Your Questions Answered: Consent and Recordings

Is it possible to accept consent via electronic means?​​​​​​​

The CRANE Project Team has been asked about the consent taking process during the COVID-19 pandemic, and whether it is possible to accept electronic signatures.

We can confirm that:

  • The CRANE Database accepts informed consent – for data collection and linkage – provided to cleft teams via any suitable written or electronic means,
  • so long as the method is in compliance with your own Hospital’s / Trust’s Information Governance’s policies.

For more information about CRANE consent – as per our leaflets – and the Information Commissioner’s Office (ICO) guidance on ‘What is valid consent?’ please visit the links below:

Information Leaflets and Parental Consent Forms

​​​​​​​Is it possible to reduce the length of CRANE’s current consent documentation?​​​​​​​

The CRANE Project Team has been asked about reducing the length of our information leaflets – links as above.

Although we understand that briefer documents might make the consent-taking process a bit easier, previous shorter versions did not meet the Information Governance requirements to take valid consent, according to the General Data Protection Regulation (GDPR).

Can we make recordings of the CRANE Database for training or other demonstrations?

We understand that this could be very useful. Unfortunately, making or sharing a recording of our database would be in breach of Information Governance regulations. This is because it shows patient identifiable information.

No one should be recording meetings or demonstrations involving the CRANE Database, or any other system that identifies patients.

  • Therefore, we are happy to organise training or demos for new staff, as appropriate, as it would be a breach of data protection for members of cleft teams to make/use recordings of the CRANE Database for training (or any other) purposes.
  • Recording of patient confidential data are in breach of the ‘purpose limitation’ GDPR principle, and a violation of the integrity and confidentiality of the database. If the breach of any of the 7 GDPR principles (as per the link below) were to happen, we would have to treat it as a GDPR incident.
  • Your Hospital’s / Trust’s Data Protection Officer will confirm these statements, if you wish to consult further with them.


For further information about the CRANE Database or to contact us with any queries, please get in touch by phone or email: