Disclaimer!
The PI, as well as everyone with access to sensitive personal data, is responsible for following current laws and regulations, and NBIS will not assume legal responsibility for advice provided in these guidelines.

Human data - What should you do as a PI?

Also consider going through this Ethical, Legal and Social implications (ELSI) checklist for your project.

You are welcome to contact the NBIS data manager for further consultation (data@nbis.se).
Also, do consult with the Data Protection Officer (“Dataskyddsombud”) of your employer.

More information
What is sensitive personal data?
Who is responsible for the data?
Ethical permits and Informed consents
How do NBIS experts access and analyse sensitive personal data?
How do I publish sensitive personal data?

We are working on a federated version of the European Genome-phenome Archive (EGA) in Sweden (EGA-SE), where sensitive human genomic and phenotypic data can be stored locally in e.g. Sweden, and the metadata stored centrally at EGA to make the data discoverable. The Swedish node is close, but not yet in a production stage (hopefully later this year). In the meantime we suggest to keep the human sequencing data stored locally, and make a metadata-only record in the SciLifeLab Data Repository with contact details on how to get access, and for which a DOI can be issued. The DOI can then be used in the article to refer to the dataset. Once the Swedish EGA node is operational, and the dataset deposited there, the access information can be changed to point at the EGA ID. See https://doi.org/10.17044/NBIS/G000014, for an example.

References

GDPR

Information about the GDPR

Further questions

If you have further questions regarding sensitive personal data, you are welcome to contact the NBIS data manager (data@nbis.se).