Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • data-sharing-decision-tree data-sharing-decision-tree
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 20
    • Issues 20
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 0
    • Merge requests 0
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Packages & Registries
    • Packages & Registries
    • Package Registry
    • Infrastructure Registry
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Wiki
    • Wiki
  • Snippets
    • Snippets
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • open-science
  • community
  • data-sharing-decision-treedata-sharing-decision-tree
  • Issues
  • #17

Closed
Open
Created Aug 26, 2021 by Cassandra Gould van Praag@cassagOwner

[new supporting resource] DPIA

The DPIA will be the governance review of our processes. Is this required and what should it describe?

Suggestion form Karen Melham in issue #14 that the open repository should not be the place where de-identification takes place. De-identification should be managed by the researcher (and their ethics) and handed over to the open repository for curation once already de-identified. Note however that XNAT is a very useful tool for the deidentification services we want to run (e.g. dicom strip). This makes a strong case for two XNATs (names TBC!): One as a researcher resource ("Research XNAT") and one as a public facing portal ("Public XNAT").

Q:

  1. What DPIA etc. does Jalapeño have in place? This will be equivalent to what we need for Research XNAT. Probably includes DMP.
  2. Do we need to have a secondary DPIA for Public XNAT? For the purposes of the DPIA screening, we can consider that this repository contains no identifiable information in most cases (as suggested by Karen Melham). "Edge cases" (e.g. where identifiable disease group) will still be protected under our DUA.
Assignee
Assign to
Time tracking