Data Protection in the Human Brain Project

 

What is the role of the Data Protection Officer? 

The General Data Protection Regulation (GDPR) requires the designation of a Data Protection Officer (DPO) in some circumstances. Given the scope and categories of personal data processed in the HBP, the project has appointed a DPO.

The DPO is a professional in the field of data protection and works with HBP partners to facilitate compliance with the GDPR. The role of DPO includes consultation on data processing activities and providing advice and recommendations on compliance with applicable laws.  In particular, the DPO assists in carrying out data protection impact assessments (DPIA), among other compliance tasks.

In addition to data protection compliance, the DPO has a communication function and consults with data subjects, HBP partners and leadership, and supervisory authorities. The DPO is also a part of the Data Governance Working Group.

HBP Resources on Data Protection

Application of the GDPR

Anonymous Data

Data Processors and Data Controllers: Roles and Responsibilities under the GDPR

Further information on DPIAs (Data Protection Impact Assessments)

Data Policy Quick Guide

Data Policy Manual 2019-11-05

EU Resources on Data Protection

Privacy by Design in Big Data (ENISA)

Article 29 Working Party Guidelines on Data Protection Officers

Article 29 Working Party on the concept of Personal Data

Article 29 Working Party Opinion on Anonymisation Techniques

Remarks on Biobank Governance

General Data Protection Regulation (EU) 2016/679

EDPB Opinion 3/2019 on interplay between Clinical Trials Regulation and the GDPR

 

Simisola Akintoye is the Human Brain Project's Data Protection Officer

 

Register an Ethical Concern

Anyone can requests to address ethical, regulatory and social issues in Human Brain Project research. The POint of REgistration (PORE) is HBP’s mechanism to register and identify these issues and keep track of how they are dealt with.

Register an Ethical Concern