Data protection policy
The Danish Medicines Agency maintains a record in which you can see the type of personal data we process and the contexts in which we process the data.
The most important areas in which the Danish Medicines Agency processes data are:
- Adverse reactions in clinical trials
- Adverse reactions of medicines and incidents with medical devices
- Compassionate use permits for medicines
- Healthcare professionals who have established relationships with the industry
- Security clearance of employees who handle heroine
- Import of medicines by private individuals
- Cases on illegal sale of medicines
Processing of personal data
Public authorities are allowed only to process personal data if such processing is warranted by the law. In the record of the Danish Medicines Agency's personal data processing operations, you can find out what the legal basis is for the different operations.
Apart from the fact that processing must be warranted by the law, the Danish Medicines Agency is also subject to the General Data Protection Regulation's requirements for the processing of personal data. The General Data Protection Regulation replaces the previous Danish Act on Processing of Personal Data and confers a number of rights on data subjects. You can read more about this in the General Data Protection Regulation and its innovations on the website of the Danish Data Protection Agency.
Supplementary to the formal rules, the Danish Medicines Agency also has a security organisation, which among other things works to translate the regulation’s formal requirements into security in practice. Data security is an area that is constantly changing, and the Danish Medicines Agency expects the same to take place for data protection. We therefore work continuously to improve our data security and data protection by working together.
Data protection policy
The Danish Medicines Agency is part of the Ministry of Health, which has a common policy for data protection.
The data protection policy includes information about the rights you have in relation to the personal data we process.
Data protection officer
The Danish Medicines Agency's data protection officer (DPO) is Troels Mogensen. You can contact Troels Mogensen if you have questions to the Danish Medicines Agency's data protection of if you suspect that a personal data breach has occurred.
If your inquiry contains confidential or sensitive data, you must use our encrypted contact form or encrypted e-mail.
You can also call us on +45 4488 9595 or send an e-mail to the Danish Medicines Agency's main adress.
The Danish Medicines Agency's record of personal data processing operations
At the Danish Medicines Agency, we process personal data as part of the tasks we solve.
Here you can see a record of all our personal data processing operations. To better understand the terms that apply to these operations, we suggest you first read our data protection policy.
Technical security measures:
- All of the Danish Medicines Agency’s data connections are encrypted
- All users on the Danish Medicines Agency’s IT environments must be verified by an individual user name and password, and checks are made on rejected access attempts
- All of the Danish Medicines Agency’s data processors operate from secured data centres
- The Danish Medicines Agency has several secure communication forms, e.g. encrypted contact forms and Digital Post for communicating with citizens and companies
- The Danish Medicines Agency has implemented several layers of security measures, such as antivirus and firewall protection, ongoing backup and logging of user behaviour
Organisational security measures:
- The Danish Medicines Agency has guidelines and procedures regarding data protection and security
- The employees receive training in data security and protection
- The Danish Medicines Agency operates under the ISO 27001 standard
- The Danish Medicines Agency has established an emergency response organization