SecAppDev 2022 Lecture Details

Privacy and ethics in secondary use of sensitive data

Griet Verhenneman
Monday June 13, 09:00 - 10:30
Short description

Anonymisation versus pseudonymisation, public interest versus commercial interest, opt-in versus opt-out, and the pull versus push approach to transparency. This session explores the limitations, but also provides solutions.


The processing of health-related data is strictly regulated, and so is the secondary use of such data. Yet the demand for using data for scientific research and secondary purposes is high. Therefore, it is crucial to balance the data subjects' fundamental right to the protection of their privacy and their personal data with the need to support data-driven innovation.

This session explores the do's and don'ts when processing health-related data for scientific research and secondary purposes, based on policies developed by multidisciplinary teams at the University Hospitals Leuven.

Key takeaway

Transparency, pseudonymisation and, depending on the context, the right to opt-out should be your keys to the (re)use of personal health-related data.

Content level


Target audience

Anyone looking for suggestions on the implementation of data protection law in secondary use.


Knowledge on the basic principles of GDPR is helpful, but not required

Download handouts

Griet Verhenneman

Griet Verhenneman

Data Protection Officer - Research Fellow, University Hospitals Leuven, KU Leuven - CiTiP

dr. Griet Verhenneman is a legal expert on privacy, data protection and e-health. She combines expert theoretical knowledge with a DPO’s hands-on experience of implementing data protection and privacy in a challenging environment. In her position as Data Protection Officer at UZ Leuven, she brings data protection into practice. In her position as Research Fellow at the Centre for IT and IP Law KU Leuven (CiTiP) and Lecturer in the Master program IP & ICT Law she continues her academic work on the legal implications of ICT-driven evolutions in our society.

Full speaker profile

Related privacy, safety & ethics sessions

Implementing GDPR in software projects

Lecture by Mykyta Petik

This sessions aims to provide a general overview of how to implement GDPR in SDLC and ensure compliance with privacy and personal data protection rules

Privacy, safety & ethics Monday June 13, 14:00 - 15:30

Privacy-friendly proximity and presence tracing

Lecture by Bart Preneel

During the corona pandemic, privacy-friendly protocols for proximity and presence tracing have been widely deployed in a very short time. Even if these technologies were overhyped, they have delivered valuable contributions.

Privacy, safety & ethics Monday June 13, 16:00 - 17:30