Training activity information
Details
Complete or revise a data protection impact assessment for a data analysis process and make recommendations for action where required
Type
Developmental training activity (DTA)
Evidence requirements
Evidence the activity has been undertaken by the trainee​.
Reflection on the activity at one or more time points after the event including learning from the activity and/or areas of the trainees practice for development.
An action plan to implement learning and/or to address skills or knowledge gaps identified.
Considerations
- International, national and local information governance policies and legislation
- Caldicott principles
- Data security
- Informed consent
- The need for data sharing in genomics
Reflective practice guidance
The guidance below is provided to support reflection at different time points, providing you with questions to aid you to reflect for this training activity. They are provided for guidance and should not be considered as a mandatory checklist. Trainees should not be expected to provide answers to each of the guidance questions listed.
Before action
- What are the key principles of data protection relevant to data analysis? What is the purpose and structure of a Data Protection Impact Assessment (DPIA)?
- How will you improve your understanding of data protection requirements in the context of genomic data analysis? How will you develop your skills in conducting or revising a DPIA and recommending appropriate actions? What is your current knowledge of data protection legislation and DPIA processes?
- Will you review relevant data protection legislation and guidance on conducting DPIAs? Will you familiarise yourself with the data analysis process for which you will complete or revise the DPIA? Have you discussed this activity with individuals responsible for data governance? What potential data protection risks might you identify? How do you feel about working with data protection regulations?
In action
- What specific data analysis process are you assessing? What are the key steps involved in the process and what data is being used? How are you identifying potential data protection risks and impacts? What recommendations for mitigation are you considering?
- Are you systematically working through the data analysis process to identify potential risks? Are you documenting your assessment and the rationale behind your recommendations?
- If you identify significant risks, are you exploring different mitigation strategies? Are you considering the legal and ethical implications of the data analysis process?
On action
- Describe the data analysis process for which you completed or revised a data protection impact assessment (DPIA). What were the key data protection considerations and your recommendations?
- What are the key principles and requirements of data protection legislation relevant to data analysis in genomics? What steps are involved in conducting or revising a DPIA? What types of risks and recommendations did you identify for the data analysis process? How did your understanding of data protection principles (‘reflect-in-action’) guide your DPIA work? How does the ability to complete or revise a DPIA relate to practicing ethically and legally in Clinical Bioinformatics?
- What aspects of data protection legislation and DPIAs do you want to understand better? How can you apply your knowledge of data protection to future bioinformatics projects? What specific actions will you take to enhance your skills in data protection and impact assessments? What resources or support would be beneficial for further developing your understanding of data protection in a healthcare setting?
Beyond action
- Have you been involved in other data protection impact assessments (DPIAs) or discussions around data governance since this training activity? How did your experience inform your understanding of data protection principles?
- Can you identify instances where you have considered the data protection implications of a new data analysis process?
- How will your understanding of data protection legislation and DPIAs contribute to responsible and ethical data handling in your future practice?
Relevant learning outcomes
| # | Outcome |
|---|---|
| # 4 |
Outcome
Summarise results of data analysis to stakeholders. |
| # 7 |
Outcome
Practice in accordance with data protection legislation. |