IDDO legal and regulatory documentation

IDDO maintains a series of current documentation in compliance with the data protection regulatory landscape, in particular the EU General Data Protection Regulation (GDPR), UK Data Protection Act 2018 and the UK GDPR. These documents are available to access below.

Providing equitable and secure access to data

Good governance of data relies on an interlocking framework of ethics, legal agreements and regulatory compliance. As a global repository, IDDO is guided by principles of equity and responsible use of data. Through providing data infrastructure to enable research, IDDO looks to ensure that access to the benefits of data sharing and the direction of resulting research incorporate the knowledge and active participation of low- and middle-income countries (LMIC) partners. This approach rests in turn on achieving best practice in accordance with global regulatory compliance. 


Schematic showing stages in what happens to data: Data Privacy Impact Assessment box with Transfer Risk Assessment box underneath, both labelled ‘DPIA’. Main Data contribution box with arrow pointing to Terms of Submission, with boxes underneath labelled Technical and Organisational Measures, De-identifications Procedures, IDDO sub-processors. Main Data request box with arrow pointing to Data Access application, with boxes underneath labelled Data Access Guidelines, DAC Terms of Reference, Data Access Request Evaluation. This set of boxes is labelled ‘DAC’, and has an additional box labelled Conflict of Interest Policy. Main Data Transfer box with a Data Use Agreement box pointing to it, with further boxes below labelled Schedule 1, and International Data Transfer Agreement.
Schematic showing stages of data flow and relevant documentation

View our legal and regulatory documentation