Skip to main content

Privacy notice: a cohort mortality study investigating the epidemiology of cancer after solid organ transplantation (the EPCOT study)

This privacy notice describes what we do with your personal information for the purposes of health and care research. It tells you what information we collect about you, how we store it, how long we retain it and who we might share it with.

By "health and care research", we mean research which serves the interests of society as a whole. This research follows the UK Policy Framework for Health and Social Care research.

It is important that you read this notice, together with any other privacy notice or specific information you may already have been given (for example, in participant information booklet/leaflets or any consent forms), so that you are aware of how and why we are using information about you.

Background and overview

1. Data protection law, including the Data Protection Act 2018, or any Act which replaces it, and the General Data Protection Regulation, sets out how personal data (personal information identifying someone) may lawfully be processed (collected, used and shared).

2. The University of Birmingham is registered with the Information Commissioner’s Office (ICO) which is the body that ensures that data protection law, including the Data Protection Act 1998, or any Act which replaces it, and the General Data Protection Regulation, is complied with by all those processing personal data. The ICO notification sets out the types of personal data the University of Birmingham processes and for what purposes. The University of Birmingham registration can be viewed at:

3. Details about your rights in relation to your data are set out on the University of Birmingham website.

This also explains how to ask any questions you may have about how your personal data is used, exercise any of your rights or complain about the way your data is being handled.

4. The Data Controller for the EPCOT study is the University Hospitals Birmingham NHS Foundation Trust. The Data Processor for the personal data processed in relation to the EPCOT study is the University of Birmingham.

The Data Protection Officer is:

Nicola Cardenas Blanco
Legal Services
The University of Birmingham
Edgbaston, Birmingham
B15 2TT

5. The University of Birmingham, as Data Processor of the personal data that is collected, must issue a Privacy Notice to clearly set out, how and why it is using personal data as well as what personal data is being used.

6. The University of Birmingham, as Data Processor of the personal data that is collected, must provide adequate fair processing information regarding the purposes for which, and the manner in which, the personal data will be processed.

7. For the purposes of the EPCOT study, the cohort (a group of individuals with shared characteristics) is defined as individuals (patients) who received a solid organ transplant in England between 1985 and 2017. The reason for the study is to investigate the long‐term outcomes of these patients, including the risk of developing cancer and increased risk in mortality, in patients who have had an organ transplant.

Data collected for the cohort

8. The purpose and legal basis for the processing of this cohort is to carry out research which we do in the public interest and processing is necessary for archiving purposes in the public interest, scientific or historical research purposes.

In particular the legal basis for the processing of this cohort is covered under GDPR article 6.1(e): Public task: “the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law”. Also since we are processing special category data (health data) this is covered by GDPR article 9.2(j): “processing is necessary for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in accordance with Article 89(1) based on Union or Member State law which shall be proportionate to the aim pursued, respect the essence of the right to data protection and provide for suitable and specific measures to safeguard the fundamental rights and the interests of the data subject”.

Further details are available under the General Data Protection Regulations (GDPR) article 6.1(e) and 9.2(j), which can be found on the ICO website: 

9. The data collected is individual level data consisting of data from the UK Transplant Registry (UKTR), Hospital Episode Statistics (information about hospital care and appointments) and civil registration (death) from NHS Digital, and the National Cancer Registration and Analysis Service (NCRAS, the cancer registry in England). The data from the UKTR and NCRAS is sent to NHS Digital (a trusted third party) and linked to identify patients who have received an organ transplant and have either been diagnosed with cancer, or not.

10. The data is pseudonymised, which means that any information which would enable an individual to be directly identified has been removed and replaced by a unique identifier (a large number). NHS Digital hold the key for the pseudonymised identifiers. NHS Digital will then confirm to the UKTR and NCRAS which patients are matched so that UKTR and NCRAS can extract the relevant health data from their datasets.

For patients identified as having an organ transplant and a cancer diagnosis, NCRAS will provide information about each patient’s tumour (such as date of diagnosis, stage and grade) as well as information about the cancer treatment they have received.

The data from UKTR and NCRAS will be shared with the University of Birmingham as de‐personalised data (with only a pseudonymised ID and direct patient identifiers removed). This makes the possibility, at the University of Birmingham, of linking the data back to an individual highly unlikely. We at the University of Birmingham cannot identify and contact the individual members of the cohort.

Under Article 17 of the GDPR individuals have the right to have personal data erased. However, removing information will limit our ability to conduct research. We are performing a task carried out in the public interest and processing is necessary for achieving purposes in the public interest, scientific or historical research purposes where erasure is likely to render impossible or seriously impair the achievement of that processing. 

Also, we are not relying on consent as the lawful basis for holding the data. For further details, please see the ICO website.

Purposes for data processing

11. The data from UKTR and NCRAS will enable an analysis of those patients who had a transplant and a diagnosis of cancer, in conjunction with those patients who had a transplant and NO diagnosis of cancer, to understand:

  • the risks of causes of death after a patient has had an organ transplant
  • survival after cancer in transplant patients
  • the risks of cancer after a patient has had an organ transplant
  • the risks of other conditions which require a hospital stay in transplant patients both generally, and in those who develop cancer after their transplant
  • the risk of developing cancer after an organ transplant using machine learning (predictions made by artificial intelligence, based on data)

12. The final research aim is to collaborate with the Standards Committee of the British Transplantation Society, with the goal to develop evidence‐based standardised clinical follow‐ up guidelines based upon the research findings. The results should facilitate more informed risk counselling, provide an evidence‐based resource for both healthcare professionals and patients, and support the design of clinical studies to trial tailored immunosuppression medications for solid organ transplant recipients who are considered at high‐risk for developing cancer.

How is the data stored?

14. The data will be stored at the University of Birmingham which is registered under the NHS Information Governance Toolkit (organisation code: 8HL72). The current version is 14.1 for 2017/18, organisation code 8HL72 (ASS/237997, score 76%).

15. The data will be stored on a file server in a locked, secure, specialised room with appropriate heating and ventilation. Access to the room is limited to UBHAM Information Technology personnel only with swipe card systems.

16. Access to the network is by a secure password.

17. All staff members are required to sign an undertaking of confidentiality.

How long will data be held by the University of Birmingham?

18. In line with the Data Protection Act, the University of Birmingham will hold the personal data for no longer than is necessary to fulfil the purposes of the work outlined above. In the first instance funding has been secured for this study to continue to 28/02/2023 to complete the objectives of this work proposal. After which if no further funding is available to extend the analysis time period the data will be archived securely at the University of Birmingham for 25 years. After the archiving timeframe has expired and no funding has been acquired to complete further analysis of the cohort the data will be securely destroyed.

Changes to this privacy notice

The date this page was last reviewed is available below.

Last reviewed: 11 August 2022