Learn how GA4GH helps expand responsible genomic data use to benefit human health.
Learn how GA4GH helps expand responsible genomic data use to benefit human health.
Our Strategic Road Map defines strategies, standards, and policy frameworks to support responsible global use of genomic and related health data.
Discover how a meeting of 50 leaders in genomics and medicine led to an alliance uniting more than 5,000 individuals and organisations to benefit human health.
GA4GH Inc. is a not-for-profit organisation that supports the global GA4GH community.
To guide our collaborative, globe-spanning alliance, GA4GH relies on a Standards Steering Committee and an Executive Committee.
The Funders Forum brings together organisations that offer both financial support and strategic guidance.
The EDI Advisory Group responds to issues raised in the GA4GH community, finding equitable, inclusive ways to build products that benefit diverse groups.
Distributed across four Host Institutions, our staff team supports the mission and operations of GA4GH.
Curious who we are? Meet the people and organisations across six continents who make up GA4GH.
More than 500 organisations connected to genomics — in healthcare, research, patient advocacy, industry, and beyond — have signed onto the mission and vision of GA4GH as Organisational Members.
These core Organisational Members are genomic data initiatives that have committed resources to guide GA4GH work and pilot our products.
This subset of Organisational Members whose networks or infrastructure align with GA4GH priorities has made a long-term commitment to engaging with our community.
Local and national organisations assign experts to spend at least 30% of their time building GA4GH products.
Anyone working in genomics and related fields is invited to participate in our inclusive community by creating and using new products.
Wondering what GA4GH does? Learn how we find and overcome challenges to expanding responsible genomic data use for the benefit of human health.
Study Groups define needs. Participants survey the landscape of the genomics and health community and determine whether GA4GH can help.
Work Streams create products. Community members join together to develop technical standards, policy frameworks, and policy tools that overcome hurdles to international genomic data use.
GIF solves problems. Organisations in the forum pilot GA4GH products in real-world situations. Along the way, they troubleshoot products, suggest updates, and flag additional needs.
NIF finds challenges and opportunities in genomics at a global scale. National programmes meet to share best practices, avoid incompatabilities, and help translate genomics into benefits for human health.
Communities of Interest find challenges and opportunities in areas such as rare disease, cancer, and infectious disease. Participants pinpoint real-world problems that would benefit from broad data use.
See all our products — always free and open-source. Do you work on cloud genomics, data discovery, user access, data security or regulatory policy and ethics? Need to represent genomic, phenotypic, or clinical data? We’ve got a solution for you.
All GA4GH standards, frameworks, and tools follow the Product Development and Approval Process before being officially adopted.
Learn how other organisations have implemented GA4GH products to solve real-world problems.
Help us transform the future of genomic data use! See how GA4GH can benefit you — whether you’re using our products, writing our standards, subscribing to a newsletter, or more.
Help create new global standards and frameworks for responsible genomic data use.
Align your organisation with the GA4GH mission and vision.
Solve your real-world data problems with support from this valuable network of global institutions.
Work with like-minded groups committed to better data use in areas like rare disease, cancer, and infectious disease.
Share your thoughts on all GA4GH products currently open for public comment.
Solve real problems by aligning your organisation with the world’s genomics standards. We offer software dvelopers both customisable and out-of-the-box solutions to help you get started.
Learn more about upcoming GA4GH events. See reports and recordings from our past events.
Speak directly to the global genomics and health community while supporting GA4GH strategy.
Be the first to hear about the latest GA4GH products, upcoming meetings, new initiatives, and more.
Questions? We would love to hear from you.
Read news, stories, and insights from the forefront of genomic and clinical data use.
Attend an upcoming GA4GH event, or view meeting reports from past events.
See new projects, updates, and calls for support from the Work Streams.
Read academic papers coauthored by GA4GH contributors.
Listen to our podcast OmicsXchange, featuring discussions from leaders in the world of genomics, health, and data sharing.
