Expert Advice Community

Guest

GDPR and DPA Genome/Sensitive data

  Quote
Guest
Guest user Created:   Apr 14, 2021 Last commented:   Apr 15, 2021

GDPR and DPA Genome/Sensitive data

Yes, can you tell me who one has to report to if the data subject decides that it doesn't want its genome material in a database anymore

0 0

Assign topic to the user

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

EU GDPR DOCUMENTATION TOOLKIT

Step-by-step implementation for smaller companies.

Expert
Alessandra Nisticò Apr 15, 2021

Who collected the genetic data? A hospital? A research lab? The data subject should contact the data controller who collected the data and exercise the right of erasure according to the privacy notice.

The data controller will verify if the request can be fulfilled or not. Member States may introduce specific limitations to data subjects' rights (even to the sensitive data under Article 9 GDPR) in order to protect scientific research programs, for example. So maybe there is a legitimate base to keep the genetic data in the database without the consent of the data subject.

Controller processing genetic data should have a Data Protection Officer (DPO), so the data subject may contact the DPO in order to have clarification.

Here you can find more information about consent:

If you need to understand how to process consent under GDPR, you can consider enrolling in our free online training EU GDPR Foundations Course: https://training.advisera.com/se/eu-gdpr-foundations-course//

Quote
0 0

Comment as guest or Sign in

HTML tags are not allowed

Apr 14, 2021

Apr 15, 2021

Suggested Topics