From May 2018 the General Data Protection Regulation (GDPR) and UK Data Protection Act 2018 will govern the way that organisations use personal data. Personal data is information relating to an identifiable living individual.
Transparency is a key element of the GDPR and this privacy notice is designed to inform participants:
- who will process my personal information
- what information do we collect
- how we use the information we collect
- sharing your information
- keeping your data confidential and safe
- how to contact us if you have questions about the use of your personal data
Further information about the University of Cambridge data protection policy
Confidentiality, Data Protection and Ethics
Keeping data safe is of utmost importance to the EPIC-Norfolk researchers. All data are anonymised prior to being analysed for research, which means that information that can identify an individual is removed. Personal identifiable data, that we use to contact participants, are kept separate from the data that are used for analysis and safeguarded in line with current legislation and guidelines (including NHS organisations).
Safeguarding the rights of EPIC Participants
The rights and well-being of EPIC-Norfolk participants are protected, and procedures are closely monitored both internally by the University of Cambridge and externally by various governing committees such as the Local Research Ethics Committee and Confidentiality Advisory Group (CAG) of the Health Research Authority. These committees not only ensure that the rights of EPIC-Norfolk individuals are safeguarded but also assess the integrity and value of the studies research to both science and to society. These committees are informed of EPIC-Norfolk activities through annual updates, and approval is required before any changes to the study protocol can be made.