The GDPR requires data controllers, at the planning stage and at the time of processing, to take appropriate steps to meet the requirements of the GDPR and protect the rights of the data subjects. [...] Specifically, the GDPR requires that you provide individuals with the following information (this is known as the prescribed information): ▪ The name of the data controller(s) (i.e., MCRI and any co- or joint data controllers if relevant) and the contact details of the local data protection officer and MCRI’s data privacy officer ▪ The purposes for which the data are intended to be processed ▪ The. [...] In these instances, it will be the responsibility of the Australian Principal investigator, with the assistance of the MCRI Legal Team and Privacy Officer (referred to in the GDPR as the “Data Protection Officer (DPO)”), to complete the DPIA for their study and ensure that it meets the requirements of the GDPR. [...] The following also needs to be addressed in each DMP: - The role of personal data in the project - Identify any risks to privacy within your project - Identify any risks to privacy to Data Subjects - A description of the processing operations and purpose - Why the processing of personal data is necessary and proportional for the purposes of your project - The information flow of the data collected. [...] 10.3 Individual Rights and exemptions The GDPR grants individuals new or improved rights in relation to their personal data, including: ▪ The right to access the data ▪ The right to object to processing ▪ The right to request that the data be deleted (i.e., The right to be ‘forgotten’) ▪ The right to request that the processing of the data be restricted; and ▪ The right to request the rectificatio.
Authors
- Pages
- 25
- Published in
- Australia
