PDF(Pubmed)
Abstract:
Background: In the European Union, the General Data Protection Regulation (GDPR) plays a central role in the complex health research legal framework. It aims to protect the fundamental right to the protection of individuals\' personal data, while allowing the free movement of such data. However, it has been criticized for challenging the conduct of research. Existing scholarship has paid little attention to the experiences and views of the patient community. The aim of the study was to investigate 1) the awareness and knowledge of patients, carers, and members of patient organizations about the General Data Protection Regulation, 2) their experience with exercising data subject rights, and 3) their understanding of the notion of \"data control\" and preferences towards various data control tools. Methods: An online survey was disseminated between December 2022 and March 2023. Quantitative data was analyzed descriptively and inferentially. Answers to open-ended questions were analyzed using the thematic analysis method. Results: In total, 220 individuals from 28 European countries participated. The majority were patients (77%). Most participants had previously heard about the GDPR (90%) but had not exercised any of their data subject rights. Individual data control tools appeared to be marginally more important than collective tools. The willingness of participants to share personal data with data altruism organizations increased if patient representatives would be involved in the decision-making processes of such organizations. Conclusion: The results highlighted the importance of providing in-depth education about data protection. Although participants showed a slight preference towards individual control tools, the reflection based on existing scholarship identified that individual control holds risks that could be mitigated through carefully operationalized collective tools. The discussion of results was used to provide a critical view into the proposed European Health Data Space, which has yet to find a productive balance between individual control and allowing the reuse of personal data for research.
摘要:
背景:在欧盟,通用数据保护条例(GDPR)在复杂的健康研究法律框架中发挥着核心作用。它旨在保护保护个人个人数据的基本权利,同时允许此类数据的自由移动。然而,它因挑战研究行为而受到批评。现有的奖学金很少关注患者社区的经验和观点。该研究的目的是调查1)患者的意识和知识,看护者,和患者组织成员关于《通用数据保护条例》,2)他们行使数据主体权利的经验,3)他们对“数据控制”概念的理解以及对各种数据控制工具的偏好。方法:2022年12月至2023年3月间发布了一项在线调查。定量数据进行描述性和推断性分析。使用主题分析方法对开放式问题的答案进行了分析。结果:总的来说,来自28个欧洲国家的220人参加了会议。大多数是患者(77%)。大多数参与者以前听说过GDPR(90%),但没有行使任何数据主体权利。单个数据控制工具似乎比集体工具更为重要。如果患者代表参与此类组织的决策过程,则参与者与数据利他主义组织共享个人数据的意愿会增加。结论:结果强调了提供有关数据保护的深入教育的重要性。尽管参与者对个人控制工具表现出轻微的偏好,基于现有奖学金的反思发现,个人控制存在可以通过谨慎操作的集体工具来减轻的风险。对结果的讨论被用来提供对拟议的欧洲健康数据空间的批判性看法,它还没有在个人控制和允许重复使用个人数据进行研究之间找到有效的平衡。
