How We Manage Antimicrobial Resistance Data

December 20th, 2024

At the Australian e-Health Research Centre (AEHRC), antimicrobial resistance (AMR) data from external pathology providers is managed with a focus on security, integrity, and ethical standards. Robust cybersecurity measures and rigorous protocols ensure the data reliably supports accurate AMR surveillance and foster trust among stakeholders. This facilitates informed decisions in research, policy, and clinical practice to address one of public health’s most pressing challenges. 

Data Custodians

Currently, antibiotic susceptibility data is supplied to the HOTspots surveillance and response program by major pathology providers across northern Australia. These providers contribute data on clinical specimens tested for antimicrobial susceptibility during the surveillance period. 

The data providers use two internationally recognised systems for susceptibility testing: VITEK2 and disc diffusion testing. Both systems comply with standards from the Clinical and Laboratory Standards Institute (CLSI) and the European Committee on Antimicrobial Susceptibility Testing (EUCAST). The test results are securely transmitted to the data management team through our online portal. 

The Data

To understand AMR in Australia, HOTspots collect antimicrobial susceptibility data on both invasive and non-invasive isolates of key bacterial species, including:

 A. baumannii, E. coli, E. faecalis, E. faecium, K. pneumoniae, P. aeruginosa, S. aureus, S. pneumoniae, and S. pyogenes.

Data Privacy

At HOTspots, privacy is a top priority, guided by robust policies and frameworks of CSIRO’s AEHRC, HOTspots adhere to the Australian Government’s Protective Security Policy Framework (PSPF), Information Security Manual (ISM), Cyber Security Principles and relevant legislation to ensure our data use is secure, legal, ethical. 

As AEHRC is a Federal Government agency, the company also complies with the Essential Eight framework (Australian Cyber Security Centre), Archives Act 1983 (Cth) for recordkeeping and the National Health and Medical Research Council Act 1992. 

Data Governance

All surveillance data are managed in alignment with the CSIRO Information and Data Policy, ensuring compliance with legislative, ethical, cultural, and contractual requirements. The data are de-identified, aggregated, and securely stored.

The HOTspots program operates with ethics approval until the 30th of June 2029 from:

  • Human Research Ethics Committee (HREC) of Northern Territory Health and Menzies School of Health Research
  • CSIRO Health and Medical Human Research Ethics Committee (CHMHREC)

These approvals classify the project as low risk, as no identifying data are accessible to researchers. HOTspots are committed to adhering to all National Health and Medical Research Council (NHMRC) guidelines on data management, storage, and reporting. 

Security Plan

To ensure data security, the HOTspots team has developed a comprehensive security plan with some key measures including: 

  1. Data Storage: Data are stored on the Australian-based Bowen Research Cloud, an internal cloud resource providing secure storage and virtual data management tools.
  2. Access Control: Only three trusted researchers have access to the de-identified data.
  3. Encryption: Data are encrypted during storage and at rest. 
  4. Physical security: CSIRO physical sites security is managed in accordance with the CSIRO Site Security Principals, which stipulate that all sites are maintained to a high physical security standard. Site Security Plan (SSP) and Site-Specific Operating Instructions (SSOIs) are in place. No hard copies of data or physical records will be created. 

The project is governed by CSIRO’s Management of Research Data policies, which require all de-identified pathology data to be retained for seven years after the project concludes (2036). This aligns with HREC guidelines for storage, retention, disposal, and confidentiality. 

For more information about data cleaning, validation, and analysis visit HOTspots | Methodology.

For further governance and guideline details, refer to Research Governance Policy and HREC Guidelines.