ResearchManager ’s Post

Excited to share our new blog on "Data Standards and Regulatory Compliance in Real World Data" Understanding data standards and compliance is key to leveraging real-world data effectively. Explore the blog and empower your data strategy with the knowledge to ensure accuracy and compliance. Check out the blog and stay informed! 🛡️ #DataCompliance #DataStandards #RealWorldData #DataManagement #datastrategy #regulatory #fda https://lnkd.in/g7sH-pSG

Unlock success in a data-driven world! 📊💡 Learn to make decisions based on solid insights with our practical training. Discover how to harness data effectively while navigating essential topics like GDPR. 🤝 In cooperation with TÜV Rheinland Group What you will learn in this course: 👉 Learn how to plan and execute a successful Data Science project. 👉 Understand the various Data Science methods and algorithms and learn when to use each. 👉 Harness the full potential of your company's data to generate real value. 👉 Gain practical knowledge of applying methods and algorithms. 👉 Learn to combine and analyze internal and external data sources to identify optimization potentials. 👉 Ensure the integrity and quality of your data. 👉 Acquire the tools for quick idea validation. 👉 Understand the importance of statistical evaluation, visualization, and effective communication in data analysis. For more information, dates, and the registration link, click here: https://lnkd.in/eNQK5Fwi Sign up now, spots are limited! ✨ #DataScience #Success #GDPR"

CJEU has in the case C-21/23 concluded that when data about a medicinal product is linked to a data subject, in this case a customer, it is data concerning health in the meaning of articles 4(15) and 9(1) in the GDPR. The court clarified that almost nothing, not even uncertainty as to who is intended to use the product, change this conclusion. What is central is whether or not the data, by means of an intellectual operation involving collation or deduction, is *capable* of revealing such information. Hajo Michael Holtz was quick to write an interesting post about this judgement. He argued that the CJEU introduced a new "probability test" when assessing inferred special category personal data. Johan Thörn posed an intriguing question regarding the probability test. He asked if the test would impact the view on processing of special categories of personal data in video material and photographs. Andreea Lisievici Nevin had a similar question. I first want to adress the question if a probability test has been introduced. The answer to this question is not clear. CJEUs statements regarding probability/uncertainty can be interpreted in two ways. Either it is a specification of the word "capable" or it - together with statements regarding the controllers aim, the accuracy of the information etc - is a clarification of what circumstances do not affect the protection of data classified as special category personal data. I am leaning towards the second interpretation. It means that absolute certainty is not a condition for data to be data concerning health and that the threshold is super low - basically it must be apparent that identification of the intended user is impossible. So if I am allowed I will rephrase the question from Johan and Andreea in such a way that the probability test is called "the capability test". Initially I should point out that the capability test is not new. CJEU (also Grand chamber) introduced it in case C-184/20, see paragraph 120. Furthermore a controller determines the purposes and means of processing personal data. To determine means, the controller must decide on the essential means, such as the type of personal data which are processed (see EDPBs guidelines 07/2020, paragraph 40). If controllers were responsible for data they did not want, for example certain pornography or other illegal content which entails the processing of personal data, controllers would have to shut down all communications with the outside world. To determine the means must therefore be interpreted as a, atleast reasonable, control of the data collected or otherwise processed. In cases C-21/23 and C-184/20 the controllers had full control over the data collected and otherwise processed. They just failed to classify it correctly. Thus, the capability test do not impact the accepted view on processing in video material and photographs. #GDPR

There is always something new to learn! #GDPR is not new but there are still interesting edge cases. #dataprotection is an important topic, I am glad that it matters in #EU Read the article below for full info and also my previous posts about it. The gist is: information about an identifiable customer buying medicines and drugs is considered not just "personal data" but also "sensitive and health related" even if we don't know who is going to use the drugs. #infosec #informationsecurity

New practical guide to the Data Governance Act. One year ago, the Data Governance Act entered into application. To mark this occasion, the Commission is publishing a practical guide to help stakeholders implement the DGA. This is pretty useful for those FinTech’s who’s solutions cross borders – worth a read. https://lnkd.in/ey4BM2JY European Commission European Parliament #GDPR #gdprcompliance #dataprivacy #dataprotection #FinTechdata #dataanalytics #PECR#InternationalDataStandards #TechFinData #dataandanalytics #ICO #NationalDataStrategy #DigitalInformationBill #DataProtectionDigitalInformationBill #eIDAS #DigitalEthics

Data Governance Act explained The economic and societal potential of #data is enormous: it can enable new products and services based on novel technologies, make production more efficient, and provide tools for combatting societal challenges. In the area of #health, for example, #data can contribute to providing better #healthcare, improving personalised treatments and helping cure rare or chronic diseases. It is also a powerful engine for #innovation and new jobs, and a critical resource for start-ups and SMEs. However, this potential is not being realised. #data sharing in the EU remains limited due to a number of obstacles (including low trust in #data sharing, issues related to the reuse of public sector #data and #data collection for the common good, as well as technical obstacles). In order to truly capitalise on this enormous potential, it should be easier to share #data in a trusted and secure manner. The Data Governance Act (DGA) is a cross-sectoral instrument that aims to regulate the reuse of publicly/held, protected #data, by boosting #data sharing through the regulation of novel #data intermediaries and by encouraging the sharing of #data for altruistic purposes. Both personal and non-personal #data are in scope of the DGA, and wherever personal #data is concerned, the General Data Protection Regulation (GDPR) applies. In addition to the GDPR, inbuilt safeguards will increase trust in #data sharing and reuse, a prerequisite to making more #data available on the market. #data #health #healthcare #innovation

Ensuring regulatory compliance, mitigating risks, and unlocking value from your data assets are critical in today's data-driven world. This Data Science Central article explores how leveraging data lineage and metadata management within ELT pipelines can help organizations comply with mandates like GDPR, CCPA, and HIPAA. Discover how these practices foster transparency, accountability, and value realization, driving new revenue streams and maximizing ROI. 🚀 📊 #DataGovernance #DataFirst #DataManagement

Ensuring regulatory compliance, mitigating risks, and unlocking value from your data assets are critical in today's data-driven world. This Data Science Central article explores how leveraging data lineage and metadata management within ELT pipelines can help organizations comply with mandates like GDPR, CCPA, and HIPAA. Discover how these practices foster transparency, accountability, and value realization, driving new revenue streams and maximizing ROI. 🚀 📊 #DataGovernance #DataFirst #DataManagement

The EU #DataAct did not get a lot of public attention while the #AIAct was all the rage* but I think this law will be much more transformative than its AI cousin. A recent and quite comprehensible write-up by the Commission, including examples, can be found here: https://lnkd.in/gmHV8qq5 These explainer pieces are very handy. It would be great if there was a dedicated central website for those as right now they seem to be spread wide and far on the EU's webpages (one on the Data Governance Act here: https://lnkd.in/gHSrc5Tx) *ok, we are still talking EU policy so "all the rage" is a gross exaggeration. #dataeconomy #datasharing #datafairness #digital

If your organisation carries out automated individual decision-making with legal or similarly significant effects, in a response to a DSAR you will need to provide “meaningful information” about that processing. Not a straightforward task, given the technical nature of automated decision-making and the need to balance the requestor’s GDPR access right with the protection of trade secrets and third party data. Luckily, Advocate General’s opinion in Case C-203/22 provides useful guidance on how to navigate these complexities - Hazel Grant and I summarise key practical takeaways in this blog 👉 https://ow.ly/CuYQ50UaMab #GDPR #DataPrivacy #Data #AI #AutomatedDecisions #DataRights #Tech #TechAndData #DSARs #Fieldfisher