Data Protection Regulations
Compliance with National Data Protection and Security Regulations: Developing Broad Guidance for a Diverse Global Regulatory Environment
Conference
Format: Fifteen-Minute Discussion Tables
Topic: 2. Governance and Regulation
Abstract
There has been an increase in data protection and cyber security laws globally that impact research administration and compliance. Following implementation of the European Union’s General Data Protection Regulation (GDPR) in 2018, many Global South countries passed similar data security and privacy laws with unique nuances to their own country contexts. In the United States, the implementation of the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) program may influence how cybersecurity is handled in other federal agencies, including the National Institutes for Health (NIH).
While many universities have developed institutional guidance for compliance to U.S. and E.U regulations, less attention has been paid to numerous other countries with similar laws and regulations. Due to the challenge of creating universal guidance that ensures effective compliance with all national data protection acts globally, stakeholders must work together to share information and solutions that respect and comply with host country laws and regulations.
This discussion table will allow stakeholders to share perspectives regarding how their institution or organization tracks and complies with data protection acts and heighted cybersecurity expectations across various countries. The groups will discuss commonalities and differences between different data regulations by country and opportunities to generalize guidance for researchers to raise awareness and ensure compliance with host country data security and privacy laws when conducting research.