Document toolboxDocument toolbox

ACT Email Responses to Jira Tickets Generated through Synapse

Version

Summary

Version

Summary

09/01/2022

Added canned email response for Synapse compliance with GDPR

12/28/2021

Updated format to align with policy version tables

12/15/2021

Current version. Added version tracking table.

05/21/12021

Updated

Audience: Sage ACT

Below are canned email responses that can be used to respond to common Governance Jira tickets and/or questions. For instructions on how to create or edit canned responses, please review the steps outlined here. 

Table of Contents


Tips

  • When replying over emails to issues generated via a Jira ticket, we recommend including the ticket ID (ex: SG-1234) in the email subject so that it’s easy to connect the email thread with the ticket later on. 

  • CC act@sagebionetworks.org on all email correspondence for continuity in case you are out of office and cannot reply to an email.

  • As canned responses get updated, move the original question (row) to the ARCHIVE tab so that we can retain original Q&A.

Canned Emails

Synapse violation 

Hello,

I am reaching out to you on behalf of the Synapse Access and Compliance Team (ACT) regarding the violation you reported. You flagged data on this Synapse page [Link Page] as a violation of the Synapse Terms and Conditions of Use. 

Can you please provide additional information regarding the nature of the violation?

We appreciate your dedication to maintaining Synapse's security and compliance.

Thank you,

YOUR NAME, on behalf of the Synapse Access and Compliance Team

YOUR SIGNATURE BLOCK

Request for ACT to add data restriction

Hello,

Thank you for requesting that Conditions for Use be added to the Synapse project: [insert synID/project link]. A temporary lock has been placed on your project so that sensitive data cannot be downloaded by Synapse users.

Can you please provide some information about the data and how you would like data access to be restricted?

Thank you,

YOUR NAME, on behalf of the Synapse Access and Compliance Team

YOUR SIGNATURE BLOCK

Follow-up on a JIRA issue that hasn’t gotten a response (2nd email)

Hello,

I am following up on my previous email about [INSERT REASON; e.g., ‘your request for the addition of data restrictions to content on Synapse’]. If we do not hear from you by [DATE 5-7 days in the future] we will close the issue in our system.

Regards,

YOUR NAME, on behalf of the Synapse Access and Compliance Team

YOUR SIGNATURE BLOCK

Synapse Compliance with GDPR 

Hello,

Thank you for this question. 

Synapse supports compliance with applicable laws and regulations in a shared responsibility model.

Synapse is a data platform hosted on the AWS cloud. When acting as a Data Processor under GDPR, Sage is responsible for securing the data and establishing the appropriate data use governance mechanisms. A combination of technical and organizational security measures, policies, and governance processes are in place to protect the data. Data contributors, acting as Controllers under GDPR, are responsible for the personal data they provide to Synapse.

Synapse's privacy policy describes how we handle personal information on Synapse. Sage's DPO manages and oversees this and other policies that govern platform use and agreements that govern data access.

For more specific information regarding your use case, you can write to us at act@sagebase.org. Our Access and Compliance Team works with contributors to ensure the appropriate data governance structure is in place and in accordance with relevant regulatory frameworks.

Regards,

On behalf of the DPO and Synapse Access & Compliance Team