Privacy and Data Protection
The Dutch Transfusion Data warehouse is subject to Dutch and European laws and regulations, particularly so for the Dutch Personal Data Protection Act (Wet bescherming persoonsgegevens, Wbp). Dutch and English versions of the Wbp, the EU Data Protection Directive (2016/680) and Regulation (2016/679) can be downloaded from the 'Documents' section on the right hand side of this page.
We do our best to protect the privacy of the patient and the position of the contributing hospitals.
The identity of donors and patients are protected by 3 coding steps between the supplier and the receiver of the data:
Local encryption - the data supplier ensures data protection by pseudonymising the local patient number into a new, local pseudonym. The keyfile is stored by the data provider.
Central encryption - as an extra safety measure, the local pseudonym is recoded into a central pseudonym in the data warehouse.
Project-specific encryption - when data are being released to a researcher, the central pseudonym is recoded into a project-specific preudonym.
The DTD data are processed and stored by the department Datamanagement of the Julius Centre UMCU. This department is specialised in collecting, processing and providing (clinical) data, and offers:
- 3 servers
- restricted access
- regular back-ups
- firewall and anti-virus protected
The Project Management Team manages the access restrictions.
IT personnel has access to the infrastructure supporting the DTD: the hardware and software mentioned under 'Storage'.
The contact person of the data provider gets access to the data this specific provider supplied.
The DTD Project Team is granted full access in order to enable checking, cleaning, merging, supplying, maintaining and analysing the DTD data.