As almost all translational medicine data are personal data of high sensitivity, the application of and compliance with the General Data Protection Regulation (GDPR) is a central topic in ELIXIR-LU.
ELIXIR-LU is engaged in training activities around the GDPR and develops solutions for the various requirements. In this context, ELIXIR-LU is developing the open source software DAISY for a research data registry and is working on a generic data agreement wizard. Contract templates for our data hosting services and the corresponding data use agreement are already available here:
- data hosting services agreement [v2.2, updated October 2020]
- data use agreement [v1.5, updated July 2021]
For an introduction into the GDPR and its implication for sharing of research data, have a look at the ELIXIR Webinar on the topic: Requirements in data protection law and the upcoming General Data Protection Regulation (GDPR) implementation. The slides are available here.
For a quick overview on GDPR and its impact on biomedical research, have a look at the article entitled “Biomedical research: achieving transparency under the General Data Protection Regulation”, published in the September 2018 issue of Semper, a monthly magazine distributed in Luxembourg and targeting doctors, pharmacists and healthcare professionals. The full text can be found in the online version of the magazine (p. 26 - 28).
Other presentations regarding the GDPR:
- FAIR Human Data under GDPR
- The BEACON use case under the GDPR
- The Galaxy use case under the GDPR
- Obligations of a controller - A walk through the GDPR
- Responsibility and Accountability
Open source software for a research data registry Within life-science research, the EU General Data Protection Regulation has a significant operational impact on organisations that use and exchange controlled-access Human Data. One key principle of the GDPR is accountability, where institutions are required to keep a record of their “data processings”. The Data Information System (DAISY) is designed to help institutions, projects or data hubs to record personal data used in biomedical research.
For more information:
- DAISY: A Data Information System for accountability under the General Data Protection Regulation GigaScience, Volume 8, Issue 12, December 2019.
- Provenance-enabled stewardship of human data in the GDPR era (F1000 poster)
- Alper P. et al. (2018) Provenance-Enabled Stewardship of Human Data in the GDPR Era. In: Belhajjame K., Gehani A., Alper P. (eds) Provenance and Annotation of Data and Processes. IPAW 2018. Springer Lecture Notes in Computer Science, vol 11017.