Appropriate safeguards and Article 89 of the GDPR: considerations for biobank, databank and genetic research

Staunton, Ciara ORCID logoORCID:, Slokenberga, Santa, Parziale, Andrea and Mascalzoni, Deborah (2022) Appropriate safeguards and Article 89 of the GDPR: considerations for biobank, databank and genetic research. Frontiers in Genetics, 13 , 719317. pp. 1-10. ISSN 1664-8021 [Article] (doi:10.3389/fgene.2022.719317)

[img] PDF - Published version (with publisher's formatting)
Available under License Creative Commons Attribution 4.0.

Download (615kB)


The collection and use of biological samples and data for genetic research, or for storage in a biobank or databank for future research, impacts upon many fundamental rights, including the right to dignity, the right to private and family life, the right to protection of personal data, the right to freedom of arts and sciences, and the right to non-discrimination. The use of genetic data and other health-related data in this context must be used in a manner that is rooted in human rights. Owing in part to the General Data Protection Regulation (GDPR) coming into force, the right to the protection of personal data in the context of scientific research has been afforded increasing attention. The GDPR gives effect to the right to data protection, but states that this right must be balanced against other rights and interests. The GDPR applies to all personal data, with specific attention to special categories of data, that includes health and genetic data. The collection, access to, and sharing of such data must comply with the GDPR, and therefore directly impacts the use of such data in research. The GDPR does provide for several derogations and exemptions for research from many of the strict processing requirements. Such derogations are permitted only if there are appropriate safeguards in place. Article 89 states that to be appropriate, safeguards must be “in accordance” with the GDPR “for the rights and freedoms of the data subject”. In particular, those safeguards must ensure “respect for the principle of data minimisation”. Despite the importance of safeguards, the GDPR is silent as to the specific measures that may be adopted to meet these requirements. This paper considers Article 89 and explores safeguards that may be deemed appropriate in the context of biobanks, databanks, and genetic research.

Item Type: Article
Additional Information: Specialty section: This article was submitted to ELSI in Science and Genetics, a section of the journal Frontiers in Genetics
Keywords (uncontrolled): Genetics, GDPR–general data protection regulation, biobank, genetic research, safeguards, consent, ethics review and governance
Research Areas: A. > School of Law
Item ID: 34833
Notes on copyright: Copyright © 2022 Staunton, Slokenberga, Parziale and Mascalzoni. This is an openaccess article distributed under the terms of the Creative Commons Attribution License (CC BY). The use, distribution or reproduction in other forums is permitted, provided the original author(s) and the copyright owner(s) are credited and that the original publication in this journal is cited, in accordance with accepted academic practice. No use, distribution or reproduction is permitted which does not comply with these terms
Useful Links:
Depositing User: Jisc Publications Router
Date Deposited: 07 Mar 2022 10:44
Last Modified: 07 Mar 2022 10:46

Actions (login required)

View Item View Item


Activity Overview
6 month trend
6 month trend

Additional statistics are available via IRStats2.