Legal framework: GDPR Regulation (EU) 2016/679 (May 2018)
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32016R0679
Does your research involve personal data collection and/or processing such as?
- Sensitive data (religion, ethnicity, politics…)
- Genetic information
- Tracking or observing participants
- Further processing of previously collected personal data (secondary use)
Then GDPR applies so make sure to collect only data that are required!
HRB Video – GDPR and the new Irish Health Research Regulations 2018
http://www.hrb.ie/funding/gdpr-guidance-for-researchers/gdpr-and-health-research/
The new GDPR based Health Research Regulations 2018 were signed off by Minister Simon Harris TD on Tuesday, August 7th 2018. Researchers have 9 months to ensure that the consent that they hold is GDPR compliant. See http://www.hrb.ie/funding/gdpr-guidance-for-researchers/health-research-regulations-2018-faq/
Non-EU countries & International transfers of personal data
- EU data protection rules apply to the European Economic Area (EEA), which includes all EU countries and non-EU countries Iceland, Liechtenstein and Norway.
- Includes research conducted, partially or totally, in a non-EU country, and/or participants or resources come from a non-EU country
- Material (Data) imported from or exported to a non-EU country must ensure compliance with EU Ethics Standards regardless of the country where the research is to be conducted