Advancing Data Sovereignty in Africa: Deploying DataSHIELD to Federate Cross-Border Data Silos within the Data Science Without Borders Initiative | Research Square window.SnipcartSettings = { analytics: { enabled: false } }; (function() { var accessVector = localStorage.getItem('access_vector') || ''; window.dataLayer = window.dataLayer || []; if (accessVector) { window.dataLayer.push({ user: { profile: { profileInfo: { snid: accessVector } } } }); } })(); (function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-K279D39R'); Browse Preprints In Review Journals COVID-19 Preprints AJE Video Bytes Research Tools Research Promotion AJE Professional Editing AJE Rubriq About Preprint Platform In Review Editorial Policies Our Team Advisory Board Help Center Sign In Submit a Preprint Cite Share Download PDF Article Advancing Data Sovereignty in Africa: Deploying DataSHIELD to Federate Cross-Border Data Silos within the Data Science Without Borders Initiative Agnes N. Kiragga, Michael Ochola, David Sarrat-González, Pauline Andeso, and 13 more This is a preprint; it has not been peer reviewed by a journal. https://doi.org/ 10.21203/rs.3.rs-9149238/v1 This work is licensed under a CC BY 4.0 License Status: Under Revision Version 1 posted 9 You are reading this latest preprint version Abstract Collaborative health research across Africa is constrained by data sovereignty concerns, heterogeneous regulatory frameworks, limited infrastructure, and persistent capacity gaps, which hinder equitable cross-border data sharing. These challenges limit the availability of large, harmonized datasets needed to address the continent’s burden of infectious and non-communicable diseases while maintaining control over sensitive health data. Within this context, the Data Science Without Borders in Africa (DSWB) project implemented a privacy-preserving federated analysis framework using DataSHIELD across four institutions in Senegal, Cameroon, Ethiopia, and Kenya. This study documents the design, deployment, and early outcomes of this implementation. The approach combined consortium-wide data governance harmonization, a structured capacity-building programme, and a standardized technical architecture integrating DataSHIELD with the OMOP Common Data Model via dsOMOP. The deployment resulted in a functional federated network that enabled secure, in-situ analyses of harmonized clinical data. Multidisciplinary teams successfully executed federated descriptive and modelling analyses, managed Opal-based servers and implemented OMOP-based data harmonization workflows. Challenges related to connectivity, software heterogeneity, and institutional security were mitigated through server-side computation, standardized environments, and collaboration with institutional IT teams. Overall, this work demonstrates the feasibility of scalable, ethically robust federated health data analysis in diverse African research settings while preserving data sovereignty. Biological sciences/Computational biology and bioinformatics Scientific community and society/Developing world Health sciences/Health care Physical sciences/Mathematics and computing Health sciences/Medical research DataSHIELD Federated Analysis Africa Data Sovereignty OMOP Common Data Model Figures Figure 1 Figure 2 Figure 3 Figure 4 Introduction Africa faces a disproportionate burden of infectious and non-communicable diseases, with over 100 disease outbreaks reported annually on the continent 1 . Effective responses to tuberculosis, malaria, HIV, Ebola, COVID-19, Marburg virus, and antimicrobial resistance require high-quality, comprehensive datasets that can inform evidence-based policymaking and enhance healthcare decision-making. A recent study reported more than 100 disease outbreaks annually in Africa, yet the scarcity of carefully curated, large-scale epidemiological data sources and limited analytical capacity severely constrain timely, effective responses to health emergencies 2 . The recent COVID-19 pandemic underscored the urgent need for transparent and timely continental data sharing across African borders to coordinate pandemic preparedness and response 3 . Cross-border data sharing in Africa is hampered by several inherent challenges, including a fragmented and evolving regulatory landscape shaped by the heterogeneity of data protection legislation. As of 2024, approximately 36 of 54 African countries have enacted some form of data protection legislation – a dramatic increase from just 12 countries in 2012 4,5 . However, this legislative proliferation has created a patchwork of incompatible regulatory frameworks rather than a harmonized approach. There are profound differences across African countries in definitions for personal data, sensitive data, anonymization, and pseudonymization techniques to ensure confidentiality; differences in national legal consenting and data processing 6 , hence promoting differences in enforcement mechanisms for non-compliance to data protection laws, particularly to health and research data and materials. While other continents such as Europe, have developed continental data protection laws, including the General Data Protection Regulation (GDPR) and the EU Data Governance Act 7 , the African Union developed the AU Convention on Cyber Security and Personal Data Protection 8 in June 2023, offering a framework for harmonized data sharing and protection across the continent. However, as of 2024, 15 AU member states had ratified the convention, while others, including South Africa, struggle to align it with existing national data protection guidelines. Furthermore, data management practices across the continent remain inconsistent and are often hampered by a lack of standardized platforms and interoperable systems. To date, the use of international common data models such as the OMOP remains very low in Africa 9 . Variability in software and hardware capabilities, and in adherence to data governance frameworks, further complicates collaborative research efforts. The continent still grapples with a shortage of skilled professionals equipped to handle emerging data technologies and sophisticated analytic pipelines, exacerbating existing gaps in research capacity. For example, 1% of global AI talent is in Africa 10 - making it hard to promote advancement in data use. These technical and infrastructural challenges must be addressed in tandem with ethical and regulatory reforms to realize the full potential of data sharing for advancing scientific discovery in Africa. Ethical considerations play a central role in the adoption and implementation of data-sharing practices across African research settings. The imperative to protect participant confidentiality and ensure responsible stewardship of sensitive information remains paramount, particularly in environments where regulatory frameworks for data protection are still evolving. Research Ethics Committees frequently grapple with balancing the potential benefits of open data with the need to safeguard individual rights, especially when dealing with datasets that can be re-identified or fall into ambiguous regulatory categories. Federated data analysis offers a promising solution to some of these ethical and technical dilemmas. By enabling researchers to analyze data across multiple sites without requiring centralization or the direct sharing of raw data, federated approaches mitigate the risks of privacy breaches and unauthorized data transfers. This model supports compliance with varying national and institutional regulations and respects local control over data assets, both of which are critical in contexts where trust, transparency, and equity are ongoing concerns. Federated analysis offers a transformative alternative: instead of moving data to the analysis, analyses are sent to the data. Individual-level data never leaves the custodian's server; only non-disclosive summary statistics are returned to researchers. Incorporating federated models into research collaboration not only strengthens data protection but also addresses long-standing issues of data sovereignty and participant autonomy. By maintaining data within institutional boundaries while still enabling meaningful scientific inquiry, federated systems can promote both ethical integrity and research excellence throughout Africa. DataSHIELD is a scientifically mature privacy-preserving federated analysis framework enacted through a series of open-source software and infrastructure 11 , 12 . The DataSHIELD framework comprises four foundational concepts that apply to all DataSHIELD analytic functions, regardless of data type or whether analysis is applied to data at one location or federated across multiple locations: Processing of individual-level data (IPD) is conducted at the data custodian site “ taking the analysis to the data ”. Individual-level data is never viewed by the analyst. Individual-level data is never shared or moved within the analysis network – it is maintained under the oversight of the data controller. Only outputs that are not directly disclosive leave the data controller’s environment. These outputs can be passed to the analyst or can be used in iterative algorithms that combine non-disclosive components from multiple locations in the analysis network. In practice, DataSHIELD adheres to privacy-by-design principles that are embedded within computing infrastructure, analytical functionality, automated output checking, and data privacy methods. It is designed to operate in accordance with best-practice data governance for the use of sensitive health data, as outlined by 13 . This approach enables real-time federated analysis, resulting in faster time-to-results through automation of both the analysis coordination and disclosure protection. Moreover, the high level of control, customisation, and oversight afforded to data controllers when deploying DataSHIELD allows it to be readily tailored to the heterogeneous data governance requirements commonly encountered in cross-country research networks. Since its inception in 2009, DataSHIELD has been co-designed through engagement with a wide range of stakeholders, including cross-disciplinary researchers (spanning computer science, medicine, epidemiology, bioethics, social sciences, law, and related fields), data controllers, research participants, and members of the public 14 – 17 . As a result, DataSHIELD represents a socially aligned approach that is explicitly designed to comply with contemporary data protection legislation, including the General Data Protection Regulation (GDPR). In addition, it aligns with recently developed frameworks governing the secure access and use of sensitive research data, including the Five Safes Framework 18 , 19 and the adoption of the FAIR (Findable, Accessible, Interoperable, and Reusable) principles 20 . Unique to DataSHIELD, two federated analytical approaches are provided for data modelling. The first is a one-stage individual participant data (IPD) meta-analysis, also referred to as a full-likelihood approach or virtual pooling. In this approach, distributed algorithms are executed simultaneously across multiple data nodes, operating directly on individual-level data without any transfer or sharing of such data between sites 11 . This enables the generation of a global analysis that is mathematically equivalent to an analysis conducted on physically pooled data 21 , 22 . The second approach is a two-stage IPD meta-analysis, also known as study-level meta-analysis. Here, algorithms are applied independently at each data node to produce study-specific summary estimates, which are subsequently combined using conventional meta-analytic methods, such as random-effects meta-analysis. In addition, functions developed within the DataSHIELD federated analytics framework incorporate a range of disclosure prevention strategies. These strategies are tailored to the specific statistical functionality, data characteristics, and analytical context in which they are applied. Methods include the use of automated statistical disclosure control 13 and the application of data privacy methodologies, such as differential privacy. Irrespective of the disclosure control mechanism employed, the configuration of thresholds and parameters remains under the sole authority of the data controller, reflecting the local data context and acceptable level of disclosure risk. The technical maturity of DataSHIELD is evidenced by its active and open community 23 , which is supported by a well-defined governance structure, shared infrastructure and dedicated training resources and events to support contributors and users. Since its initial development, DataSHIELD has expanded substantially beyond its foundational components and now comprises more than 20 community-developed packages within its broader ecosystem 23 . This includes extended statistical functionality, including advanced modelling, time-to-event analysis, Bayesian approaches, compositional data analysis, and machine and federated learning. Additional packages expand the application across different infrastructures and data types, including tabular, omics, image, and routine healthcare data. The relevance and scientific maturity of DataSHIELD have been formally recognised in The Goldacre Review , an independent evaluation of the use of UK healthcare data for research commissioned by the UK Secretary of State for Health and Social Care. The review identifies DataSHIELD as a widely adopted open-source platform enabling federated analysis of health data 24 . It has been integrated with Trusted Research Environment (TRE) architectures, supporting the federated analysis of routinely collected healthcare data 12 , 25 and is now being deployed within the NHS England Secure Data Environment network, enabling federated cross-regional analyses of UK routine healthcare data. Comparable national initiatives are underway in Germany, where DataSHIELD is implemented as part of NFDI4Health, the National Research Data Infrastructure for Personal Health Data 26 . DataSHIELD has a long-standing application within networks of European longitudinal studies addressing healthy obesity, environmental health, exposome and omics research, diabetes and child development 27 – 30 . Alongside this, it supports federated analytics for significant pan-European academic-industry partnerships including IMI-RHAPSODY for precision therapy in diabetes and IMI-SOPHIA to change the future of obesity care 31 , and pan-European COVID-19 research 32 . Unlike traditional data-sharing approaches, DataSHIELD allows statistical analysis to be performed directly on distributed datasets without requiring the movement or centralization of sensitive information, thereby preserving local data autonomy and ensuring compliance with stringent ethical and regulatory frameworks for personal data protection. Its embedded multi-layer disclosure control mechanisms, aligned with the Five Safes principles, ensure that all analytical outputs are rigorously checked to prevent any risk of re-identification or unintended data release 13 . This approach supports scalable, flexible, and trustworthy research collaboration, even across institutions with heterogeneous infrastructures and governance models. This