This contribution addresses, under three different profiles, the issue of governance of personal data in health research within the EU legal framework, analyzing how the current discipline of personal data protection, notably provided by the GDPR, represents an opportunity for all operators and for the healthcare system in general. It is noteworthy, on this regard, to point out that patients have a twofold rule, being on the one hand the source of the data and, on the other hand, the recipients of the benefits that can be drawn from them. To begin with, we describe how data governance becomes indeed proactive towards innovation, through the creation of a dynamic and flexible network of relationships between all the actors involved. Secondly, we show how it is possible, in light of the state-of-the-art of legal informatics, to automate GDPR compliance processes not only increasing efficiency and transparency in data processing, but also promoting an effective cultural revolution in terms of accountability. Thirdly, we describe how the compliance of the GDPR can trigger virtuous processes of aggregation between different organizations, and how paradoxically it is precisely by integrating heterogeneous resources that innovation can be triggered.

Medical Research Data Governance in the Eu. Lessons Learned from the Case of Unityfvg

Costantini, Federico;Crisci, Francesco;
2021-01-01

Abstract

This contribution addresses, under three different profiles, the issue of governance of personal data in health research within the EU legal framework, analyzing how the current discipline of personal data protection, notably provided by the GDPR, represents an opportunity for all operators and for the healthcare system in general. It is noteworthy, on this regard, to point out that patients have a twofold rule, being on the one hand the source of the data and, on the other hand, the recipients of the benefits that can be drawn from them. To begin with, we describe how data governance becomes indeed proactive towards innovation, through the creation of a dynamic and flexible network of relationships between all the actors involved. Secondly, we show how it is possible, in light of the state-of-the-art of legal informatics, to automate GDPR compliance processes not only increasing efficiency and transparency in data processing, but also promoting an effective cultural revolution in terms of accountability. Thirdly, we describe how the compliance of the GDPR can trigger virtuous processes of aggregation between different organizations, and how paradoxically it is precisely by integrating heterogeneous resources that innovation can be triggered.
File in questo prodotto:
File Dimensione Formato  
07_Datenschutz_und_Privacy_02(1).pdf

Open Access dal 02/03/2022

Descrizione: pdf fornito dall'editore
Tipologia: Versione Editoriale (PDF)
Licenza: Creative commons
Dimensione 700.06 kB
Formato Adobe PDF
700.06 kB Adobe PDF Visualizza/Apri

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11390/1199516
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 0
  • ???jsp.display-item.citation.isi??? ND
social impact