Ensuring the protection of privacy and the compliance with data protection rules have become central issues for researchers active in the biomedical field. Data protection law is often perceived as very complex and difficult to interpret, which can hinder the efficacious planning and implementation of new research projects. Indeed, the sophisticated legal architecture that governs data processing activities in general and biomedical research in particular might feel overwhelming for both legal practitioners and researchers.
The objective of this article is to review the interaction of data protection law and biomedical research with a predominant focus on the Swiss context. In order to facilitate a better understanding of this issue, we discuss three crucial nodes that shape the interplay of law and data processing in research First, we explore the meaning of “personal” data, the requirements to classify data as “personal”, “non-personal”, “pseudonymised” or “anonymised” and the implications of such classifications from a legal perspective. We then consider the relationship between sector-specific data processing regulations for research and other laws on data protection. Finally, we examine the role of consent for data processing in the research field and its significance from a data protection perspective. In conclusion, this review underlines the importance of fostering reciprocal collaboration of data protection experts and biomedical researchers to facilitate the development of new projects in the future.