ELIXIR Ethics Policy

The purpose of many ELIXIR Services is to facilitate the open sharing of research data. While data and knowledge provided by ELIXIR Services will be accessible to researchers, this does not mean that the use of data is unencumbered: restrictions on the use of data may arise due to legal (e.g. data protection requirements, copyright protection, or license restrictions) or ethical considerations. Especially for ELIXIR Services managing data from human research participants that are used in the context of clinical and health research, gaining and deserving the trust of patients, study participants and donors concerning the proper handling of their data is of utmost importance for research to proceed and generate benefits for society. The ELIXIR Ethics Policy provides evidence that an adequate level of protection of personal data including sensitive data is in place throughout ELIXIR - including across national borders - which increases the acceptance of clauses in consent forms concerning data deposition with ELIXIR Services.

ELIXIR Services are formally defined and must meet specific criteria based on the ELIXIR founding documents. Every ELIXIR Service involving personal data must have a regulatory framework ensuring that these data are made available for research in a way that is compliant with all relevant (e.g. EU-level, national and local or internal) legal and ethical requirements. At the same time, ELIXIR is a distributed infrastructure and its Nodes are independent organisations. The Node providing an ELIXIR Service is responsible for the implementation of the requirements of the ELIXIR Ethics Policy. Consequently, the Policy does not prescribe how the specific requirements are met; this is up to the Node.

The Ethics Policy, which is a specific requirement of the ELIXIR founding documents, consolidates requirements that are shared across all ELIXIR Members and Services. It imposes no additional constraints on the use of data contributed to ELIXIR Services than those provided by the Data Controller/Provider or existing legal and ethical requirements. ELIXIR Services do not assume the ownership of the data they hold, but provide a platform where data controllers/data providers can share their data with the community.

One of the major achievements made during the development of the ELIXIR Ethics Policy is the clear definition of responsibilities with respect to the provision of data underlying regulatory requirements into those to be met by the individual researcher or investigator
or body of researchers or investigators that submits data for access and use in the context of an ELIXIR Service (the “data provider”), the ELIXIR Service, and the individual researcher or investigator or group of researchers or investigators that accesses and/or
uses data made available as part of an ELIXIR Service (the “data user”).

The ELIXIR Ethics Policy is accompanied by a document providing background and context for the requirements of the policy (Annex 2). The background document will be updated continually and expanded to include more in-depth explanations of the requirements included in the policy, where they originate, how they can be implemented, and a clarification of how the policy relates to guidance provided by other relevant initiatives (such as the GA4GH, among others).