The information available on the UMID DNA database is protected by privacy laws and is not shared with any individual. It is strictly available for matching the deceased’s unclaimed body with the claimant and no other purpose. Once a match is successful, the information related to that individual is removed. No names are revealed during the match and the data is stored in an encrypted server with limited access.
Strict Access Controls
Strict access controls are implemented to ensure that only authorised individuals or entities can access the DNA database. This includes implementing strong authentication mechanisms, role-based access controls, and monitoring access logs for any unauthorised activity.
Encryption
The genotypic information stored in the database is encrypted to protect it from unauthorised access in case of a data breach or unauthorised access. We utilize strong encryption algorithms and regularly update encryption keys to maintain security.
Anonymization and De-identification
The genotypic information is made anonymous to remove personally identifiable information from the dataset. This helps protect individuals’ privacy by making it difficult to link genetic data back to specific individuals.
Informed Consent
Informed consent is obtained from claimants/investigating officer before collecting and storing their genotypic information in the database. The purpose of the database, how the data will be used, and any potential risks or implications for individuals’ privacy is clearly communicated to the claimants/ investigating officer when taking consent.
Data Minimization
Only the minimum amount of genotypic information is collected and stored that is necessary for the intended purpose of the database.
Regular Audits and Compliance Checks
Regular audits and compliance checks are conducted to ensure that the DNA database adheres to applicable privacy regulations and industry best practices. This includes reviewing access logs, data handling procedures, and security controls to identify and address any potential vulnerabilities or risks.
Transparent Policies and Procedures
Transparent policies and procedures regarding the collection, storage, and use of genotypic information are maintained in the DNA database. These policies are communicated to the investigating officer when the information and consent is being collected.
Security Awareness Training
Security awareness training is provided to all staff members with access to the DNA database in order to educate them about the importance of protecting individuals’ privacy and the potential risks associated with mishandling genotypic information.
Ethical Oversight
An independent ethical committee in AIIMS New Delhi and other participating centres reviewed and approved research project. All research conducted using the database adheres to ethical standards and respects individuals’ privacy rights.