Zusammenfassung
Ansprechperson
Beschreibung
The new European legislation on data protection, namely, the General Data Protection Regulation (GDPR), has introduced comprehensive requirements for the documentation about the processing of personal data as well as informing the data subjects of its use. GDPR’s accountability principle requires institutions, projects, and data hubs to document their data processings and demonstrate compliance with the GDPR. In response to this requirement, we see the emergence of commercial data-mapping tools, and institutions creating GDPR data register with such tools. One shortcoming of this approach is the genericity of tools, and their process-based model not capturing the project-based, collaborative nature of data processing in biomedical research.
We have developed a software tool to allow research institutions to comply with the GDPR accountability requirement and map the sometimes very complex data flows in biomedical research. By analysing the transparency and record-keeping obligations of each GDPR principle, we observe that our tool effectively meets the accountability requirement.
DAISY is made available as a free and open source tool on Github.
Das Produkt im Einsatz
DAISY is made available as a free and open source tool on Github. DAISY is actively being used at the Luxembourg Center for Systems Biomedicine and the ELIXIR-Luxembourg data hub.
Erfahrungsberichte
Unterstützung
The DAISY source code is maintained on Github , the issue tracker is open to everyone. The development is currently undertaken by ELIXIR Luxembourg. DAISY is licensed under GNU Affero General Public License v3.0 (AGPL 3.0)