The degree of disruption in research using personal data and associated biospecimens caused by the limitations and prohibitions of the GDPR - with its problematic and, in many cases, ill-considered application to secondary research uses of personal data - has unnecessarily complicated the operation of research biobanks and associated data, without appreciably improving privacy protections afforded the human sources of those biospecimens and data.

Can these issues be addressed through regulatory guidance in order to allow important scientific research to continue?  

This article by my US-based colleagues provides some interesting perspectives.