...
Service | Data type | Retention period |
---|---|---|
| Patient information | 42 days + 6 months of no user interaction with patient or its searches: the patient is anonymised by replacing the patient ID with a random string and the birth date with birth year. Patient is no longer accessible by any organisation, except for WMDA admins. |
Search results information | Search result are removed when the patient is "inactivated" (set to the "STP" status). Statistical data regarding number of search results and type of search are retained for analysis purposes. | |
Logs regarding API and website use and associated error messages. | Up to 3 years. | |
| Encrypted message contents for non-retrieved messages | Messages are available for retrieval for 90 days. After that they are marked as "retrieved" and handled as such. See below for information on retention and destruction information on "retrieved" messages. |
Encrypted message contents for retrieved messages | In order to facilitate recovery of retrieved messages, these messages are retained for 72 hours after retrieval. | |
Logs regarding message sending and retrieval. Contains meta information on messages, such as the sending and receiving organisation and validation information. | Up to 3 years. |
Security Measures:
WMDA employs state-of-the-art utilizes standard security measures and encryption practices to safeguard the protect stored data against from unauthorized access, disclosure, alteration, or destruction. The organization is committed dedicated to maintaining upholding the confidentiality and integrity of user information , utilizing through the implementation of encryption, access controls, and regular security assessments. It's important to note that while these measures are industry-standard, no system is entirely foolproof. As such, we cannot offer absolute guarantees regarding the security of the data. WMDA cannot be held responsible for any breaches or data loss. You can contribute to the safety of the system by using strong passwords, proper device security and by not sharing your passwords.
Access and Rectification:
...