WP7 – Ethics requirements

This work package sets out the ‘ethics requirements’ that the project must comply with.

Description of Deliverable :

D7.1 : HCT – Requirement No. 1 [3] Copies of relevant documents for using human cells or tissues (e.g., ethics approval, import licence, accreditation/ designation/authorisation/licensing) must be kept on file.

D7.2 : POPD – Requirement No. 2 [6] The beneficiary must check if special derogations pertaining to the rights of data subjects or the processing of genetic and/or health data have been established under the national legislation of the country where the research takes place and submit a declaration of compliance with respective national legal framework(s). The host institution must confirm that it has appointed a Data Protection Officer (DPO) and the contact details of the DPO are made available to all data subjects involved in the research. For host institutions not required to appoint a DPO under the GDPR a detailed data protection policy for the project must be submitted as a deliverable. A description of the technical and organisational measures that will be implemented to safeguard the rights and freedoms of the data subjects/research participants must be submitted as a deliverable. A description of the security measures that will be implemented to prevent unauthorised access to personal data or the equipment used for processing must be submitted as a deliverable. Description of the anonymysation/pseudonymisation techniques that will be implemented must be submitted as a deliverable. In case of further processing of previously collected personal data, an explicit confirmation that the beneficiary has lawful basis for the data processing and that the appropriate technical and organisational measures are in place to safeguard the rights of the data subjects must be submitted as a deliverable. In case personal data are transferred from the EU to a non-EU country or international organisation, confirmation that such transfers are in accordance with Chapter V of the General Data Protection Regulation 2016/679, must be submitted as a deliverable. In case personal data are transferred from a non-EU country to the EU (or another third state), confirmation that such transfers comply with the laws of the country in which the data was collected must be submitted as a deliverable.

D7.3 : NEC – Requirement No. 3 [3] The use of local resources must be regulated by benefit-sharing arrangements that must be submitted as deliverable.