University of Cambridge, Department of Public Health and Primary Care
Data Protection Statement for the Web-based CanRisk Tool
Access for researchers and medical professionals only.
Explicit Patient Consent to supply their data is a pre-condition of use.
1. Introduction
The CanRisk Tool is a computer program that is used to calculate the risks of breast and ovarian cancer in women based on their family history. It is also used to calculate the probability that they are carriers of cancer-associated mutations in the BRCA1, BRCA2, PALB2, CHEK2, ATM, RAD51D, RAD51C or BRIP1 gene. It is only for use by medical professionals, strictly within the terms of the Purpose permitted in the Licence Agreement provided on registration (see https://www.canrisk.org/accounts/register/).
This page explains what personal information we gather from you as a researcher/patient medical adviser when you visit the specific website within the University of Cambridge domain called https://canrisk.org.
YOU MUST HAVE YOUR PATIENT'S EXPLICIT CONSENT TO PROVIDE THEIR PERSONAL INFORMATION AS DESCRIBED BELOW.
Users are required to register and create a user account to use the CanRisk Tool and Web services. This page sets out the personal information that we gather when you visit the following Web sites in order to:
- setup a CanRisk user account using the online registration form (https://www.canrisk.org/accounts/register/);
- compute theoretical breast/ovarian cancer risks using the CanRisk Tool (https://www.canrisk.org/canrisk_tool/).
2. Who will process the personal information?
The information published here applies to the use of your and your patient's personal information (also known as 'personal data') by the University of Cambridge through the viewing or use of this Web site.
3. General personal information collected on our websites
When you visit any of the websites within the University of Cambridge domain, we hold certain information about you for service and security reasons. For more information on this, please see. http://www.cam.ac.uk/about-this-site/privacy-policy.
4. Specific personal information collected on this website
This Web site asks you to provide information about yourself and others set out below.
4.1 Your personal data collected when you setup your CanRisk user account
When you setup your CanRisk user account using the registration form (https://www.canrisk.org/accounts/register/), we collect the parameters listed in Table 1.
Table 1. Your personal data.
| Parameter |
|---|
| First name |
| Last name |
| E-mail address |
| Job title (Clinical Geneticist, General Practitioner, Genetic Counsellor, Surgeon, Oncologist, Practice Nurse, Other Health Care Professional (please specify)) |
| We ask you to confirm that: “I have personal medical indemnity cover and/or am covered by my employer” |
| Country |
| CanRisk username |
| CanRisk password |
Note to Table 1:
We collect your first name, last name and E-mail address (Table 1) so that we can contact you if there is a technical problem with the software. We will add your E-mail address to the CanRisk mailing list (administered by the University of Cambridge). We do this so that we can inform you when there are any interruptions to service, and when new software is released.
As a security measure, your E-mail address is used to send an E-mail to activate your CanRisk user account. It is also used when we send you a link to reset your password. We sometimes use country data (Table 1) to illustrate how the CanRisk Tool is used worldwide.
In addition, we ask you to specify your own CanRisk username and password (Table 1) so that you can use this information to login to the software after you have setup your CanRisk user account.
Registration data are used to broadly track usage, to ensure that sufficient computer resources are provisioned, and to keep users informed of CanRisk news and services. Registration data are not shared with any 3rd parties. They may be used in the context of providing broad usage details, e.g. number of cancer risk calculations carried out by certain groups (e.g. Clinical Geneticists) to better inform us and funding bodies of the impact of the tool.
Please contact us if you would like your CanRisk user account data to be deleted.
4.2 Anonymised patient personal data collected when you run a CanRisk Tool risk calculation
The CanRisk Tool and Web-services (https://www.canrisk.org/canrisk_tool/) are used to estimate theoretical breast and ovarian cancer risks and mutation carrier probabilities on the basis of anonymised pedigree data, risk factors and model parameters that you provide.
To run a risk calculation, you input the risk factor and pedigree datasets (see Tables 2 and 3 below) into your Web browser (e.g. Chrome, FireFox) and they are sent excluding the patient's oophorectomy, mastectomy, day of birth (see table 2) and the name/IDs of all relatives (see table 3) to a University of Cambridge Web server for processing.
4.2.1 Risk factor data
The risk factor data listed in Table 2 are collected for the patient (the subject of the risk calculation). Date of birth (Table 2) is mandatory in order to compute risks, but the other parameters are optional.
