The European Union (EU) General Data Protection Regulation (GDPR) went into effect on May 25, 2018. The purpose of the GDPR is to harmonize data privacy laws across Europe and strengthen data privacy protections for persons in the European Economic Area (EEA). The GDPR may also protect the personal data of persons located outside the EEA under certain circumstances. The GDPR carries the potential for significant fines for noncompliance. Learn more about the GDPR here.
The GDPR affects how and what personal data can be collected about individuals, including information collected for research purposes. The University of Illinois System has already implemented a Supplemental Privacy Notice explaining how the University processes personal information covered by the GDPR. UIC has also enhanced website disclosures on priority websites where cookies are used, and assessments pertaining to how the GDPR affects research are currently in progress.
The UIC Office for the Protection of Research Subjects is currently polling investigators to identify active research studies that may be affected by the GDPR. If you are a UIC investigator who is currently conducting research that involves or will involve any of the following, please click here to complete a brief questionnaire:
- Primary data will be collected from persons physically located in the EEA;
- Secondary data will be obtained from an entity in the EEA about individuals located anywhere in the world;
- Data will be scraped from accounts or websites of persons or entities in the EEA;
- Collaborating researchers/parties in the EEA are providing their personal data; or,
- Personal data collected in 1-4 will be shared outside UIC
Responses to this poll will only be used by OPRS staff to contact you for follow-up, if needed.
Thank you for your assistance with this important issue. If you have any questions, please contact OPRS at firstname.lastname@example.org.
Joanna Groden PhD Elaine Fluder, MSN
Vice Chancellor for Research Director, OPRS