The Swedish Data Protection Authority recently launched an investigation into Umeå University’s handling of sensitive personal data, specifically data obtained from the Danish Police Authority for research purposes.
The Swedish Police Authority to the Data Inspectorate has alleged that the university sent the sensitive data in its possession via unencrypted email.
Data protection in research is of paramount importance in two ways. On the one side, data should be protected by research institutions (especially when research is carried out on sensitive data) – with reference to the protection of personal data. Secondly, EU legislators and supervisory authorities should really work to enable more ways to lawfully use personal data for research purposes – the use of personal data to advance knowledge.