federated and privacy-preserving approach is particularly significant for the African research landscape, where health and biomedical data are often fragmented across countries and institutions, governed by heterogeneous legal frameworks, and managed within infrastructures that vary greatly in maturity and security. DataSHIELD supports a broad range of federated analytical capabilities, including big data 33 and multi-omics 34 , enabling researchers to perform descriptive statistics, regression modelling, and survival analysis directly on distributed data while maintaining strict privacy protection. Beyond these core methods, the platform has expanded into advanced biomedical analytics, including privacy-preserving machine learning approaches such as multi-task learning through the dsMTL package, which allows simultaneous identification of shared and site-specific patterns in complex, high-dimensional datasets 35 . For multi-omics applications, extensions like dsOmics empower secure federated analysis of genomic, transcriptomic, and other molecular data across multiple cohorts without exposing individual-level information 34 . Additionally, interoperability with established clinical data standards is facilitated through dsOMOP, which enables seamless integration of the OMOP Common Data Model into federated workflows, enhancing harmonization and large-scale reuse of healthcare data 36 . Collectively, these tools position DataSHIELD as a mature and versatile analytical ecosystem capable of supporting collaborative research across diverse infrastructures while safeguarding data confidentiality and upholding regulatory and ethical requirements. In summary, by enabling complex statistical analyses to be performed across multiple sites while keeping sensitive data securely behind institutional firewalls, DataSHIELD effectively mitigates the risks of re-identification and data misuse 13 . At the same time, it promotes equitable participation in multi-centre research by allowing institutions with diverse infrastructure capacities to contribute valuable data and insights without compromising local governance autonomy. Accordingly, DataSHIELD addresses critical ethical, technical, and regulatory challenges inherent in cross-border data sharing and provides a trusted pathway for African research institutions to engage in global health data collaborations while maintaining control over their data assets and protecting the rights of the populations they serve. Methods Ethics Statement The project received ethical approval to conduct the research from Strathmore University (Reference No. SU-ISERC2367/24). Furthermore, administrative clearance from each Pathfinder’s administration. All methods were performed in accordance with the relevant guidelines and regulations. Written informed consent for participation in the study was obtained voluntarily from the research participants. This was after understanding the study’s purpose. We maintained participants’ confidentiality by keeping identifying information (telephone numbers) under a key and lock, and by coding using privacy-enhancing methods. The data was analysed and published in aggregate form to avoid the identification of individual participants. The data is currently stored under key and lock for the five years after publication. Project Design and Scope Data Science Without Borders (DSWB), inaugurated in February 2022, is a three-year initiative funded by Wellcome 37 . It aims to collaboratively design strategies to enhance data systems and the application of data science tools to improve data utilization for evidence generation in Africa. DSWB commenced its operations in collaboration with three distinct health institutions: the Armauer Hansen Research Institute (AHRI) in Ethiopia, the Douala General Hospital (DGH) in Cameroon, and the Institute for Health Research, Epidemiological Surveillance, and Training (IRESSEF) in Senegal. While all three countries had national data protection laws that govern data sharing, the data governance practices differed amongst the institutions, with the existence of institutional data protection frameworks at AHRI and IRESSEF, while DGH had no formal guidance to data sharing. The project team then developed a consolidated consortium-wide data sharing agreement with the guidance of legal representatives from all partners and signed by all consortium members. The agreement is currently implemented to allow ethical and responsible sharing of data. Data sharing was combined with an additional data requisition requirement to allow sharing of data specified for a single analysis project – and not blanket sharing of all data in the consortium. With these checks in order, the team explored the feasibility of implementing federated analysis as an alternative solution to overcome the hurdles of sharing in Africa. Training and Capacity Building: To initiate the process of deploying DataSHIELD in the DSWB consortium, we started off with a comprehensive training. We designed a two‑block, hands‑on curriculum that coupled privacy‑preserving federated analytics in DataSHIELD with standardized data management in the OMOP Common Data Model (CDM), explicitly bridged by dsOMOP. Block 1 (DataSHIELD) introduced the client-server workflow, authenticated connections to remote nodes, assignment vs. aggregate operations, and the practical application of disclosure control, governance, and auditing. Block 2 (OMOP via dsOMOP) covered connecting to local OMOP CDM databases from within DataSHIELD, exploring standardized tables/vocabularies, constructing cohorts, and running cross‑site summary analyses over harmonized clinical data. The workshops were delivered in a strongly practical format: participants connected to remote nodes and executed the exercises on live servers, mirroring production usage and reinforcing operational fluency. Throughout the training, we emphasised dsOMOP as the enabling layer that automates server‑side extraction and transformation of OMOP tables into DataSHIELD objects so that only non‑disclosive aggregates leave the three countries 36 . To ensure alignment with community standards, the course drew on materials and practices curated by the DataSHIELD Community Education Theme, which coordinates training materials across the community 38 . Training participants The cohorts comprised multi‑disciplinary teams essential for sustaining a federated network: data scientists/statisticians (analysis and quality control), IT and systems administrators (server deployment, security, networking), database managers/data officers (OMOP databases, ETL processes), and clinical/public‑health researchers (protocol design and interpretation). In line with the workshop design, all participants were provisioned with access to their institutional nodes and completed the practical blocks on remotely hosted servers, not on local setups - an approach that our materials explicitly encourage. The setup was aimed to connect to remote nodes and manage sessions, perform federated, reproducible analyses on harmonized data. The training effectiveness was assessed formatively through embedded practical check‑offs rather than solely through written tests. By the end of the training, (i) researchers successfully executed federated descriptive and modelling tasks on their own institutional data using the OMOP -> dsOMOP -> DataSHIELD pipeline; (ii) IT staff deployed and operated a functional Opal/DataSHIELD stack (including user/role management and TLS‑secured access); and (iii) data managers completed or validated source‑to‑OMOP mappings and exercised dsOMOP‑based resource registration and filtered table assignment. These outcomes reflect the intended competencies of the two‑block syllabus and the dsOMOP design - namely, standardized semantics from OMOP combined with server‑side, disclosure‑controlled computation in DataSHIELD. Technical Implementation of the Federated Network: Each participating site operated an Opal application server with a local R execution layer (Rock/Rserve) and linked it to the site’s OMOP Common Data Model (CDM) database via dsOMOP R package. In this architecture, dsOMOP registers the OMOP database as an Opal “resource” and automates the server‑side transformation of OMOP tables into DataSHIELD‑compatible objects; analysts then run privacy‑preserving R code from the client, and only non‑disclosive aggregate results leave the site. This design preserves data locality (the OMOP database remains under institutional control) while avoiding duplication of large tables inside Opal and enabling harmonised multi‑centre analyses. Opal’s resources provide first‑class connectors to external data/computation back ends so that data can be analysed in situ rather than imported into Opal’s internal store. Under the hood, this mechanism relies on the resourcer R package, which interprets a resource description (URL, driver, credentials, format) and instantiates the appropriate connection (e.g., to files, SQL engines, or other services). dsOMOP leverages this resource layer to expose OMOP CDM databases to DataSHIELD sessions in a standardized way – crucial for scaling across institutions and keeping OMOP as the single source of truth 33 . Across nodes, Opal and the R servers ran on Linux (Ubuntu LTS) on server‑class hosts or dedicated VMs with multi‑core CPUs, sufficient RAM for concurrent R sessions, and SSD storage to minimise I/O latency. Opal connected to one or more R server profiles (“clusters”) so administrators could pin package versions and scale workers consistently across sites; DataSHIELD profiles were derived from these R profiles to enumerate permitted functions under disclosure control. The network specifications varied across centers; APHRC and IRESSEF hosted both the Opal and DB in AWS, while DGH deployed it on the local machine that met the relevant specifications. Opal’s UI/API was published HTTPS‑only with TLS certificates managed by the institution. Connectivity from Opal/R to the OMOP database was limited to site‑controlled private routes -either an institutional LAN (on‑prem) or private networking within a cloud VPC- so routine analysis traffic did not rely on public database endpoints. Role‑based access governed analyst permissions, and administrative access followed institutional security policy. Software and System Setup We followed a standardized, automation‑first installation procedure that minimizes site‑to‑site variability and maximizes reproducibility: (i) provision the Opal stack with the easy‑opal CLI, (ii) register a Rock R‑server profile that includes dsOMOP, (iii) declare an Opal resource pointing to that database so that DataSHIELD can query it in situ via the resourcer framework. Step 1: Provision Opal with easy‑opal. Administrators installed and configured Opal 4.x using the easy‑opal CLI, which sets up the Opal container, reverse‑proxy/TLS, baseline security, and service dependencies in one run (interactive or scripted). This provides a reproducible, cross‑platform bootstrap aligned with Opal’s administrator guidance, Fig. 2 . Step 2: Add a dsOMOP‑enabled Rock profile with easy‑opal . In order to expose a server‑side R execution environment to Opal, we registered a Rock R‑server profile using the easy-opal CLI and pointed it to a dsOMOP‑enabled Rock image. This yielded a named R profile/cluster that Opal discovers and that analysts can target consistently across nodes. Step 3: Declare the site’s OMOP database as an Opal resource and test access. Within each Opal project, we created a resource that points to the site’s OMOP CDM endpoint -- supplying the standard parameters (driver, host, port, db, credentials). Opal’s resource mechanism (backed by the resourcer package) allows DataSHIELD to operate in situ on the database; dsOMOP then automates the server‑side extraction/transformations into DataSHIELD objects. This pattern works identically whether the database is in a cloud VPC or on‑prem and is exactly the workflow described in the resources/resourcer architecture and the dsOMOP reference. Data Preparation and Harmonization The team conducted a comprehensive data mapping of all available datasets in the consortium and identified 37 datasets. Of these, three were cross-cutting and these included datasets on HIV, TB, and Malaria 37 . To support DataSHIELD deployment at all three sites, we selected one use case dataset from each site. At APHRC, we used datasets specific to health diseases, at DGH, a data set on stroke was used, while IRESSEF used a data set specific to COVID-19. The different datasets were harmonized to the OMOP Common Data Model (CDM) using a conventional OHDSI ETL pipeline and tools. The deployment using different datasets justified the need for harmonized datasets and the goal was to achieve both semantic interoperability (shared vocabularies and table conventions) and analytic interoperability (uniform, privacy‑preserving queries across nodes), if one dataset was to be analysed using DataSHIELD. Our Experience Overall, we successfully deployed DataSHIELD to address challenges related to data sharing within the DSWB consortium and, more broadly, across African research settings. We deployed DataSHIELD on both AWS and local servers or computers of the participating institutions. This flexibility enabled the three sites, each at a different level of data ecosystem maturity, to operate within their existing infrastructures. The installation was tested using the site-specific datasets selected from the consortium, allowing the technical teams to experience and understand the critical steps involved in data access, assignment of administrative rights, and procedures for sharing aggregated results once federated analyses are deployed. Demand for federated analysis has since increased across partner sites, and the first federated analysis use case will involve cross-cutting HIV datasets from the three partner institutions. Training and Skill Development Outcomes Before the training, all participating data personnel were subjected to a pre-training survey to ascertain knowledge and key skills. We observed the majority of participants in need for skills in use of data harmonization tools such as the OMOP Common Data Model (53.8%), use of Docker and containerization (84.6%), and use of Linux Operating System for the installation of DataSHIELD (53.8%), Fig. 3 . This underscores the need for training before and during deployment of federated tools and the usability of joining Community groups – including the DataSHIELD community. The majority of the participants had no prior knowledge and experience using privacy enhancing technology and DataSHIELD, and showed interest in learning new skills, specific to federation, Fig. 4 . In response to the identified capacity gaps, and to promote sustainability and reuse in line with Open Science and FAIR principles, we developed and published an openly accessible, web-based training course that consolidates the DataSHIELD and OMOP-based federated analysis curriculum and supports continued, reusable skills development ( https://isglobal-brge.github.io/workshop_DSWB/ ). The training programme was delivered in complementary blocks addressing analytical, data management, and infrastructure competencies required