Here is an overview of data subjects` data protection rights: research infrastructures and networks inside and outside the EU are essential for the collection, re-use and linking of multiple data sources on a large scale. For example, the UK biobank offers medical researchers around the world access to a variety of health-related data and human samples from more than 500,000 participants.26 In Europe, the European Consortium bbMri-ERIC (Biobanking and BioMolecular Resources Research Infrastructure)-27 There are many initiatives to promote or facilitate the large-scale reuse and linkage of health and health and health data. genomics, such as the Global Alliance for Genomics and Health (Global Alliance).28 These developments illustrate how medical research is increasingly becoming a data-intensive activity in which health-related, genomic and other data is collected, reused and linked on a large scale. Essentially, it`s about where the use of sensitive personal data in medical research should be limited. Resolving this issue requires a subtle negotiation of a wide range of relevant (fundamental) rights and interests. Key questions concern the scope and limits of consent as a legal basis for the use of sensitive personal data in medical research and its possible alternatives. A dominant approach in some EU Member States is that the traditional solution or the only alternative to obtaining consent is to anonymize this data. This has been referred to as the “consent or anonymization approach”.7, 8 Nevertheless, exceptions to this approach in data protection law may be set out in so-called “search exceptions”.9 This regulatory approach will remain in place in the next GDPR, subject to a change in direction and details to be determined. In both the literature and medical research, many have expressed concern about the consequences of legislative reform. They point out that the combination of strict consent requirements and limited exemptions for research will significantly limit medical research.10, 11, 12, 13, 14, 15, 16 To contribute to this evolving debate, this paper explores how the consent or anonymization approach is challenged in a data-intensive medical research context and discusses possible avenues within the EU legal framework for protection. data. You can also choose to appoint a DPO, even if you don`t have to.
There are benefits to having someone in this role. Their core responsibilities include understanding the GDPR and how it is applied to the organization, advising members of the organization on their responsibilities, data protection training, conducting audits and monitoring GDPR compliance, and collaborating with regulators. Data subject — The person whose data is processed. These are your customers or your website visitors. In response to difficulties in obtaining specific consent, adapted consent models have been put into practice and discussed in the literature.