General remarks on data protection

Research on and involving human beings will often involve the processing of personal data. Personal data is any information relating to an identified or identifiable natural person. On the website of the Danish Data Protection Agency, you can read more about what personal data is and the situations in which personal data is processed.

When research involves the processing of personal data, the rights and obligations that arise from data protection legislation must be considered. This legislation consists in particular of EU Regulation 2016/679, the General Data Protection Regulation (GDPR). In Denmark, this regulation is supplemented by the Data Protection Act. The GDPR and the Data Protection Act largely continue the rules that previously followed from some EU directives, and which in Denmark were implemented in the Act on Processing of Personal Data, inter alia.

The website of the Danish Data Protection Agency contains a large number of guidelines, etc., which provide a good overview of the rules on data protection.

GDPR for researchers

In particular, the UBVA refers to the following guidelines on the significance of the data protection rules for researchers:

• Aarhus University’s guide to data protection (GDPR) for researchers
• The Danish Data Protection Agency’s guide to research and statistics
• The Danish Data Protection Agency’s special guidelines for health science research projects

See also the following articles on the Researcher Portal:

• Register-based research
• Danish research ethics committees