to sustain a federated analysis network. As summarized in Table 2 , Block 1 focused on DataSHIELD concepts, including the client–server workflow, disclosure control, and governance, enabling data scientists and IT staff to successfully execute federated analyses that returned only non-disclosive outputs. Block 2 emphasized data harmonization through the OMOP Common Data Model and dsOMOP integration, equipping data managers and analysts to construct cohorts and query harmonized OMOP data via DataSHIELD. In parallel, infrastructure-focused sessions supported IT administrators in deploying and maintaining secure OPAL and Rock environments with TLS and role-based access controls. Table 1 Training Block Core Topics Participants Demonstrated Outcomes Block Topic Participants Outcome Block 1: DataSHIELD Client–server workflow, disclosure control, statistical analyses Data scientists, IT staff Executed federated analyses with non-disclosive outputs Block 2: OMOP & dsOMOP OMOP CDM, cohort construction, dsOMOP integration Data managers, analysts Successfully queried harmonized OMOP data via DataSHIELD Infrastructure Opal, Rock/R, TLS, role-based access, governance IT administrators Deployed and maintained secure federated nodes Challenges and Solutions The deployment of a federated DataSHIELD infrastructure across multiple African research institutions presented several technical and operational challenges related to connectivity, system configuration, and software heterogeneity (Table 2 ). Network latency and unstable internet connectivity were common across sites and posed potential barriers to interactive analysis. These challenges were mitigated by leveraging DataSHIELD’s server-side, in-situ computation model, which limits data transfer to non-disclosive aggregate outputs, thereby reducing sensitivity to network latency. In addition, lightweight analytical queries and persistent client–server sessions were adopted to tolerate intermittent connectivity and minimize disruption during analysis workflows. Server configuration and institutional security requirements also represented a key challenge, particularly with respect to firewall restrictions and approved network ports. To address this, deployments were conducted in close collaboration with institutional IT officers, and all installations adhered strictly to existing security protocols to ensure that DataSHIELD implementation did not compromise institutional infrastructure or data security. Software compatibility issues arose from the use of heterogeneous versions of R and Python across participating sites. This was addressed by defining and enforcing standardized software versions prior to training and deployment. To further reduce variability across local environments, Docker containerization was employed to encapsulate system dependencies and enable reproducible, localized deployments of OPAL, Rock, and dsOMOP services. Table 2 Technical and Logistical Challenges and Solutions during DataSHIELD Deployment under the DSWB Consortium Challenge Category Specific Challenge Encountered Solution Implemented Network/Connectivity Latency issues Server-side DataSHIELD computation limited data transfer to aggregate results, reducing sensitivity to network latency. Unstable internet Lightweight queries and persistent sessions were used to tolerate intermittent connectivity. Server Configuration Firewall and security issues Referred to the institution IT officer and followed the security protocols to avoid comprising institutional safety during DataSHIELD deployment Software compatibility Different versions of R software at the sites Ensured participants installed standardized software prior to the training Used Docker containers to allow localized deployment Reflections and Discussion The deployment of DataSHIELD through the DSWB consortium represents a landmark achievement for data science in Africa. Across the continent, implementations of open-source software for federated analysis and learning remain rare. According to recent updates from the DataSHIELD community, only one or two use cases have been documented in Africa, underscoring a substantial gap in methodological advances and comparative work between Africa and the rest of the global community. For multi-country data-driven projects where data sharing and trust are critical for successful collaboration, the feasibility of data federation is essential. This need is particularly pronounced in Africa, where weak policy and legal frameworks, the absence of a continental data-sharing framework, limited institutional data policies, and poor data practices collectively hinder trust in data sharing 5 , 6 . Consequently, demand is growing for solutions that allow data to remain at the point of collection while still enabling robust federated analyses. Broader Implications for Research The DataSHIELD framework offers substantial opportunities to advance health research in Africa. This privacy-preserving analytical platform can be strategically applied to infectious disease surveillance, non-communicable disease research, and other emerging public health challenges. For infectious diseases, DataSHIELD enables near real-time, multi-country analyses of outbreaks without centralizing sensitive patient data, facilitating rapid epidemic response while maintaining data sovereignty. For non-communicable diseases such as diabetes, hypertension, cardiovascular disease, and cancer, the framework supports harmonization of heterogeneous datasets from different health systems, enabling large-scale comparative studies to identify risk factors, treatment outcomes, and health disparities across diverse African populations. A continental data network underpinned by DataSHIELD principles could address key barriers to pan-African health research, including data protection concerns, limited technical infrastructure, and the need for local control of sensitive health information. Such a network would align with the African Union’s health agenda, strengthen health systems research capacity, support evidence-based policy, and position African institutions as equal partners in global health research. By fostering a federated data ecosystem that respects national sovereignty while enabling large-scale analyses, DataSHIELD can support rigorous, ethically robust collaborative research and contribute to improved health outcomes across Africa. Comparison of DataSHIELD to Other Models of Federated Analysis While several federated data analysis frameworks exist, DataSHIELD and Vantage6 exemplify two distinct approaches to privacy-preserving collaborative research. DataSHIELD, implemented in R, uses a disclosure-control framework that limits analyses to non-disclosive functions, ensuring that individual-level data remain at their source while still supporting advanced methods such as generalized linear models, survival analysis, and machine learning. This provides strong protections against data disclosure and integrates well with established R-based workflows, making it particularly suitable for epidemiologists and biostatisticians. In contrast, Vantage6 offers a more flexible, containerized infrastructure that supports multiple programming languages (e.g., Python, R) and enables deployment of custom algorithms via Docker containers, offering greater algorithmic freedom and adaptability. Both retain data within institutional firewalls but differ in governance: DataSHIELD’s function-based restrictions embed privacy by design, whereas Vantage6’s container-based model requires explicit review and approval of analytic algorithms by data custodians. In the African context, DataSHIELD’s lower technical barrier, proven use in multi-country health research, and alignment with existing R-based capacity make it highly attractive, while Vantage6 may be preferable for projects needing specialized computation or Python-based machine learning. Both frameworks support the overarching goal of enabling collaborative research without compromising data sovereignty, a central concern for African institutions seeking equitable participation in global health research while retaining control over sensitive population data. Conclusion The successful deployment of DataSHIELD under the Data Science Without Borders in Africa project demonstrates the feasibility of robust, real-world federated analysis in low- and middle-income settings. By demonstrating both a clear demand for and a practical pathway to the secure deployment of DataSHIELD and other federated tools, this work shows that there is potential for collaborative data analysis with a common research question to support pooled meta-analysis, which can be achieved while fully respecting data sovereignty and privacy. This initiative has laid a crucial foundation for a new era of data-driven research and evidence-informed policy-making on the African continent, and it highlights the substantial potential of federated approaches to strengthen health research, foster regional collaboration, and ultimately improve population outcomes. Declarations Competing Interests The authors declare no competing interests. Funding The study was funded through a grant from the Wellcome, Grant number 228139, awarded to Agnes Kiragga at the African Population and Health Research Center, Kenya. Author Contribution AK and JG designed and conceptualized the study. AK, JG and DS wrote the original draft of the manuscript. Visualizations were done by MO, SC and PA. RW, JG and DS produced the Software. All authors reviewed and edited the manuscript and approved the final version for submission. Acknowledgement We acknowledge support from the Barcelona Institute of Global Health and the London School of Hygiene and Tropical Medicine for the support towards training and deployment of DataSHIELD. Data Availability The datasets used in this study are available from the corresponding author upon request. References Naghavi, M. et al. Global burden of 292 causes of death in 204 countries and territories and 660 subnational locations, 1990–2023: a systematic analysis for the Global Burden of Disease Study 2023. Lancet 406 , 1811–1872 (2025). Ndembi, N. et al. Evolving Epidemiology of Mpox in Africa in 2024. N Engl. J. Med. 392 , 666–676 (2025). Brand, D., Singh, J. A., McKay, A. G. N., Cengiz, N. & Moodley, K. Data sharing governance in sub-Saharan Africa during public health emergencies: Gaps and guidance. South Afr. J. Sci 118 , (2023). Badriyya, Y. Harmonization of Data Governance Frameworks in Africa . (2024). Kabanda, S. M. et al. Data sharing and data governance in sub-Saharan Africa: Perspectives from researchers and scientists engaged in data-intensive research. South Afr. J. Sci 119 , (2023). ICT Works. 14 Barriers to Using Open Data for Better Development Decisions. 14 Barriers to Using Open Data for Better Development Decisions (2024). https://www.ictworks.org/open-data-development-decisions/ European Union Parliament. REGULATION (EU) 2022/868 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act). (2022). Orji, U. J. The African Union Convention on Cybersecurity: A Regional Response Towards Cyber Stability? Masaryk Univ. J. Law Technol. 12 , 91–130 (2018). Collaborators Observational Health Data Sciences and Informatics (OHDSI). (2026). Human-Centered Artificial Intelligence. Artificial Intelligence Index Report 2024 . (2024). https://hai-production.s3.amazonaws.com/files/hai_ai-index-report-2024-smaller2.pdf Gaye, A. et al. DataSHIELD: taking the analysis to the data, not the data to the analysis. Int. J. Epidemiol. 43 , 1929–1944 (2014). Wilson, R. C. et al. DataSHIELD – New Directions and Dimensions. Data Sci. J. 16 , 21 (2017). Avraam, D. et al. DataSHIELD: mitigating disclosure risk in a multi-site federated analysis platform. Bioinforma Adv. 5 , vbaf046 (2025). Budin-Ljøsne, I. et al. DataSHIELD: an ethically robust solution to multiple-site individual-level data analysis. Public. Health Genomics . 18 , 87–96 (2015). Murtagh, M. J. et al. Securing the Data Economy: Translating Privacy and Enacting Security in the Development of DataSHIELD. Public. Health Genomics . 15 , 243–253 (2012). Murtagh, M. J. et al. The ECOUTER methodology for stakeholder engagement in translational research. BMC Med. Ethics . 18 , 24 (2017). Wallace, S. E., Gaye, A., Shoush, O. & Burton, P. R. Protecting Personal Data in Epidemiological Research: DataSHIELD and UK Law. Public. Health Genomics . 17 , 149–157 (2014). Ritchie, F. Five Safes: designing data access for research. Preprint at https://doi.org/ (2016). 10.13140/RG.2.1.3661.1604 Standard Architecture for Trusted Research Environments. The SATRE Specification. (2026). https://satre-specification.readthedocs.io/en/stable/specification.html Wilkinson, M. D. et al. The FAIR Guiding Principles for scientific data management and stewardship. Sci. Data . 3 , 160018 (2016). Jones, E. M. et al. DataSHIELD – shared individual-level analysis without sharing the data: a biostatistical perspective. Nor Epidemiol 21 , (2012). Jones, E. M., Sheehan, N. A., Gaye, A., Laflamme, P. & Burton, P. Combined analysis of correlated data when data cannot be pooled. Stat 2 , 72–85 (2013). Wikipedia The DataSHIELD Community wiki. (2026). https://wiki.datashield.org/en/home Goldacre, B. & Morley, J. Better, Broader, Safer: Using Health Data for Research and Analysis . 130 (2022). https://assets.publishing.service.gov.uk/media/624ea0ade90e072a014d508a/goldacre-review-using-health-data-for-research-and-analysis.pdf Butters, O. W. et al. The Biomedical Research Infrastructure Software as a Service Kit (BRISSKit): technical description. F1000Research 5, 1905 (2016). NFDI4Health. NFDI4Health (2026). https://www.nfdi4health.de/en/ Van Vliet-Ostaptchouk, J. V. et al. The prevalence of metabolic syndrome and metabolically healthy obesity in Europe: a collaborative analysis of ten large cohort studies. BMC Endocr. Disord . 14 , 9 (2014). Vinther, J. L. et al. Gestational age at birth and body size from infancy through adolescence: An individual participant data meta-analysis on 253,810 singletons in 16 birth cohort studies. PLOS Med. 20 , e1004036 (2023). Vrijheid, M. et al. Advancing tools for human early lifecourse exposome research and translation (ATHLETE): Project overview. Environ. Epidemiol. 5 , e166 (2021). Zijlema, W. et al. Road traffic noise, blood pressure and heart rate: Pooled analyses of harmonized data from 88,336 participants. Environ. Res. 151 , 804–813 (2016). Delfin, C. et al. A Federated Database for Obesity Research: An IMI-SOPHIA Study. Life 14 , 262 (2024). Puskaric, M. et al. Privacy-Preserving Workflow for the Cross-Border Federated Analysis of Clinical Data. in Studies in Health Technology and Informatics (ed (ed Mantas, J.) (IOS, doi: 10.3233/SHTI240737 . (2024). Marcon, Y. et al. Orchestrating privacy-protected big data analyses of data from different resources with R and DataSHIELD. PLoS Comput. Biol. 17 , e1008880 (2021). Escriba-Montagut, X. et al. Federated privacy-protected meta- and mega-omics data analysis in multi-center studies with a fully open-source analytic platform. PLoS Comput. Biol. 20 , e1012626 (2024). Cao, H. et al. dsMTL: a computational framework for privacy-preserving, distributed multi-task machine learning. Bioinformatics 38 , 4919–4926 (2022). Sarrat-González, D., Escribà-Montagut, X., Houghtaling, J. & González, J. R. dsOMOP: bridging OMOP CDM and DataSHIELD for secure federated analysis of standardized clinical data. Bioinformatics 41 , btaf286 (2025). Kiragga, A. N. et al. Data science without borders: bridging the divide in data science capacity across African health institutions. Front. Public. Health . 