A Data Protection Impact Assessment (DPIA) has been undertaken for this web-based portal
Submitting controller details
| Name of controller | Adam Holliday |
Step 1: Identify the need for a DPIA
| Explain broadly what project aims to achieve and what type of processing it involves. You may find it helpful to refer or link to other documents, such as a project proposal. Summarise why you identified the need for a DPIA. |
| This project is part of doctoral research programme to explore vision and pregnancy. Participants registration and data collection will be done through a web based portal. The data will be stored on a UK based hosted server. The project will be processing personal data which includes medical conditions and specific ophthalmic measurements, which we consider to be sensitive information. As part of the project, we will also be collecting a range of personal information which includes full name, date of birth, address and contact telephone numbers. |
Step 2: Describe the processing
| Describe the nature of the processing: How will you collect, use, store and delete data? What is the source of the data? Will you be sharing data with anyone? You might find it useful to refer to a flow diagram or other way of describing data flows. What types of processing identified as likely high risk are involved? |
| Collect: Scenario 1: Where the participant registers for the project – data is entered in to the online platform Scenario 2: Where the participant enters information at one of 4 data collection events via the online platform Use: The data is statistically analysed to determine if there are any correlations between vision and pregnancy. Store: The data will be stored within the UK at a cloud computing provider, providing the cloud computing provider has satisfied us that it has taken comprehensive steps with regards to data security, and there is a policy in place which prohibits the provider from selling the data or using it for a purpose other than contained within this DPIA. Deleted: The data will be deleted after the following have occurred: 6 months after the study ends. |
| Describe the scope of the processing: What is the nature of the data, and does it include special category or criminal offence data? How much data will you be collecting and using? How often? How long will you keep it? How many individuals are affected? What geographical area does it cover? |
| In addition to the personal information about the participant, we consider that the data is a ‘special category’ as it includes the general and ophthalmic information relating to the participant. The data will only be collected when the participant enrolls for study. We may amend the data collection forms time to time, but will at all times ensure that the range of data collected is proportionate, and is necessary only for providing this service and ensuring the safety and welfare of the participant. The study will run primarily in the Nottinghamshire area but with the potential extend nationally. |
| Describe the context of the processing: What is the nature of your relationship with the individuals? How much control will they have? Would they expect you to use their data in this way? Do they include children or other vulnerable groups? Are there prior concerns over this type of processing or security flaws? Is it novel in any way? What is the current state of technology in this area? Are there any current issues of public concern that you should factor in? Are you signed up to any approved code of conduct or certification scheme (once any have been approved)? |
| The relationship between the researcher and the participant is voluntary and the participants are able to withdraw from the study at any point. However, only process data which has been freely given will be processed. Participants, will actively consent to participation of the study and providing their data. Multiple vulnerability tests have been conducted on the online platform and there are no causes for concern on the findings. |
| Describe the purposes of the processing: What do you want to achieve? What is the intended effect on individuals? What are the benefits of the processing – for you and more broadly? |
| This is part of research study. The Benefit of processing/logging the data is to provide information on vision and pregnancy The study has been reviewed by ethics committees from the Institute of optometry, London South Bank University and IRAS (NHS) |
Step 3: Consultation process
| Consider how to consult with relevant stakeholders: Describe when and how you will seek individuals’ views – or justify why it’s not appropriate to do so. Who else do you need to involve within your organisation? Do you need to ask your processors to assist? Do you plan to consult information security experts, or any other experts? |
| The study has been reviewed by the ethics committees from the Institute of optometry, London South Bank University and IRAS (NHS). An open web application security project checklist has been completed – is widely identified in the security field as the security “standard” for web applications. |
Step 4: Assess necessity and proportionality
| Describe compliance and proportionality measures, in particular: What is your lawful basis for processing? Does the processing actually achieve your purpose? Is there another way to achieve the same outcome? How will you prevent function creep? How will you ensure data quality and data minimisation? What information will you give individuals? How will you help to support their rights? What measures do you take to ensure processors comply? How do you safeguard any international transfers? |
| We are satisfied that this data is being collected and processed for the intended purpose, which is no more than strictly necessary. We are further satisfied that the data collected is no more than strictly necessary, as the information collected is either personally identifiable information. Individuals are made aware that their personal data will not shared but the study data will be used as part of the research project. Where an individual makes a subject access request, this will be honoured in a timely manner and we will produce a PDF, of all the information which is stored about them. |
Step 5: Identify and assess risks
| Describe source of risk and nature of potential impact on individuals. Include associated compliance and corporate risksas necessary. | Likelihood of harm | Severity of harm | Overall risk |
| Storing personal information | Remote | Significant | Low |
| Storing health information | Remote | Severe | Low |
| Storing hashed and salted passwords of clinicians | Remote | Significant | Low |
| Remote, possible or probable | Minimal, significant or severe | Low, medium or high |
Step 6: Identify measures to reduce risk
| Identify additional measures you could take to reduce or eliminate risks identified as medium or high risk in step 5 | ||||
| None | ||||
Step 7: Sign off and record outcomes
| Item | Name/position/date | Notes |
| Measures approved by: | Adam Holliday | Integrate actions back into project plan, with date and responsibility for completion |
| Residual risks approved by: | Adam Holliday | If accepting any residual high risk, consult the ICO before going ahead |
| DPO advice provided: | Vogel Ltd | DPO should advise on compliance, step 6 measures and whether processing can proceed |
| Summary of DPO advice: | ||
| DPO advice accepted or overruled by: | Adam Holliday | If overruled, you must explain your reasons |
| Comments: | ||
| Consultation responses reviewed by: | If your decision departs from individuals’ views, you must explain your reasons | |
| Trained clinical saftety officer : Adam Holliday | ||
| This DPIA will kept under review by: | Adam Holliday | The DPO should also review ongoing compliance with DPIA |