What does the new data protection legislation mean for health and social care research, where the use of personal data is often crucial?
The General Data Protection Regulation (GDPR) comes into force on 25 May 2018, bringing with it increased expectations of organisations processing personal data. Organisations need to be lawful, fair and transparent when processing or controlling the processing of personal data. However, the new legislation does not impede research. It reflects current good practice in research, through the safeguards that apply to all research using personal data. If your organisation is already using good practice under current data protection legislation, you will need to make relatively few changes to your policies and practices.
The HRA has produced the two sets of guidance to the right to help those in the health and social care research sector to comply with the law.
It's worth noting that although the GDPR is finalised, there may be changes to the new Data Protection Act as it goes through the parliamentary process. That means our guidance will be revised and updated over time.