Changes for page Onboarding to the Medical Informatics Platform MIP

Last modified by melissargos on 2024/10/11 18:22

From 22.1 to 23.1 From 24.1 to 25.1

From version 23.1

edited by bschaffha
on 2024/10/10 14:40

Change comment: There is no comment for this version

To version 24.1

edited by bschaffha
on 2024/10/10 14:48

Change comment: There is no comment for this version

Raw
Rendered

Summary

Page properties (1 modified, 0 added, 0 removed)

Details

Page properties

Content

@@ -67,12 +67,10 @@
  === //MIP and data anonymisation// ===
--**Note**: (% style="color:#27ae60" %)**The MIP is handling anonymised data.**(%%) The definition for anonymisation (//ISO standard (ISO 29100:2011)//) of personal data is the process of encrypting or removing personally identifiable data from datasets so that a person can no longer be identified directly or indirectly (see also **Recital 26 of the GDPR)**. As soon a person cannot be re-identified the data is no longer considered personal data and the GDPR does not apply for further use.
++**Note**: (% style="color:#27ae60" %)**The MIP is handling anonymised data.**(%%) The definition for anonymisation (//ISO standard (ISO 29100:2011)//) of personal data is the process of encrypting or removing personally identifiable data from data so that a person can no longer be directly or indirectly identified (see also **Recital 26 of the GDPR)**. As soon a person cannot be re-identified the data is no longer considered personal data and the GDPR does not apply for further use.
--However, processing personal data **for the purpose to anonymise the data** is still processing that must have a **legal basis under Article 6 of GDPR**. The anonymisation process is what is known as “**further processing**”. As such the new processing must be compliant with the principle of purpose limitation. Most often, the legal basis of the controller’s/processor’s fulfilling contract or legitimate interest will apply, if the principles of collection, purpose, retention have been complied with.
++However, processing personal data **for the purpose of anonymisation** is still processing that must have a **legal basis under Article 6 of GDPR**. The anonymisation process is defined as “**further processing**” and this processing must be compliant with the principle of purpose limitation. The process of data anonymisation can be used to improve data protection compliance, e.g., as part of the “**privacy by design**” strategy, with the goal to improve the protection of the processed data; or as part of the “**data minimisation**” strategy, where data can be anonymised and used without the risk of harming the data subjects.
--The process of anonymization can be used to improve data protection compliance in two main ways: i.e., as part of the “**privacy by design**” strategic work, with the goal to improve the protection of the processed data; or as part of the “**data minimisation**” strategy – where data can be anonymized and used without the risk of harming the data subjects.
--
  (% style="color:#27ae60" %)**Both strategies are followed by the MIP.**
  === MIP concepts and definitions ===