RIVM stands for a healthy Dutch population in a sustainable, safe and healthy environment. The work that RIVM does is based on legally mandated tasks, by means of independent scientific research. Examples include research on:

• immunity
• vaccinations
• behaviour
• classification of pathogens
• physical and mental health
• healthcare

In that context, researchers and scientists at RIVM may make use of:

• data from existing records
• data from surveillance systems
• data from patient files
• data that they actively collect from people taking part in a study

What is in this privacy statement?

• Whose personal data RIVM uses
• What RIVM means by monitoring and surveillance
• Why RIVM uses personal data
• The types of personal data RIVM uses
• How RIVM gets personal data
• How long RIVM retains personal data
• Whit whom RIVM shares personal data with
• Your rights if we use your personal data

When is this privacy statement relevant to you?

• If you are or were a participant in an RIVM study or surveillance project. RIVM does a lot of research and surveillance projects related to infectious diseases whit active participants. Examples include research on:
  • vaccine effectiveness
  • the impact of lifestyle on infectious diseases, such as sexually transmitted infections
  • possible animal-human transmission of infectious diseases, such as bird flu
  • social science research on participation in screening programmes 
    When you actively take part in a project, you will receive information about the project and about the use of your personal data.
• If you gave your consent to the Municipal Public Health Service (GGD), your general practitioner (GP) or a care provider to share your data with RIVM for research purposes. In that case, you have probably already received information about the project and about the use of your personal data from that organisation.
• If you are a carrier of antimicrobial-resistant bacteria, or if you have or had an infectious disease with high-impact consequences and a major risk of spreading, such as measles. Doctors are required to notify the Municipal Public Health Service (GGD) of any cases involving these infectious diseases, and RIVM conducts research on these infectious diseases. In that case, RIVM processes your data without your prior consent.

Other situations in which this privacy statement may be relevant to you:

• RIVM conducts research on the effectiveness and impact of vaccination programmes. Are you taking part in a vaccination programme? Then your data may be used for this purpose. You can find more information in the privacy statement of the vaccination programme.
• RIVM also conducts research on information, discussion and perceptions in the public domain, such as on social media and news websites. When an online platform offers options for data access, RIVM may request data and use it for scientific research. These types of research are about overall content, not individual people. After receiving data from such sources, RIVM immediately deletes any data (such as names) that can be directly traced to an individual.

What does RIVM mean by surveillance and monitoring of infectious diseases?

In order to safeguard public health, RIVM collects data on infectious diseases on a daily basis. RIVM uses the data to investigate trends and identify outbreaks of disease in time. Data collection and analysis in a systematic and scientifically sound manner is called monitoring.

In surveillance of infectious diseases, RIVM collects, analyses and interprets data and then reports on the presence, spread and severity of infectious diseases in a systematic manner. RIVM also uses data to identify risk factors and risk groups, research the effects of measures, and determine which measures work best for infectious disease control. This helps to draft and deploy appropriate measures for infectious disease control.

RIVM is currently conducting surveillance on about 70 infectious diseases. RIVM collects and analyses data about infectious diseases on behalf of the Ministry of Public Health, Welfare and Sports (VWS) and Municipal Public Health Services ([ignoren]GGD's[/ignore]), among others.

Why does RIVM use personal data?

RIVM uses personal data to conduct research for the purpose of preventing and controlling infectious diseases. Examples may include:

• Mapping the presence and severity of infections
• Gaining insight into how the immune system works in responding to infectious disease
• Data-based research on vaccine effectiveness, for example in people who have a chronic illness
• Research on how behaviour affects communicable health conditions
• Evaluation and monitoring of vaccination programmes
• Gaining insight into the opinions and actions of healthcare professionals

What types of personal data does RIVM use?

The general privacy statement of RIVM offers a definition of personal data.

The types of personal data used by RIVM for surveillance and research depend on the infectious disease, the target group covered by RIVM surveillance, and the research question of the study.

