The GDPR and the research exemption: considerations on the necessary safeguards for research biobanks

Staunton, Ciara, Slokenberga, Santa and Mascalzoni, Deborah (2019) The GDPR and the research exemption: considerations on the necessary safeguards for research biobanks. European Journal of Human Genetics, 27 (8). pp. 1159-1167. ISSN 1018-4813 (Published online first)

[img]
Preview
PDF - Published version (with publisher's formatting)
Available under License Creative Commons Attribution.

Download (521kB) | Preview
[img] PDF - Final accepted version (with author's formatting)
Restricted to Repository staff and depositor only until 17 October 2019.

Download (311kB)

Abstract

The General Data Protection Regulation (GDPR) came into force in May 2018. The aspiration of providing for a high level of protection to individuals’ personal data risked placing considerable constraints on scientific research, that was contrary to various research traditions across the EU. Therefore, along with the set of carefully outlined data subjects’ rights, the GDPR provides for a two-level framework to enable derogations from these rights when scientific research is concerned. First, by directly invoking provisions of the GDPR on a condition that safeguards that must include ‘technical and organisational measures’ are in place and second, through the Member State law.

Although these derogations are allowed in the name of scientific research, they can simultaneously be challenging in light of the ethical requirements and well-established standards in biobanking that have been set forth in various research-related soft legal tools, international treaties and other legal instruments. In this paper we review such soft legal tools, international treaties and other legal instruments that regulate the use of health research data. We report on the results of this review, and analyse the rights contained within the GDPR and Article 89 of the GDPR vis-à-vis these instruments. These instruments were also reviewed to provide guidance on possible safeguards that should be followed when implementing any derogations. To conclude, we will offer some commentary on limits of the derogations under the GDPR and appropriate safeguards to ensure compliance with standard ethical requirements.

Item Type: Article
Research Areas: A. > School of Law
Item ID: 26800
Notes on copyright: This article is licensed under a Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made. The images or other third party material in this article are included in the article’s Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the article’s Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder. To view a copy of this license, visit http://creativecommons.org/licenses/by/4.0/.
Useful Links:
Depositing User: Ciara Staunton
Date Deposited: 14 Jun 2019 09:28
Last Modified: 18 Sep 2019 18:37
URI: https://eprints.mdx.ac.uk/id/eprint/26800

Actions (login required)

Edit Item Edit Item

Full text downloads (NB count will be zero if no full text documents are attached to the record)

Downloads per month over the past year