Applications for data from medical records, and applications where information from medical records is to be linked to register data must contain the following:
- Project description
- Description of the data extraction
- Order form
- Valid approval stating that the project is included in the register of the data controller. Documentation must contain at least the following information:
- Information about the data controller
- Information about the person in charge of the project
- Title of the esearch project
- Application deletion deadline, if possible
- Authorisation to retrieve data from medical records
Authorisation to retrieve medical records can be issued by the following:
- The patient, by obtaining informed consent for the retrieval of data from patient records from all project participants. Please note that you must include an example of the consent form in your application.
- The Danish Patient Safety Authority (only applies to projects that have applied for permission to retrieve records before the end of June 2020)
- The regional council of the region where the person in charge of the project works (after June 2020)
- A research ethics committee
- Projects that necessitate the retrieval of medical records in connection with quality assurance or the development of specific treatments and workflows. Projects like these can make use of §42 d, section 2, subsection 2 of the Health Care Act as a legal basis for obtaining data from medical records, provided that the retrieval is done by an authorised healthcare professional.
Please note:
The top administrative management of the specific treatment facility from which you are retrieving medical data must approve the retrieval of medical records.
The approval must be included in your application.