Skip to Content

Wiki source code of GDPR for Researchers

Last modified by publicadmin on 2025/12/16 13:04
Show last authors
1 Processing of research data involving health information of natural persons is subject to the requirements of the General Data Protection Regulation (GDPR).  The VRE acts as a processor on behalf of the data controller and processes data only on instruction from the data controller (GDPR Article 32(4)).
2
3 Researchers are responsible for familiarizing themselves with their obligations as data controllers under GDPR.  There are several resources available to learn more about GDPR, including, inter alia, institutional, local and state Data Protection Officers, web resources such as [[https:~~/~~/gdpr.eu/>>url:https://gdpr.eu/]] and recorded seminars offered by the University of Vienna [[Department of Innovation and Digitalisation in Law YouTube channel>>url:https://www.youtube.com/channel/UCLEztjIfQR1Vq8XvFxOT3tg]], and [[BrainModes YouTube channel>>url:https://www.youtube.com/channel/UCZxHt1mmrCafBwS4iPoUSrQ]].
4
5 The VRE provides users with a number of controls, security features and functionalities described in the [[VRE User Guide>>https://vre.charite.de/xwiki/wiki/vrepublic/view/Main/user_guide/]] and white paper, supported by VRE technical documentation and Charité IT policies and procedures, all of which were the subject of the GDPR Service Readiness Audit.  These Technical and Organizational Measures can be used by Data Controllers to support their obligations with respect to the processing of personal data in the VRE.  Any additional questions relating to the security controls of the VRE can be sent to our support desk at [[vre-support@charite.de>>path:mailto:vre-support@charite.de]].
6
7 Data processing that does not involve health information of natural persons is not subject to the General Data Protection Regulation.  Examples include projects involving the processing of animal data and/or purely synthetic data not derived from data of natural persons.