Abstract
Personal data protection is an ethical issue. In this study we analyzed how research ethics committees (RECs) and data protection officers (DPOs) handle personal data protection issues in research protocols. We conducted a mixed-methods study. We included heads (or delegated representatives) of RECs and DPOs from universities and public research institutes in Croatia. The participants provided information about data protection issues in research and their mutual collaboration on those issues through structured interviews that contained closed and open-ended questions. Qualitative description was used to analyze open-ended questions. The results showed that 55% of the REC representatives were not aware who was DPO in their institution. Among RECs, 65% never contacted the DPO. There were 61% of RECs who reported that they received no training from the organization on personal data protection. When asked about barriers to personal data protection in their institutions, 26% of REC members highlighted the lack of a clear protocol for assessing personal data protection issues, while 30% of DPOs mentioned lack of knowledge among researchers about personal data. In conclusion, we found that when it came to protecting personal data in research protocols, RECs and DPOs hardly ever worked together. When developing future personal data protection policies for academic and scientific research institutions, it is essential that RECs and DPOs should collaborate and both continue to expand/update their knowledge on personal data protection procedures.