Peter van Heusden Profile picture
May 21, 2018 29 tweets 25 min read Twitter logo Read on Twitter
getting reading to introduce @NoraNiLoideain : "A Game Changer for Research? GDPR and Health Data" #DataProtection @SANBI_SA
last week we were discussiong @rdpeng 's… #datasharing @SANBI_SA so this talk is very timely!
GDPR - bringing data protection into the 21st C - #DataProtection @SANBI_SA
GPDR: "Purpose limitation" poses a real challenge for researchers concerned about data re-use #DataProtection with @NoraNiLoideain @SANBI_SA
'Data protection by design': Data protection is something that needs to be built into research process *by design*, not bolted on at the end #DataProtection @NoraNiLoideain @SANBI_SA @UWConline
pre GDPR: data regulation is nebulous, under-resourced & fragmented (by country), results in patchy compliance by those in control of data #DataProtection @NoraNiLoideain at @SANBI_SA @UWConline
Open questions: will the GDPR be effective? Will exceptions (for e.g. medical research) be adequate? How to harmonise the 20+ legal regimes in the EU? #DataProtection at @SANBI_SA @UWConline with @NoraNiLoideain
GDPR threatens violators with massive fines - perhaps one reason Facebook moved all that data?… #DataProtection @SANBI_SA @UWConline
GDPR requires a different culture when dealing with data... need technical & organisational change to operate in a world where data subjects rights are enhanced. #DataProtection @SANBI_SA @UWConline
Now moving to @ciaralstaunton on "Data sharing & biobanks" #DataProtection @SANBI_SA @UWConline with implications from PoPI & GDPR
Background reading: "Rules of engagement: perspectives on stakeholder engagement for genomic biobanking research in South Africa" -… #DataProtection @ciaralstaunton @SANBI_SA @UWConline
Even while PoPI is not in force, now is the time to get GDPR compliant because cooperation with European researchers will require this #DataProtection @ciaralstaunton at @SANBI_SA @UWConline
Moving on to PoPI implications with @ciaralstaunton #DataProtection at @SANBI_SA @UWConline
PoPI will bring in place new regulations on transfer of data abroad including health research related data. In general, need consent for this but exceptions apply #DataProtection @ciaralstaunton @SANBI_SA @UWConline
PoPI: Limitations on secondary use of data have exceptions but these might affect commercial entities differently to researchers - @HealthZA Code of Conduct will probably speak on this @ciaralstaunton #DataProtection @SANBI_SA @UWConline
Slides from #DataProtection at @SANBI_SA @UWConline with @NoraNiLoideain & @ciaralstaunton will be online soon! Watch this space
NB! Need prior authorisation from regulator (under PoPI) if you want to link together dataset collections (e.g. linking biobank sample data to patient data) @ciaralstaunton #DataProtection @SANBI_SA @UWConline
In light of PoPI: 1) Review all consent forms 2) Consider dynamic consent (keep in touch with data subjects) 3) review your data management plans & 4) review material / data transfer agreements #DataProtection @ciaralstaunton at @SANBI_SA @UWConline
starts off question time with: "How are we transforming our ethics boards to become familiar with dealing with data management concerns?" @NoraNiLoideain says "data protection" committees often guide here, something we lack in SA #DataProtection @SANBI_SA @UWConline
historically we have been concerned with samples (because of history of sample exploitation by researchers from high income countries) & only in the last year or two been concerned about data #DataProtection @SANBI_SA @UWConline
Next Q from @DomAnderson83 "In context of joint responsibility for data, what if data processor is compliant, but data controller isn't?" @NoraNiLoideain "The buck stops with the controller" but regulator will take individual compliance of parties into account.
Answering @alangchris ' question about data policy cooperation with partners in other African countries @ciaralstaunton highlights @wellcometrust meeting on the topic in November in Cape Town
There is no implementation date for PoPI yet but the take-home is to be GDPR compliant because you'll probably need it @ciaralstaunton & @NoraNiLoideain #DataProtection at @SANBI_SA @UWConline
Abiodun Peter highlighting the lack of involvement of key staff in data protection in SA universities & the high cost of compliance with e.g. ISO 27001 in holding back GDPR compliance @NoraNiLoideain suggests possible EU resources for funding this #DataProtection @SANBI_SA
Abiodun Peter follows up with question of how to make whole team compliant with GDPR @ciaralstaunton highlights need to restrict access... privacy by design and with that tweet on #DataProtection I'll have to pause as battery is failing @SANBI_SA ;)
unroll please
unroll this again please

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with Peter van Heusden

Peter van Heusden Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!