Optimising cohort data in Europe

and granular. This complexitymakes it difficult to evaluate the impact of data use on ethical principles, human rights and social structures (Sun et al., 2018). One of the solutions is to leverage specific big data repositories (e.g. EHRs, Clinical Registries-CRG) with big data analytics in general. Standardisation of EHR software tools provides a potential for data scalability and thus comparison (Prasser et al., 2018). This scalability potential also allows an effective return of data to patients and providers (Steinbach et al., 2018). Because of such characteristics, EHR/CRG data is increasingly linked to repositories and biobanks and omics data. As a result, it is possible to implement a more effective and context specific translation of results into clinical contexts (e.g. re-classifying patients in clinical settings in the context of genomic variation) (Klingstrom et al., 2018). 2.1.3. Data access (a) Data status: anonymisation, pseudonymisation and access arrangements Article 89(1) of the GDPR gives indications about the kind of organisational and technical measures needed for safeguarding the rights of data subjects during data processing. Most existing regulations stipulate that adequate governance mechanisms should be already available in the initial phases of data processing. The GDPR reinforces this logic as it aims to achieve “privacy by design” where safeguards are built into the research infrastructure from the onset of studies. A key feature in access governance and the technical and organisational measures needed to ensure it is data status . That is, before taking any measures, it is necessary to determine the extent to which the available data can be considered personal data in the GDPR (Slokenberga et al., 2021). In this respect, the GDPR is articulated around two kinds of data types, namely pseudonymised and anonymised data. The GDPR does not concern anonymised data because, according to its Recital 26, de-identification of data subjects is irreversible: the data is anonymised in such a manner that the research participant can no longer be identified and there is no data remaining that could be related to identifiable persons (General Data Protection, Recital 26, 2016). By contrast, all the processing of pseudonymised data falls under the GDPR. This is because additional information can still potentially lead to the re-identification of participants. This means that organisational and technical measures are necessary in order to ensure that pseudonymised personal data would not be related to identifiable persons (Molnár‐ Gábor and Korbel 2020).Many health and cohort research projects rely on pseudonymised data where a level of participants’ traceability (e.g. genomic research) and re-contacting opportunities are needed (e.g. longitudinal studies). Pseudonymisation is also seen as a technical measure for ensuring the necessity and proportionality principles central to the GDPR (cf. Section 1). That is, pseudonymisation is one of the measures ensuring that personal data would be processed only if necessary for a specific purpose and in relation to a specific research question (Guinchard, 2018).