On July 16, the CNIL adopted five new Methods of Reference (MR-001 to MR-005) for the health care sector to simplify compliance procedures when processing personal data for health research purposes (source document in French). Data controllers that process personal data in compliance with a Method of Reference will not be required to obtain prior authorization from the CNIL.

The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.