The EU General Data Protection Regulation (GDPR) and new Data Protection Act come into force on 25 May. Both apply in the UK and will influence research involving personal data. So what’s changing and how should you, as a researcher, prepare? Sarah Dickson, Head of the MRC Regulatory Support Centre, is here to help.
What is GDPR?
The EU General Data Protection Regulation (GDPR), along with the new UK Data Protection Act, will govern the processing (holding or using) of personal data in the UK.
Although the new regulations haven’t been designed specifically for research, we’ll need to make some changes to research practice. The Information Commissioner’s Office (ICO) is the UK regulator. The Health Research Authority (HRA), in collaboration, is providing official guidance for people working in health and social care research. We‘re working with both organisations.