Charta of the Working Group "Infrastructure and Data Security" (IDS) in the NFDI Section "Common Infrastructures"

Scientific disciplines deal with the proper management of personal data of human data subjects that fall under the EU General Data Protection Regulations (GDPR) or other sensitive data types that require technical and organizational measures to ensure a high degree of information security. National initiatives (e.g., in Germany the National Research Data Infrastructure / NFDI and Medical Informatics Initiative / MII) and international initiatives (e.g., European Open Science Cloud / EOSC, Digital Europe, European Health Data Space / EHDS) are developing Secure Processing Environments (SPE) that upon conclusion of Service Level Agreements (SLAs) ensure a high degree of information security and data privacy to their users in compliance with national and EU law. This working group "Infrastructure and Data Security" (IDS) in the NFDI Section Common Infrastructures deals with the required technical and organizational measures that need to be implemented in research infrastructure to ensure secure and lawful processing and management of personal and sensitive data. For the first two years, the envisaged work plan defines the specific requirements for selected user journeys obtained from various NFDI consortia. We will evaluate which requirements are already covered by existing solutions, and which do require further development. In addition, the IDS working group develops a recommendation for a generic SPE architecture and provides a plan for the next steps after this initial phase.