This document provides an outline of implemented security measures for protecting, processing,
storing, transmitting, deleting patient and user data in the Registry. The SITS International stroke
registry, often called “SITS Registry” is referred to just the “Registry” in this document.
Data Encryption
All data transmitted to and from the Registry is protected through strong encryption, utilizing industry standard protocols. This ensures that data is securely encoded during transmission, mitigating the risk
of unauthorized access by third parties. Within the database, personal data of both users and patients
is stored in an encrypted format. This means that sensitive information such as names, medical records,
and contact details are encoded into unreadable code, providing an additional layer of security against
unauthorized access or data breaches.
The encryption extends to various aspects of the system, including user and employee passwords,
communication protocols (such as HTTPS), backups, and the underlying code base. By encrypting these
critical components, SITS ensures that data always remains protected, whether it is being transmitted
over networks or stored within the system. This comprehensive approach to encryption helps
safeguard the integrity and confidentiality of the data within the SITS International Stroke Registry.
Application security
The data management system utilizes an enterprise-grade content system with security principles
including:
- Protection against SQL injection through object database usage
- Sanitized input to prevent malicious code entry
- Permission checks for every view or method accessed
- Advanced sandboxing for limiting browser-based vulnerabilities
- Automatic CSRF protection and clickjacking prevention
- Multi-factor authentication for all users
- Authorization ensures data access based on user roles, with patient data organized in a
hierarchical structure - Encryption of data transfer using HTTPS
- Logging of all actions performed in the registry
- Prevention of unvalidated redirects and forwards to external sites
- Protection against Cross Site Scripting (XSS)
- Edit checks prevent invalid data input from users by rejecting invalid data to be saved, e.g. data
format, out-of-range values, future date/time or inconsistent data across separate data forms - Limited support for out-dated web browsers and versions that are no longer officially
supported, maintained or receiving security updates from the browser vendor - User Authentication
By design, all user accounts in the Registry, including administrators, are using two-factor
authentication (2FA) for logging in to the application. The principle of 2FA is that it requires two pieces
(factors) of evidence to prove the user’s claimed identity, which adds an extra layer of security to the
Outline of data security in SITS Registry. Version 1.1. Dated 2024-04-17.
user account. This helps to protect against unauthorized access, especially in cases where passwords
may be compromised.
The 2FA code in the Registry is a one-time password, which means it will expire after use, or within a
certain time limit, or after a few failed login attempts. - User Access Control
Role-based access controls ensure that users only have access to data that aligns with their roles in
the Registry. Any requests for additional access must be approved by SITS operational staff.
Internal access to the Registry is determined by the Principle of Least Privilege, which means
personnel of SITS Coordination Office are given the minimum user rights necessary to perform their
task. - Data Storage Security
The Registry platform is hosted on a dedicated server in a hosting-centre sharing facility. The hostingcentre has high-level physical access control. The server is protected by software and hardware
firewalls. The server is managed using VPN tunnelling. Code base is only accessible through SSH
connection. Both SAN array storage and virtual machine disks are encrypted, additional data is
behind a second firewall – away from the frontend server. - Data Housing
The Registry data is housed within the European Union and is processed from countries within EU as
well as countries outside of the EU. Collection, storage, and transfer of data in SITS is compliant with
the General Data protection Regulation (GDPR) 2016/679 from May 25th, 2018, and the Swedish
national guidelines, laws, and policies. All SITS operational staff are familiar with and obliged to
comply with national regulations of Sweden and EU regulations regarding data privacy and
protection policy, as well as ethical conduct relating to human research. - Patient Data Handling
When patients’ data is entered into the Registry, each patient is identified by a Treatment File
Number (TFN), ensuring the accuracy and reliability of the data. This TFN serves as a local identifier
and pseudonym within the registry. The registry does not collect identifiable patient data, such as
date of birth, social security number, or name. Instead, SITS urges that each centre stores this
sensitive information separately from the registry itself, e.g. at the local/centre coordinator’s office
along with the TFN. This separation implies that no patient identification is stored within the registry
or accessible outside national borders, thereby safeguarding patient privacy.
The patient data recorded in the Registry is comprehensive and includes various information such as
demographics, medical history, treatments received, time logistics (e.g., admission, treatment,
imaging, discharge), clinical observations, laboratory results, and details about medications and
rehabilitation. We retain data only for as long as necessary and in compliance with relevant
regulations. When disposing of data, we ensure it is securely deleted to prevent unauthorized access,
and therefore, anonymized as no personal information is entered. - User Data Handling
All users of the Registry, including healthcare professionals and researchers, provide consent during
the application process for SITS and third parties to process their data. This user data typically
includes: - Name
- Email address
- Post address (work)
- Phone number (work)
- Mobile number (for login purposes only)
- Information about the hospital with which the user is associated
These user data elements are necessary for user authentication and management within the registry.
They enable SITS to ensure proper access controls and permissions, as well as to facilitate
communication with registered users regarding registry activities, updates, and other relevant
information. Users’ consent allows SITS to process and store this information securely, ensuring
compliance with data protection regulations. It also enables SITS to maintain a user database for
efficient management of registry access and usage. By managing patient and user data responsibly,
SITS aims to maintain the integrity, security, and privacy of information while facilitating valuable
research and improvements in stroke care. - Data Retention and Disposal
SITS complies with various obligations regarding data retention and destruction, including local laws, EU
regulations (GDPR), and contractual commitments to stakeholders.
SITS Retention Policy involves maintaining documents in a production environment accessible by
authorized users. Personal data is kept only as long as necessary for its intended purpose. Individuals
can request deletion if data is no longer needed, consent is withdrawn, or other specific circumstances
apply. - SITS Disposal Policy involves rendering information irretrievable by ordinary means.
SITS maintains a list of approved destruction methods for different types of information. Paper
documents are securely disposed of using designated containers picked up by authorized personnel.
Personnel of SITS Coordination Office are responsible for implementing and ensuring compliance with
the data management policy, and users must understand and adhere to it according to the terms and
conditions of Registry