Hostname: page-component-586b7cd67f-t8hqh Total loading time: 0 Render date: 2024-11-30T23:26:02.645Z Has data issue: false hasContentIssue false

The Impact of the New European Union General Data Protection Regulation (GDPR) on Data Collection at Mass Gatherings

Published online by Cambridge University Press:  06 May 2019

Annelies Scholliers
Affiliation:
Department of Anaesthesiology and Perioperative Medicine, University Hospital Brussels, Jette, Belgium Mass Gathering Solutions, Wambeek, Belgium
Dimitri De Fré
Affiliation:
Mass Gathering Solutions, Wambeek, Belgium University Hospital Gasthuisberg, Leuven, Belgium
Inge D’haese
Affiliation:
Mass Gathering Solutions, Wambeek, Belgium
Stefan Gogaert
Affiliation:
Mass Gathering Solutions, Wambeek, Belgium
Rights & Permissions [Opens in a new window]

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.
Introduction:

As of May 2018, a new European privacy law called the General Data Protection Regulation (GDPR) is in order. With this law, every organization operating in the European Union (EU), needs to adhere to a strict set of rules concerning collection and processing of personal data.

Aim:

To explore the consequences of the GDPR for data collection at mass gatherings in the European Union.

Methods:

Since the law was published on April 27, 2016, a thorough reading of the law was conducted by 4 persons with a background in mass gathering health. The GDPR consists of 99 articles organized into 11 chapters. There are also 173 recitals to further explain certain ambiguities. Key articles and recitals relating to healthcare and scientific research were identified. Possible pitfalls and opportunities for data collection and processing at mass gatherings were noted.

Discussion:

Under article 4, key definitions are noted. There is a clear definition of “data concerning health”. According to the GDPR, health data is a special category of personal data which should not be processed according to article 9(1). However, there is an exception for scientific research (article 9(2)(j)). There are a few safeguards in place, as laid out in article 89. One interesting point is that according to article 89(2), certain derogations can take place if the law interferes with scientific research. The GDPR has major consequences for data collection and processing in the EU. However, with the use of certain safeguards (e.g., pseudonymization) there are still ample opportunities for scientific research. It is important to review one’s method of data collection to make sure it complies with the GDPR.

Type
Poster Presentations
Copyright
© World Association for Disaster and Emergency Medicine 2019