Rules for processing genetic data for research purposes in view of the new EU General Data Protection Regulation

Mahsa Shabani & Pascal Borry; European Journal of Human Geneticsvolume 26, pages149–156 (2018) doi:10.1038/s41431-017-0045-7

Genetic data contain sensitive health and non-health-related information about the individuals and their family members. Therefore, adopting adequate privacy safeguards is paramount when processing genetic data for research or clinical purposes. One of the major legal instruments for personal data protection in the EU is the new General Data Protection Regulation (GDPR), which has entered into force in May 2016 and repealed the Directive 95/46/EC, with an ultimate goal of enhancing effectiveness and harmonization of personal data protection in the EU.
The new Regulation has already fueled concerns among various stakeholders, owing to the challenges that may emerge when implementing the Regulation across the countries. Notably, the provided definition for pseudonymized data has been criticized because it leaves too much room for interpretations, and it might undermine the harmonization of the data protection across the countries.

Rules for processing genetic data for research purposes in view of the new EU General Data Protection Regulation