Skip to content. | Skip to navigation

Personal tools
This is Lite Plone Theme
You are here: Home / About / Organisation / Document on Scandiatransplant

Document on Scandiatransplant

History and purpose

Scandiatransplant was founded in 1969 supported by the Nordic Council of Ministers as a cooperation between a group of doctors (Nordic Expert Committee on Transplantation Matters) in the Nordic countries. The purpose was to facilitate the exchange of organs for transplantation between the countries so that retrieved organs could be given to the right patient. The main reasons for organ exchange within a system of cooperating transplant centers is to ensure that each donated organ is transplanted to the optimal recipient in terms of matching, and that patients in urgent need of an organ transplant have a realistic option of getting an organ offer. In order to facilitate these two requirements, a population size far greater than the individual Scandinavian countries is needed. By cooperating through the Scandiatransplant system, the Nordic transplant centers can provide:

  1. Optimal matching with regards to tissue types (HLA matching) and other physical data (physical size, blood group)
  2. Urgent waiting list system

The requirements of this cooperation evolved into an association when the “Articles of the Association Scandiatransplant” ( were adopted in Copenhagen in 1992.

The purposes of the organization are stated in Article 3:

  • to serve as a common organ exchange organisation and allocation resource for its member hospitals including kidney, liver, heart, lung, pancreas, pancreatic islet, cellular, intestinal and multivisceral transplantation. This is done transparently, using ethical principles and in full compliance with the national legislation of the members’ countries,
  • to maintain and operate a common waiting list for transplantation,
  • to ensure complete traceability from organ donors to patients,
  • to maintain and operate follow-up registries of transplanted patients,
  • to maintain and operate follow-up registries of living donors,
  • to serve as a collaborative platform through specialized working groups and advisory groups in order to facilitate best practice recommendations and policies optimizing retrieval, allocation and transplantation of organs, and
  • to form a collaborative network for the member hospitals to promote research and development related to organ donation, allocation and transplantation.


Legal regulation and permissions

Scandiatransplant is the organ exchange organization (OEO) of the countries Finland, Sweden, Denmark, Norway, Iceland and Estonia. The association is owned by the hospitals performing organ transplantation in these countries, at the moment 11 hospitals.Each hospital has signed an Agreement of Membership (tegningsdokument).

The supreme authority of the association is the Council of Representatives, who are clinically active professionals appointed by the participating hospitals. The number of Representatives of each hospital depends on the number of organ transplantations carried out in the hospital.

The Board of the Association is responsible for the daytoday operations. It consists of one person from each participating country plus a chairman. The office of the organization is placed at Aarhus University Hospital, Denmark.

The office maintains the Scandiatransplant database and services the association and its users.

The present data system was set into operation late 1994. It has always been located at Aarhus University Hospital and is running according to permission given by the Danish Data Authorities (Datatilsynet) to the Hospitals in Region Midtjylland (RM), (Journalnummer: 2007-58-0008). In the permission (point 4A and 4C).

It is stated that RM can have data on patients and donors of the university hospitals within the Scandiatransplant area Denmark, Norway, Finland, Sweden and Iceland and that (point 5) other university hospitals in the Scandiatransplant region can receive these data.

The data responsible authority is Region Midtjylland, Skottenborg 26, 8800 Viborg, Denmark.

The servers are located together with the hospital systems in RM and serviced according to agreements with RM IT and Scandiatransplant. Scandiatransplant is currently working on “Data Processor Agreements” with all the member hospitals.


The implementation of the Scandiatransplant it-systems complies with GDPR the REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation)

The Scandiatransplant IT-system is considered a most critical resource, which is why there is an emphasis on reliability, quality and confidentiality. The Scandiatransplant office recognizes the need for its users and employees to have access to the information they require in order to carry out their work and recognizes the role of information security in enabling this.


The information security policy defines the framework within which information security will as an ongoing project be managed in the Scandiatransplant office the goal is to maintain and continuously enhance information security based on the reqitrements outlined in GDPR and ISO 27000, 27001, 27002 and 27799.


Technical platform (type of software)

The Scandiatransplant it-system is today solely based on a system named YASWA (yet another Scandiatransplant web application). The system runs on virtual servers running Ubuntu version 16.04 LTS as operating system (supported until 2021). The primary server and database software is defined by Mono/C#.NET4.5 on the web-server side, which connects to the Oracle database (version XE 10g) for production data. The following script languages are used in the client: ecmascript/javascript, html, xml, xslt.

