Data governance
We protect data by two distinct streams: governance of security and privacy, and governance of access to data. We have undertaken a Privacy Impact Assessment, which includes a review of the laws and ethical guidelines relevant to how we protect personal data, while an independent Data Access Committee manages and oversees all research applications to use data from the Ebola Data Platform in accordance with the Data Access Guidelines.
Governance of security and privacy
Based on the Privacy Impact Assessment, which identifies possible risks and appropriate measures to mitigate them, we have designed and implemented a data security model that meets the highest technical standards, ensuring that there are contractual measures in place to maintain the security of data and the privacy of those whose data are included. It describes the end-to-end processes involved for the Ebola Data Platform, its governance models and standard operating procedures.
Governance of access to data
Institutions who contribute data to the Platform are required to sign Terms of Submission which set out the responsibilities of both IDDO and the contributors. Researchers will be able to apply for access to the data by completing a Data Access Application Form which will be reviewed by the Data Access Committee. If the application is approved, those requesting data will be required to sign a Data Transfer Agreement before the data are sent to them.