IDDO legal and regulatory documentation

IDDO maintains documentation to ensure compliance with the global data protection regulatory landscape, in particular the EU General Data Protection Regulation (GDPR), UK Data Protection Act 2018 and the UK GDPR. Documentation available on request: email us at info@iddo.org

Infographic showing the IDDO data journey

 

Key legal and regulatory documentation 

IDDO Data Privacy Impact Assessment

This document records and demonstrates how IDDO embeds data protection by design and default into its data processing. While not required to complete a DPIA as a processor, IDDO maintains this DPIA as part of its data governance framework to achieve high standards, transparency and confidence in its handling of personal data
IDDO Terms of Submission

The IDDO Terms of Submission sets out the legal terms and conditions for submitting your raw data to the IDDO data platform. This document sets out licensing and governance terms, your obligations as a data contributor and our obligations as the data processor, your choices about how access requests to your data are handled, important details of our data curation processes, and other important information. 

Please do read the agreement carefully before submitting data to us and agreeing to the terms, together with our list of frequently asked questions. Email us at info@iddo.org for a copy of this document. 

IDDO Technical and Organisational Measures (TOMs)

The technical and organisational measures presented in this document are implemented by IDDO in accordance with GDPR. They are continuously improved by IDDO to ensure a level of security appropriate to risk in relation to latest best practice.
IDDO De-identification Procedure (Clinical Trials)

This document provides an overview of the data de-identification framework adopted by IDDO to preserve the privacy and data protection rights of the participants included in the research studies shared with IDDO.
IDDO Sub-processors

IDDO maintains a current list of approved Sub-processors who process data on behalf of IDDO and in accordance with the Terms of Submission. All IDDO Sub-processors pass a Third-party Security Assessment conducted with the University of Oxford Information Compliance Team.
IDDO Data Access Committee

The IDDO Data Access Committee (DAC) is an independent committee chaired by TDR (the Special Programme for Research and Training in Tropical Disease), on behalf of the World Health Organization. The DAC provides an indepenent decision-making mechanism to evaluate and decide on data access applications for IDDO-curated data.   

Key documents regulating DAC function include:

  • the DAC Terms of Reference. These set out the purpose, membership, eligibility, duties and other terms and conditions for the IDDO DAC. 
  • The IDDO Conflict of Interest Policy covers all members of the IDDO DAC, the IDDO Scientific Advisory and other governance committees, the IDDO secretariat, and any individuals working in an advisory capacity for IDDO. The policy sets out definitions of a conflict of interest, dispute resolution, and other matters relating to potential conflicts of interest. 
  • the IDDO Platform Data Access Guidelines set out the basis on which the IDDO DAC makes decisions on applications for data access. It sets out principles of access to data that the Committee works within, the process for approval and data access, and the points that the Committee considers when making a decision on applications. 

See our list of frequently asked questions for more information, and make a request for data for the particular disease data you are interested in via our research theme pages. Get in touch with us at info@iddo.org if you have any further questions or would like a copy of any of these documents. 

IDDO Data Use Agreement

This document sets out the basis on which the IDDO Data Access Committee makes decisions on applications for data access. It sets out principles of access to data that the Committee works within, the process for approval and data access and the points that the Committee considers when making a decision on applications. 

If you are considering submitting a data access application or working within the Data Access Committee, email us at info@iddo.org to request this document. Please also see our list of frequently asked questions.