NIH to make award for All of Us Participant Technology Systems Center

The National Institutes of Health is soliciting applications for operating the Participant Technology Systems Center in support of NIH’s All of Us research program, a Precision Medicine Initiative cohort.

NIH has issued a new funding opportunity to continue the work of the Participant Technology Systems Center (PTSC), which was initially funded in March 2017 to serve as the All of Us program’s resource for developing and maintaining the technical platforms by which volunteers participate in the program.

Overall, the goal of the All of Us research program is to recruit a million or more participants to contribute their physical, genomic and electronic health record data to help researchers make medical breakthroughs. Participants are asked to contribute information about their medical history and lifestyle, and in return, participants will have access to their study results, along with summarized data from across the components of All of Us.

“The PTSC provides systems, services, user experience design and development to support account creation and management, informed consent, survey data collection, participant-authorized data sharing from third-party data sources (e.g., consumer apps and devices), return of information (e.g., electronic health records) to participants, and multi-channel participant communications systems and workflows (e.g., email, SMS, direct mail, phone),” according to NIH’s funding opportunity.

NIH intends to fund one or more awards in Fiscal Year 2020. The total project period is anticipated to be five years, and the agency says it “expects applicant direct costs to not exceed $25 million per year” over that time period. Applications are due February 14, and the earliest anticipated start date is in June.

Vibrent Health was selected in 2017 to develop and manage the PTSC, which provides mobile applications and websites for participants to enroll in All of Us, provide data and receive updates.

However, NIH notes that “applicants may propose either to extend and enhance current All of Us PTSC systems or to replace them with alternative systems,” adding that “any alternative systems would need to be implemented in collaboration with All of Us consortium award partners, with full security controls, within six to 12 months of the award.”

Earlier this year, an HHS Office of Inspector General audit found serious vulnerabilities involving information system general controls at the PTSC, managed by Vibrent Health.

“The PTSC did not have adequate controls to protect All of Us participants’ sensitive data,” concluded the OIG. “NIH did not adequately monitor the PTSC to ensure that the PTSC had implemented adequate cybersecurity controls to protect the participants' sensitive data. Based on the results of our penetration testing at the PTSC, we identified vulnerabilities that could expose personally identifiable information, including personal health information of the All of Us participants and allow access to their data.”

Nonetheless, following the audit, NIH said that they addressed and remediated all of the PTSC vulnerabilities that the OIG identified.

For reprint and licensing requests for this article, click here.