Data protection regulations affect the daily work of Cochrane Group staff, including:

• How you store and use personal data
• How you communicate with people

Our commitment:

• We regularly review our policies to ensure that our central communications and IT infrastructure are data protection compliant
• We have appropriate technological and organisational measures in place to protect the personal data of all staff, contributors, members and supporters – where these are stored in our central storage systems

Your responsibility:

Key areas of Cochrane Group work involve processing personal data. To ensure that we comply with data protection legislation:

• Everyone involved with Cochrane should have a Cochrane Account. By signing up for a Cochrane Account, people agree to us storing and processing their data. People can also view and edit their own personal details and communication preferences
• Everyone with whom we communicate should have opted in to receiving communications
• Personal data should not be kept without legitimate reason and unnecessary data should be deleted
• Personal data should be stored in Cochrane's central storage systems (such as Editorial Manager or Engage), which are regularly backed up and secure (accessible only to those with permissions). Data in central storage systems are Cochrane’s responsibility
• If the central storage systems are not suitable for your group's use of personal data, your group is legally responsible for securely looking after this data and complying with all applicable data protection rules
• Personal data should not be shared via email, or with third parties

If you have any questions about this or need further assistance, please contact the Cochrane Support Team: support@cochrane.org