A Normative Framework for the Reconciliation of EU Data Protection Law and Medical Research Ethics

EU data protection and medical research ethics overlap in scope and content in numerous instances in which personal data is processed in medical research. It is not always the case, however, that the conditions outlined by the two rule-sets precisely coincide. In the past few years, this lack of confluence has led to significant confusion as to how the two rule-set should best relate to one another. This confusion has led to numerous different approaches to the relationship being taken, on occasion leading to counter-intuitive conclusions. Unfortunately, there has hitherto been little effort to provide clarity to this confusion. In this regard, this article attempts to provide a general normative framework aimed at facilitating cogent and just reconciliations of EU data protection law and medical research ethics.