Data management plan (2nd iteration)

TASK 51 Data Management Plan M1M2 with updates during project Julius Clinical Roche Ava UCL Takeda To ensure the most efficient exploitation of data generated in the project a Data Management Plan will be prepared and it will be updated throughout the project Existing experience will be maximally used for this The data management plan will contain A declaration of compliance with regard to national legislation relating to the rights of data subjects or the processing of genetic biometric andor health data depending on data type collected eg no genetic data is currently being considered for collectionThe name and contact details of the Data Protection Officer DPO as will be provided to data subjectsA description of the data that is processed and why it complies with the data minimisation principle for the purposes of the projectA description of which data will contain identified data with a rationale and which data will containpseudonymised data and the procedures which will be used to convert all data to pseudonymised data when migrated to the central data platform A description of the technical and organisational measures that will be implemented to safeguard the rights and freedoms of the data subjectsresearch participants A description of the security measures that will be implemented to prevent unauthorised access to personal data or the equipment used for processing those dataIn case personal data are transferred from the EU to a nonEU country it will be described how such a transfer will occur in accordance with Chapter V of the General Data Protection Regulation 2016679 GDPRIn case personal data are transferred from a nonEU country to the EU it will be described how such transfers comply with the laws of the country in which the data was collectedDetailed information on the specific data protection provided within the informed econsent procedures in regard to data processing How informed econsent forms and information sheets in language and terms intelligible to the participants are kept onfile They can be provided to IMI JU upon requestTo what extent profiling will be involved in the research and how in the cases that this occurs ethics issues will be addressed before the project will progressIn case of further processing of previously collected personal data we will describe how we safeguard that the concerned consortium member has a lawful basis for the data processing and that the appropriate technical and organisational measures are in place to safeguard the rights of the data subjectsWe will describe how we will screen our data processing activities for ethics risks including an opinion whether the projects uses cases should have an accompanying data protection impact assessment conducted under art 35 GDPR 2016679 Data will be made FAIR findable accessible interoperable and reusable and the DMP will include information on data handling data types methodologies and standards used which data will be shared eg via Open Access and how data will be curated and preserved including after the end of the project The consortium will determine whether the FAIR principles will be met using a deidentified data approach a pseudoanonymized data approach or a Personal Health Train approachAt two important points in time before first patient in and halfway through the study completion the DMP will be updated and maintained on an annual basis thereafter The DMP will be kept up to date with the needs of the action and as such be updated as necessary during its lifetime