Abstract

AbstractNorway is generally regarded as having good opportunities for biobank research because of Biobank Norway—its national infrastructure of biobanks—which represents one of the world’s largest existing resources within biobanking. It covers both consented population-based and disease-specific clinical biobanks. However, the regulatory framework in Norway for biobanking is fragmented, which makes navigating the legal landscape challenging.The Personal Data Act (PDA) implements the General Data Protection Regulation (GDPR), and a few adjustments were made in the national health legislation in order to bring it into line with the GDPR. The Health Research Act (HRA) enables the use of biobanking and personal data in research with and without the consent of individuals. There are some disagreements about the changes brought about by the GDPR when it comes to research on biological material that includes personal data. When implementing GDPR Article 89, it was emphasised that the Data Protection Officer (DPO) has an important role even though the research ethics committee has allowed the use of data (the regional committee for medical and health research ethics (REC)). This has created conflicts. This article highlights key issues and ambiguities related to the GDPR and national legislation, and the relationship between the two.

Highlights

  • Norway is not a member of the European Union (EU) but it is part of the European Economic Area (EEA)

  • When implementing General Data Protection Regulation (GDPR) Article 89, it was emphasised that the Data Protection Officer (DPO) has an important role even though the research ethics committee has allowed the use of data (the regional committee for medical and health research ethics (REC))

  • Different interpretations of GDPR Article 89 has led to uncertainty about the legal basis for research and datasharing

Read more

Summary

Introduction

Norway is not a member of the European Union (EU) but it is part of the European Economic Area (EEA). The GDPR provides for a two-level framework to enable derogations from these rights when scientific research is concerned, first, by directly invoking in provisions of the GDPR on a condition that safeguards that must include ‘technical and organisational measures’ are in place and second, through the Member State law.[1] These derogations can be challenging in light of the legal and ethical standards in biobanking that have been set forth in international treaties, national legislation, and how GDPR has been implemented through changes in the health legislation, and other legal instruments, as soft law. Biobanks in Norway have access to unparalleled longitudinal health data in health registers It is a unique asset for global research and innovation projects within life sciences, disease prevention and treatment. The HUNT Databank contains blood and urine samples stored in the HUNT Biobank which can be requested and defrosted for genetic analyses and other biological markers.[8]

Norwegian Regulations
Consent
Confidentiality Protection
Purpose Limitation
Law in Context
Conclusions
86 Helse- og omsorgsdepartementet
Full Text
Published version (Free)

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call