CSC’s statement to Findata on requirements for secure environments provided by other service providers
CSC notes the starting point for different services and requirements should be enabling, which would also be in line with the idea of the European Data Protection Regulation, namely enabling the re-use of data. When processing sensitive data, security is crucial and it must be built in a way that allows the re-use of data.
The requirements for secure environments must enable a diverse ecosystem for research, statistics and other data exchange. Findata as the primary licensor should be able to review licence applicants over a longer period of time so that the entire evaluation process does not have to be started from scratch, but that previously submitted applications and unchanged data can be taken into account in subsequent applications.
The CSC recognises that many research projects involve participants from several organisations, which means that all users need access to the same secure environment. Therefore, the requirements for secure environments should enable a centralised secure environment rather than building a separate system for each actor. The user environment must also be user-friendly from the point of view of the end-user, such as researchers.