Check out our videos, then subscribe to our YouTube channel for more content.
View the latest GA4GH updates, Genomics and Health News, Implementation Notes, GDPR Briefs, and more.
Discover all things GA4GH: explore our news, events, videos, podcasts, announcements, publications, and newsletters.
1 Jun 2020
The EU’s Clinical Trials Regulation (CTR) and the GDPR both apply to clinical trials and (further) scientific research. This GDPR Brief details the interplay between the two regulations.
The EU’s Clinical Trials Regulation (CTR) and the GDPR both apply to clinical trials and (further) scientific research. In this GDPR Brief, I detail the interplay of the two regulations. The GDPR has been in force since May 2018. At present, the CTR does not apply yet and is due to come into force in 2021.
Not all data processing activities pursuant to the CTR pursue the same purpose. In this respect, more than one legal basis to the various types of processing may apply. During the life cycle of a clinical trial, two main types of processing for primary use can be distinguished: 1) processing for reliability and safety purposes; 2) processing for research activities. In its Opinion 3/2019, the European Data Protection Board (EDPB) considers that processing for reliability and safety purposes falls within the scope of GDPR article 6(1)(c), i.e. based on a legal obligation, together with article 9(2)(i), i.e. public interest in the area of public health. Examples of this type of processing are the performance of safety reporting, archiving of the clinical trial master files and the medical records of test subjects. Consent to data processing is not required for these processing activities.
As regards processing for research activities, the EDPB proposes three alternative legal bases:
However, GDPR consent does not have the same meaning as informed consent in the CTR. Informed consent in a clinical trial expresses the data subject’s willingness to participate in a particular clinical trial, after having been informed of all aspects that are relevant to the subject’s decision to participate (article 2(21) CTR). Informed consent in the CTR acts a safeguard rather than a legal basis for processing. The EDBP considers that the element of “freely given” consent under the GDPR cannot be met at all times for clinical trials. The EDPB highlights this is the case where participants may not be in a good state of health, belong to a socioeconomically disadvantaged group, or are in a “situation of institutional or hierarchical dependency”. Thus, the other legal bases may be more appropriate and can provide for the default option wherever possible. If the legal basis of informed consent is chosen, a particular assessment must be carried out.
As regards the secondary use of clinical trial personal data, i.e. the use of data beyond the scope of the clinical trial protocol, the CTR requires informed consent from the participant. This informed consent should be sought from the participant at the time of the request for informed consent for participation in the clinical trial. Again, this type of consent should not be confused with the elements of consent in the GDPR. And though the EDBP recognizes that a new legal basis may not be needed provided that the conditions of article 5(1)(b) (presumption of compatibility), and article 89 GDPR (scientific research) are met, an ethical consent may still be assumed as part of the principle of fairness as laid down in article 28 CTR. There may be trials when an advance CTR informed consent is not required, i.e. in case of emergencies. The CTR also provides for alternative informed consent by proxy when the participant is unable to give consent.
Participants in a clinical trial must receive the relevant information about the clinical trial, and they should also receive the information pursuant to the GDPR, such as the legal basis for processing their data and information about their data processing rights. Participants in a clinical trial can always withdraw their informed consent under the CTR, which means they withdraw from the clinical trial itself. The withdrawal under the CTR will end the research processing, but the processing for safety and archiving obligations will be pursued. Thus, data which the controller (sponsor/ investigator) must process pursuant to legal obligations and for safety purposes may continue to be processed. This information should be included in the consent form given to participants.
Relevant CTR Provisions
Relevant GDPR Provisions
Irith Kist is legal counsel and Data Protection Officer of the Netherlands Cancer Institute (NKI).
For a list of previous briefs, please consult here.
Please note that GDPR Briefs neither constitute nor should be relied upon as legal advice. Briefs represent a consensus position among Forum Members regarding the current understanding of the GDPR and its implications for genomic and health-related research. As such, they are no substitute for legal advice from a licensed practitioner in your jurisdiction.