Scientific research and data protection
Taking care of data protection builds trust in research subjects and is a requirement for the success of any study. It is essential to plan the processing of personal data for its entire lifespan before the start of processing.
Data protection regulations protect the rights of research subjects. The purpose of the legislation is to strike a balance between the protection of personal data and the need to process personal data for scientific research. Data protection regulations contain special processing rules and exceptions for scientific research. They are designed to support and promote research.
Not all research is scientific, and the processing bases and exceptions designed for scientific research are not applicable to non-scientific research. For example, the planning and survey duties of authorities, or marketing surveys and polls are not scientific research. Personal data may still be processed for purposes of non-scientific research, but the basis for processing cannot be one designed for scientific research, and derogations from the rights of data subjects are not possible to the same extent.
Anonymised data can be used for non-scientific research. It is not considered to constitute personal data, and it is not subject to data protection regulations.
Taking data protection into account at different phases of scientific research
All activities involving personal data, from planning to processing, collection and erasure, constitute processing of personal data.
A data protection roadmap for scientific research guides controllers in taking data protection into consideration at the different phases of research and the lifespan of data.