The General Data Protection Regulation (GDPR) (2016/679) brought about the greatest change to European data security in 20 years. Applicable since May 2018 and repealing the Directive 95/46/EC, GDPR intends to strengthen and unify data protection for individuals within the European Union (EU).
All industries and sectors are bound by GDPR to re-think their privacy policies and data protection measures. Businesses that conduct clinical research—and as such handle “personal data” and even more important “sensitive personal data”—are expected to meet standards of heightened vigilance for compliance with the data protection legislation, as the collection of the latter is forbidden under GDPR unless a valid legal basis for its collection and explicit consent from the pertinent subjects can be provided. Scientific research is fortunately one of the exceptions that allows for the collection of such data under these strict conditions.
The full article can be accessed here as well as downloaded below: