Anna-Sara Lind

ERIC: a new governance tool for Biobanking

In 2009, the EU introduced a new governance tool for research, the European Research Infrastructure Consortium, commonly referred to as ERIC. On 22nd November 2013, an ERIC within biobanking research was established, the BBMRI-ERIC, with its seat in Graz, Austria. This article analyses what use the ERIC can be to researchers in biobanking, focusing on legal and ethical perspectives. Our conclusion is that the main advantages with the ERIC are its functions as a platform, creating opportunities for long-term cooperation between the Member States involved and their researchers. Within the platform, research groups can develop functional standards for technical, legal and ethical purposes, set up criteria for biobanks, and so on. The ERIC also creates a platform for the involved researchers to communicate with policymakers in the EU and the Member States. However, when it comes to addressing the diverse regulatory framework for biobanking in the EU, one of the more important hurdles today, the ERIC does not provide for any substantial tools.

Privacy Threat Modeling for Emerging BiobankClouds

Abstract There is an increased amount of data produced by next generation sequencing (NGS) machines which demand scalable storage and analysis of genomic data. In order to cope with this huge amount of information, many biobanks are interested in cloud computing capabilities such as on-demand elasticity of computing power and storage capacity. There are several security and privacy requirements mandated by personal data protection legislation which hinder biobanks from migrating big data generated by the NGS machines. This paper describes the privacy requirements of platform-as-service BiobankClouds according to the European Data Protection Directive (DPD). It identifies several key privacy threats which leave BiobankClouds vulnerable to an attack. This study benefits health-care application designers in the requirement elicitation cycle when building privacy-preserving BiobankCloud platforms.

Administrating Data Protection : or the Fort Knox of the European Composite Administration?

Administrating Data Protection : or the Fort Knox of the European Composite Administration?

The New General Data Protection Regulation—Where Are We Are and Where Might We Be Heading?

The current EU Directive on Data Protection, has been described as the most far reaching Data Protection regime in the world. Still, the ongoing work within the EU to enact a new General Data Protection Regulation seems to be heading towards an even stricter regime. Medical researchers in biobanking and epidemiology have had quite a fright on behalf of the proposal, especially the amendments suggested by rapporteur Albrecht of the European Parliament’s LIBE Committee in December 2012, that to a large extent were accepted by the Committee in a October 2013 and the European Parliament in its first reading of the proposal in March 2014. In this short overview, the status of the legislative procedures will be addressed, a comment on the consequences of changing the legal form from a directive to a regulation, as well as a brief description of the content of the General Data Protection Regulation relevant to research on health data.

Design and implementation of the advanced cloud privacy threat modeling

Privacy-preservation for sensitive data has become a challenging issue in cloud computing. Threat modeling as a part of requirements engineering in secure software development provides a structured ...