Data Security Policy
1. Purpose and Scope
This policy describes the data security measures incorporated in RES-Q including the collection, use of, and access to, data, all of which are conducted in accordance with legal, ethical and national best practice guidelines or standards. These policies pertain to data collected as part of the RES-Q program. Other programs which are collecting data utilizing the RES-Q platform should have their own policy documentation, and that documentation is considered authoritative with regard to data collected for those programs.
2. Security Operating Principles
All security policies and procedures will comply with the necessary national and EU legislation pertaining to data protection and data privacy for clinical registries.
3. Data Housing
All RES-Q data processing and storage infrastructure is currently housed within the St. Anne’s University Hospital Brno (FNUSA) secure IT infrastructure. This infrastructure complies with all national legislation (Czech Republic) and EU legislation pertaining to the privacy, protection, and integrity of registry data. The current Data Custodian is the Stroke Program of FNUSA-International Clinical Research Centre (FNUSA-ICRC). The Data Custodian is responsible for the ongoing management of the RES-Q platform, including granting users access to the system, and providing data and reports to authorized parties. All entities acting as Data Custodian must adhere to these data governance policies.
4. Secure Transfer
All data associated with the RES-Q platform are transmitted in a secure manner, and only users with appropriate authorization are granted access after valid credentials have been provided. All RES-Q data which is transmitted electronically must be sent in a manner which is compliant with current best practice security principles. RES-Q utilizes Transport Layer Security (TLS) over HTTP (HTTPS) for network communication. All data transmitted to, or extracted from, the RES-Q platform must comply with principles of data minimization. Data minimization refers to collecting the minimum amount of personal data required for the stated research purpose. The RES-Q platform limits personally identifiable data to patient Age and Gender, all other potential identifiers, including, but not limited to, Patient Name, Patient Birth Date, Patient Address, or National Identification Number, must be removed prior to data being submitted to RES-Q. Hospitals and users of RES-Q are responsible and liable for all data which they transmit to RES-Q and must ensure compliance with all relevant national and international legislation pertaining to their institute.
5. Ethics and Privacy
All programs, hospitals, and institutions utilizing the RES-Q platform must have processes and procedures in place to ensure that the data collected meets with all relevant ethical and privacy standards. In addition, as RES-Q is housed within the EU and processes data from citizens of EU members states, the collection, storage, and transfer of RES-Q data will be compliant with Directive 95/46/EC of the European Commission prior to May 25th, 2018, and will be compliant with Regulation (EU) 2016/679 (commonly referred to as the General Data Protection Regulation, or GDPR) from May 25th, 2018 onwards. All RES-Q management and operational staff are familiar with, and obligated to comply with national regulations of the Czech Republic and EU regulations pertaining to data privacy and protection, as well as ethical conduct relating to human research.
6. Access to Information
All information stored in RES-Q, regardless of associated project, is confidential, and access to data is restricted based on user role. Users are required to reset their password immediately after account creation, and only cryptographic hashes of user passwords are stored on the server. The procedure for making a request for data by a third party is outlined more extensively in the RES-Q Data Request Policy. In summary, third parties require explicit approval of an authorized user, and a legitimate purpose which aligns with RES-Q’s stated purpose. Only anonymized or aggregate data can be provided to third parties once they have been authorized to receive the requested data.
7. Data Destruction
As RES-Q is operated as a registry with a purpose which is in the public interest, it is generally expected that data will continue to be stored in RES-Q in perpetuity. Data that is needed for processing should be exported and processed outside of the RES-Q platform. In the event that specific data within RES-Q must be destroyed, the RES-Q Data Custodian should be contacted directly. Destruction of data within the RES-Q platform will require a documented, legitimate reasons for the request. Foreseeable legitimate reasons would include, but are not limited to, data privacy violations, legislative changes, or specific participating program requirements.
8. Monitoring and Incident Response
The RES-Q development team will provide ongoing monitoring to ensure compliance with the Data Security Policy. Program Coordinators, National Coordinators, and Authorized Users are responsible for alerting the RES-Q development team regarding any potential or actual breaches related to this policy within 24 hours of becoming aware of the situation. Any breaches, including insecure data transfer, unauthorized access, or improperly sanitized data will be investigated and resolved in a timely manner.
Last Updated: May 25th, 2018