Read on Twitter
getting reading to introduce @NoraNiLoideain : "A Game Changer for Research? GDPR and Health Data" #DataProtection @SANBI_SA 
last week we were discussiong @rdpeng 's simplystatistics.org/2018/05/15/ret… #datasharing @SANBI_SA so this talk is very timely!
GPDR: "Purpose limitation" poses a real challenge for researchers concerned about data re-use #DataProtection with @NoraNiLoideain @SANBI_SA
'Data protection by design': Data protection is something that needs to be built into research process *by design*, not bolted on at the end #DataProtection @NoraNiLoideain @SANBI_SA @UWConline
pre GDPR: data regulation is nebulous, under-resourced & fragmented (by country), results in patchy compliance by those in control of data #DataProtection @NoraNiLoideain at @SANBI_SA @UWConline
Open questions: will the GDPR be effective? Will exceptions (for e.g. medical research) be adequate? How to harmonise the 20+ legal regimes in the EU? #DataProtection at @SANBI_SA @UWConline with @NoraNiLoideain
GDPR threatens violators with massive fines - perhaps one reason Facebook moved all that data? theguardian.com/technology/201… #DataProtection @SANBI_SA @UWConline
GDPR requires a different culture when dealing with data... need technical & organisational change to operate in a world where data subjects rights are enhanced. #DataProtection @SANBI_SA @UWConline
Now moving to @ciaralstaunton on "Data sharing & biobanks" #DataProtection @SANBI_SA @UWConline with implications from PoPI & GDPR
Background reading: "Rules of engagement: perspectives on stakeholder engagement for genomic biobanking research in South Africa" - link.springer.com/article/10.118… #DataProtection @ciaralstaunton @SANBI_SA @UWConline
Even while PoPI is not in force, now is the time to get GDPR compliant because cooperation with European researchers will require this #DataProtection @ciaralstaunton at @SANBI_SA @UWConline
PoPI will bring in place new regulations on transfer of data abroad including health research related data. In general, need consent for this but exceptions apply #DataProtection @ciaralstaunton @SANBI_SA @UWConline
PoPI: Limitations on secondary use of data have exceptions but these might affect commercial entities differently to researchers - @HealthZA Code of Conduct will probably speak on this @ciaralstaunton #DataProtection @SANBI_SA @UWConline
Slides from #DataProtection at @SANBI_SA @UWConline with @NoraNiLoideain & @ciaralstaunton will be online soon! Watch this space
NB! Need prior authorisation from regulator (under PoPI) if you want to link together dataset collections (e.g. linking biobank sample data to patient data) @ciaralstaunton #DataProtection @SANBI_SA @UWConline
In light of PoPI: 1) Review all consent forms 2) Consider dynamic consent (keep in touch with data subjects) 3) review your data management plans & 4) review material / data transfer agreements #DataProtection @ciaralstaunton at @SANBI_SA @UWConline
starts off question time with: "How are we transforming our ethics boards to become familiar with dealing with data management concerns?" @NoraNiLoideain says "data protection" committees often guide here, something we lack in SA #DataProtection @SANBI_SA @UWConline
historically we have been concerned with samples (because of history of sample exploitation by researchers from high income countries) & only in the last year or two been concerned about data #DataProtection @SANBI_SA @UWConline
Next Q from @DomAnderson83 "In context of joint responsibility for data, what if data processor is compliant, but data controller isn't?" @NoraNiLoideain "The buck stops with the controller" but regulator will take individual compliance of parties into account.
Answering @alangchris ' question about data policy cooperation with partners in other African countries @ciaralstaunton highlights @wellcometrust meeting on the topic in November in Cape Town
There is no implementation date for PoPI yet but the take-home is to be GDPR compliant because you'll probably need it @ciaralstaunton & @NoraNiLoideain #DataProtection at @SANBI_SA @UWConline
Abiodun Peter highlighting the lack of involvement of key staff in data protection in SA universities & the high cost of compliance with e.g. ISO 27001 in holding back GDPR compliance @NoraNiLoideain suggests possible EU resources for funding this #DataProtection @SANBI_SA
Abiodun Peter follows up with question of how to make whole team compliant with GDPR @ciaralstaunton highlights need to restrict access... privacy by design and with that tweet on #DataProtection I'll have to pause as battery is failing @SANBI_SA ;)
unroll please
The slides for the #dataprotection at @SANBI_SA @UWConline with @NoraNiLoideain and @ciaralstaunton are available: figshare.com/account/articl…
unroll this again please
• • •
Missing some Tweet in this thread? You can try to
force a refresh
