Skip to main content

Lund University Publications

LUND UNIVERSITY LIBRARIES

Biobank and Biomedical Research: Responsibilities of Controllers and Processors under the EU General Data Protection Regulation

Nordberg, Ana LU orcid (2021) p.61-89
Abstract
Biobanks are essential infrastructures in current health and biomedical research. Advanced scientific research increasingly relies on processing and correlating large amounts of genetic, clinical and behavioural data. These data are particularly sensitive in nature and the risk for privacy invasion and misuse is high. The EU General Data Protection Regulation (GDPR) developed and increased harmonization, resulting in a framework defining specific duties and obligations of entities processing personal data – controllers and processors. Biobanks, in the exercise of their functions assume the role of controllers and/or processors and as such need to comply with a number of complex rules. This chapter analyses these rules, in light of Article... (More)
Biobanks are essential infrastructures in current health and biomedical research. Advanced scientific research increasingly relies on processing and correlating large amounts of genetic, clinical and behavioural data. These data are particularly sensitive in nature and the risk for privacy invasion and misuse is high. The EU General Data Protection Regulation (GDPR) developed and increased harmonization, resulting in a framework defining specific duties and obligations of entities processing personal data – controllers and processors. Biobanks, in the exercise of their functions assume the role of controllers and/or processors and as such need to comply with a number of complex rules. This chapter analyses these rules, in light of Article 89 GDPR, which creates safeguards and derrogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes. It identifies key compliance challenges faced by biobanks as data controllers and processors, such as determining whether the GDPR is applicable and its intersection with other regulations; when should a biobank be considered controller and processor; what are the main duties of biobanks as data controllers and processors and options for compliance. (Less)
Please use this url to cite or link to this publication:
author
organization
publishing date
type
Chapter in Book/Report/Conference proceeding
publication status
published
subject
keywords
Law, GDPR, EU, Data Protection, Biobank research & GDPR, Biomedical research & GDPR, Big data & GDPR, Data controllers' duties, Biobanks & GDPR, Rättsvetenskap, EU, Biobanker
host publication
GDPR and biobanking : Individual rights, public interest and research regulation across Europe - Individual rights, public interest and research regulation across Europe
editor
slokenberga, santa ; Tzoryzatou, Olga and Reichel, Jane
pages
24 pages
publisher
Springer
external identifiers
  • scopus:85126054500
ISBN
978-3-030-49387-5
978-3-030-49388-2
DOI
10.1007/978-3-030-49388-2_5
language
English
LU publication?
yes
id
d922eed9-f641-433e-a386-f4c3739d03da
alternative location
https://link.springer.com/chapter/10.1007/978-3-030-49388-2_5
date added to LUP
2019-02-27 10:09:52
date last changed
2024-02-04 23:21:17
@inbook{d922eed9-f641-433e-a386-f4c3739d03da,
  abstract     = {{Biobanks are essential infrastructures in current health and biomedical research. Advanced scientific research increasingly relies on processing and correlating large amounts of genetic, clinical and behavioural data. These data are particularly sensitive in nature and the risk for privacy invasion and misuse is high. The EU General Data Protection Regulation (GDPR) developed and increased harmonization, resulting in a framework defining specific duties and obligations of entities processing personal data – controllers and processors. Biobanks, in the exercise of their functions assume the role of controllers and/or processors and as such need to comply with a number of complex rules. This chapter analyses these rules, in light of Article 89 GDPR, which creates safeguards and derrogations relating to processing for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes. It identifies key compliance challenges faced by biobanks as data controllers and processors, such as determining whether the GDPR is applicable and its intersection with other regulations; when should a biobank be considered controller and processor; what are the main duties of biobanks as data controllers and processors and options for compliance.}},
  author       = {{Nordberg, Ana}},
  booktitle    = {{GDPR and biobanking : Individual rights, public interest and research regulation across Europe}},
  editor       = {{slokenberga, santa and Tzoryzatou, Olga and Reichel, Jane}},
  isbn         = {{978-3-030-49387-5}},
  keywords     = {{Law; GDPR; EU; Data Protection; Biobank research & GDPR; Biomedical research & GDPR; Big data & GDPR; Data controllers' duties; Biobanks & GDPR; Rättsvetenskap; EU; Biobanker}},
  language     = {{eng}},
  month        = {{01}},
  pages        = {{61--89}},
  publisher    = {{Springer}},
  title        = {{Biobank and Biomedical Research:  Responsibilities of Controllers and Processors under the EU General Data Protection Regulation}},
  url          = {{http://dx.doi.org/10.1007/978-3-030-49388-2_5}},
  doi          = {{10.1007/978-3-030-49388-2_5}},
  year         = {{2021}},
}