13 , 1695907 (2025). Gonzalez, J. & Sarrat-González, D. DSWB Training Materials . (2025). https://isglobal-brge.github.io/workshop_DSWB/ Additional Declarations No competing interests reported. Cite Share Download PDF Status: Under Revision Version 1 posted Editorial decision: Revision requested 14 May, 2026 Reviews received at journal 07 Apr, 2026 Reviewers agreed at journal 30 Mar, 2026 Reviewers agreed at journal 27 Mar, 2026 Reviewers invited by journal 27 Mar, 2026 Editor assigned by journal 27 Mar, 2026 Editor invited by journal 27 Mar, 2026 Submission checks completed at journal 25 Mar, 2026 First submitted to journal 25 Mar, 2026 You are reading this latest preprint version Research Square lets you share your work early, gain feedback from the community, and start making changes to your manuscript prior to peer review in a journal. As a division of Research Square Company, we’re committed to making research communication faster, fairer, and more useful. We do this by developing innovative software and high quality services for the global research community. Our growing team is made up of researchers and industry professionals working together to solve the most critical problems facing scientific publishing. Also discoverable on Platform About Our Team In Review Editorial Policies Advisory Board Help Center Resources Author Services Accessibility API Access RSS feed Manage Cookie Preferences © Research Square 2026 | ISSN 2693-5015 (online) Privacy Policy Terms of Service Do Not Sell My Personal Information {"props":{"pageProps":{"initialData":{"identity":"rs-9149238","acceptedTermsAndConditions":true,"allowDirectSubmit":false,"archivedVersions":[],"articleType":"Article","associatedPublications":[],"authors":[{"id":614468783,"identity":"57211a45-5e35-40ea-987b-345902163c1f","order_by":0,"name":"Agnes N. Kiragga","email":"data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAZAAAAAyAQMAAABI0h/eAAAABlBMVEX///8AAABVwtN+AAAACXBIWXMAAA7EAAAOxAGVKw4bAAAA2klEQVRIiWNgGAWjYDACHsYGMM3PwMBGohbJBuK1QGmDA8Rq4e853Pbhx69aeePjZ489rqhhkDPvX4Bfi8TZxuaZvX3HDbedyUs3PHOMwVjmxgMC1pxnbGbg7TnGuO1AjplkYwND4gyJA/h1yAO1MP7tOWa/uf8NkVoMgA5j5vlRk7hBAmYLfwN+LYZnDjYzyzYcSJ5x412aZMMxCWMJCQJekTuT/pjxzZ862/7+3GOSDTU2chL8BBwGBoxthxmgMQS0QiKBCC0Mf+oYEJFKlC2jYBSMglEwkgAAKIxIJCzXyKcAAAAASUVORK5CYII=","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":true,"prefix":"","firstName":"Agnes","middleName":"N.","lastName":"Kiragga","suffix":""},{"id":614468784,"identity":"a42c1234-9cf1-487d-ba42-de4e1f51ef4d","order_by":1,"name":"Michael Ochola","email":"","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":false,"prefix":"","firstName":"Michael","middleName":"","lastName":"Ochola","suffix":""},{"id":614468785,"identity":"29c19aaf-b5d8-47cd-bdef-0b93abc2270e","order_by":2,"name":"David Sarrat-González","email":"","orcid":"","institution":"Barcelona Institute for Global Health (ISGlobal)","correspondingAuthor":false,"prefix":"","firstName":"David","middleName":"","lastName":"Sarrat-González","suffix":""},{"id":614468786,"identity":"c1a3de73-3e25-4181-a26a-d8c65c71a9e6","order_by":3,"name":"Pauline Andeso","email":"","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":false,"prefix":"","firstName":"Pauline","middleName":"","lastName":"Andeso","suffix":""},{"id":614468787,"identity":"6500266e-e3da-44f3-994e-025ccb7e6e03","order_by":4,"name":"Steve Cygu","email":"","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":false,"prefix":"","firstName":"Steve","middleName":"","lastName":"Cygu","suffix":""},{"id":614468789,"identity":"5b15784d-267b-43f8-8d93-8279f33e9f48","order_by":5,"name":"Reinpeter Momanyi","email":"","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":false,"prefix":"","firstName":"Reinpeter","middleName":"","lastName":"Momanyi","suffix":""},{"id":614468792,"identity":"176cde77-bc39-4fdc-8dcd-f0b3165b05f7","order_by":6,"name":"Miranda Barasa","email":"","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":false,"prefix":"","firstName":"Miranda","middleName":"","lastName":"Barasa","suffix":""},{"id":614468794,"identity":"6026a709-0eb9-4ba8-892e-715e77130cea","order_by":7,"name":"David Amadi","email":"","orcid":"","institution":"London School of Hygiene and Tropical Medicine","correspondingAuthor":false,"prefix":"","firstName":"David","middleName":"","lastName":"Amadi","suffix":""},{"id":614468796,"identity":"2a14a3af-25a2-4f40-9266-d9b1764b8487","order_by":8,"name":"Ousmane Diop","email":"","orcid":"","institution":"Institute for Health Research, Epidemiological Surveillance and Training (IRESSEF)","correspondingAuthor":false,"prefix":"","firstName":"Ousmane","middleName":"","lastName":"Diop","suffix":""},{"id":614468797,"identity":"c9f4485f-fae0-46be-9632-d164b6e25852","order_by":9,"name":"Anicet Onana","email":"","orcid":"","institution":"Douala General Hospital","correspondingAuthor":false,"prefix":"","firstName":"Anicet","middleName":"","lastName":"Onana","suffix":""},{"id":614468798,"identity":"c5ca3b64-566a-4951-8ef8-336ade3cc142","order_by":10,"name":"Aminata Mboup","email":"","orcid":"","institution":"Institute for Health Research, Epidemiological Surveillance and Training (IRESSEF)","correspondingAuthor":false,"prefix":"","firstName":"Aminata","middleName":"","lastName":"Mboup","suffix":""},{"id":614468799,"identity":"73c9b170-7572-442b-b5c3-16f52a48a747","order_by":11,"name":"Samuel Iddi","email":"","orcid":"","institution":"Data Science Program, Research Division, African Population and Health Research Center","correspondingAuthor":false,"prefix":"","firstName":"Samuel","middleName":"","lastName":"Iddi","suffix":""},{"id":614468801,"identity":"3d4718f3-f6ff-49f8-9d36-524cbec21e0f","order_by":12,"name":"John M. Bwanika","email":"","orcid":"","institution":"Africa Centre for Applied Digital Health (CADH)","correspondingAuthor":false,"prefix":"","firstName":"John","middleName":"M.","lastName":"Bwanika","suffix":""},{"id":614468803,"identity":"ef3448c7-1496-4c9b-9182-3b586d9648c9","order_by":13,"name":"Bertrand Hugo Mbatchou","email":"","orcid":"","institution":"Douala General Hospital","correspondingAuthor":false,"prefix":"","firstName":"Bertrand","middleName":"Hugo","lastName":"Mbatchou","suffix":""},{"id":614468805,"identity":"65acec3e-6da2-4382-aedc-60aaae67f4f4","order_by":14,"name":"Moussa Sarr","email":"","orcid":"","institution":"Institute for Health Research, Epidemiological Surveillance and Training (IRESSEF)","correspondingAuthor":false,"prefix":"","firstName":"Moussa","middleName":"","lastName":"Sarr","suffix":""},{"id":614468806,"identity":"ce0b2bcc-c68c-4a89-93f3-5d12e2d2a6b5","order_by":15,"name":"Rebecca Wilson","email":"","orcid":"","institution":"Institute of Population Health, Faculty of Health and Life Sciences, University of Liverpool","correspondingAuthor":false,"prefix":"","firstName":"Rebecca","middleName":"","lastName":"Wilson","suffix":""},{"id":614468807,"identity":"7389b8fe-84e0-44d3-8b7c-61811f62c7e8","order_by":16,"name":"Juan R Gonzalez","email":"","orcid":"","institution":"Barcelona Institute for Global Health (ISGlobal)","correspondingAuthor":false,"prefix":"","firstName":"Juan","middleName":"R","lastName":"Gonzalez","suffix":""}],"badges":[],"createdAt":"2026-03-17 13:11:00","currentVersionCode":1,"declarations":"","doi":"10.21203/rs.3.rs-9149238/v1","doiUrl":"https://doi.org/10.21203/rs.3.rs-9149238/v1","draftVersion":[],"editorialEvents":[],"editorialNote":"","failedWorkflow":false,"files":[{"id":105827860,"identity":"ae5073e9-811e-4a7b-93df-1b78509091da","added_by":"auto","created_at":"2026-03-31 14:16:00","extension":"png","order_by":1,"title":"Figure 1","display":"","copyAsset":false,"role":"figure","size":155160,"visible":true,"origin":"","legend":"\u003cp\u003eOverview of DataSHIELD computing architecture (source \u003csup\u003e13\u003c/sup\u003e)\u003c/p\u003e","description":"","filename":"floatimage1.png","url":"https://assets-eu.researchsquare.com/files/rs-9149238/v1/28a7b15118a7a60c56130700.png"},{"id":106414977,"identity":"eba46816-e3c6-41f9-8a5f-d28342d69609","added_by":"auto","created_at":"2026-04-08 10:31:29","extension":"png","order_by":2,"title":"Figure 2","display":"","copyAsset":false,"role":"figure","size":187490,"visible":true,"origin":"","legend":"\u003cp\u003eDeployment of DataSHIELD under the Data Science Without Borders Consortium\u003c/p\u003e","description":"","filename":"floatimage2.png","url":"https://assets-eu.researchsquare.com/files/rs-9149238/v1/cf33c5f00d96e66b5d3efbe2.png"},{"id":105827858,"identity":"2534c4c8-d980-4ff5-a8f9-fb333e091c58","added_by":"auto","created_at":"2026-03-31 14:16:00","extension":"jpg","order_by":3,"title":"Figure 3","display":"","copyAsset":false,"role":"figure","size":67114,"visible":true,"origin":"","legend":"\u003cp\u003eProficiency in technical skills among DSWB consortium members in Cameroon, Senegal and Kenya\u003c/p\u003e","description":"","filename":"4.jpg","url":"https://assets-eu.researchsquare.com/files/rs-9149238/v1/999558ac85d110a97cf9c678.jpg"},{"id":105827861,"identity":"80c2e616-e8fd-441a-9144-4c1b6db1141f","added_by":"auto","created_at":"2026-03-31 14:16:00","extension":"png","order_by":4,"title":"Figure 4","display":"","copyAsset":false,"role":"figure","size":59068,"visible":true,"origin":"","legend":"\u003cp\u003eMost desired training for effective use of DataSHIELD among data personnel in the DSWB consortium\u003c/p\u003e","description":"","filename":"floatimage3.png","url":"https://assets-eu.researchsquare.com/files/rs-9149238/v1/bea7d15ebeb9a3f15a93ab53.png"},{"id":106959779,"identity":"f1c7e22d-6ea2-40bb-9221-5c238acb2ea6","added_by":"auto","created_at":"2026-04-15 09:14:57","extension":"pdf","order_by":0,"title":"","display":"","copyAsset":false,"role":"manuscript-pdf","size":1206206,"visible":true,"origin":"","legend":"","description":"","filename":"manuscript.pdf","url":"https://assets-eu.researchsquare.com/files/rs-9149238/v1/30a60413-de69-4c32-9237-577e7690944c.pdf"}],"financialInterests":"No competing interests reported.","formattedTitle":"\u003cp\u003eAdvancing Data Sovereignty in Africa: Deploying DataSHIELD to Federate Cross-Border Data Silos within the Data Science Without Borders Initiative\u003c/p\u003e","fulltext":[{"header":"Introduction","content":"\u003cp\u003eAfrica faces a disproportionate burden of infectious and non-communicable diseases, with over 100 disease outbreaks reported annually on the continent \u003csup\u003e\u003cspan citationid=\"CR1\" class=\"CitationRef\"\u003e1\u003c/span\u003e\u003c/sup\u003e. Effective responses to tuberculosis, malaria, HIV, Ebola, COVID-19, Marburg virus, and antimicrobial resistance require high-quality, comprehensive datasets that can inform evidence-based policymaking and enhance healthcare decision-making. A recent study reported more than 100 disease outbreaks annually in Africa, yet the scarcity of carefully curated, large-scale epidemiological data sources and limited analytical capacity severely constrain timely, effective responses to health emergencies \u003csup\u003e\u003cspan citationid=\"CR2\" class=\"CitationRef\"\u003e2\u003c/span\u003e\u003c/sup\u003e. The recent COVID-19 pandemic underscored the urgent need for transparent and timely continental data sharing across African borders to coordinate pandemic preparedness and response \u003csup\u003e\u003cspan citationid=\"CR3\" class=\"CitationRef\"\u003e3\u003c/span\u003e\u003c/sup\u003e. Cross-border data sharing in Africa is hampered by several inherent challenges, including a fragmented and evolving regulatory landscape shaped by the heterogeneity of data protection legislation. As of 2024, approximately 36 of 54 African countries have enacted some form of data protection legislation \u0026ndash; a dramatic increase from just 12 countries in 2012 \u003csup\u003e4,5\u003c/sup\u003e. However, this legislative proliferation has created a patchwork of incompatible regulatory frameworks rather than a harmonized approach. There are profound differences across African countries in definitions for personal data, sensitive data, anonymization, and pseudonymization techniques to ensure confidentiality; differences in national legal consenting and data processing \u003csup\u003e\u003cspan citationid=\"CR6\" class=\"CitationRef\"\u003e6\u003c/span\u003e\u003c/sup\u003e, hence promoting differences in enforcement mechanisms for non-compliance to data protection laws, particularly to health and research data and materials. While other continents such as Europe, have developed continental data protection laws, including the General Data Protection Regulation (GDPR) and the EU Data Governance Act \u003csup\u003e\u003cspan citationid=\"CR7\" class=\"CitationRef\"\u003e7\u003c/span\u003e\u003c/sup\u003e, the African Union developed the AU Convention on Cyber Security and Personal Data Protection \u003csup\u003e\u003cspan citationid=\"CR8\" class=\"CitationRef\"\u003e8\u003c/span\u003e\u003c/sup\u003e in June 2023, offering a framework for harmonized data sharing and protection across the continent. However, as of 2024, 15 AU member states had ratified the convention, while others, including South Africa, struggle to align it with existing national data protection guidelines. Furthermore, data management practices across the continent remain inconsistent and are often hampered by a lack of standardized platforms and interoperable systems. To date, the use of international common data models such as the OMOP remains very low in Africa \u003csup\u003e\u003cspan citationid=\"CR9\" class=\"CitationRef\"\u003e9\u003c/span\u003e\u003c/sup\u003e. Variability in software and hardware capabilities, and in adherence to data governance frameworks, further complicates collaborative\u003c/p\u003e \u003cp\u003eresearch efforts. The continent still grapples with a shortage of skilled professionals equipped to handle emerging data technologies and sophisticated analytic pipelines, exacerbating existing gaps in research capacity. For example, 1% of global AI talent is in Africa \u003csup\u003e\u003cspan citationid=\"CR10\" class=\"CitationRef\"\u003e10\u003c/span\u003e\u003c/sup\u003e - making it hard to promote advancement in data use. These technical and infrastructural challenges must be addressed in tandem with ethical and regulatory reforms to realize the full potential of data sharing for advancing scientific discovery in Africa.\u003c/p\u003e \u003cp\u003eEthical considerations play a central role in the adoption and implementation of data-sharing practices across African research settings. The imperative to protect participant confidentiality and ensure responsible stewardship of sensitive information remains paramount, particularly in environments where regulatory frameworks for data protection are still evolving. Research Ethics Committees frequently grapple with balancing the potential benefits of open data with the need to safeguard individual rights, especially when dealing with datasets that can be re-identified or fall into ambiguous regulatory categories. Federated data analysis offers a promising solution to some of these ethical and technical dilemmas. By enabling researchers to analyze data across multiple sites without requiring centralization or the direct sharing of raw data, federated approaches mitigate the risks of privacy breaches and unauthorized data transfers. This model supports compliance with varying national and institutional regulations and respects local control over data assets, both of which are critical in contexts where trust, transparency, and equity are ongoing concerns. Federated analysis offers a transformative alternative: instead of moving data to the analysis, analyses are sent to the data. Individual-level data never leaves the custodian's server; only non-disclosive summary statistics are returned to researchers. Incorporating federated models into research collaboration not only strengthens data protection but also addresses long-standing issues of data sovereignty and participant autonomy. By maintaining data within institutional boundaries while still enabling meaningful scientific inquiry, federated systems can promote both ethical integrity and research excellence throughout Africa.\u003c/p\u003e \u003cp\u003eDataSHIELD is a scientifically mature privacy-preserving federated analysis framework enacted through a series of open-source software and infrastructure \u003csup\u003e\u003cspan citationid=\"CR11\" class=\"CitationRef\"\u003e11\u003c/span\u003e,\u003cspan citationid=\"CR12\" class=\"CitationRef\"\u003e12\u003c/span\u003e\u003c/sup\u003e. The DataSHIELD framework comprises four foundational concepts that apply to all DataSHIELD analytic functions, regardless of data type or whether analysis is applied to data at one location or federated across multiple locations:\u003c/p\u003e \u003cp\u003e \u003col\u003e \u003cspan\u003e \u003cli\u003e \u003cp\u003eProcessing of individual-level data (IPD) is conducted at the data custodian site \u0026ldquo;\u003cem\u003etaking the analysis to the data\u003c/em\u003e\u0026rdquo;.\u003c/p\u003e \u003c/li\u003e \u003c/span\u003e \u003cspan\u003e \u003cli\u003e \u003cp\u003eIndividual-level data is never viewed by the analyst.\u003c/p\u003e \u003c/li\u003e \u003c/span\u003e \u003cspan\u003e \u003cli\u003e \u003cp\u003eIndividual-level data is never shared or moved within the analysis network \u0026ndash; it is maintained under the oversight of the data controller.\u003c/p\u003e \u003c/li\u003e \u003c/span\u003e \u003cspan\u003e \u003cli\u003e \u003cp\u003eOnly outputs that are not directly disclosive leave the data controller\u0026rsquo;s environment. These outputs can be passed to the analyst or can be used in iterative algorithms that combine non-disclosive components from multiple locations in the analysis network.\u003c/p\u003e \u003c/li\u003e \u003c/span\u003e \u003c/ol\u003e \u003c/p\u003e \u003cp\u003eIn practice, DataSHIELD adheres to privacy-by-design principles that are embedded within computing infrastructure, analytical functionality, automated output checking, and data privacy methods. It is designed to operate in accordance with best-practice data governance for the use of sensitive health data, as outlined by \u003csup\u003e13\u003c/sup\u003e. This approach enables real-time federated analysis, resulting in faster time-to-results through automation of both the analysis coordination and disclosure protection. Moreover, the high level of control, customisation, and oversight afforded to data controllers when deploying DataSHIELD allows it to be readily tailored to the heterogeneous data governance requirements commonly encountered in cross-country research networks.\u003c/p\u003e \u003cp\u003e \u003c/p\u003e \u003cp\u003eSince its inception in 2009, DataSHIELD has been co-designed through engagement with a wide range of stakeholders, including cross-disciplinary researchers (spanning computer science, medicine, epidemiology, bioethics, social sciences, law, and related fields), data controllers, research participants, and members of the public \u003csup\u003e\u003cspan additionalcitationids=\"CR15 CR16\" citationid=\"CR14\" class=\"CitationRef\"\u003e14\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR17\" class=\"CitationRef\"\u003e17\u003c/span\u003e\u003c/sup\u003e. As a result, DataSHIELD represents a socially aligned approach that is explicitly designed to comply with contemporary data protection legislation, including the General Data Protection Regulation (GDPR). In addition, it aligns with recently developed frameworks governing the secure access and use of sensitive research data, including the Five Safes Framework \u003csup\u003e\u003cspan citationid=\"CR18\" class=\"CitationRef\"\u003e18\u003c/span\u003e,\u003cspan citationid=\"CR19\" class=\"CitationRef\"\u003e19\u003c/span\u003e\u003c/sup\u003e and the adoption of the FAIR (Findable, Accessible, Interoperable, and Reusable) principles \u003csup\u003e\u003cspan citationid=\"CR20\" class=\"CitationRef\"\u003e20\u003c/span\u003e\u003c/sup\u003e.\u003c/p\u003e \u003cp\u003eUnique to DataSHIELD, two federated analytical approaches are provided for data modelling. The first is a one-stage individual participant data (IPD) meta-analysis, also referred to as a full-likelihood approach or virtual pooling. In this approach, distributed algorithms are executed simultaneously across multiple data nodes, operating directly on individual-level data without any transfer or sharing of such data between sites \u003csup\u003e\u003cspan citationid=\"CR11\" class=\"CitationRef\"\u003e11\u003c/span\u003e\u003c/sup\u003e. This enables the generation of a global analysis that is mathematically equivalent to an analysis conducted on physically pooled data \u003csup\u003e\u003cspan citationid=\"CR21\" class=\"CitationRef\"\u003e21\u003c/span\u003e,\u003cspan citationid=\"CR22\" class=\"CitationRef\"\u003e22\u003c/span\u003e\u003c/sup\u003e.\u003c/p\u003e \u003cp\u003eThe second approach is a two-stage IPD meta-analysis, also known as study-level meta-analysis. Here, algorithms are applied independently at each data node to produce study-specific summary estimates, which are subsequently combined using conventional meta-analytic methods, such as random-effects meta-analysis.\u003c/p\u003e \u003cp\u003eIn addition, functions developed within the DataSHIELD federated analytics framework incorporate a range of disclosure prevention strategies. These strategies are tailored to the specific statistical functionality, data characteristics, and analytical context in which they are applied. Methods include the use of automated statistical disclosure control \u003csup\u003e\u003cspan citationid=\"CR13\" class=\"CitationRef\"\u003e13\u003c/span\u003e\u003c/sup\u003e and the application of data privacy methodologies, such as differential privacy. Irrespective of the disclosure control mechanism employed, the configuration of thresholds and parameters remains under the sole authority of the data controller, reflecting the local data context and acceptable level of disclosure risk.\u003c/p\u003e \u003cp\u003eThe technical maturity of DataSHIELD is evidenced by its active and open community \u003csup\u003e\u003cspan citationid=\"CR23\" class=\"CitationRef\"\u003e23\u003c/span\u003e\u003c/sup\u003e, which is supported by a well-defined governance structure, shared infrastructure and dedicated training resources and events to support contributors and users. Since its initial development, DataSHIELD has expanded substantially beyond its foundational components and now comprises more than 20 community-developed packages within its broader ecosystem \u003csup\u003e\u003cspan citationid=\"CR23\" class=\"CitationRef\"\u003e23\u003c/span\u003e\u003c/sup\u003e. This includes extended statistical functionality, including advanced modelling, time-to-event analysis, Bayesian approaches, compositional data analysis, and machine and federated learning. Additional packages expand the application across different infrastructures and data types, including tabular, omics, image, and routine healthcare data.\u003c/p\u003e \u003cp\u003eThe relevance and scientific maturity of DataSHIELD have been formally recognised in \u003cem\u003eThe Goldacre Review\u003c/em\u003e, an independent evaluation of the use of UK healthcare data for research commissioned by the UK Secretary of State for Health and Social Care. The review identifies DataSHIELD as a widely adopted open-source platform enabling federated analysis of health data \u003csup\u003e\u003cspan citationid=\"CR24\" class=\"CitationRef\"\u003e24\u003c/span\u003e\u003c/sup\u003e. It has been integrated with Trusted Research Environment (TRE) architectures, supporting the federated analysis of routinely collected healthcare data \u003csup\u003e\u003cspan citationid=\"CR12\" class=\"CitationRef\"\u003e12\u003c/span\u003e,\u003cspan citationid=\"CR25\" class=\"CitationRef\"\u003e25\u003c/span\u003e\u003c/sup\u003e and is now being deployed within the NHS England Secure Data Environment network, enabling federated cross-regional analyses of UK routine healthcare data. Comparable national initiatives are underway in Germany, where DataSHIELD is implemented as part of NFDI4Health, the National Research Data Infrastructure for Personal Health Data \u003csup\u003e\u003cspan citationid=\"CR26\" class=\"CitationRef\"\u003e26\u003c/span\u003e\u003c/sup\u003e.\u003c/p\u003e \u003cp\u003eDataSHIELD has a long-standing application within networks of European longitudinal studies addressing healthy obesity, environmental health, exposome and omics research, diabetes and child development \u003csup\u003e\u003cspan additionalcitationids=\"CR28 CR29\" citationid=\"CR27\" class=\"CitationRef\"\u003e27\u003c/span\u003e\u0026ndash;\u003cspan citationid=\"CR30\" class=\"CitationRef\"\u003e30\u003c/span\u003e\u003c/sup\u003e. Alongside this, it supports federated analytics for significant pan-European academic-industry partnerships including IMI-RHAPSODY for precision therapy in diabetes and IMI-SOPHIA to change the future of obesity care \u003csup\u003e\u003cspan citationid=\"CR31\" class=\"CitationRef\"\u003e31\u003c/span\u003e\u003c/sup\u003e, and pan-European COVID-19 research \u003csup\u003e\u003cspan citationid=\"CR32\" class=\"CitationRef\"\u003e32\u003c/span\u003e\u003c/sup\u003e.\u003c/p\u003e \u003cp\u003eUnlike traditional data-sharing approaches, DataSHIELD allows statistical analysis to be performed directly on distributed datasets without requiring the movement or centralization of sensitive information, thereby preserving local data autonomy and ensuring compliance with stringent ethical and regulatory frameworks for personal data protection. Its embedded multi-layer disclosure control mechanisms, aligned with the \u003cem\u003eFive Safes\u003c/em\u003e principles, ensure that all analytical outputs are rigorously checked to prevent any risk of re-identification or unintended data release \u003csup\u003e\u003cspan citationid=\"CR13\" class=\"CitationRef\"\u003e13\u003c/span\u003e\u003c/sup\u003e. This approach supports scalable, flexible, and trustworthy research collaboration, even across institutions with heterogeneous infrastructures and governance models. This federated and privacy-preserving approach is particularly significant for the African research landscape, where health and biomedical data are often fragmented across countries and institutions, governed by heterogeneous legal frameworks, and managed within infrastructures that vary greatly in maturity and security. DataSHIELD supports a broad range of federated analytical capabilities, including big data \u003csup\u003e\u003cspan citationid=\"CR33\" class=\"CitationRef\"\u003e33\u003c/span\u003e\u003c/sup\u003e and multi-omics \u003csup\u003e\u003cspan citationid=\"CR34\" class=\"CitationRef\"\u003e34\u003c/span\u003e\u003c/sup\u003e, enabling researchers to perform descriptive statistics, regression modelling, and survival analysis directly on distributed data while maintaining strict privacy protection. Beyond these core methods, the platform has expanded into advanced biomedical analytics, including privacy-preserving machine learning approaches such as multi-task learning through the dsMTL package, which allows simultaneous identification of shared and site-specific patterns in complex, high-dimensional datasets \u003csup\u003e\u003cspan citationid=\"CR35\" class=\"CitationRef\"\u003e35\u003c/span\u003e\u003c/sup\u003e. For multi-omics applications, extensions like dsOmics empower secure federated analysis of genomic, transcriptomic, and other molecular data across multiple cohorts without exposing individual-level information \u003csup\u003e\u003cspan citationid=\"CR34\" class=\"CitationRef\"\u003e34\u003c/span\u003e\u003c/sup\u003e. Additionally, interoperability with established clinical data standards is facilitated through dsOMOP, which enables seamless integration of the OMOP Common Data Model into federated workflows, enhancing harmonization and large-scale reuse of healthcare data \u003csup\u003e\u003cspan citationid=\"CR36\" class=\"CitationRef\"\u003e36\u003c/span\u003e\u003c/sup\u003e. Collectively, these tools position DataSHIELD as a mature and versatile analytical ecosystem capable of supporting collaborative research across diverse infrastructures while safeguarding data confidentiality and upholding regulatory and ethical requirements.\u003c/p\u003e \u003cp\u003eIn summary, by enabling complex statistical analyses to be performed across multiple sites while keeping sensitive data securely behind institutional firewalls, DataSHIELD effectively mitigates the risks of re-identification and data misuse \u003csup\u003e\u003cspan citationid=\"CR13\" class=\"CitationRef\"\u003e13\u003c/span\u003e\u003c/sup\u003e. At the same time, it promotes equitable participation in multi-centre research by allowing institutions with diverse infrastructure capacities to contribute valuable data and insights without compromising local governance autonomy. Accordingly, DataSHIELD addresses critical ethical, technical, and regulatory challenges inherent in cross-border data sharing and provides a trusted pathway for African research institutions to engage in global health data collaborations while maintaining control over their data assets and protecting the rights of the populations they serve.\u003c/p\u003e"},{"header":"Methods","content":"\u003cdiv id=\"Sec3\" class=\"Section2\"\u003e \u003ch2\u003eEthics Statement\u003c/h2\u003e \u003cp\u003eThe project received ethical approval to conduct the research from Strathmore University (Reference No. SU-ISERC2367/24). Furthermore, administrative clearance from each Pathfinder’s administration. All methods were performed in accordance with the relevant guidelines and regulations. Written informed consent for participation in the study was obtained voluntarily from the research participants. This was after understanding the study’s purpose. We maintained participants’ confidentiality by keeping identifying information (telephone numbers) under a key and lock, and by coding using privacy-enhancing methods. The data was analysed and published in aggregate form to avoid the identification of individual participants. The data is currently stored under key and lock for the five years after publication.