version | comment |
---|---|
20211112 | Added this tracking table |
20200626 | Created |
Sage receives requests to the Privacy Office through the distribution lists privacyofficer@sagebase.org and synapseinfo@sagebase.org. Requests can be categorized and handled according to the following:
Synapse account delete requests:
A Synapse account holder requests that their profile be sanitized. This can be handled by creating a new ticket in the IT Operations Jira space. A Synapse engineer will validate the identity of the requestor and complete the account sanitization process.Data subject amendment requests:
A research participant or data subject may request their representation in a data set to be changed or removed. The request must be recorded in a ticket in the Governance Jira space. The Synapse ACT will validate the identity of the requester and route the request to Synapse Engineers or the data contributor for execution. Depending on the privacy and integrity requirements of the project, accommodating the request may not be possible. If possible, the change should be made. The disposition of the request should be recorded in the ticket.
The requirements for amendments to the data of specific projects are recorded in data management plans or other procedural document appropriate for the project:
Project | Privacy request process |
---|---|
imCORE | |
GENIE |
Other privacy requests are handled based on the nature of the request. Common requests should be documented in this procedure.