COVID-19 Research: Navigating the European General Data Protection Regulation
Citations Over TimeTop 10% of 2020 papers
Abstract
Researchers must collaborate globally to rapidly respond to the COVID-19 pandemic. In Europe, the General Data Protection Regulation (GDPR) regulates the processing of personal data, including health data of value to researchers. Even during a pandemic, research still requires a legal basis for the processing of sensitive data, additional justification for its processing, and a basis for any transfer of data outside Europe. The GDPR does provide legal grounds and derogations that can support research addressing a pandemic, if the data processing activities are proportionate to the aim pursued and accompanied by suitable safeguards. During a pandemic, a public interest basis may be more promising for research than a consent basis, given the high standards set out in the GDPR. However, the GDPR leaves many aspects of the public interest basis to be determined by individual Member States, which have not fully or uniformly made use of all options. The consequence is an inconsistent legal patchwork that displays insufficient clarity and impedes joint approaches. The COVID-19 experience provides lessons for national legislatures. Responsiveness to pandemics requires clear and harmonized laws that consider the related practical challenges and support collaborative global research in the public interest.
Related Papers
- → The General Data Protection Regulation (GDPR) Era: Ten Steps for Compliance of Data Processors and Data Controllers(2018)20 cited
- → Research on Personal Data Protection of EU General Data Protection Regulation(2020)4 cited
- → General Data Protection Regulation (GDPR) – Revolution Coming to European Data Protection Laws in 2018. What’s New for Ordinary Citizens?(2018)2 cited
- EU GENERAL DATA PROTECTION REGULATION: SIGNIFICANCE FOR THE DATA PROTECTION LAW(2017)
- → The Protection of Genetic Data under the General Data Protection regulation(2019)