\u003c/p\u003e \u003c/div\u003e\n\u003ch3\u003eProject Design and Scope\u003c/h3\u003e\n\u003cp\u003eData Science Without Borders (DSWB), inaugurated in February 2022, is a three-year initiative funded by Wellcome \u003csup\u003e\u003cspan class=\"CitationRef\"\u003e37\u003c/span\u003e\u003c/sup\u003e. It aims to collaboratively design strategies to enhance data systems and the application of data science tools to improve data utilization for evidence generation in Africa. DSWB commenced its operations in collaboration with three distinct health institutions: the Armauer Hansen Research Institute (AHRI) in Ethiopia, the Douala General Hospital (DGH) in Cameroon, and the Institute for Health Research, Epidemiological Surveillance, and Training (IRESSEF) in Senegal. While all three countries had national data protection laws that govern data sharing, the data governance practices differed amongst the institutions, with the existence of institutional data protection frameworks at AHRI and IRESSEF, while DGH had no formal guidance to data sharing. The project team then developed a consolidated consortium-wide data sharing agreement with the guidance of legal representatives from all partners and signed by all consortium members. The agreement is currently implemented to allow ethical and responsible sharing of data. Data sharing was combined with an additional data requisition requirement to allow sharing of data specified for a single analysis project – and not blanket sharing of all data in the consortium. With these checks in order, the team explored the feasibility of implementing federated analysis as an alternative solution to overcome the hurdles of sharing in Africa.\u003c/p\u003e\n\u003ch3\u003eTraining and Capacity Building:\u003c/h3\u003e\n\u003cp\u003eTo initiate the process of deploying DataSHIELD in the DSWB consortium, we started off with a comprehensive training. We designed a two‑block, hands‑on curriculum that coupled privacy‑preserving federated analytics in DataSHIELD with standardized data management in the OMOP Common Data Model (CDM), explicitly bridged by dsOMOP. Block 1 (DataSHIELD) introduced the client-server workflow, authenticated connections to remote nodes, assignment vs. aggregate operations, and the practical application of disclosure control, governance, and auditing. Block 2 (OMOP via dsOMOP) covered connecting to local OMOP CDM databases from within DataSHIELD, exploring standardized tables/vocabularies, constructing cohorts, and running cross‑site summary analyses over harmonized clinical data. The workshops were delivered in a strongly practical format: participants connected to remote nodes and executed the exercises on live servers, mirroring production usage and reinforcing operational fluency. Throughout the training, we emphasised dsOMOP as the enabling layer that automates server‑side extraction and transformation of OMOP tables into DataSHIELD objects so that only non‑disclosive aggregates leave the three countries \u003csup\u003e\u003cspan class=\"CitationRef\"\u003e36\u003c/span\u003e\u003c/sup\u003e. To ensure alignment with community standards, the course drew on materials and practices curated by the DataSHIELD Community Education Theme, which coordinates training materials across the community \u003csup\u003e\u003cspan class=\"CitationRef\"\u003e38\u003c/span\u003e\u003c/sup\u003e.\u003c/p\u003e\n\u003ch3\u003eTraining participants\u003c/h3\u003e\n\u003cp\u003eThe cohorts comprised multi‑disciplinary teams essential for sustaining a federated network: data scientists/statisticians (analysis and quality control), IT and systems administrators (server deployment, security, networking), database managers/data officers (OMOP databases, ETL processes), and clinical/public‑health researchers (protocol design and interpretation). In line with the workshop design, all participants were provisioned with access to their institutional nodes and completed the practical blocks on remotely hosted servers, not on local setups - an approach that our materials explicitly encourage. The setup was aimed to connect to remote nodes and manage sessions, perform federated, reproducible analyses on harmonized data.\u003c/p\u003e \u003cp\u003eThe training effectiveness was assessed formatively through embedded practical check‑offs rather than solely through written tests. By the end of the training, (i) researchers successfully executed federated descriptive and modelling tasks on their own institutional data using the OMOP -\u0026gt; dsOMOP -\u0026gt; DataSHIELD pipeline; (ii) IT staff deployed and operated a functional Opal/DataSHIELD stack (including user/role management and TLS‑secured access); and (iii) data managers completed or validated source‑to‑OMOP mappings and exercised dsOMOP‑based resource registration and filtered table assignment. These outcomes reflect the intended competencies of the two‑block syllabus and the dsOMOP design - namely, standardized semantics from OMOP combined with server‑side, disclosure‑controlled computation in DataSHIELD.\u003c/p\u003e\n\u003ch3\u003eTechnical Implementation of the Federated Network:\u003c/h3\u003e\n\u003cp\u003eEach participating site operated an Opal application server with a local R execution layer (Rock/Rserve) and linked it to the site’s OMOP Common Data Model (CDM) database via dsOMOP R package. In this architecture, dsOMOP registers the OMOP database as an Opal “resource” and automates the server‑side transformation of OMOP tables into DataSHIELD‑compatible objects; analysts then run privacy‑preserving R code from the client, and only non‑disclosive aggregate results leave the site. This design preserves data locality (the OMOP database remains under institutional control) while avoiding duplication of large tables inside Opal and enabling harmonised multi‑centre analyses. Opal’s resources provide first‑class connectors to external data/computation back ends so that data can be analysed in situ rather than imported into Opal’s internal store. Under the hood, this mechanism relies on the resourcer R package, which interprets a resource description (URL, driver, credentials, format) and instantiates the appropriate connection (e.g., to files, SQL engines, or other services). dsOMOP leverages this resource layer to expose OMOP CDM databases to DataSHIELD sessions in a standardized way – crucial for scaling across institutions and keeping OMOP as the single source of truth \u003csup\u003e\u003cspan class=\"CitationRef\"\u003e33\u003c/span\u003e\u003c/sup\u003e. Across nodes, Opal and the R servers ran on Linux (Ubuntu LTS) on server‑class hosts or dedicated VMs with multi‑core CPUs, sufficient RAM for concurrent R sessions, and SSD storage to minimise I/O latency. Opal connected to one or more R server profiles (“clusters”) so administrators could pin package versions and scale workers consistently across sites; DataSHIELD profiles were derived from these R profiles to enumerate permitted functions under disclosure control. The network specifications varied across centers; APHRC and IRESSEF hosted both the Opal and DB in AWS, while DGH deployed it on the local machine that met the relevant specifications. Opal’s UI/API was published HTTPS‑only with TLS certificates managed by the institution. Connectivity from Opal/R to the OMOP database was limited to site‑controlled private routes -either an institutional LAN (on‑prem) or private networking within a cloud VPC- so routine analysis traffic did not rely on public database endpoints. Role‑based access governed analyst permissions, and administrative access followed institutional security policy.\u003c/p\u003e \u003cdiv id=\"Sec8\" class=\"Section2\"\u003e \u003ch2\u003eSoftware and System Setup\u003c/h2\u003e \u003cp\u003eWe followed a standardized, automation‑first installation procedure that minimizes site‑to‑site variability and maximizes reproducibility: (i) provision the Opal stack with the easy‑opal CLI, (ii) register a Rock R‑server profile that includes dsOMOP, (iii) declare an Opal resource pointing to that database so that DataSHIELD can query it in situ via the resourcer framework.\u003c/p\u003e \u003cp\u003e \u003c/p\u003e \u003cp\u003e \u003cem\u003eStep 1: Provision Opal with easy‑opal.\u003c/em\u003e Administrators installed and configured Opal 4.x using the easy‑opal CLI, which sets up the Opal container, reverse‑proxy/TLS, baseline security, and service dependencies in one run (interactive or scripted). This provides a reproducible, cross‑platform bootstrap aligned with Opal’s administrator guidance, Fig.\u0026nbsp;\u003cspan class=\"InternalRef\"\u003e2\u003c/span\u003e.\u003c/p\u003e \u003cp\u003e \u003c/p\u003e \u003cp\u003e \u003cem\u003eStep 2: Add a dsOMOP‑enabled Rock profile with easy‑opal\u003c/em\u003e. In order to expose a server‑side R execution environment to Opal, we registered a Rock R‑server profile using the easy-opal CLI and pointed it to a dsOMOP‑enabled Rock image. This yielded a named R profile/cluster that Opal discovers and that analysts can target consistently across nodes.\u003c/p\u003e \u003cp\u003e \u003cem\u003eStep 3: Declare the site’s OMOP database as an Opal resource and test access.\u003c/em\u003e Within each Opal project, we created a resource that points to the site’s OMOP CDM endpoint -- supplying the standard parameters (driver, host, port, db, credentials). Opal’s resource mechanism (backed by the resourcer package) allows DataSHIELD to operate in situ on the database; dsOMOP then automates the server‑side extraction/transformations into DataSHIELD objects. This pattern works identically whether the database is in a cloud VPC or on‑prem and is exactly the workflow described in the resources/resourcer architecture and the dsOMOP reference.\u003c/p\u003e \u003c/div\u003e\n\u003ch3\u003eData Preparation and Harmonization\u003c/h3\u003e\n\u003cp\u003eThe team conducted a comprehensive data mapping of all available datasets in the consortium and identified 37 datasets. Of these, three were cross-cutting and these included datasets on HIV, TB, and Malaria \u003csup\u003e\u003cspan class=\"CitationRef\"\u003e37\u003c/span\u003e\u003c/sup\u003e. To support DataSHIELD deployment at all three sites, we selected one use case dataset from each site. At APHRC, we used datasets specific to health diseases, at DGH, a data set on stroke was used, while IRESSEF used a data set specific to COVID-19. The different datasets were harmonized to the OMOP Common Data Model (CDM) using a conventional OHDSI ETL pipeline and tools. The deployment using different datasets justified the need for harmonized datasets and the goal was to achieve both semantic interoperability (shared vocabularies and table conventions) and analytic interoperability (uniform, privacy‑preserving queries across nodes), if one dataset was to be analysed using DataSHIELD.\u003c/p\u003e\n\u003ch3\u003eOur Experience\u003c/h3\u003e\n\u003cp\u003eOverall, we successfully deployed DataSHIELD to address challenges related to data sharing within the DSWB consortium and, more broadly, across African research settings. We deployed DataSHIELD on both AWS and local servers or computers of the participating institutions. This flexibility enabled the three sites, each at a different level of data ecosystem maturity, to operate within their existing infrastructures. The installation was tested using the site-specific datasets selected from the consortium, allowing the technical teams to experience and understand the critical steps involved in data access, assignment of administrative rights, and procedures for sharing aggregated results once federated analyses are deployed. Demand for federated analysis has since increased across partner sites, and the first federated analysis use case will involve cross-cutting HIV datasets from the three partner institutions.\u003c/p\u003e \u003cp\u003e \u003cb\u003eTraining and Skill Development Outcomes\u003c/b\u003e \u003c/p\u003e \u003cp\u003e \u003c/p\u003e \u003cp\u003eBefore the training, all participating data personnel were subjected to a pre-training survey to ascertain knowledge and key skills. We observed the majority of participants in need for skills in use of data harmonization tools such as the OMOP Common Data Model (53.8%), use of Docker and containerization (84.6%), and use of Linux Operating System for the installation of DataSHIELD (53.8%), Fig.\u0026nbsp;\u003cspan class=\"InternalRef\"\u003e3\u003c/span\u003e.\u003c/p\u003e \u003cp\u003e \u003c/p\u003e \u003cp\u003eThis underscores the need for training before and during deployment of federated tools and the usability of joining Community groups – including the DataSHIELD community. The majority of the participants had no prior knowledge and experience using privacy enhancing technology and DataSHIELD, and showed interest in learning new skills, specific to federation, Fig.\u0026nbsp;\u003cspan class=\"InternalRef\"\u003e4\u003c/span\u003e.\u003c/p\u003e \u003cp\u003eIn response to the identified capacity gaps, and to promote sustainability and reuse in line with Open Science and FAIR principles, we developed and published an openly accessible, web-based training course that consolidates the DataSHIELD and OMOP-based federated analysis curriculum and supports continued, reusable skills development (\u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://isglobal-brge.github.io/workshop_DSWB/\u003c/span\u003e\u003cspan class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003cspan type=\"Underline\" class=\"Underline\" name=\"Emphasis\"\u003e).\u003c/span\u003e The training programme was delivered in complementary blocks addressing analytical, data management, and infrastructure competencies required to sustain a federated analysis network. As summarized in Table\u0026nbsp;\u003cspan class=\"InternalRef\"\u003e2\u003c/span\u003e, Block 1 focused on DataSHIELD concepts, including the client–server workflow, disclosure control, and governance, enabling data scientists and IT staff to successfully execute federated analyses that returned only non-disclosive outputs. Block 2 emphasized data harmonization through the OMOP Common Data Model and dsOMOP integration, equipping data managers and analysts to construct cohorts and query harmonized OMOP data via DataSHIELD. In parallel, infrastructure-focused sessions supported IT administrators in deploying and maintaining secure OPAL and Rock environments with TLS and role-based access controls.