Summary

• Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

...	...	@@ -16,6 +16,7 @@
16	16
17	17	* HIP User Account creation
18	18	* GDPR compliant data processing on the HIP
	19	+* Data Governance Principles
19	19	* HIP GDPR compliance assessment
20	20
21	21	[[image:image-20241008135218-1.png]]
...	...	@@ -22,12 +22,11 @@
22	22
23	23	//**Figure 1:** Landing page of the Human Intracerebral EEG Platform HIP//
24	24
25		-
26	26	== HIP User Account creation ==
27	27
28	28	**Prerequisite – Step 1**: Access to the HIP requires a registered **EBRAINS user account**, which needs to be permitted and authenticated. EBRAINS user accounts are available to users with a legitimate interest (mainly research and development) from Europe and beyond.
29	29
30		-**Request an EBRAINS user account**: [[https:~~/~~/www.ebrains.eu/page/sign-up>>url:https://www.ebrains.eu/page/sign-up]]
	30	+Request an EBRAINS user account: [[https:~~/~~/www.ebrains.eu/page/sign-up>>url:https://www.ebrains.eu/page/sign-up]]
31	31
32	32	The HIP endeavours to comply with national and international laws and regulations, comprising principles such as intellectual property rights and the protection of privacy, ethical considerations and security regulations when designing rules and conditions for Access and the use of the platform.
33	33
...	...	@@ -41,15 +41,14 @@
41	41
42	42	== GDPR-compliant Data Processing on the HIP ==
43	43
44		-(% style="width:878px" %)
45		-|(% style="width:5px" %)
46		-|(% style="width:5px" %) |(% style="width:882px" %)[[image:image-20241010130312-1.jpeg||height="974" width="796"]]
	44	+(% style="height:1029px; width:834px" %)
	45	+|(% style="width:5px" %) |(% style="width:882px" %)[[image:image-20241010130312-1.jpeg||height="987" width="806"]]
47	47
48	48	**Figure 2: Data Flow on the HIP: **(% class="small" %) //This diagram depicts the different legal and regulatory steps to be taken to be allowed to upload data to the institutional private space of the HIP, the process of creating a collaborative project, and the step of putting anonymised data into the public space.//
49	49
50	50	**Terminologies: (% class="small" %)//Project Leader //(%%)**(% class="small" %)//– HIP User initiating and responsible for a collaborative project; **Project Member** – HIP User accredited to contribute to a collaborative project; **Data Controller** - The natural or legal person who determines the purposes and means of the processing of personal data provided; **DTA **– Data Transfer Agreement; **DPIA -** Data Privacy Impact Assessment//
51	51
52		-Data Governance Principles
	51	+== Data Governance Principles ==
53	53
54	54	(% style="color:#000000" %)**Acquisition:**(%%) Data will be collected by the physicians or clinical researchers during clinical routine or within the framework of a scientific study based on specific research protocols, approved by the corresponding local and national ethical bodies. This includes that Participants consented to the procedure undertaken to collect their data by signature of an informed consent or consented to the re-use of their data for research purposes, according to EU data protection legislation, also by signature of an explicit consent for use or reuse of their data in research projects.
55	55
...	...	@@ -68,9 +68,8 @@
68	68	(% style="color:#000000" %)**Fair data:** (%%)Integration of the EBRAINS Knowledge Graph and implementation of data curation workflows are being under preparation to improve FAIRness of data on the HIP, making the metadata accessible and findable, thus fostering new collaborations.
69	69
70	70	(% style="color:#000000" %)**Public data:**(%%) Data Controllers might wish to make their data public, which will require anonymisation of the data and transferring them to the HIP public space. Relevant ethical approval needs to be provided. Thereafter, the Data Controllers will have no more control on how, and by whom, the public data might be used, including in terms of scientific publications and authorship. Requirements for appropriate acknowledgment together with the attributed license will be published alongside the public dataset in the EBRAINS Knowledge Graph.
	70	+
71	71
72		-
73		-(% style="color:#000000" %)**Public data:**(%%) Data Controllers might wish to make their data public, which will require anonymisation of the data and transferring them to the HIP public space. Relevant ethical approval needs to be provided. Thereafter, the Data Controllers will have no more control on how, and by whom, the public data might be used, including in terms of scientific publications and authorship. Requirements for appropriate acknowledgment together with the attributed license will be published alongside the public dataset in the EBRAINS Knowledge Graph.
74	74	**Summary of legal steps to be followed, depending on the purpose of the processing or project:**
75	75
76	76	* Patient consent for usage of data for research purposes (specific, general, re-use)
...	...	@@ -80,7 +80,6 @@
80	80	* Collaboration Agreement
81	81	* Data Use agreement
82	82
83		-(% class="wikigeneratedid" %)
84	84	== ==
85	85
86	86	== HIP GDPR compliance assessment ==
...	...	@@ -88,7 +88,7 @@
88	88
89	89	[[image:image-20241010130312-2.png||height="398" width="401"]]
90	90
91		-(% class="small" %)//Illustration from:** **//[[(% class="small small small small small small small small" %)//GDPR - Back to Basics | URM Consulting//>>url:https://www.urmconsulting.com/blog/gdpr-back-to-basics#Section-3]]
	88	+(% class="small" %)//Illustration from:** **//[[(% class="small small small small small small small small small small small small" %)//GDPR - Back to Basics | URM Consulting//>>url:https://www.urmconsulting.com/blog/gdpr-back-to-basics#Section-3]]
92	92
93	93
94	94	Several aspects are crucial for demonstrating GDPR compliance. Hereunder is a compliance assessment for the HIP, based on the GDPR core principles: