D2.1 - Data processing, Data Management Plan and GDPR compliance report

Monitoring data protection compliance for an initiative like GenoMed4All can only be successful if there is a swift understanding of compliance across all partners and a clear concordance. To that end, the need for a reliable and consistent approach to understand data flows, sources, recipients and roles with regards overall responsibility (including Data Controllers, Processors and Custodians) is clear. The consortium has therefore agreed that using a rigorous Data Protection Impact Assessment (DPIA) Template is key to help map out not only data flows, but also responsibilities and the prerequisites for ensuring data processing is lawful.