ISC on 27 April 2017 in Brussels organized a seminar which examined the impact of the EU’s General Data Protection Regulation (GDPR) on the operation of R&D and science and on collaborative research in the EU and globally. Particular attention was given to use of personal data for health-related research.
The GDPR entered into force on 24 May 2016 and will apply from 25 May 2018. The GDPR entails a modernized, single set of data protection and privacy rules and is aimed at empowering the citizens, as well as establishing legal certainty for business and innovation based on clear and uniform rules. It will replace the data protection directive (Directive 95/46/EC), dating back to 1995. The GDPR will apply to all organizations in and outside the EU that deal with the personal data of EU individuals. Therefore, science-based and research organizations will need to take advantage of the period up to 25 May 2018 to prepare for a significant increase in their data protection responsibilities and advance their privacy compliance programmes.
The seminar on 27 April aimed to further explore issues and concerns raised at the first edition of the seminar, held in October 2016. One of the outcomes of this seminar held was a wide support for developing code(s) of conduct. Namely, the implementation of the GDPR foresees in Article 40 the establishment of codes of conduct as one of the means contributing to the proper application of the regulation. Moreover, research-based organizations at the previous edition of the seminar expressed concerns regarding the potential risk of fragmentation deriving from the possibility of Member States’ derogations that may establish uneven conditions for researchers and pose challenges for research collaboration between and amongst Member States and globally. As explained in a Nature article by Prof Jan-Eric Litton
, the data sharing rules urgently need to be clarified.
The seminar on 27 April 2017 continued the discussion and addressed the issues outlined above, as well as highlighted:
- the impact of the GDPR on research and technology based organizations and how the scientific community can prepare for GDPR compliance, with a special focus on developing the code(s) of conduct;
- how the European Cloud Initiative will deal with GDPR provisions and how will data protection be accommodated in the European Open Science Cloud governance;
- whether the GDPR will help or hinder the advancement of health and medical research and what are the specific issues for using personal data for health-related research;
- the global dimension of collaborative R&D in the new data protection environment.
The final agenda, the speakers' bios, the presentations, and the draft seminar report are available in the "Downloads" section below.
For further information, please contact:
Declan Kirrane, Managing Director, ISCTel: + 32 494 34 60 40
Tjaša Petročnik, Policy Analyst, ISC
Tel: +32 2 880 36 24