\u003c/p\u003e \u003cp\u003e \u003c/p\u003e\u003cdiv class=\"gridtable\"\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003ctable id=\"Tab1\" border=\"1\"\u003e \u003ccaption\u003e \u003cdiv class=\"CaptionNumber\"\u003eTable 1\u003c/div\u003e \u003cdiv class=\"CaptionContent\"\u003e \u003cp\u003eTraining Block Core Topics Participants Demonstrated Outcomes\u003c/p\u003e \u003c/div\u003e \u003c/caption\u003e \u003ccolgroup cols=\"4\"\u003e \u003c/colgroup\u003e \u003cthead\u003e \u003ctr\u003e \u003cth align=\"left\"\u003e \u003cp\u003eBlock\u003c/p\u003e \u003c/th\u003e \u003cth align=\"left\"\u003e \u003cp\u003eTopic\u003c/p\u003e \u003c/th\u003e \u003cth align=\"left\"\u003e \u003cp\u003eParticipants\u003c/p\u003e \u003c/th\u003e \u003cth align=\"left\"\u003e \u003cp\u003eOutcome\u003c/p\u003e \u003c/th\u003e \u003c/tr\u003e \u003c/thead\u003e \u003ctbody\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eBlock 1: DataSHIELD\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eClient–server workflow, disclosure control, statistical analyses\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eData scientists, IT staff\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eExecuted federated analyses with non-disclosive outputs\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eBlock 2: OMOP \u0026amp; dsOMOP\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eOMOP CDM, cohort construction, dsOMOP integration\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eData managers, analysts\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eSuccessfully queried harmonized OMOP data via DataSHIELD\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eInfrastructure\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eOpal, Rock/R, TLS, role-based access, governance\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eIT administrators\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eDeployed and maintained secure federated nodes\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003c/tbody\u003e \u003c/table\u003e\u003c/div\u003e \u003cp\u003e\u003c/p\u003e \u003cdiv id=\"Sec11\" class=\"Section2\"\u003e \u003ch2\u003eChallenges and Solutions\u003c/h2\u003e \u003cp\u003eThe deployment of a federated DataSHIELD infrastructure across multiple African research institutions presented several technical and operational challenges related to connectivity, system configuration, and software heterogeneity (Table\u0026nbsp;\u003cspan class=\"InternalRef\"\u003e2\u003c/span\u003e). Network latency and unstable internet connectivity were common across sites and posed potential barriers to interactive analysis. These challenges were mitigated by leveraging DataSHIELD’s server-side, in-situ computation model, which limits data transfer to non-disclosive aggregate outputs, thereby reducing sensitivity to network latency. In addition, lightweight analytical queries and persistent client–server sessions were adopted to tolerate intermittent connectivity and minimize disruption during analysis workflows.\u003c/p\u003e \u003cp\u003eServer configuration and institutional security requirements also represented a key challenge, particularly with respect to firewall restrictions and approved network ports. To address this, deployments were conducted in close collaboration with institutional IT officers, and all installations adhered strictly to existing security protocols to ensure that DataSHIELD implementation did not compromise institutional infrastructure or data security.\u003c/p\u003e \u003cp\u003eSoftware compatibility issues arose from the use of heterogeneous versions of R and Python across participating sites. This was addressed by defining and enforcing standardized software versions prior to training and deployment. To further reduce variability across local environments, Docker containerization was employed to encapsulate system dependencies and enable reproducible, localized deployments of OPAL, Rock, and dsOMOP services.\u003c/p\u003e \u003cp\u003e \u003c/p\u003e\u003cdiv class=\"gridtable\"\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003cdiv align=\"left\" class=\"colspec\"\u003e\u003c/div\u003e\u003ctable id=\"Tab2\" border=\"1\"\u003e \u003ccaption\u003e \u003cdiv class=\"CaptionNumber\"\u003eTable 2\u003c/div\u003e \u003cdiv class=\"CaptionContent\"\u003e \u003cp\u003eTechnical and Logistical Challenges and Solutions during DataSHIELD Deployment under the DSWB Consortium\u003c/p\u003e \u003c/div\u003e \u003c/caption\u003e \u003ccolgroup cols=\"3\"\u003e \u003c/colgroup\u003e \u003cthead\u003e \u003ctr\u003e \u003cth align=\"left\"\u003e \u003cp\u003eChallenge Category\u003c/p\u003e \u003c/th\u003e \u003cth align=\"left\"\u003e \u003cp\u003eSpecific Challenge Encountered\u003c/p\u003e \u003c/th\u003e \u003cth align=\"left\"\u003e \u003cp\u003eSolution Implemented\u003c/p\u003e \u003c/th\u003e \u003c/tr\u003e \u003c/thead\u003e \u003ctbody\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eNetwork/Connectivity\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eLatency issues\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eServer-side DataSHIELD computation limited data transfer to aggregate results, reducing sensitivity to network latency.\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e\u0026nbsp;\u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eUnstable internet\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eLightweight queries and persistent sessions were used to tolerate intermittent connectivity.\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eServer Configuration\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eFirewall and security issues\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eReferred to the institution IT officer and followed the security protocols to avoid comprising institutional safety during DataSHIELD deployment\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eSoftware compatibility\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eDifferent versions of R software at the sites\u003c/p\u003e \u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eEnsured participants installed standardized software prior to the training\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003ctr\u003e \u003ctd align=\"left\"\u003e\u0026nbsp;\u003c/td\u003e \u003ctd align=\"left\"\u003e\u0026nbsp;\u003c/td\u003e \u003ctd align=\"left\"\u003e \u003cp\u003eUsed Docker containers to allow localized deployment\u003c/p\u003e \u003c/td\u003e \u003c/tr\u003e \u003c/tbody\u003e \u003c/table\u003e\u003c/div\u003e \u003cp\u003e\u003c/p\u003e \u003c/div\u003e "},{"header":"Reflections and Discussion","content":"\u003cp\u003eThe deployment of DataSHIELD through the DSWB consortium represents a landmark achievement for data science in Africa. Across the continent, implementations of open-source software for federated analysis and learning remain rare. According to recent updates from the DataSHIELD community, only one or two use cases have been documented in Africa, underscoring a substantial gap in methodological advances and comparative work between Africa and the rest of the global community. For multi-country data-driven projects where data sharing and trust are critical for successful collaboration, the feasibility of data federation is essential. This need is particularly pronounced in Africa, where weak policy and legal frameworks, the absence of a continental data-sharing framework, limited institutional data policies, and poor data practices collectively hinder trust in data sharing \u003csup\u003e\u003cspan class=\"CitationRef\"\u003e5\u003c/span\u003e,\u003cspan class=\"CitationRef\"\u003e6\u003c/span\u003e\u003c/sup\u003e. Consequently, demand is growing for solutions that allow data to remain at the point of collection while still enabling robust federated analyses.\u003c/p\u003e\u003ch2\u003eBroader Implications for Research\u003c/h2\u003e\u003cp\u003eThe DataSHIELD framework offers substantial opportunities to advance health research in Africa. This privacy-preserving analytical platform can be strategically applied to infectious disease surveillance, non-communicable disease research, and other emerging public health challenges. For infectious diseases, DataSHIELD enables near real-time, multi-country analyses of outbreaks without centralizing sensitive patient data, facilitating rapid epidemic response while maintaining data sovereignty. For non-communicable diseases such as diabetes, hypertension, cardiovascular disease, and cancer, the framework supports harmonization of heterogeneous datasets from different health systems, enabling large-scale comparative studies to identify risk factors, treatment outcomes, and health disparities across diverse African populations. A continental data network underpinned by DataSHIELD principles could address key barriers to pan-African health research, including data protection concerns, limited technical infrastructure, and the need for local control of sensitive health information. Such a network would align with the African Union’s health agenda, strengthen health systems research capacity, support evidence-based policy, and position African institutions as equal partners in global health research. By fostering a federated data ecosystem that respects national sovereignty while enabling large-scale analyses, DataSHIELD can support rigorous, ethically robust collaborative research and contribute to improved health outcomes across Africa.\u003c/p\u003e\u003ch2\u003eComparison of DataSHIELD to Other Models of Federated Analysis\u003c/h2\u003e\u003cp\u003eWhile several federated data analysis frameworks exist, DataSHIELD and Vantage6 exemplify two distinct approaches to privacy-preserving collaborative research. DataSHIELD, implemented in R, uses a disclosure-control framework that limits analyses to non-disclosive functions, ensuring that individual-level data remain at their source while still supporting advanced methods such as generalized linear models, survival analysis, and machine learning. This provides strong protections against data disclosure and integrates well with established R-based workflows, making it particularly suitable for epidemiologists and biostatisticians. In contrast, Vantage6 offers a more flexible, containerized infrastructure that supports multiple programming languages (e.g., Python, R) and enables deployment of custom algorithms via Docker containers, offering greater algorithmic freedom and adaptability. Both retain data within institutional firewalls but differ in governance: DataSHIELD’s function-based restrictions embed privacy by design, whereas Vantage6’s container-based model requires explicit review and approval of analytic algorithms by data custodians. In the African context, DataSHIELD’s lower technical barrier, proven use in multi-country health research, and alignment with existing R-based capacity make it highly attractive, while Vantage6 may be preferable for projects needing specialized computation or Python-based machine learning. Both frameworks support the overarching goal of enabling collaborative research without compromising data sovereignty, a central concern for African institutions seeking equitable participation in global health research while retaining control over sensitive population data.\u003c/p\u003e"},{"header":"Conclusion","content":"\u003cp\u003eThe successful deployment of DataSHIELD under the Data Science Without Borders in Africa project demonstrates the feasibility of robust, real-world federated analysis in low- and middle-income settings. By demonstrating both a clear demand for and a practical pathway to the secure deployment of DataSHIELD and other federated tools, this work shows that there is potential for collaborative data analysis with a common research question to support pooled meta-analysis, which can be achieved while fully respecting data sovereignty and privacy. This initiative has laid a crucial foundation for a new era of data-driven research and evidence-informed policy-making on the African continent, and it highlights the substantial potential of federated approaches to strengthen health research, foster regional collaboration, and ultimately improve population outcomes.\u003c/p\u003e"},{"header":"Declarations","content":"\u003cp\u003e \u003ch2\u003eCompeting Interests\u003c/h2\u003e \u003cp\u003eThe authors declare no competing interests.\u003c/p\u003e \u003c/p\u003e\u003ch2\u003eFunding\u003c/h2\u003e \u003cp\u003eThe study was funded through a grant from the Wellcome, Grant number 228139, awarded to Agnes Kiragga at the African Population and Health Research Center, Kenya.\u003c/p\u003e\u003ch2\u003eAuthor Contribution\u003c/h2\u003e\u003cp\u003eAK and JG designed and conceptualized the study. AK, JG and DS wrote the original draft of the manuscript. Visualizations were done by MO, SC and PA. RW, JG and DS produced the Software. All authors reviewed and edited the manuscript and approved the final version for submission.\u003c/p\u003e\u003ch2\u003eAcknowledgement\u003c/h2\u003e\u003cp\u003eWe acknowledge support from the Barcelona Institute of Global Health and the London School of Hygiene and Tropical Medicine for the support towards training and deployment of DataSHIELD.\u003c/p\u003e\u003ch2\u003eData Availability\u003c/h2\u003e\u003cp\u003eThe datasets used in this study are available from the corresponding author upon request.\u003c/p\u003e"},{"header":"References","content":"\u003col\u003e\u003cli\u003e\u003cspan\u003eNaghavi, M. et al. Global burden of 292 causes of death in 204 countries and territories and 660 subnational locations, 1990\u0026ndash;2023: a systematic analysis for the Global Burden of Disease Study 2023. \u003cem\u003eLancet\u003c/em\u003e \u003cb\u003e406\u003c/b\u003e, 1811\u0026ndash;1872 (2025).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eNdembi, N. et al. Evolving Epidemiology of Mpox in Africa in 2024. \u003cem\u003eN Engl. J. Med.\u003c/em\u003e \u003cb\u003e392\u003c/b\u003e, 666\u0026ndash;676 (2025).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eBrand, D., Singh, J. A., McKay, A. G. N., Cengiz, N. \u0026amp; Moodley, K. Data sharing governance in sub-Saharan Africa during public health emergencies: Gaps and guidance. \u003cem\u003eSouth Afr. J. Sci\u003c/em\u003e \u003cb\u003e118\u003c/b\u003e, (2023).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eBadriyya, Y. \u003cem\u003eHarmonization of Data Governance Frameworks in Africa\u003c/em\u003e. (2024).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eKabanda, S. M. et al. Data sharing and data governance in sub-Saharan Africa: Perspectives from researchers and scientists engaged in data-intensive research. \u003cem\u003eSouth Afr. J. Sci\u003c/em\u003e \u003cb\u003e119\u003c/b\u003e, (2023).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eICT Works. 14 Barriers to Using Open Data for Better Development Decisions. \u003cem\u003e14 Barriers to Using Open Data for Better Development Decisions\u003c/em\u003e (2024). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://www.ictworks.org/open-data-development-decisions/\u003c/span\u003e\u003cspan address=\"https://www.ictworks.org/open-data-development-decisions/\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eEuropean Union Parliament. REGULATION (EU) 2022/868 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 30 May 2022 on European data governance and amending Regulation (EU) 2018/1724 (Data Governance Act). (2022).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eOrji, U. J. The African Union Convention on Cybersecurity: A Regional Response Towards Cyber Stability? \u003cem\u003eMasaryk Univ. J. Law Technol.\u003c/em\u003e \u003cb\u003e12\u003c/b\u003e, 91\u0026ndash;130 (2018).