What GDPR and the Health Research Regulations (HRRs) mean for Ireland: "explicit consent"-a legal analysis.

BACKGROUND

Irish Health Research Regulations (HRRs) were introduced following the commencement of the General Data Protection Regulation (GDPR) in 2018. The HRRs set out supplementary regulatory requirements for research. A legal analysis presented under the auspices of the Irish Academy of Medical Sciences (IAMS) on April 8 and November 25, 2019 at the Royal College of Surgeons in Ireland welcomed the introduction of GDPR and the HRRs. The analysis found the GDPR "explicit consent" introduced by the HRRs is problematic. A call was made to regulate informed consent in line with the common law as an achievable alternative safeguard, bringing Ireland in line with other EU Member States.

AIMS

This article aims to review academic papers, legal opinion, EU opinion and advice and data protection law in relation to research and explicit consent, in order to examine the legal burden of GDPR and the HRRs on health research in Ireland and to determine whether the analysis presented at the IAMS meetings is reflected more widely in legal text.

METHODS

Legal literature review of academic papers, legal opinion, EU opinion and advice and data protection legislation.

RESULTS

The legal literature review overwhelmingly supports the concerns raised.

CONCLUSIONS

Our results confirm the GDPR explicit consent requirement of the HRRs is having had a significantly negative and far-reaching impact on the conduct of health research in Ireland. Urgent review of the HRRs and meaningful engagement between the health research community and legislators in healthcare is required.