Out-Law / Your Daily Need-To-Know

Health research group makes recommendations on EU data protection reforms

17 Aug 2015, 3:59 pm

New EU data protection laws should not require medical research bodies to ask more than once if people consent to use of their personal data in health research projects, even if the use of the data is different to that envisaged when it was collected, a health body has said.

The Biobanking and BioMolecular resources Research Infrastructure – European Research Infrastructure Consortium (BBMRI-ERIC) said the new General Data Protection Regulation (GDPR) being negotiated must not be worded in a way that it hinders research and health care.

In its paper (4-page / 637KB PDF), BBMRI-ERIC made a number of recommendations on what it would like to see implemented as part of the data protection reforms. One proposal would alter the 'purpose limitation' principle that has been central to EU data protection laws for the past 20 years. Under those laws, personal data must be "processed fairly and lawfully" and be collected for "specified, explicit and legitimate purposes and not further processed in a way incompatible with those purposes".

"Patients should have the right to donate their data and biomaterials to biobanks and research entities to be used for biomedical research for the benefit of donors as well as future patients," BBMRI-ERIC said. "Many future research purposes are impossible to predict at the time of data collection due to constant developments and progress in science. Patients who want their data to be used for the purposes of detecting and ultimately curing either their particular disease or any other disease should not be denied that option."

"Continuous re-consenting would be burdensome for many patients, especially those with cancer or chronic diseases, and could constitute red tape for patients as well as research, hindering progress in medical health to the detriment of patients. The Regulation should therefore ensure that currently available and future samples and associated data are not wasted, while protecting the data from misuse and illegal disclosure," it said.

BBMRI-ERIC also said that there should be exceptions written into the new Regulation to allow scientific researchers to process personal data without people's consent in some cases. It said that safeguards exist in the health research environment "to protect the confidentiality of any information about patients".