The confidentiality of the patient data stored in the Registry is of paramount importance to the EBMT and procedures are in place to ensure the data is transferred and stored with the highest possible level of security.
In addition to the above, the transfer or storage of confidential patient data must abide by the law in each country.
As the EBMT is registered as a Dutch foundation, Dutch law applies to the EBMT and we abide by the implementation of the European Union (EU) directive (95/46/EC), regulating how personal data is to be handled, through the Dutch application of this law.
The law regulating transfer of data within the EU does not cover countries outside EU/EEA (European Economic Area), and the EBMT must ensure that centres lying outside this zone agree to conform to the EU law as stated above. The Registry retains the right to request that centres lying outside the EU/EEA return the completed European Union Regulations statement on data protection.
The law requires that the patient consents to the data being transferred to the EBMT. In addition, if the centre intends to forward data, either directly or through the EBMT, to countries located outside the EU/EEA, they must ensure this is explicitly stated in the patient consent form. It is the centre’s responsibility to ensure that the patient has consented before data is forwarded to the EBMT.
Please consult the reference documents listed below:
Consent form for data registration with the EBMT
Data Confidentiality presentation H. J. Van der Wijk, EBMT 2014