The CanRisk Tool gathers date of birth (Table 2). However, only the age and year of birth (extracted from this parameter) are submitted to the University of Cambridge server for processing. Similarly, details of oophorectomy and mastectomy (Table 2) are not transmitted to the University of Cambridge server for processing (see * in Table 2).
Table 2. Risk Factor data.| Parameter | |
|---|---|
| Sex | †‡ |
| Country of residence | †‡ |
| Date of birth | †‡* Used to obtain the patient's year of birth and to compute their age that are both transmitted. |
| Height (used to compute patient's BMI) | †‡ |
| Weight (used to compute patient's BMI) | †‡ |
| Daily alcohol intake in grams per day | † |
| Age at menarche | † |
| Age at menopause | † |
| Current use of oral contraception | †‡ |
| Current use of menopause hormone therapy | †‡ |
| Parity | †‡ |
| Sex of each child | †‡ |
| Year of birth of each child (used to compute patient's age at first live birth) | † |
| Mammographic density as measured by BI-RADS | † |
| Endometriosis | ‡ |
| Tubal ligation procedure | ‡ |
| Oophorectomy | * Used to prevent computation of the patient's ovarian cancer risks under these circumstances. |
| Mastectomy | * Used to prevent computation of the patient's breast cancer risks under these circumstances. |
| Polygenic Risk Score (Breast Cancer) | † |
| Polygenic Risk Score (Ovarian Cancer) | ‡ |
† Breast Cancer Risk Factor; ‡ Ovarian Cancer Risk Factor; * patient data not transmitted
4.2.2 Pedigree data
When you input a pedigree dataset using the CanRisk Tool, we ask you to specify the parameters listed in Table 3 for all family members (including the patient).
The CanRisk Tool collects the name or ID of each family member (Table 3). However, this parameter is not submitted to the University of Cambridge server for processing.
Table 3. Pedigree data.| Parameter |
|---|
| Name and/or ID of the family member |
| Sex (for the patient, this is obtained from Sex in Table 2) |
| Vital status |
| Age at last follow up |
| Year of birth (for the patient, this is obtained from date of birth in Table 2) |
| Age at first breast cancer diagnosis |
| Age at contralateral breast cancer diagnosis |
| Age at ovarian cancer diagnosis (for females) |
| Age at prostate cancer diagnosis (for males) |
| Age at pancreatic cancer diagnosis |
| ER status of first breast cancer |
| PR status of first breast cancer |
| HER2 status of first breast cancer |
| CK14 status of first breast cancer |
| CK5/6 status of first breast cancer |
| BRCA1 genetic test type and result |
| BRCA2 genetic test type and result |
| PALB2 genetic test type and result |
| CHEK2 genetic test type and result |
| ATM genetic test type and result |
| RAD51D genetic test type and result |
| RAD51C genetic test type and result |
| BRIP1 genetic test type and result |
| Identical twin status |
4.2.3 Model parameter data
When you input model parameter data using the CanRisk Tool, we ask you to specify the parameters listed in Table 4.
Table 4. Model parameter data.| Parameter |
|---|
| BRCA1 mutation frequency |
| BRCA2 mutation frequency |
| PALB2 mutation frequency |
| ATM mutation frequency |
| CHEK2 mutation frequency |
| RAD51D mutation frequency |
| RAD51C mutation frequency |
| BRIP1 mutation frequency |
| BRCA1 mutation search sensitivity |
| BRCA2 mutation search sensitivity |
| PALB2 mutation search sensitivity |
| ATM mutation search sensitivity |
| CHEK2 mutation search sensitivity |
| RAD51D mutation search sensitivity |
| RAD51C mutation search sensitivity |
| BRIP1 mutation search sensitivity |
| Country of residence (equivalent to the country of residence specified in Table 2) |
The risk factor data, pedigree data and model parameter data (Tables 2, 3 and 4) are required by the CanRisk tool to:
- Estimate theoretical breast/ovarian cancer risks and mutation carrier probabilities;
- Control how they are displayed on screen and in the processing report PDF;
- Generate a drawing of the input pedigree.
5. Data storage and security
Technical organisational and security measures are in place to ensure security appropriate to the type of data submitted and processed or stored.
Patient data (see section 4.2 above):
- All patient data are deleted from the University of Cambridge server as soon as the risk calculation is complete. You may wish to download and save these data on your own local computer as part of the patient record.
