Data Protection in the Human Brain Project
What is the role of the Data Protection Officer?
The General Data Protection Regulation (GDPR) requires the designation of a Data Protection Officer (DPO) in some circumstances. Given the scope and categories of personal data processed in the HBP, the project has appointed a DPO.
The DPO is a professional in the field of data protection and works with HBP partners to facilitate compliance with the GDPR. The role of DPO includes consultation on data processing activities and providing advice and recommendations on compliance with applicable laws. In particular, the DPO assists in carrying out data protection impact assessments (DPIA), among other compliance tasks.
In addition to data protection compliance, the DPO has a communication function and consults with data subjects, HBP partners and leadership, and supervisory authorities. The DPO is also a part of the Data Governance Working Group.
HBP Resources on Data Protection
Data Processors and Data Controllers: Roles and Responsibilities under the GDPR
Further information on DPIAs (Data Protection Impact Assessments)
EU Resources on Data Protection
Privacy by Design in Big Data (ENISA)
Article 29 Working Party Guidelines on Data Protection Officers
Article 29 Working Party on the concept of Personal Data
Article 29 Working Party Opinion on Anonymisation Techniques
General Data Protection Regulation (EU) 2016/679
EDPB Opinion 3/2019 on interplay between Clinical Trials Regulation and the GDPR
Simisola Akintoye is the Human Brain Project's Data Protection Officer
Register an Ethical Concern
Anyone can requests to address ethical, regulatory and social issues in Human Brain Project research. The POint of REgistration (PORE) is HBP’s mechanism to register and identify these issues and keep track of how they are dealt with.