Data law for public sector thestar.com.my - get the latest breaking news, showbiz & celebrity photos, sport news & rumours, viral videos and top stories from thestar.com.my Daily Mail and Mail on Sunday newspapers.
The rules on the processing of personal data for health research purposes have been revised with the implementation of the new Data Protection Act 2018 Regulations 2021.
To print this article, all you need is to be registered or login on Mondaq.com.
The Data Protection Act 2018 (Section 36(2)) (Health Research)
Regulations 2018 (S.I. No. 314/2018) (the
Health
Research
Regulations ), which
contain stringent rules in relation to the collection, use and
sharing of personal data for health research purposes, have been
amended by the Minister for Health by way of the Data Protection
Act 2018 (Section 36(2)) (Health Research) (Amendment) Regulations
2021 (the
2021 Regulations ).
As discussed in a 2019 briefing on the Health Research
Regulations (available here) The
Department of Health had identified retrospective chart reviews,
pre-screening for the purpose of assessing eligibility/suitability
The Commission has published a draft for new standard clauses to ensure compliance with the GDPR in the light of the latest case-law of the European Court of Justice.
Friday, January 15, 2021
On January 15, 2020, the European Data Protection Board (“EDPB”) and European Data Protection Supervisor (“EDPS”) adopted joint opinions on the draft Standard Contractual Clauses (“SCCs”) released by the European Commission in November 2020, both for international transfers (“International SCCs”) and for controller-processor relationships within the EEA (“EEA Controller-Processor SCCs”).
Once finalized, the International SCCs will replace the existing sets of SCCs, which were drafted under the Data Protection Directive, for transfers of personal data from within the EEA to organizations in non-EEA countries that have not been recognized as providing an adequate level of data protection. In those cases, the EU General Data Protection Regulation (“GDPR”) requires that a transfer mechanism be implemented. In the wake of the invalidation of the Privacy Shield in the Court of Justice of the European Union’s (the “CJEU