As health research becomes increasingly data-driven, ensuring robust data protection and ethical handling of sensitive information is more important than ever. When dealing with technologies like Federated Learning and cross-border data sharing, the risks to privacy grow, and so does the need for clear, actionable guidance.
To address this, ONCOVALUE is proud to have contributed to a newly published white paper: “Guidance for DPIA Practices from EU-Funded Projects”, developed within the EASiNet Cluster.
This publication provides a comprehensive overview of Data Protection Impact Assessments (DPIAs), a legal requirement under Article 35 of the GDPR. More than a compliance tool, DPIAs are essential for ensuring transparency, managing risk, and building public trust in digital health innovation.
What’s inside the whitepaper?
- A practical, step-by-step DPIA methodology, drawing on insights from 8 EU-funded projects
- Legal and operational insights tailored to real-world project settings
- Concrete recommendations and best practices for research teams and data protection officers
Why it matters:
In an increasingly data-driven world, vast volumes of personal data fuel innovation, enable digital services, and drive evidence-based decision-making. Within the European Union, research and innovation funded through programmes such as Horizon Europe, Digital Europe, and the Connecting Europe Facility often involve the sharing and processing of personal data to support advanced technological development.
While this data processing delivers major benefits, it also introduces risks to the fundamental rights and freedoms of individuals. To address these risks, the General Data Protection Regulation (GDPR), in force since May 2018, provides a robust legal framework for data protection in Europe. Rooted in the fundamental right to privacy, the GDPR emphasizes accountability, risk management, and privacy by design as foundational to lawful and ethical data use.
The white paper contributes to this vision by translating legal requirements into practical steps, drawing directly from the experience of diverse EU-funded projects working at the intersection of AI, cybersecurity, clinical data, and digital health. Projects featured include: ONCOVALUE, PAROMA-MED, TRUMPET, FLUTE, ENCRYPT, Harpocrates, WARIFA, TITAN, and EOSC.
Their collective insights offer a valuable reference for upcoming projects aiming to integrate strong data protection practices from day one.
As we shape the future of European research and innovation, this white paper provides a foundation for embedding privacy and accountability not as afterthoughts but as essential principles for building public trust and enabling ethical progress.
