Navigation
Forms and Documents for the ECFR
This page is under construction
Texts of the forms and documents included in the ECFR webpages for easy reference.
Documents needed for an application to your local/national data protection authorities for storing data on your local computer as well as exporting anonymous data to the ECFS:
ECFR Registration
ECFR Registration Terms
Software Security
ECFR Registration with the Danish Data Protection Agency
(original version in pdf format here)
Re. your request regarding the European Cystic Fibrosis Registry and the EU Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
The Danish Data Protection Agency can hereby confirm that the European Cystic Fibrosis Registry is governed by the Danish Act on Processing of Personal Data (Act No. 429 of 31 May 2000). The act implements Directive 95/46/EC on the protection of individuals with regard to the processing of personal data and on the free movement of such data.
The Danish Data Protection Agency can also confirm that the controller of the European Cystic Fibrosis Registry (Hanne Vebert Olesen) has obtained the necessary authorization of the Danish Data Protection Agency (file no 2007-41-0909). Hereby the European Cystic Fibrosis Registry complies with the legal and ethical security requirements for processing data for the purpose of carrying out statistical or scientific studies of significant public importance.
Yours sincerely, Camilla Daasnes
back to top
ECFR Registration Terms - Standard terms for a database for private research approved by the Danish Data Protection Agency
AUTHORISATION to process personal data (original version in pdf format here)
The Data Protection Agency hereby grants authorisation for the implementation of the project, cf. section 50(1)(i) of the Danish Act on Processing of Personal Data. In this connection, the Data Protection Agency lays down the following terms:
General terms
Period of validity: The authorisation is valid until September 1, 2015
1. Hanne Vebert Olesen is responsible for compliance with these present terms.
2. The data can be used for the implementation of the project only.
3. Processing of personal data must be performed only by the controller or at the instance of the controller and at his responsibility.
4. Any person processing personal data must be cognizant of these present terms.
5. The terms must be complied with also where processing is made by a data processor.
6. Facilities used for storage and processing of the data must be organized and fitted up in order to prevent unauthorized access.
7. Data processing must be organized in such a manner that data are protected against accidental or unlawful destruction, loss or impairment. Furthermore, the necessary control should be exercised to ensure that no inaccurate or misleading data are processed. Inaccurate or misleading data or data processed in contravention of the above Act or of these terms shall be rectified or erased.
8. Data must not be kept in a form that makes it possible to identify the data subject for a longer period than is necessary for the implementation of the project.
9. If results from the project are published this must be done so that it is impossible to identify individual persons.
10. It is a condition compliance is made with related terms, if any, laid down in accordance with other legislation.
Electronic data
11. Identification data must be encrypted or replaced by a code number or the like. Alternatively, all data can be stored encrypted. Encryption keys, code keys etc. must be stored securely and separate from the personal data.
12. Access to project data can be obtained only through the use of a confidential password. A password must be replaced at least once a year and when conditions dictate it.
13. If data identifying individuals are transferred over the Internet or other external network, the necessary security measures must be taken to ensure that the data do not come to the knowledge of any unauthorized third parties. As a minimum, the data must be encrypted during transmission. Transmission of sensitive personal data requires strong encryption. When using internal networks, it must be ensured that unauthorized persons are unable to obtain access to the data.
14. Removable storage media, safety copies of data etc. must be stored securely and under lock and so that unauthorized access is prevented.
Manual data
15. Manual project material, including print-outs, failure lists and control lists etc., as well as other material which may directly or indirectly be linked with specific persons, must be stored securely under lock and so that unauthorized access is prevented.
Bio-bank and biological material
16. Samples with biological material and biological material in bio-banks must be stored securely under lock so that unauthorized access is prevented and in such a manner that it is ensured that the material is not lost, impaired or accidentally or illegally destroyed.
17. Biological material marked with civil registration number (CPR-no.) or name must be stored subject to special safety requirements.
18. The project material shall contain internal guidelines for storage of biological material and the guidelines shall be updated at least once a year.
Data to be provided to the data subject
19. Where the personal data are to be obtained from the data subject (through interviews, questionnaires, clinical or para-clinical examination, treatment, observation etc.), detailed data about the project shall be distributed/forwarded to the data subject. The data subject must be informed of the name of the controller, the purpose of the project and of the fact that it is voluntary to participate and that consent may be withdrawn at any time. Where the data are to be disclosed to be used for other scientific or statistical purposes, the data subject shall be advised also of the purpose of the disclosure and the recipient's identity.