The Scandiatransplant system supports the following web-browsers:

◦ Internet Explorer 7+ (not including IE compatibility modes)

◦ Firefox 3.6+ (PC, Mac)

◦ Safari 4+

◦ Chrome 10+

◦ Opera 11+ (PC, Mac)

- mainly maintained by the Extjs-framework currently version 4.2.5.

For maintenance various other software is being utilized; e.g. perl, bash-scripting, etc.

Physical Security

Hardware and routines for correcting hardware failures.

SCTP has a Service-level agreement (SLA) with RM, who takes care of the hardware running the virtual servers. Hardware malfunction on the physical servers is detected by RM-personnel maintaining the data-centers.

Corrections are performed in coordinated cooperation with RM-staff whenever necessary.

Communications and operations management

Backup of the production-database is performed daily in two ways (export and tablespace-locked file-copy), where as file-system incremental (per file) backup is performed every 4 hours as specified in the Operational-level agreement (OLA) with RM, who also maintains the client-software installed on the individual server. The latter is kept on backup-servers in a different physical location in Denmark.

Auditing is implemented per transaction where userid (when available) and timestamp are always logged:


  • login- or other service-attempts successful or not; the former adds ip- and client-information where as the latter causes system-administration-alerts and temporarily or permanently blacklisting depending on the nature of the attempt.
  • when a user reads or manipulates information assets the involved data are logged in details;
  • ie. UserID, time and full dataset before and after update.
  • when a batch-job is performed proper identification and calling parameters are logged.
  • extended logging on various extra functionality exists such as SMS- and mail-services.


Log-information are read-only and constrained depending on authorization-level.

Data quality is ensured by technical measures from low-end checking (required values, interval-testing, multiple field dependence; e.g. one date must be before another date, etc.) at time of data-

entry to high-end quality control functionality running on demand or automatically at specific hours.

Quality assurance on the software functionality is being tested during development more or less manually. But a more elaborate testing harness is regression testing coding changes and new features, so the outcome of core-functionality such as compliance of organ exchange are being examined based on tailor-made data, that targets the organ allocation rules of the Scandiatransplant association.

Access Control

Information Access Control Management is implemented in the application-layer running on the server behind two firewalls, where the primary firewall is controlled by RM in cooperation with Scandiatransplant, and the secondary is running on each server (i.e. multiple firewalls) making sure that they are not attacked on the sub-net behind the primary firewall.

When successful authentication has occurred authorization is granted to the user complied by the software filtering the data available to the user as detailed in the next section.

Users & employees (At the Scandiatransplant centers and office)

Access to the Scandiatransplant database is granted by the Scandiatransplant office, Aarhus, Denmark. Users that are given admittance are recommended by their Head of Department or already existing Scandiatransplant database users, furthermore they must be employed at one of the Scandiatransplant member hospitals.

All users have during their employment signed a confidentiality agreement according to the secrecy act in each country.

There are three categories of users:

B = access to look up data

A = access to look up and update data

X = system administrators

Additionally users are restricted (in generel according to affiliation):

- core-data, i.e. waiting-lists & donors, are available to everybody restricted in such a way that organ exchange is possible, but users are still only allowed access to what is necessary.

- various follow-up forms are restricted to users in accordance with the graft-type(s); e.g. liver followup allows access to anyone involved in the transplantation, so that a Norwegian doctor can look-up a Danish patient, that has been transplanted in Oslo.

- meta-data- (e.g. HLA-types) and user-administration as well as log-information are restricted to administrators

Present (2013) number of users:

195 active A users and 47 inactive A users. Inactive users do no longer have access to the database, they are merely kept in system for the purpose of traceability.

39 active B users and 26 inactive B users

6 active X users, all of whom are employees at the Scandiatransplant office in Aarhus (Development: Bo H. Pedersen, Torben G. Helligsø, Tito Phiri, Administration: Ilse D. Weinreich and Frank Pedersen).

Detailed evaluation of user activity for all users is performed every month. If a user has not signed in for the last 3 months the department is contacted for further information. Access to the database is inactivated when users are no longer employed in the specific department.

The Scandiatransplant database has been created with the purpose only to give users the right to review or update data in relation to relevant management. This to fulfill the goal of exchanging organs between the 10 transplant centers in Scandiatransplant.


NoUpdatedUpdated byApprovedApproved byPublic
1.3 2018-07-18 IDW 2018-07-18 KAJ 2018-07-18
1.2 2016-08-08 BHP 2016-08-22 KAJ 2016-08-22
1.1 2015-11-30 BHP 2015-11-30 IDW 2015-11-30
1.0 2013-08-01 Staff 2013-08-01 Scandiatransplant board 2013-08-01