The Data Protection Bill – virtues out of necessity? by Mourby, M, Aidinlis, S, Smith, H

“…A number of claims have been made for the Data Protection Bill, as it serves a number of purposes—modernisation, ensuring data flows post-Brexit, and exercising derogations under the GDPR to create a more ‘nationalised’ law.…”

Dictionary of privacy, data protection and information security by Elliot, M, Mandalari, AM, Mourby, M, O’Hara, K

“…The Dictionary of Privacy, Data Protection and Information Security explains the complex technical terms, legal concepts, privacy management techniques, conceptual matters and vocabulary that inform public debate about privacy. …”

Anonymity in EU health law: Not an alternative to information governance by Mourby, M

“…Anonymity, I suggest, should be understood not as a ‘technique’ which removes the need for information governance but rather as a legal standard of reasonable risk-management, which can only be satisfied by effective data protection. As such, anonymity can be not so much an alternative to data protection as its mirror, requiring similar safeguards to maintain privacy and confidentiality.…”

Balancing data subjects' rights and public interest research: examining the interplay between UK Law, EU human rights law and the GDPR by Bell, J, Aidinlis, S, Smith, H, Mourby, M, Gowans, H, E Wallace, S, Kaye, J

“…The EU General Data Protection Regulation (‘GDPR’) seeks to balance the public interest in research with privacy rights of individuals, in particular, through research exemptions and safeguards set out in Article 89. …”

Health data linkage for public interest research in the UK: key obstacles and solutions by Mourby, M, Doidge, J, Jones, K, Aidinlis, S, Smith, H, Bell, J, Gilbert, R, Dutey-Magni, P, Kaye, J

“…</p> <p>Results: We identify examples of uncertainty surrounding legal powers to share and link data, and around data protection obligations, as well as systemic delays and historic public backlash. …”

Are ‘pseudonymised’ data always personal data? Implications of the GDPR for administrative data research in the UK by Mourby, M, Mackey, E, Elliot, M, Gowans, H, Wallace, S, Bell, J, Smith, H, Aidinlis, S, Kaye, J

“…There has naturally been a good deal of discussion of the forthcoming General Data Protection Regulation. One issue of interest to all data controllers, and of particular concern for researchers, is whether the GDPR expands the scope of personal data through the introduction of the term ‘pseudonymisation’ in Article 4(5). …”

Transparency of machine-learning in healthcare: the GDPR and European health law by Mourby, M, O'Cathaoir, K, Collin, CB

“…We suggest these will be unusual in healthcare, as Article 22(4) of the General Data Protection Regulation presents a high bar. However, if solely automatic decisions are made (e.g. for inpatient triage), data subjects will have a right to ‘meaningful information’ about the logic involved. 2) Clinical decisions. …”