compares and analyzes the security status of the CDM and reflects it in the framework design to enhance security and support a smooth clinical data use environment.