Abstract
The use of personal data is critical to ensure quality and reliability in scientific research. The new Regulation [European Union (EU)] 2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data [general data protection regulation (GDPR)], repealing Directive 95/46/EC, strengthens and harmonises the rules for protecting individuals’ privacy rights and freedoms within and, under certain conditions, outside the EU territory. This new and historic legal milestone both prolongs and updates the EU acquis of the previous Data Protection Directive 95/46/EC. The GDPR fixes both general rules applying to any kind of personal data processing and specific rules applying to the processing of special categories of personal data such as health data taking place in the context of scientific research, this including clinical and translational research areas. This article aims to provide an overview of the new rules to consider where scientific projects include the processing of personal health data, genetic data or biometric data and other kinds of sensitive information whose use is strictly regulated by the GDPR in order to give the main key facts to researchers to adapt their practices and ensure compliance to the EU law to be enforced in May 2018.
Highlights
After a long and intense reform, the European Union (EU) adopted the new Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 [1] on the protection of natural persons with regard to the processing1 of personal data2 and on the free movement of such data [general data protection regulation (GDPR)], repealing the previous Data Protection Directive 95/46/EC of 1995 [2]
With the GDPR, the EU reaffirms its attachment to the protection of fundamental rights and freedoms of individuals, notably those related to the protection of individuals’ privacy including the specific fundamental right to personal data protection enshrined within the Charter of the Fundamental Rights of the EU3 [3] and within the primary EU law Treaty on the Functioning of the EU4 [4], as well as its willingness to accelerate the achievement of the internal market for which the free flow of personal data is essential, for commercial and non-commercial relationships
The GDPR aims to harmonise the rules for all the Member States in order to reduce the legal fragmentation, complexities and uncertainties that existed between Member States under the Data Protection Directive, and to reinforce the data subjects’5 rights in a digitalised and evolutive environment in order for them to regain control over their personal data
Summary
After a long and intense reform, the European Union (EU) adopted the new Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 [1] on the protection of natural persons with regard to the processing of personal data and on the free movement of such data [general data protection regulation (GDPR)], repealing the previous Data Protection Directive 95/46/EC of 1995 [2]. The EU definitely approximates the law and the technology, two essential elements of the data protection system that shall develop together to allow legal compliance in a modern world According to this techno-legal approach, the GDPR states that ‘considering the state of the art, the cost of implementation and the nature, scope, context and purposes of processing as well as the risks of varying likelihood and severity for rights and freedoms of natural persons posed by the processing, the controller shall, both at the time of the determination of the means for processing and at the time of the processing itself, implement appropriate technical and organisational measures, such as pseudonymisation, which are designed to implement data-protection principles, such as data minimisation, in an effective manner and to integrate the necessary safeguards into the processing in order to meet the requirements of this Regulation and protect the rights of data subjects.’. This system relies on a couple of new procedures which are applied in scientific research settings
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