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eCollaborators Observational Health Data Sciences and Informatics (OHDSI). (2026).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eHuman-Centered Artificial Intelligence. \u003cem\u003eArtificial Intelligence Index Report 2024\u003c/em\u003e. (2024). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://hai-production.s3.amazonaws.com/files/hai_ai-index-report-2024-smaller2.pdf\u003c/span\u003e\u003cspan address=\"https://hai-production.s3.amazonaws.com/files/hai_ai-index-report-2024-smaller2.pdf\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eGaye, A. et al. DataSHIELD: taking the analysis to the data, not the data to the analysis. \u003cem\u003eInt. J. Epidemiol.\u003c/em\u003e \u003cb\u003e43\u003c/b\u003e, 1929\u0026ndash;1944 (2014).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eWilson, R. C. et al. DataSHIELD \u0026ndash; New Directions and Dimensions. \u003cem\u003eData Sci. J.\u003c/em\u003e \u003cb\u003e16\u003c/b\u003e, 21 (2017).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eAvraam, D. et al. DataSHIELD: mitigating disclosure risk in a multi-site federated analysis platform. \u003cem\u003eBioinforma Adv.\u003c/em\u003e \u003cb\u003e5\u003c/b\u003e, vbaf046 (2025).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eBudin-Lj\u0026oslash;sne, I. et al. DataSHIELD: an ethically robust solution to multiple-site individual-level data analysis. \u003cem\u003ePublic. Health Genomics\u003c/em\u003e. \u003cb\u003e18\u003c/b\u003e, 87\u0026ndash;96 (2015).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eMurtagh, M. J. et al. Securing the Data Economy: Translating Privacy and Enacting Security in the Development of DataSHIELD. \u003cem\u003ePublic. Health Genomics\u003c/em\u003e. \u003cb\u003e15\u003c/b\u003e, 243\u0026ndash;253 (2012).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eMurtagh, M. J. et al. The ECOUTER methodology for stakeholder engagement in translational research. \u003cem\u003eBMC Med. Ethics\u003c/em\u003e. \u003cb\u003e18\u003c/b\u003e, 24 (2017).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eWallace, S. E., Gaye, A., Shoush, O. \u0026amp; Burton, P. R. Protecting Personal Data in Epidemiological Research: DataSHIELD and UK Law. \u003cem\u003ePublic. Health Genomics\u003c/em\u003e. \u003cb\u003e17\u003c/b\u003e, 149\u0026ndash;157 (2014).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eRitchie, F. Five Safes: designing data access for research. Preprint at https://doi.org/ (2016). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003e10.13140/RG.2.1.3661.1604\u003c/span\u003e\u003cspan address=\"http://10.13140/RG.2.1.3661.1604\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eStandard Architecture for Trusted Research Environments. The SATRE Specification. (2026). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://satre-specification.readthedocs.io/en/stable/specification.html\u003c/span\u003e\u003cspan address=\"https://satre-specification.readthedocs.io/en/stable/specification.html\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eWilkinson, M. D. et al. The FAIR Guiding Principles for scientific data management and stewardship. \u003cem\u003eSci. Data\u003c/em\u003e. \u003cb\u003e3\u003c/b\u003e, 160018 (2016).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eJones, E. M. et al. DataSHIELD \u0026ndash; shared individual-level analysis without sharing the data: a biostatistical perspective. \u003cem\u003eNor Epidemiol\u003c/em\u003e \u003cb\u003e21\u003c/b\u003e, (2012).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eJones, E. M., Sheehan, N. A., Gaye, A., Laflamme, P. \u0026amp; Burton, P. Combined analysis of correlated data when data cannot be pooled. \u003cem\u003eStat\u003c/em\u003e \u003cb\u003e2\u003c/b\u003e, 72\u0026ndash;85 (2013).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eWikipedia The DataSHIELD Community wiki. (2026). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://wiki.datashield.org/en/home\u003c/span\u003e\u003cspan address=\"https://wiki.datashield.org/en/home\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eGoldacre, B. \u0026amp; Morley, J. \u003cem\u003eBetter, Broader, Safer: Using Health Data for Research and Analysis\u003c/em\u003e. 130 (2022). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://assets.publishing.service.gov.uk/media/624ea0ade90e072a014d508a/goldacre-review-using-health-data-for-research-and-analysis.pdf\u003c/span\u003e\u003cspan address=\"https://assets.publishing.service.gov.uk/media/624ea0ade90e072a014d508a/goldacre-review-using-health-data-for-research-and-analysis.pdf\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eButters, O. W. et al. The Biomedical Research Infrastructure Software as a Service Kit (BRISSKit): technical description. \u003cem\u003eF1000Research\u003c/em\u003e 5, 1905 (2016).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eNFDI4Health. \u003cem\u003eNFDI4Health\u003c/em\u003e (2026). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://www.nfdi4health.de/en/\u003c/span\u003e\u003cspan address=\"https://www.nfdi4health.de/en/\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eVan Vliet-Ostaptchouk, J. V. et al. The prevalence of metabolic syndrome and metabolically healthy obesity in Europe: a collaborative analysis of ten large cohort studies. \u003cem\u003eBMC Endocr. Disord\u003c/em\u003e. \u003cb\u003e14\u003c/b\u003e, 9 (2014).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eVinther, J. L. et al. Gestational age at birth and body size from infancy through adolescence: An individual participant data meta-analysis on 253,810 singletons in 16 birth cohort studies. \u003cem\u003ePLOS Med.\u003c/em\u003e \u003cb\u003e20\u003c/b\u003e, e1004036 (2023).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eVrijheid, M. et al. Advancing tools for human early lifecourse exposome research and translation (ATHLETE): Project overview. \u003cem\u003eEnviron. Epidemiol.\u003c/em\u003e \u003cb\u003e5\u003c/b\u003e, e166 (2021).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eZijlema, W. et al. Road traffic noise, blood pressure and heart rate: Pooled analyses of harmonized data from 88,336 participants. \u003cem\u003eEnviron. Res.\u003c/em\u003e \u003cb\u003e151\u003c/b\u003e, 804\u0026ndash;813 (2016).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eDelfin, C. et al. A Federated Database for Obesity Research: An IMI-SOPHIA Study. \u003cem\u003eLife\u003c/em\u003e \u003cb\u003e14\u003c/b\u003e, 262 (2024).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003ePuskaric, M. et al. Privacy-Preserving Workflow for the Cross-Border Federated Analysis of Clinical Data. in Studies in Health Technology and Informatics (ed (ed Mantas, J.) (IOS, doi:\u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003e10.3233/SHTI240737\u003c/span\u003e\u003cspan address=\"10.3233/SHTI240737\" targettype=\"DOI\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e. (2024).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eMarcon, Y. et al. Orchestrating privacy-protected big data analyses of data from different resources with R and DataSHIELD. \u003cem\u003ePLoS Comput. Biol.\u003c/em\u003e \u003cb\u003e17\u003c/b\u003e, e1008880 (2021).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eEscriba-Montagut, X. et al. Federated privacy-protected meta- and mega-omics data analysis in multi-center studies with a fully open-source analytic platform. \u003cem\u003ePLoS Comput. Biol.\u003c/em\u003e \u003cb\u003e20\u003c/b\u003e, e1012626 (2024).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eCao, H. et al. dsMTL: a computational framework for privacy-preserving, distributed multi-task machine learning. \u003cem\u003eBioinformatics\u003c/em\u003e \u003cb\u003e38\u003c/b\u003e, 4919\u0026ndash;4926 (2022).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eSarrat-Gonz\u0026aacute;lez, D., Escrib\u0026agrave;-Montagut, X., Houghtaling, J. \u0026amp; Gonz\u0026aacute;lez, J. R. dsOMOP: bridging OMOP CDM and DataSHIELD for secure federated analysis of standardized clinical data. \u003cem\u003eBioinformatics\u003c/em\u003e \u003cb\u003e41\u003c/b\u003e, btaf286 (2025).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eKiragga, A. N. et al. Data science without borders: bridging the divide in data science capacity across African health institutions. \u003cem\u003eFront. Public. Health\u003c/em\u003e. \u003cb\u003e13\u003c/b\u003e, 1695907 (2025).\u003c/span\u003e\u003c/li\u003e \u003cli\u003e\u003cspan\u003eGonzalez, J. \u0026amp; Sarrat-Gonz\u0026aacute;lez, D. \u003cem\u003eDSWB Training Materials\u003c/em\u003e. (2025). \u003cspan class=\"ExternalRef\"\u003e\u003cspan class=\"RefSource\"\u003ehttps://isglobal-brge.github.io/workshop_DSWB/\u003c/span\u003e\u003cspan address=\"https://isglobal-brge.github.io/workshop_DSWB/\" targettype=\"URL\" class=\"RefTarget\"\u003e\u003c/span\u003e\u003c/span\u003e\u003c/span\u003e\u003c/li\u003e\u003c/ol\u003e"}],"fulltextSource":"","fullText":"","funders":[],"hasAdminPriorityOnWorkflow":false,"hasManuscriptDocX":true,"hasOptedInToPreprint":true,"hasPassedJournalQc":"","hasAnyPriority":false,"hideJournal":false,"highlight":"","institution":"","isAcceptedByJournal":false,"isAuthorSuppliedPdf":false,"isDeskRejected":"","isHiddenFromSearch":false,"isInQc":false,"isInWorkflow":false,"isPdf":false,"isPdfUpToDate":true,"isWithdrawnOrRetracted":false,"journal":{"display":true,"email":"
[email protected]","identity":"scientific-reports","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"scirep","sideBox":"Learn more about [Scientific Reports](http://www.nature.com/srep/)","snPcode":"","submissionUrl":"","title":"Scientific Reports","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"stoa","reportingPortfolio":"Scientific Reports","inReviewEnabled":true,"inReviewRevisionsEnabled":true},"keywords":"DataSHIELD, Federated Analysis, Africa, Data Sovereignty, OMOP Common Data Model","lastPublishedDoi":"10.21203/rs.3.rs-9149238/v1","lastPublishedDoiUrl":"https://doi.org/10.21203/rs.3.rs-9149238/v1","license":{"name":"CC BY 4.0","url":"https://creativecommons.org/licenses/by/4.0/"},"manuscriptAbstract":"\u003cp\u003eCollaborative health research across Africa is constrained by data sovereignty concerns, heterogeneous regulatory frameworks, limited infrastructure, and persistent capacity gaps, which hinder equitable cross-border data sharing. These challenges limit the availability of large, harmonized datasets needed to address the continent\u0026rsquo;s burden of infectious and non-communicable diseases while maintaining control over sensitive health data.\u003c/p\u003e \u003cp\u003eWithin this context, the Data Science Without Borders in Africa (DSWB) project implemented a privacy-preserving federated analysis framework using DataSHIELD across four institutions in Senegal, Cameroon, Ethiopia, and Kenya. This study documents the design, deployment, and early outcomes of this implementation. The approach combined consortium-wide data governance harmonization, a structured capacity-building programme, and a standardized technical architecture integrating DataSHIELD with the OMOP Common Data Model via dsOMOP.\u003c/p\u003e \u003cp\u003eThe deployment resulted in a functional federated network that enabled secure, in-situ analyses of harmonized clinical data. Multidisciplinary teams successfully executed federated descriptive and modelling analyses, managed Opal-based servers and implemented OMOP-based data harmonization workflows. Challenges related to connectivity, software heterogeneity, and institutional security were mitigated through server-side computation, standardized environments, and collaboration with institutional IT teams. Overall, this work demonstrates the feasibility of scalable, ethically robust federated health data analysis in diverse African research settings while preserving data sovereignty.\u003c/p\u003e","manuscriptTitle":"Advancing Data Sovereignty in Africa: Deploying DataSHIELD to Federate Cross-Border Data Silos within the Data Science Without Borders Initiative","msid":"","msnumber":"","nonDraftVersions":[{"code":1,"date":"2026-03-31 14:15:40","doi":"10.21203/rs.3.rs-9149238/v1","editorialEvents":[{"type":"communityComments","content":0},{"type":"decision","content":"Revision requested","date":"2026-05-14T10:36:11+00:00","index":"","fulltext":""},{"type":"editorInvitedReview","content":"","date":"2026-04-07T14:29:27+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"22704702896042702227265831700220917446","date":"2026-03-30T10:05:00+00:00","index":"hide","fulltext":""},{"type":"reviewerAgreed","content":"290439552845045337356266492420908601934","date":"2026-03-27T14:29:12+00:00","index":"hide","fulltext":""},{"type":"reviewersInvited","content":"","date":"2026-03-27T12:25:42+00:00","index":"","fulltext":""},{"type":"editorAssigned","content":"","date":"2026-03-27T12:11:37+00:00","index":"","fulltext":""},{"type":"editorInvited","content":"","date":"2026-03-27T09:33:47+00:00","index":"","fulltext":""},{"type":"checksComplete","content":"","date":"2026-03-25T10:01:23+00:00","index":"","fulltext":""},{"type":"submitted","content":"Scientific Reports","date":"2026-03-25T09:52:42+00:00","index":"","fulltext":""}],"status":"published","journal":{"display":true,"email":"
[email protected]","identity":"scientific-reports","isNatureJournal":false,"hasQc":true,"allowDirectSubmit":false,"externalIdentity":"scirep","sideBox":"Learn more about [Scientific Reports](http://www.nature.com/srep/)","snPcode":"","submissionUrl":"","title":"Scientific Reports","twitterHandle":"","acdcEnabled":true,"dfaEnabled":true,"editorialSystem":"stoa","reportingPortfolio":"Scientific Reports","inReviewEnabled":true,"inReviewRevisionsEnabled":true}}],"origin":"","ownerIdentity":"f0093ef7-a6b8-4910-952f-85b02b13f516","owner":[],"postedDate":"March 31st, 2026","published":true,"recentEditorialEvents":[{"type":"decision","content":"Revision requested","date":"2026-05-14T10:36:11+00:00","index":"","fulltext":""}],"rejectedJournal":[],"revision":"","amendment":"","status":"in-revision","subjectAreas":[{"id":65475117,"name":"Biological sciences/Computational biology and bioinformatics"},{"id":65475118,"name":"Scientific community and society/Developing world"},{"id":65475119,"name":"Health sciences/Health care"},{"id":65475120,"name":"Physical sciences/Mathematics and computing"},{"id":65475121,"name":"Health sciences/Medical research"}],"tags":[],"updatedAt":"2026-05-14T10:39:55+00:00","versionOfRecord":[],"versionCreatedAt":"2026-03-31 14:15:40","video":"","vorDoi":"","vorDoiUrl":"","workflowStages":[]},"version":"v1","identity":"rs-9149238","journalConfig":"researchsquare"},"__N_SSP":true},"page":"/article/[identity]/[[...version]]","query":{"redirect":"/article/rs-9149238","identity":"rs-9149238","version":["v1"]},"buildId":"XKTyCvWXoU3ODBz1xrDgd","isFallback":false,"isExperimentalCompile":false,"dynamicIds":[84888],"gssp":true,"scriptLoader":[]}
Text is read by the "Ask this paper" AI Q&A widget below.
Extraction quality varies by source — PMC NXML preserves structure
cleanly, OA-HTML may include some navigation residue, and OA-PDF can
have broken hyphenation. The publisher copy
(via DOI)
is the canonical version.