Requirements for data protection in Horizon 2020

In this article you'll find everything you need to know about data protection and staying compliant with the security standards of the H2020 programme. Make sure your proposals and projects are secure enough to keep your funding.

Data protection in Horizon 2020

Collaborative projects require partners from various businesses and institutions to share information, plan events, discuss grants, and communicate about the project. Each team generally has a preferred method of communication; sharing documents, personal data, and research across a number of insecure channels. First and foremost, Horizon 2020 project management is about ensuring your EU research uses the right tools and software to ensure that EU funded collaborative projects follow European project management guidelines for security and are compliant with GDPR.

General Data Protection Requirements (GDPR)

Europe’s General Data Protection Requirements (GDPR) came into effect in 2018. These regulations state that any personal data being lost, stolen, or changed can be considered as non-compliance and the fines for such breaches can be up to €20 million ($23 million) or 4% of annual global turnover.

GDPR defines personal data as any information which is related to an identified or identifiable natural person. This means any information that would individually or collectively allow you to identify someone directly or indirectly: a name, address or location data, identification number, commercial identity, IP address, etc. are personal data.

Failure to follow GDPR guidelines comes with hefty financial penalties and can risk future grants and EU funding. GDPR requires that you don’t store or transfer data through countries outside the European Economic Area that do not have equivalently strong data protection standards. Those data residency requirements also apply to cloud providers with data centers around the world.

At present only 11 countries satisfy GDPR requirements and the United States, where 67% of all cloud services are headquartered, does not meet GDPR requirements. At present, there’s no existing international regulations that guarantee sufficient data security and data protection. As such, companies from the EU should choose a cloud provider that is based in the European Economic Area and does not belong to a company from the USA. Currently, US government agencies can use the Patriot Act to gain access data even if it is stored exclusively in Europe.

EU regulations regarding data protection in H2020

  • EU research and EU projects like H2020 must comply with GDPR regulations.
  • GDPR requires that you don’t store or transfer data through countries outside the European Economic Area that do not have equivalently strong data protection standards.
  • The United States doesn’t currently meet GDPR requirements.
  • Only project management tools based and hosted in Europe can guarantee full compliance with GDPR.
  • EMDESK provides a fully compliant and secure project management software tool hosted, developed and based out of Germany.

You can see more information about EU regulations regarding security at:

Security you need through EMDESK

Switching from US based management platforms to a project management software like EMDESK, which was developed and is hosted in Germany, can provide your H2020 and EU funded research the security it needs. Additionally, cloud based solutions for calling and sharing like Skype are extremely prone to malware and record your conversation history on your device. This means that the history of your conversations can be compromised if a participant’s phone or computer is stolen.

EMDESK is hosted with the Open Telekom Cloud (OTC) to ensure the highest infrastructure security. OTC is one of the most secure and modern cloud data centres in the world. Its infrastructure is operated in Deutsche Telekom’s highly secure twin-core data centres in Magdeburg and Biere, Germany, as well as data backup. All services are strictly regulated and are regularly checked and certified by independent institutions. Additionally, OTC’s data processing is strictly regulated by the German data protection act and compliant with GDPR which is certified in accordance with the Trusted Cloud Data Protection Profile (TCDP) 1.0.

Not only is EMDESK a secure, European project management software solution, it allows participants to streamline communication onto a single platform; saving time and allowing participants to focus on their research.

Current security challenges

  • Getting all participants to use a single, secure, EU based network for collaborative projects.
  • Access to secure communication tools that allow participants to chat, comment, and share data in real-time.
  • Reporting, budgeting, reporting, events planning, and sharing information that’s classified or uses personal data in a secure manner.
  • Maintaining an easily accessible, but secure place to store documents.

EMDESK project management solutions

  • Providing a single cloud based project management tool solution for Horizon 2020 and other EU funded projects with enterprise level security.
  • Fully customisable tools that allow for reporting, budgeting, reporting, events planning, and sharing information with different levels of access rights on a secure platform that gives instant overviews and allows users to share and comment in real-time.
  • A fully secure and searchable document repository with varying levels of access and rights.

This article is written by Yvonne Osborn

EMDESK & data security

Security and confidentiality are our highest priority. EMDESK is designed from the ground up with security in mind. We put enterprise class security measures in place with strong technical, logical, and legal precautions to protect your data from loss or unauthorized access. To learn more about how EMDESK can provide the necessary security for your collaborative project contact us or find more information here.

Subscribe to our Newsletter to get updates and expert insights straight to your mailbox.

Stay informed

Updates and expert insights straight to your mailbox