Scenarios

Every study is unique, that much is certain. Fortunately, that does not mean that for each separate study you have to determine the measures required to safeguard the privacy of the research subjects all over again. Three criteria offer you a handle here: collaboration, geography and type data.


Purpose

The purpose for every researcher with regard to the correct handling of personal data is clear:

But how do you achieve the 100% insight? In practice, it appears that approx. 80% of the technical and organisational measures that you have to take can be derived from three aspects:

1. The type of collaboration involved in the study. Public, public-public or public-private?

2. Geography: The countries that participate in the study. Only countries in the EU, countries outside of the EU and the United States in particular?

3. The type of data you use in the study. Do you create e new data set, do you use a publicly accessible data set, a private data set or a combination of data sets?

As soon as the privacy expert in your organisation knows these three aspects, the questions in the DPIA can be completed for approx. 80%. The other 20% result from the specific context in which you conduct the research. For instance, the available technical facilities, the requirements of a possible funder etc.:

By performing a DPIA more frequently, you will become familiar with the fixed measures based on the three aspects of collaboration, geography and data. In this chapter we briefly go through these three aspects.