Examples of the types of personal data used by RIVM include:

• Contact details, for the purpose of contacting you
• Your name and signature on consent forms, as proof that you voluntarily took part in the study
• Demographics, such as your age and education, in order to place the research data in context and understand it better
• Research data: data collected by researchers during the study, for the purpose of answering the research question or achieving the research objective. This may include data about:
  • Health or lifestyle
  • Sexual orientation
  • Gender identity
  • Migration background
  • Birth control use
  • Birth country and parents’ birth country
  • Travel history
  • Birth month (for children under 2 years)
  • Full postcode (only for Legionella infections)
  • Samples of bodily material

RIVM always carefully reviews which personal data is necessary, and does not use more data than needed. RIVM also takes appropriate measures to protect your data. For that reason, RIVM works with pseudonomised or anonymised personal data wherever possible for monitoring, surveillance and other scientific research.

Working with pseudonomised personal data means that RIVM cannot trace data directly to an individual. Traceable data is replaced by encrypted data, or left out. It is only possible to see where the pseudonomised data came from by using the right key, or providing additional data.

When personal data is anonymised, RIVM does not have any data or information that can be traced to an individual. 
It is very important to RIVM that we treat your personal data confidentially and carefully. Since RIVM is an independent agency of the Dutch government, we have to follow the Government Information Security Baseline (BIO). This information security framework is the national standard for municipal authorities, provinces, water boards and the central government.

RIVM makes every effort to secure and protect personal data, for example by encrypting personal data and providing good security for our computers. We also ensure that not all employees have access to all personal data. In addition, all RIVM employees have a duty of confidentiality. They get training courses, presentations and explanations on privacy and information security, so that they always know how to handle personal data safely and carefully.

Profiling

RIVM does not use profiling. Profiling is the automated analysis of large volumes of personal data in order to group it into categories (profiles). These profiles could then be used to take automated individual decisions. This means that a computer could make a decision that affects you, without that decision being reviewed by a human.

How does RIVM obtain personal data?

How RIVM obtains the data varies depending on the study. A few examples:

• RIVM receives your personal data from professional care providers, such as your GP. You must give your consent for that in advance, unless the care provider is legally required to give your personal data or if a legal exception to obtaining consent applies.
• RIVM gets personal data from participants. They sign up to take part in the study, after the researchers have informed them about the study.
• RIVM receives your personal data from the Personal Records Database (BRP), if that is permitted by law – for example to send invitations for the HPV vaccination from the National Immunisation Programme. This is a legally mandated task for RIVM.
• For the purpose of infectious disease surveillance, RIVM receives pseudonomised personal data or anonymous data about people who have an infectious disease. RIVM receives data from:
  • universities
  • hospitals
  • research institutes
  • Netherlands Comprehensive Cancer Organisation (IKNL)
  • Statistics Netherlands (CBS)
  • Municipal Public Health Services (GGDs)
  • Netherlands Food and Consumer Product Safety Authority (NVWA)
  • nursing homes
  • laboratories (including medical microbiology laboratories)
• Nivel monitoring stations send personal data to RIVM about people who have a respiratory infection. These people gave consent for their GP to share the data.
• For patient diagnostics, hospitals send personal data to RIVM to support a diagnosis. The data can then be used for surveillance. However, the data is then pseudonymised before use.

How long does RIVM retain personal data?

How long RIVM retains your personal data depends on the purpose for which RIVM collected your personal data.

In the context of a study in the public interest, RIVM retains personal data for ten years after the end of the study.

In the context of surveillance in the public interest, RIVM retains personal data for twenty years after the end of the surveillance. However, most surveillance programmes do not come to an end. That means that RIVM retains data from most surveillance for an indefinite period. RIVM does so because it is important to investigate trends and developments over longer time periods.

RIVM retains your data to ensure that the research can be repeated. RIVM never retains more data than necessary for this purpose. All non-necessary data is deleted by the researchers as soon as possible, or anonymised.

RIVM does not retain your contact details for longer than necessary. The researchers usually delete contact details earlier than research data.

Whit whom does RIVM share personal data with?

In some cases, RIVM may want or need to share personal data with other organisations. If RIVM does so, it is shared with all due care. RIVM is compliant with the GDPR and other relevant legislation. Your data is never leased or sold.

