MSN Research Directory Web Application

Personal Data Protection Notice

Background to MSN Research Directory

  • The MSN Research Directory is an ethically approved clinical quality registry containing patient data collected for the express purpose of contributing to improved patient treatments and outcomes
  • The MSN Research Directory is funded by an independent non profitable organization XXX Association. The aim is to improve patient care.
  • The collection, use, disclosure and access to data are all conducted in accordance with legal, ethical and national best practice guidelines

MSN Research Directory compliance to Personal Data Protection Act

1. General, Notice & Choice, Disclosure Principle
  • Data submission to MSN Research Directory is a voluntary basis
  • The MSN Research Directory has been approved by Ethics Committee
  • All the relevant MSN Research Directory approved ethics documents, forms and policies are available on the MSN Research Directory website by authorized users
  • Open and transparent management of personal information
  • Patient consent to participation is required
  • MSN Research Directory collects data for statistical purpose non-commercial purpose. The processing is necessary for purposes of medical treatment, is carried out by a medical practitioner or a medical treatment institution, and an adequate level of protection of personal information is ensured
2. Open and transparent management of personal information
  • The MSN Research Directory website provides the MSN Research Directory Office contact details in the event of questions, concerns and complaints about the MSN Research Directory.
  • States that the MSN Research Directory is not permitted to identify patients by law and that, to maintain absolute security and confidentiality, anyone wanting to use any of the data from the Registry will be required to obtain the approval in accordance to data request guidelines as stated in the website.
  • The MSN Research Directory Centre Participation in the Registry's Consent form addresses the policy and guideline for the participating to abide by. They have the ultimate responsibility for appropriately collecting and maintaining the MSN Research Directory data, including ensuring privacy and confidentiality of their own patient's data.
  • All personal information is kept strictly confidential: all data will be anonymised and aggregated in any presentations or publications and no patients or hospitals will be identified by name in reports.
  • User will need to read through and accept the Information Security Policy and Security Practice Guideline during their first time login in order to ensure their responsibility to safeguard patient data.
3. Anonymity and pseudonymity
  • Anonymity is preserved in the way that the data are used e.g. reports, presentations.
  • Patients can withdraw from the registry at any time, with just an ID code remaining in the system.
4. Collection of solicited personal information
  • The MSN Research Directory collects personal health information (name and identification number are NOT collected) which is directly related to its functions and activities. The MSN Research Directory has all the appropriate ethics/governance approvals in place including approval of an opt-out/withdrawal process.
  • Data collection does not occur without prior ethics approval with local research governance.
5. Dealing with unsolicited personal information
  • Hospital staff can enter only required information on the eMSN Research Directory web application.
  • Hospital staff only enter follow-up data provided by the patient or their proxy.
6. Use or disclosure of personal information
  • The MSN Research Directory data are summarised to provide information that can inform clinical practice and policy in XXX disease related care. All data reported are de-identified and aggregated.
  • The MSN Research Directory team is guided by the MSN Research Directory Information Security Policy which outlines how data may be used and supplied.
  • Any persons wishing to undertake research using MSN Research Directory data need to submit a proposal for review by the MSN Research Directory Core Team Committee, as well as having appropriate ethical clearances. Data are only supplied to researchers, in approved studies, in a non-identifiable format.
  • An Authorisation List which is signed by Site Investigator / Head Of Department / Doctor in charge is submitted to the User Manager to setup login for the authorized personnel only.
  • The Site Investigator / Head Of Department / Doctor in charge need to inform the User Manager to deactivate a user's access once any user leaves the department.
  • All MSN Research Directory users are required to read through, accept and e-sign the Information Security Policy and Security Policy Guideline during their first time login prior to given access to the system.
7. Cross-border disclosure of personal information
  • The MSN Research Directory server and backups are maintained in a secured, state of the art data centre in Cyberjaya, Malaysia.
8. Quality of personal information
  • The MSN Research Directory Quality Assurance and Data Management Processes outlines the data verification processes employed by the MSN Research Directory.
  • MSN Research Directory conducts regular reviews of data completeness and discrepancies for determining case ascertainment. Data quality checks are also built into the MSN Research Directory Web application to ensure the quality of the data submitted.
  • Training centre staff in data entry and use of the MSN Research Directory Data Definition Dictionary takes place before any live data are entered. Site visits and data quality audits of randomly selected medical records are used to verify the accuracy of data collected by the MSN Research Directory. Centre users have been informed to ensure to enter only true and correct information, provide timely and accurate data and provide timely response to data query.
  • Information is provided in the MSN Research Directory annual reports on the quality of the aggregated, de-identified data in the registry e.g. proportion of missing data per field.
9. Security of personal information
  • The MSN Research Directory Information Security Policy, Personal Data Protection Notice and Privacy Policy provides guidelines for all security-related aspects for the registry.
  • MSN Research Directory data are collected via a web application that requires password access with varying levels of authority. The web application itself is protected by Secure Sockets Layer and the certificate shows the encryption details used.
  • The servers are maintained in a secured data centre with state-of-the-art facilities in Cyberjaya, Malaysia. Data centre security: Biometrics authentication for access to server storage area, CCTV, Pyrogen Fire Suppression System, Uninterrupted Power Supply. Besides that, the servers are also secured by server hardware and softwares such as firewall, Intrusion Detection System, Antivirus.
  • Personal information are encrypted and deidentified in the database.
  • All MSN Research Directory staff, IT vendor, statisticians and Management Committee members sign a Non-Disclosure Agreement whereby they undertake to maintain the confidentiality of any data that they access in the MSN Research Directory.
  • Centre Users can only access data for their own site. Each authorized user in the centre have their own user account and is accountable for their own logins. All activities in the web application are audited.
  • It is important to update MSN Research Directory Core Team whenever there is a change in your personal information like mobile number and e-mail address and centre's information like centre address.
  • If any staff who has access to MSN Research Directory web application has left your centre or should no longer access to your patient record, please inform User Manager to inactivate their access right accordingly or update MSN Research Directory whose access should be terminated.
  • Data are backed up on a daily, weekly and monthly basis. Business continuity plan is in place in the event the web application is down.
10. Access to personal information
  • The Registry Forms provides details on the demographic and XXX disease related diseases information entered into the MSN Research Directory (which stipulates that the data are available from their hospital record).
  • Anonymised personal details are reported by participating centres.
  • Patients may contact the centre which they received treatment from (which act as data custodian) about their data.
11. Correction of personal information
  • To ensure that any missing or discrepant data are corrected, the MSN Research Directory conducts regular data cleaning activities in consultation with the hospital staff.
  • A systematic data quality audit process is also in place.
  • All inaccurate information is amended by the site users when it is notified or becomes aware that particular information is incorrect.
  • An audit trail of web tool edits is maintained within the database.
  • Site Users can amend their personal details by updating their own User Profile page.
12. Data Retention
  • Softcopy data since beginning will be retained until the end of the registry conduct.
Send me back to Login page.
Contact Us | Privacy Policy | PDPA Policy
Copyright © since 2024 | Powered by Altus Solutions Sdn. Bhd.