ABSTRACT
There are many misconceptions about data protection and research, including research in the GIS field. The most common is that processing data for research purposes is exempt from data protection law. The second is that anonymized data is equally exempt from the requirements of data protection legislation. As in most cases, these misconceptions are grounded in confusion. It is true that there is a limited provision for a research exemption from certain of the requirements of the legislation and it is equally true that anonymous data or data once anonymized are outside the provisions of the law. However, it is equally clear that data protection law imposes considerable regulation upon the processing of personal data in research contexts. This chapter explores the extent of data protection under European law in relation to medical research, focusing in particular on issues of consent, the research exemption, and anonymization. These aspects are particularly relevant to geocoded data on individuals. While the chapter is primarily concerned with European law, contentious issues in the U.K. implementation of Directive 95/46/EC will be considered. The purpose of this chapter is to show that while those who conduct medical research may see data protection requirements as damaging to their ability to ensure
comprehensive samples and highest-quality research, the contrary is true. Such regulation ensures trust between the patient, clinician, and research. The failure of trust threatens medical research.
