...
| Service | Data type | Retention period |
|---|---|---|
| Patient information | 42 days + 6 months of no user interaction with patient or its searches: the patient is anonymised by replacing the patient ID with a random string and the birth date with birth year. Patient is no longer accessible by any organisation, except for WMDA admins. |
| Search results information | Search result are removed when the patient is "inactivated" (set to the "STP" status). Statistical data regarding number of search results and type of search are retained for analysis purposes. | |
| Encrypted message contents for non-retrieved messages | Messages are available for retrieval for 90 days. After that they are marked as "retrieved" and handled as such. See below for information on retention and destruction information on "retrieved" messages. |
| Encrypted message contents for retrieved messages | In order to facilitate recovery of retrieved messages, these messages are retained for 72 hours after retrieval. | |
| Logs regarding message sending and retrieval | Logs containing meta information on messages, such as the sending and receiving organisation and validation information. Data may be retained for up to 2 years. |
Security Measures:
WMDA employs state-of-the-art security measures to safeguard the stored data against unauthorized access, disclosure, alteration, or destruction. The organization is committed to maintaining the confidentiality and integrity of user information, utilizing encryption, access controls, and regular security assessments.
...