The document outlines the agenda and goals of the RDA-NISO Interest Group focused on the privacy implications of research data. Key objectives include developing a framework for privacy precautions in data sharing, identifying privacy laws, and creating a registry of relevant regulations. Upcoming tasks include compiling use cases, value statements, and a glossary while promoting outreach and engagement within the scientific community.

1. RDA-NISO Interest Group on Privacy
Implications of Research Data Sets
P11 - Berlin
March 21, 2018
rd-alliance.org/groups/rdaniso-privacy-implications-research-data-sets-wg.html

2. 2
 Welcome, Introductions and ground setting
 Presentations and breakouts of the IG Task Groups
A. Value Statements
B. Use Cases & Personas
C. Glossary of Relevant Terms
D. Select Privacy Laws & Regulations Registry
 RDA BoF on Sensitive Data - background
 Ethics in FAIR Data Session
 Related work from WG on Data Security & Trust, the
Health Data IG, Legal Interoperability IG, Metadata IG
 Discuss plans for IG outputs and next steps
Agenda

3. 3
The group will work to achieve the following specific outcomes:
 Development of a framework that explains, at a high level, the
precautions that data creators, repositories, aggregators and
scientists should use in creating, using, preserving, and providing
access to research data.
 Definitions of key vectors where privacy issues are evident in the
ecosystem of data sharing and reuse.
 An outline of situations where privacy principles would be applied.
 Identification of key privacy laws or regulations at national and
international levels that apply when sharing data worldwide.
 Gather and share a bibliography of data-and-privacy-related
materials for public use.
 Advancement of adoption of the principles through an outreach and
communications campaign
Expected Outcomes

4. 4
 Chair(s): Todd Carpenter, Bonnie Tijerina, Jörg Geiger,
Freyja Van den Boom, Nora Mattern
 Current IG members: 101 (March 20, 2018)
 Target participants
 Researchers, Privacy/Legal Experts, Administrators, Repository
Managers, Librarians
About the Interest Group

5. 5
IG Home on the RDA Website

6. 6
Sign up for the working group
Go to: http://bit.ly/1WO6YUd
Login to RDA system (or create a profile, if you don’t have one)
On the Right-hand column, select “Join this working group”
Regular meetings are taking place, but limited number of people in the group
are participating.
How to engage

7. 7
Thank you to this effort’s sponsors

8. 8
 Value Statements & Analysis
 Use Cases & Personas
 Glossary of Relevant Terms
 Select Privacy Laws & Regulations
Registry
Reports/Discussions from Task Forces Output

9. 9
 RDA/NISO IG Task Group: Value
Statements Output
Value Statements Output

10. 10
 https://docs.google.com/spreadsheet
s/d/19p_Ino566IRTYQ7hX8zMSBHbj
dD0c55iZE6SzCA57Yo/edit#gid=0
Value Statements Analysis Output

11. 11
 https://docs.google.com/document/d/
130aZmuLal3HzYUTXP8VIw2uLTa2
Yirtscf_x8LaCUHc/edit
Use Cases & Personas Template

12. 12
Use Cases Output

13. 13
 100 Terms - Available to edit at: http://bit.ly/2DJpedI
NISO-RDA Data Privacy Glossary Output

14. 14
 Sources drawn from:
 EU –General Data Protection Regulation (GDPR)
 UK Data Protection Act 1998
 ISO/IEC 29100:2011
 ISO/TS 25237:2008
 EC - Data protection and privacy ethical guidelines
 Canada - Guideline for researchers on securing research participants'
data
 USA NIST – Special Publication 800-32
 USA – OMB Curricular A-130UK Data Protection Act
 USA NIST - National Information Systems Security Glossary
 US HIPAA Law
 World Medical Association
NISO-RDA Data Privacy Glossary Output

15. 15
 The international legal landscape for privacy protection
is extremely complicated and heterogeneous.
 Legal issues vary based on national and international
laws and regulations and by data type
 While there is a plurality of countries that have some
form of privacy-based regulation, this is not true in more
than 67 countries.
 Even where there are national laws related to privacy,
the definitions and protections vary widely from country
to country.
 This poses a significant challenge to international
sharing of datasets containing human subject
information.
RDA-NISO Data Privacy Laws & Regulations
Registry - Output

16. 16
 The registry is a list of national privacy laws and
regulations, particularly focused on scientific information
exchange, but also cover more general privacy
protections, with links to the source documents.
 This list is not meant to be exhaustive either in scope,
nor in international coverage.
 A portion of this information is derived from the
International Compilation of Human Research
Standards compiled by the Office for Human Research
Protections at the U.S. Department of Health and
Human Services
RDA-NISO Data Privacy Laws & Regulations
Registry - Output

17. 17
 Available to edit at http://bit.ly/2GOMJoX
RDA-NISO Data Privacy Laws & Regulations
Registry

18. 18
 WG on Sensitive Data
 Continue building out use cases
 Promotion of data privacy issues
 YOUR IDEAS?
Future ideas for the IG – New Directions

19. 19
 Join the group
 Participate in the calls
 Input on the Google Docs
 For more information:
 Todd Carpenter – tcarpenter@niso.org
 Jörg Geiger - joerg.geiger@uni-wuerzburg.de
 Nettie Lagace – nlagace@niso.org
 Bonnie Tijerina - bonnie@datasociety.net
THANK YOU