Oxford Events, the new replacement for OxTalks, will launch on 16th March. From now until the launch of Oxford Events, new events cannot be published or edited on OxTalks while all existing records are migrated to the new platform. The existing OxTalks site will remain available to view during this period.
From 16th, Oxford Events will launch on a new website: events.ox.ac.uk, and event submissions will resume. You will need a Halo login to submit events. Full details are available on the Staff Gateway.
Several recently enacted data protection laws appear to afford a privileged position to scientific research, including health research. Rules that might otherwise apply to data subjects and data controllers, including rights exercisable by data subjects against controllers, are lifted or lessened. However, when it comes to considering whether consent should serve as the lawful basis for processing data in the health research context, a fair degree of policy and regulatory divergence emerges. This divergence seems to stem from a normative link that some draw between consent as a research ethics principle and consent as a lawful basis in data protection law. This seminar considers the EU General Data Protection Regulation (GDPR) and three national laws, either implementing the GDPR or inspired by it, to provide points of comparison: South Africa’s Protection of Personal Information Act, 2013, the UK’s Data Protection Act 2018, and Ireland’s Health Research Regulations 2018. I argue that there is merit in distinguishing research ethics consent from data processing consent, to avoid what I term ‘consent misconception’, and come to advocate a middle-ground approach in data protection law, i.e. one that does not mandate consent as the lawful basis for processing personal data in health research projects—but does encourage it. This approach achieves the best balance for protecting data subject/research participant rights and interests and promoting socially valuable health research.
