Why and how we should care about the General Data Protection Regulation |
| |
| Authors: | Rik Crutzen Gjalt-Jorn Ygram Peters Christopher Mondschein |
| |
| Affiliation: | 1. Department of Health Promotion, Maastricht University/CAPHRI, Maastricht, The Netherlands;2. Rik.Crutzen@maastrichtuniversity.nl;4. Faculty of Psychology and Education Science, Open University of the Netherlands, Heerlen, The Netherlands;5. Department of Work &6. Social Psychology, Faculty of Psychology and Neuroscience, Maastricht University, Maastricht, The Netherlands;7. Maastricht European Centre on Privacy and Cybersecurity, Maastricht University, Maastricht, The Netherlands |
| |
| Abstract: | AbstractThe General Data Protection Regulation (GDPR) is the new European Union-wide (EU) law on data protection, which is a great step towards more comprehensive and more far-reaching protection of individuals' personal data. In this editorial, we describe why and how we – as researchers within the field of health psychology – should care about the GDPR. In the first part, we explain when the GDPR is applicable, who is accountable for data protection, and what is covered by the notions of personal data and processing. In the second part, we explain aspects of the GDPR that are relevant for researchers within the field of health psychology (e.g., obtaining informed consent, data minimisation, and open science). We focus on questions that researchers may ask themselves in their daily practice. Compliance with the GDPR requires adopting research practices (e.g., data minimisation and anonymization procedures) that are not yet commonly used, but serve the fundamental right to protection of personal data of study participants. |
| |
| Keywords: | data protection GDPR personal data open science |
|
|