20. The data subject shall furthermore be advised that the project is notified to the Data Protection Agency in accordance with Act on Processing of Personal Data, and that the Agency has laid down specific terms to be complied with for the project for the purpose of protecting the data subject's privacy.
Right of access to personal data
21. The data subject has no right of access to the data being processed with regard to himself.
Disclosure
22. Disclosure of data identifying individuals to a third party may take place for other statistical or scientific purposes only.
23. Disclosure may be made only subject to prior approval of the Data Protection Agency. The Data Protection Agency may lay down new terms for the disclosure as well as the recipient’s data processing.
24. Disclosure of data may furthermore take place if it appears from other legislation that the data shall be disclosed.
Processing by a data processor
25. The Data Protection Agency’s conditions shall apply also to processing made by a data processor.
26. When data are processed by a data processor, a written agreement shall be made between the controller and the data processor. The agreement shall stipulate that the data processor acts on behalf of the controller only and that the data must not be used for the data processor’s own purposes. The controller shall furthermore request sufficient data from the data processor to ensure that the Data Protection Agency’s terms can and will be complied with.
27. Where the data processor is established in another Member State it shall, furthermore, appear from the agreement that such other regulations on safety measures with regard to data processors that may be in force in the Member State in question, shall apply also to the data processor in question.
Changes of the project
28. The Data Protection Agency shall be notified of significant changes in relation to the project (in the form of a change to an existing notification). Less significant changes may be notified to the Data Protection Agency.
29. Changes, if any, of the final date of completion of the project shall always be notified.
Completion of the project
30. At the completion of the project at the latest the data shall be erased, be made anonymous, or be destroyed, so that subsequently it is not possible to identify individuals participating in the project.
31. Alternatively, the data may be transferred for further storage with the State’s Archives (including “Dansk Dataarkiv” - Danish Data Archives)
32. The controller shall inform the Data Protection Agency promptly when the project is completed and the data have been erased, made anonymous, destroyed or transferred to the State’s Archives.
33. Erasure of data from electronic media shall take place in such a manner that it is impossible to recover the data.
34. (Special terms for tests/ trials, etc.) After the completion of the project, data regarding the individual person may, however, if requested by an authority or if to comply with the GCP rules, be kept for the period of time required. A list of participating individuals can be kept as well for the same period of time.
Transfer of data to third countries
35. Transfer of data to third countries, including for the purpose of processing by a data processor and for internal application in the project, requires the Data Protection Agency’s prior approval.
36. Transfer may, however, take place without approval of the Data Protection Agency if the data subject has given his explicit consent. The data subject can withdraw his consent.
37. Transfer of data shall take place by courier or registered mail. In case of electronic transmission the necessary security measures shall be taken to prevent unauthorized access. As a minimum, the data must be safely encrypted during the entire transmission.
The above terms shall apply until further notice. The Data Protection Agency reserves the right to take up the terms and conditions for revision at a later date, if required.
back to top
Software Security
Software for European Cystic Fibrosis Registry (original version in pdf format here)
The software developed for yearly reporting is now ready. Here are some of the specifications that concern your local data protection regulation.
In order to keep the data anonymized at the server in Milano, we can only record as patient identifiers the center number, patient code, gender and date of birth for the individual patients. Since entering data on patients that are not easily identifiable/recognizable to the person entering the data entails a great risk of data error, we have supplied an encryption software. This software allows you to see the full name of the patient when entering the data, but only allows the patient code to be transmitted to the central database.
Set up:
1) The names and matching patient codes are stored at your local computer. This list is protected by your username and password. We recommend you get it installed on a hospital computer with daily backup, firewalls, virus protection etc. If on a personal computer make sure to do a daily backup on the list (file name ……), and of course this computer should be properly protected according to your national data protection legislation.
2) No clinical data are stored at your local PC, but obviously, people with access to username/password will have access to all data. It is therefore essential that you protect your password and change it at regular intervals.
3) Only the patient code and the center code will be transmitted along with the demographic and clinical data to the central data base in Milano. This means that if your list of matching codes and full names is lost it will be hard to retrieve the data identification. This can of course be done laboriously by matching lung function values etc, but the backup is very important.
4) The central data base in Milano is of course protected according to EU, Italian and Danish Data Protection legislation, both physically and technically, and backup is secured.
These specifications should be adequate for your application to your local data protection agencies. Please contact us if you need further information. As for the technical support on installing and running the program, this will be run through the help desk after you get your username and password.
back to top
Printer-friendly version