- Names and dates of birth are confined to session storage in the user's browser, and never transmitted to the server.
- All session storage data are deleted as soon as the browser tab is closed.
We will hold your personal data (Table 1) until you ask us to delete it so that we can keep in touch as described above (Note to Table 1).
We do not share any data collected from you for the CanRisk Tool with 3rd parties or enrich it (i.e. integrate it with other personal data).
6. Secure Connection
The CanRisk Tool Web site uses HTTPS which is a protocol for securing the communication between your Web browser and the University of Cambridge server. HTTPS connections are encrypted. The CanRisk Web site (https://canrisk.org) automatically redirects you to HTTPS when you access it.
7. Contacting Us
E-mail inquiries and support requests are sent to the CanRisk service desk details of which can be found on the CanRisk website. When sending support requests, data must always be sent in an anonymised format.
8. Cookies and Web Storage data
8.1 Cookie data
The CanRisk Web site (https://canrisk.org) uses cookies. A cookie is a small amount of data (<4Kb) that is sent to your computer or Web-enabled device browser from the University of Cambridge server. Cookies are used in this website to hold information about the user session.
We also use a Content Delivery Network (CDN) jsDelivr to access 3rd party libraries which improve the functionality and responsiveness of the CanRisk Tool. CDNs also reduce latency and provide faster loading of a website.
Table 5 lists some of the cookies used by the CanRisk Web site. As the names, numbers, and purposes of these cookies may change over time, this page may be updated from time to time to reflect those changes.
Table 5. Cookie data.| Cookie | Hostname | Description | Criteria | Duration | Type |
|---|---|---|---|---|---|
| cookieControl | canrisk.org | Used to remember when a user has accepted CanRisk's cookie use notice. | Necessary | 30 days | Cookie |
| cookieControlPrefs | canrisk.org | Array of accepted cookie types e.g. ["preferences"]. | Necessary | 1 year | Cookie |
| canrisk_language | canrisk.org | Remembers language preference. | Necessary | 28 days | Cookie |
| __Secure-csrftoken | canrisk.org | Helps prevent Cross-Site Request Forgery (CSRF) attacks. | Necessary | Persistent for 1 year | Cookie |
| __Secure-sessionid | canrisk.org | Current session identifier. | Necessary | Only if you are logged in to this site. Until the end of the session | Cookie |
8.1.1 Deleting cookies
You can choose to allow, block, or delete cookies installed on your computer by adjusting the settings of the Web browser you use. Note that doing so might limit your ability to visit certain parts of the website or take advantage of some of our services.
For more information on how to manage cookies in your browser, please see:
- Microsoft Edge cookies information
- Internet Explorer cookies information
- Chrome cookies information
- Firefox cookies information
- Safari cookies information (desktops)
- Opera cookies information
8.2 Web storage data
Alongside cookies, the CanRisk Web site utilises 'web storage', which means the website loads faster. Web storage parameters (listed in Table 6) are used to enhance the functionality of the CanRisk Tool. Web storage data are not transferred to the University of Cambridge server for processing.
Table 6. Web storage data.| Name | Hostname | Description | Criteria | Duration | Type |
|---|---|---|---|---|---|
| SESSION_LOCALE | canrisk.org | Locale identifier, e.g. en-gb. | Necessary | No expiration date | Local Storage |
| PEDIGREE_pedigree_history* | canrisk.org | This is used to provide a history of family pedigree structures to facilitate editing and specifically used in the undo and redo functionality. | Necessary | Until the end of the session | Session Storage |
| PEDIGREE_pedigree_history_COUNT | canrisk.org | This is a count of the pedigree history stored in PEDIGREE_pedigree_history*. | Necessary | Until the end of the session | Session Storage |
| USERS_HGT_UNITS | canrisk.org | Defines default height units to be imperial. | User Preferences | No expiration date | Local Storage |
| USERS_WGT_UNITS | canrisk.org | Defines default weight units to be imperial. | User Preferences | No expiration date | Local Storage |
| COUNTRY | canrisk.org | Defines default country of residence. | User Preferences | No expiration date | Local Storage |
Further information
For more information about how we handle your personal information, and your rights under data protection legislation, please see https://www.information-compliance.admin.cam.ac.uk/data-protection/general-data.