A data trust is a legal structure designed to protect and manage sensitive data on behalf of individuals, organizations, or communities. The Dionysus data trust serves a number of unmet needs for individual users and organizations:
- Protecting privacy: By placing control of data in the hands of an independent third party, data trusts can help to safeguard the privacy of individuals whose data is being collected, processed, and used.
- Ensuring equitable distribution of benefits: One of the mandates of the data trust’s board is to ensure that the benefits of data are distributed equitably, especially in cases where data is generated by marginalized communities who may not have the resources or power to protect their interests.
- Promoting transparency: Algorithmic transparency comes from clear rules and guidelines for how data will be collected, processed, and used. The data trust’s independence supports a more transparent decision-making process for all stakeholders.
- Encouraging innovation: Data trusts can provide a secure and trusted environment for organizations to access and use data, which can encourage innovation and the development of new products and services that benefit society. Part of Dionysus’s motivation in founding the trust is to foster independent, scientific research and philanthropic development for the public good.
- Establishing trust: Data trusts can help to establish trust between data providers and data users by creating a neutral and impartial entity that manages data in an ethical and responsible manner.
Overall, data trusts can play a crucial role in ensuring that data is used for the benefit of individuals and society, rather than being monopolized by a few powerful actors for their own benefit.
A fiduciary responsibility to you
Data trusts have a fiduciary responsibility to act in the best interests of the individuals, organizations, or communities whose data they hold. This means that the Dionysus trust must prioritize the protection of all of the data you share and your rights to the privacy and fair use of that data, even if doing so conflicts with the business interests of other stakeholders.
As a fiduciary, the data trust is held to a high standard of care, transparency, and accountability. The trust must use its discretion and expertise to make decisions that are in the best interests of the Dionysus Health’s users, and it must be transparent about how it is fulfilling its fiduciary duties.
In addition to this fiduciary responsibility, data trusts may also be subject to various legal and regulatory requirements, such as data protection laws, which require the trust to implement specific security measures (e.g. HIPAA compliance, encryption, and assess controls) and to provide individuals with certain rights with regards to their data.
In essence, the fiduciary responsibility of a data trust helps to ensure that the trust is serving the interests of the data subjects, rather than being swayed by the interests of other stakeholders, such as corporations or government agencies.
Encryption and Privacy
Beyond legal oversight by the trustees of the Dionysus Data Trust, both the Trust and Dionysus follow best practice from encryption and internal access. All data is encrypted at rest (device or database) and in transit over any network using strong encryption algorithms. This helps to ensure that even if an unauthorized party gains access to the data, they will not be able to read it.
Both Dionysus and the Trust restricts access to sensitive data to only those who need it for legitimate purposes. No random employees, contractors, or anyone else will be able to “read” any of the data you share. This can include authentication mechanisms, such as passwords or biometric authentication, and authorization controls, such as role-based access. It is the unfortunate reality that employees are often the weakest link in data security, so both Dionysus and the Data Trust will continuously educate the their employees about the importance of data privacy and the steps they can take to protect sensitive information.
In addition, the trust regularly monitors and audits data access, including algorithmic access. These practices should be industry-wide to help to detect unauthorized access attempts, ensure that data is being used appropriately, and to affirm that algorithms are truly achieving their proposed purpose.
Finally, when data is no longer needed, it will be dispose of securely to prevent unauthorized access. This includes physically destroying hard drives, wiping data from devices, or securely erasing data from storage systems.
Algorithmic fairness refers to the idea that algorithms and data-driven systems should be designed, built, and used in a way that minimizes potential biases and discrimination. The co-founders of Dionysus are intimately familiar with the many unintended (and not so unintended) consequences of biased algorithms. It’s not your responsibility to fit our models; it’s our responsibility to create real value for everyone by respecting the heterogeneity of our users.
In part this starts with fairness audits by the data trust to identify any potential biases in their algorithms and data. This can include analyzing the data used to train algorithms, as well as the algorithms themselves, to identify any disparities or discriminatory outcomes.
Audits also fosters transparency and accountability, by providing clear explanations for how they work and why they make certain decisions. This builds trust in our systems and ensures that any biases or discriminatory outcomes are quickly identified and addressed.
Last and not least, ensuring our systems represent the diversity of health needs around the globe, we continuously seek to diversify the data used to train our algorithms and well as amazing employees responsible for building and maintaining them.