You are using an unsupported browser. Please update your browser to the latest version on or before July 31, 2020.
close
You are viewing the article in preview mode. It is not live at the moment.
Home > Cochrane Staff > Data Protection > (1) What does Data Protection mean for Cochrane?
(1) What does Data Protection mean for Cochrane?
print icon
Ann Shackleton
Dec 06, 2024
views icon 2175
This document is for guidance only and explains the way in which Cochrane Collaboration discharges its obligations pursuant to the relevant data protection legislation but it is each Group’s responsibility to make sure it is compliant with the data protection legislation applicable to it and Cochrane Collaboration takes no responsibility for such Group compliance.

 

Data protection is all about keeping people’s personal data safe. It should also be clear to people what data we are holding about them, and why.

This guidance will explain how Cochrane manages its own responsibilities and how to ensure your Cochrane Group complies with data protection regulations.

 

(2) Best practice guidelines for Cochrane Groups

(3) Creating accounts and storing personal data

(4) Newsletters and mailing lists 

(5) Task emails and other non-marketing communications

(6) Training courses and events

(7) Checklist for Cochrane Groups

 

Introduction

 

The Cochrane Collaboration holds personal information about thousands of supporters and members all over the world. Cochrane has to comply with strict data protection legistlation to ensure the personal data of our supporters and contributors are kept safe. 


There are different rules about data protection in different countries. As an example, General Data Protection Regulation (GDPR) applies to personal data held on people in the UK and EU. It has seven basic principles which require that personal data must be:

  • Processed fairly and lawfully, in accordance with the rights of the data subject
  • Processed for specific purposes in an appropriate way
  • Adequate, relevant and not excessive in relation to the purpose
  • Accurate and up to date
  • Deleted when no longer necessary
  • Kept secure using technological and organisational measures
  • Not transferred outside the European Economic Area unless that country ensures adequate levels of protection for the rights of the data subject

 

Please note that this guidance only goes into detail about UK GDPR. However Groups should check if they also need to comply with local or international data protection regulations in addition to GDPR.

 

Important definitions:

Data are information stored electronically or on paper

Personal data include anything that can identify a living individual, such as a name, email address or IP address, or an opinion about that person

Data subjects are all living individuals about whom we hold personal data

 

Cochrane's Privacy Policy explains how we process personal data.

 

How Cochrane processes personal data

Cochrane's legal basis for processing these data:
Storing data in online storage systems and databases (such as our membership database (CRM), Editorial Manager or RevMan) Contract – the individual agrees that Cochrane can store and use their data when they create a Cochrane Account

Sending marketing emails such as central newsletters and event invitations

 Consent – the individual can choose whether or not to receive this information in their Cochrane Account profile
Sending workflow emails and other essential notifications Contract – when an individual takes on a role (such as Member or Author), Cochrane has a contractual right to store and use their data to give that person the information they need to carry out that role.

 

If you have any questions about this or need further assistance, please contact the Cochrane Support Team: support@cochrane.org

Feedback
0 out of 0 found this helpful

close button
scroll to top icon