Data that RIVM collected for scientific research for the purpose of infectious disease control may be shared with:

Research partners

For the purpose of joint research, RIVM shares data with research partners. RIVM only does so if there is a legitimate reason for sharing the data. RIVM makes agreements to protect the data. Examples of research partners include:

• hospitals
• universities
• research institutes
• care institutions
• Statistics Netherlands (CBS)
• laboratories

RIVM and its research partners may conduct research or surveillance with the data that they share. The data is pseudonomised. This means that RIVM and its partners do not share any data that can be directly traced. RIVM does not always need your permission for this. If it involves data about your own treatment, you can notify your own doctor, hospital or care institution about whether your data may be shared.

RIVM may commission other organisations to conduct parts of a study. The organisations that process personal data as commissioned by RIVM are called ‘data processors’. RIVM makes agreements with these processors to protect the data. These agreements are laid down in writing in ‘data processing agreements’.

RIVM reports to the Minister of Health, Welfare and Sport (VWS) about infectious diseases. In that context, the researchers combine and aggregate the results, so the Minister is not able to trace the data back to individuals. The Minister uses the information to take appropriate measures to control infectious diseases and to prevent others from contracting these diseases.

Researchers in the Netherlands and internationally

RIVM uses personal data for scientific research for to control infectious diseases. If RIVM shares your data for scientific research, RIVM always reaches good agreements with the other organisations. Together, we make sure that your privacy is protected – for example, by anonymising data before RIVM shares it. This ensures that the researchers who receive the data do not know who the individual participants were.

Requests from external researchers usually first have to be approved by a multidisciplinary review committee. RIVM is not permitted to share data for research purposes until after approval. In that context, the review committee pays specific attention to whether data is used for a very different purpose than the reason why it was collected. The review committee also checks that the research promotes public health and is not used to earn a profit.

RIVM sends reports about infectious diseases and antimicrobial resistance to the European Centre for Disease Prevention and Control (ECDC). The ECDC uses that information to monitor trends in infectious diseases, and to assess policy at a European level. The data provided to the ECDC cannot be traced back to individuals.

In the event of an impending international outbreak of an infectious disease, RIVM is required to send reports of confirmed cases to the World Health Organisation (WHO). In these reports, the data that RIVM gives the WHO is anonymised wherever possible.

If RIVM needs to send data outside the European Economic Area (EEA), RIVM takes appropriate measures.

Your privacy rights?

Under the GDPR, you have a number of rights. The general privacy statement outlines the rights that you have when your personal data is processed. It also explains how you can send a GDPR request to exercise your rights.

There are a number of exceptions to your ability to exercise your rights:

• If you request deletion of your data, RIVM may make an exception and deny your request. It may be necessary to retain data for scientific or historical research or for statistical purposes. The public interest of these activities may take precedence over the individual right to deletion of data.
• If you request deletion of your data or object to processing of your data, RIVM may make an exception and deny your request on the grounds of public health and safety. In such cases, cessation of data processing or deletion of data could jeopardise very important surveillance activities. This is also stated in the Public Health Act (Wet publieke gezondheid).

More information about using your privacy rights is available on the website of the Dutch data protection authority, Autoriteit Persoonsgegevens (AP).

Any questions?

After reading the privacy statement, do you still have questions about how RIVM uses personal data? You may find the answer in the general privacy statement of RIVM.

If you have any questions about this privacy statement, or think that RIVM is not respecting this statement, please send an email to AVG-RIVM@rivm.nl.

Would you like to file a complaint?

Read more about the complaints procedure at RIVM and how to file a complaint: Complaints | RIVM.

You can also send your complaint to the Data Protection Officer (DPO) of the Ministry of VWS: FG-VWS@minvws.nl by sending an e-mail to: FG-VWS@minvws.nl.

Under the GDPR, you may also send a complaint to: Autoriteit Persoonsgegevens (AP), the Dutch data protection authority.

Our privacy statements may be subject to change

Laws and regulations about privacy change regularly. For that reason, this privacy statement and the general privacy statement may be subject to change. We recommend that you read these privacy statements again from time to time. This means that you will always know how we are using your personal data.